.. _launch-instance: Launch an instance ~~~~~~~~~~~~~~~~~~ In environments that include the Container Infrastructure Management service, you can provision container clusters made up of virtual machines or baremetal servers. The Container Infrastructure Management service uses `Cluster Templates <http://docs.openstack.org/developer/magnum/userguide.html#clustertemplate>`__ to describe how a `Cluster <http://docs.openstack.org/developer/magnum/ userguide.html#cluster>`__ is constructed. In each of the following examples you will create a Cluster Template for a specific COE and then you will provision a Cluster using the corresponding Cluster Template. Then, you can use the appropriate COE client or endpoint to create containers. Create an external network (Optional) ------------------------------------- To create a magnum cluster, you need an external network. If there are no external networks, create one. #. Create an external network with an appropriate provider based on your cloud provider support for your case: .. code-block:: console $ openstack network create public --provider-network-type vxlan \ --external \ --project service +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | UP | | availability_zone_hints | | | availability_zones | | | created_at | 2017-03-27T10:09:04Z | | description | | | dns_domain | None | | id | 372170ca-7d2e-48a2-8449-670e4ab66c23 | | ipv4_address_scope | None | | ipv6_address_scope | None | | is_default | False | | mtu | 1450 | | name | public | | port_security_enabled | True | | project_id | 224c32c0dd2e49cbaadfd1cda069f149 | | provider:network_type | vxlan | | provider:physical_network | None | | provider:segmentation_id | 3 | | qos_policy_id | None | | revision_number | 4 | | router:external | External | | segments | None | | shared | False | | status | ACTIVE | | subnets | | | updated_at | 2017-03-27T10:09:04Z | +---------------------------+--------------------------------------+ $ openstack subnet create public-subnet --network public \ --subnet-range 192.168.1.0/24 \ --gateway 192.168.1.1 \ --ip-version 4 +-------------------+--------------------------------------+ | Field | Value | +-------------------+--------------------------------------+ | allocation_pools | 192.168.1.2-192.168.1.254 | | cidr | 192.168.1.0/24 | | created_at | 2017-03-27T10:46:15Z | | description | | | dns_nameservers | | | enable_dhcp | True | | gateway_ip | 192.168.1.1 | | host_routes | | | id | 04185f6c-ea31-4109-b20b-fd7f935b3828 | | ip_version | 4 | | ipv6_address_mode | None | | ipv6_ra_mode | None | | name | public-subnet | | network_id | 372170ca-7d2e-48a2-8449-670e4ab66c23 | | project_id | d9e40a0aff30441083d9f279a0ff50de | | revision_number | 2 | | segment_id | None | | service_types | | | subnetpool_id | None | | updated_at | 2017-03-27T10:46:15Z | +-------------------+--------------------------------------+ Create a keypair (Optional) --------------------------- To create a magnum cluster, you need a keypair which will be passed in all compute instances of the cluster. If you don't have a keypair in your project, create one. #. Create a keypair on the Compute service: .. code-block:: console $ openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey +-------------+-------------------------------------------------+ | Field | Value | +-------------+-------------------------------------------------+ | fingerprint | 05:be:32:07:58:a7:e8:0b:05:9b:81:6d:80:9a:4e:b1 | | name | mykey | | user_id | 2d4398dbd5274707bf100a9dbbe85819 | +-------------+-------------------------------------------------+ Upload the images required for your clusters to the Image service ----------------------------------------------------------------- The VM versions of Kubernetes and Docker Swarm drivers require a Fedora Atomic image. The following is stock Fedora Atomic image, built by the Atomic team and tested by the Magnum team. #. Download the