This patch brings the Fedora Atomic version used in gating to the latest one which includes some improvements alongside a newer version of Docker (which seems to run things better overall). Change-Id: Iad0a1f57b29aec9a0cdb2a104fdaa5970133cfb4
25 KiB
Launch an instance
In environments that include the Container Infrastructure Management service, you can provision container clusters made up of virtual machines or baremetal servers. The Container Infrastructure Management service uses Cluster Templates to describe how a Cluster <http://docs.openstack.org/developer/magnum/ userguide.html#cluster>__ is constructed. In each of the following examples you will create a Cluster Template for a specific COE and then you will provision a Cluster using the corresponding Cluster Template. Then, you can use the appropriate COE client or endpoint to create containers.
Create an external network (Optional)
To create a magnum cluster, you need an external network. If there are no external networks, create one.
Create an external network with an appropriate provider based on your cloud provider support for your case:
$ openstack network create public --provider-network-type vxlan \ --external \ --project service +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | UP | | availability_zone_hints | | | availability_zones | | | created_at | 2017-03-27T10:09:04Z | | description | | | dns_domain | None | | id | 372170ca-7d2e-48a2-8449-670e4ab66c23 | | ipv4_address_scope | None | | ipv6_address_scope | None | | is_default | False | | mtu | 1450 | | name | public | | port_security_enabled | True | | project_id | 224c32c0dd2e49cbaadfd1cda069f149 | | provider:network_type | vxlan | | provider:physical_network | None | | provider:segmentation_id | 3 | | qos_policy_id | None | | revision_number | 4 | | router:external | External | | segments | None | | shared | False | | status | ACTIVE | | subnets | | | updated_at | 2017-03-27T10:09:04Z | +---------------------------+--------------------------------------+ $ openstack subnet create public-subnet --network public \ --subnet-range 192.168.1.0/24 \ --gateway 192.168.1.1 \ --ip-version 4 +-------------------+--------------------------------------+ | Field | Value | +-------------------+--------------------------------------+ | allocation_pools | 192.168.1.2-192.168.1.254 | | cidr | 192.168.1.0/24 | | created_at | 2017-03-27T10:46:15Z | | description | | | dns_nameservers | | | enable_dhcp | True | | gateway_ip | 192.168.1.1 | | host_routes | | | id | 04185f6c-ea31-4109-b20b-fd7f935b3828 | | ip_version | 4 | | ipv6_address_mode | None | | ipv6_ra_mode | None | | name | public-subnet | | network_id | 372170ca-7d2e-48a2-8449-670e4ab66c23 | | project_id | d9e40a0aff30441083d9f279a0ff50de | | revision_number | 2 | | segment_id | None | | service_types | | | subnetpool_id | None | | updated_at | 2017-03-27T10:46:15Z | +-------------------+--------------------------------------+
Create a keypair (Optional)
To create a magnum cluster, you need a keypair which will be passed in all compute instances of the cluster. If you don't have a keypair in your project, create one.
Create a keypair on the Compute service:
$ openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey +-------------+-------------------------------------------------+ | Field | Value | +-------------+-------------------------------------------------+ | fingerprint | 05:be:32:07:58:a7:e8:0b:05:9b:81:6d:80:9a:4e:b1 | | name | mykey | | user_id | 2d4398dbd5274707bf100a9dbbe85819 | +-------------+-------------------------------------------------+
Upload the images required for your clusters to the Image service
The VM versions of Kubernetes and Docker Swarm drivers require a Fedora Atomic image. The following is stock Fedora Atomic image, built by the Atomic team and tested by the Magnum team.
Download the image:
$ wget https://download.fedoraproject.org