image: .. code-block:: console $ wget https://download.fedoraproject.org/pub/alt/atomic/stable/Fedora-Atomic-27-20180419.0/CloudImages/x86_64/images/Fedora-Atomic-27-20180419.0.x86_64.qcow2 #. Register the image to the Image service setting the ``os_distro`` property to ``fedora-atomic``: .. code-block:: console $ openstack image create \ --disk-format=qcow2 \ --container-format=bare \ --file=Fedora-Atomic-27-20180419.0.x86_64.qcow2\ --property os_distro='fedora-atomic' \ fedora-atomic-latest +------------------+------------------------------------------------------+ | Field | Value | +------------------+------------------------------------------------------+ | checksum | a987b691e23dce54c03d7a57c104b195 | | container_format | bare | | created_at | 2016-09-14T12:58:01Z | | disk_format | qcow2 | | file | /v2/images/81b25935-3400-441a-9f2e-f984a46c89dd/file | | id | 81b25935-3400-441a-9f2e-f984a46c89dd | | min_disk | 0 | | min_ram | 0 | | name | fedora-atomic-latest | | owner | c4b42942156741dfbc4775dbcb032841 | | properties | os_distro='fedora-atomic' | | protected | False | | schema | /v2/schemas/image | | size | 507928064 | | status | active | | tags | | | updated_at | 2016-09-14T12:58:03Z | | virtual_size | None | | visibility | private | +------------------+------------------------------------------------------+ Provision a Docker Swarm cluster and create a container ------------------------------------------------------- Following this example, you will provision a Docker Swarm cluster with one master and one node. Then, using docker's native API you will create a container. #. Create a cluster template for a Docker Swarm cluster using the ``fedora-atomic-latest`` image, ``m1.small`` as the flavor for the master and the node, ``public`` as the external network and ``8.8.8.8`` for the DNS nameserver, using the following command: .. code-block:: console $ openstack coe cluster template create swarm-cluster-template \ --image fedora-atomic-latest \ --external-network public \ --dns-nameserver 8.8.8.8 \ --master-flavor m1.small \ --flavor m1.small \ --coe swarm +-----------------------+--------------------------------------+ | Property | Value | +-----------------------+--------------------------------------+ | insecure_registry | - | | labels | {} | | updated_at | - | | floating_ip_enabled | True | | fixed_subnet | - | | master_flavor_id | m1.small | | uuid | 47c6ce77-50ae-43bd-8e2a-06980392693d | | no_proxy | - | | https_proxy | - | | tls_disabled | False | | keypair_id | mykey | | public | False | | http_proxy | - | | docker_volume_size | - | | server_type | vm | | external_network_id | public | | cluster_distro | fedora-atomic | | image_id | fedora-atomic-latest | | volume_driver | - | | registry_enabled | False | | docker_storage_driver | devicemapper | | apiserver_port | - | | name | swarm-cluster-template | | created_at | 2016-09-14T13:05:11+00:00 | | network_driver | docker | | fixed_network | - | | coe | swarm | | flavor_id | m1.small | | master_lb_enabled | False | | dns_nameserver | 8.8.8.8 | +-----------------------+--------------------------------------+ #. Create a cluster with one node and one master using ``mykey`` as the keypair, using the following command: .. code-block:: console $ openstack coe cluster create swarm-cluster \ --cluster-template swarm-cluster-template \ --master-count 1 \ --node-count 1 \ --keypair mykey Request to create cluster 2582f192-480e-4329-ac05-32a8e5b1166b has been accepted. Your cluster is now being created. Creation time depends on your infrastructure's performance. You can check the status of your cluster using the commands: ``openstack coe cluster list`` or ``openstack coe cluster show swarm-cluster``. .. code-block:: console $ openstack coe cluster list +--------------------------------------+---------------+---------+------------+--------------+-----------------+ | uuid | name | keypair | node_count | master_count | status | +--------------------------------------+---------------+---------+------------+--------------+-----------------+ | 2582f192-480e-4329-ac05-32a8e5b1166b | swarm-cluster | mykey | 1 | 1 | CREATE_COMPLETE | +--------------------------------------+---------------+---------+------------+--------------+-----------------+ .. code-block:: console $ openstack coe cluster show swarm-cluster +---------------------+------------------------------------------------------------+ | Property | Value | +---------------------+------------------------------------------------------------+ | status | CREATE_COMPLETE | | cluster_template_id | 47c6ce77-50ae-43bd-8e2a-06980392693d | | uuid | 2582f192-480e-4329-ac05-32a8e5b1166b | | stack_id | 3d7bbf1c-49bd-4930-84e0-ab71ba200687 | | status_reason | Stack CREATE completed successfully | | created_at | 2016-09-14T13:36:54+00:00 | | name | swarm-cluster | | updated_at | 2016-09-14T13:38:08+00:00 | | discovery_url | https://discovery.etcd.io/a5ece414689287eca62e35555512bfd5 | | api_address | tcp://172.24.4.10:2376 | | coe_version | 1.2.5 | | master_addresses | ['172.24.4.10'] | | create_timeout | 60 | | node_addresses | ['172.24.4.8'] | | master_count | 1 | | container_version | 1.12.6 | | node_count | 1 | +---------------------+------------------------------------------------------------+ #. Add the credentials of the above cluster to your environment: .. code-block:: console $ mkdir myclusterconfig $ $(openstack coe cluster config swarm-cluster --dir myclusterconfig) The above command will save the authentication artifacts in the `myclusterconfig` directory and it will export the environment variables: DOCKER_HOST, DOCKER_CERT_PATH and DOCKER_TLS_VERIFY. Sample output: .. code-block:: console export DOCKER_HOST=tcp://172.24.4.10:2376 export DOCKER_CERT_PATH=myclusterconfig export DOCKER_TLS_VERIFY=True #. Create a container: .. code-block:: console $ docker run busybox echo "Hello from Docker!" Hello from Docker! #. Delete the cluster: .. code-block:: console $ openstack coe cluster delete swarm-cluster Request to delete cluster swarm-cluster has been accepted. Provision a Kubernetes cluster and create a deployment ------------------------------------------------------ Following this example, you will provision a Kubernetes cluster with one master and one node. Then, using Kubernetes's native client ``kubectl``, you will create a deployment. #. Create a cluster template for a Kubernetes cluster using the ``fedora-atomic-latest`` image, ``m1.small`` as the flavor for the master and the node, ``public`` as the external network and ``8.8.8.8`` for the DNS nameserver, using the following command: .. code-block:: console $ openstack coe cluster template create kubernetes-cluster-template \ --image fedora-atomic-latest \ --external-network public \ --dns-nameserver 8.8.8.8 \ --master-flavor m1.small \ --flavor m1.small \ --coe kubernetes +-----------------------+--------------------------------------+ | Property | Value | +-----------------------+--------------------------------------+ | insecure_registry | - | | labels | {} | | updated_at | - | | floating_ip_enabled | True | | fixed_subnet | - | | master_flavor_id | m1.small | | uuid | 0a601cc4-8fef-41aa-8036-d113e719ed7a | | no_proxy | - | | https_proxy | - | | tls_disabled | False | | keypair_id | - | | public | False | | http_proxy | - | | docker_volume_size | - | | server_type | vm | | external_network_id | public | | cluster_distro | fedora-atomic | | image_id | fedora-atomic-latest | | volume_driver | - | | registry_enabled | False | | docker_storage_driver | devicemapper | | apiserver_port | - | | name | kubernetes-cluster-template | | created_at | 2017-05-16T09:53:00+00:00 | | network_driver | flannel | | fixed_network | - | | coe | kubernetes | | flavor_id | m1.small | | master_lb_enabled | False | | dns_nameserver | 8.8.8.8 | +-----------------------+--------------------------------------+ #. Create a cluster with one node and one master using ``mykey`` as the keypair, using the following command: .. code-block:: console $ openstack coe cluster create kubernetes-cluster \ --cluster-template kubernetes-cluster-template \ --master-count 1 \ --node-count 1 \ --keypair mykey Request to create cluster b1ef3528-ac03-4459-bbf7-22649bfbc84f has been accepted. Your cluster is now being created. Creation time depends on your infrastructure's performance. You can check the status of your cluster using the commands: ``openstack coe cluster list`` or ``openstack coe cluster show kubernetes-cluster``. .. code-block:: console $ openstack coe cluster list +--------------------------------------+--------------------+---------+------------+--------------+-----------------+ | uuid | name | keypair | node_count | master_count | status | +--------------------------------------+--------------------+---------+------------+--------------+-----------------+ | b1ef3528-ac03-4459-bbf7-22649bfbc84f | kubernetes-cluster | mykey | 1 | 1 | CREATE_COMPLETE | +--------------------------------------+--------------------+---------+------------+--------------+-----------------+ .. code-block:: console $ openstack coe cluster show kubernetes-cluster +---------------------+------------------------------------------------------------+ | Property | Value | +---------------------+------------------------------------------------------------+ | status | CREATE_COMPLETE | | cluster_template_id | 0a601cc4-8fef-41aa-8036-d113e719ed7a | | node_addresses | ['172.24.4.5'] | | uuid | b1ef3528-ac03-4459-bbf7-22649bfbc84f | | stack_id | 8296624c-3c0e-45e1-967e-b6ff05105a3b | | status_reason | Stack CREATE completed successfully | | created_at | 2017-05-16T09:58:02+00:00 | | updated_at | 2017-05-16T10:00:02+00:00 | | coe_version | v1.6.7 | | keypair | default | | api_address | https://172.24.4.13:6443 | | master_addresses | ['172.24.4.13'] | | create_timeout | 60 | | node_count | 1 | | discovery_url | https://discovery.etcd.io/69c7cd3b3b06c98b4771410bd166a7c6 | | master_count | 1 | | container_version | 1.12.6 | | name | kubernetes-cluster | +---------------------+------------------------------------------------------------+ #. Add the credentials of the above cluster to your environment: .. code-block:: console $ mkdir -p ~/clusters/kubernetes-cluster $ $(openstack coe cluster config kubernetes-cluster --dir ~/clusters/kubernetes-cluster) The above command will save the authentication artifacts in the directory ``~/clusters/kubernetes-cluster`` and it will export the ``KUBECONFIG`` environment variable: .. code-block:: console export KUBECONFIG=/home/user/clusters/kubernetes-cluster/config #. You can list the controller components of your Kubernetes cluster and check if they are ``Running``: .. code-block:: console $ kubectl -n kube-system get po NAME READY STATUS RESTARTS AGE kube-controller-manager-ku-hesuip7l3i-0-5mqijvszepxw-kube-master-rqwmwne7rjh2 1/1 Running 0 1h kube-proxy-ku-hesuip7l3i-0-5mqijvszepxw-kube-master-rqwmwne7rjh2 1/1 Running 0 1h kube-proxy-ku-wmmticfvdr-0-k53p22xmlxvx-kube-minion-x4ly6zfhrrui 1/1 Running 0 1h kube-scheduler-ku-hesuip7l3i-0-5mqijvszepxw-kube-master-rqwmwne7rjh2 1/1 Running 0 1h kubernetes-dashboard-3203831700-zvj2d 1/1 Running 0 1h #. Now, you can create a nginx deployment and verify it is running: .. code-block:: console $ kubectl run nginx --image=nginx --replicas=5 deployment "nginx" created $ kubectl get po NAME READY STATUS RESTARTS AGE nginx-701339712-2ngt8 1/1 Running 0 15s nginx-701339712-j8r3d 1/1 Running 0 15s nginx-701339712-mb6jb 1/1 Running 0 15s nginx-701339712-q115k 1/1 Running 0 15s nginx-701339712-tb5lp 1/1 Running 0 15s #. Delete the cluster: .. code-block:: console $ openstack coe cluster delete kubernetes-cluster Request to delete cluster kubernetes-cluster has been accepted.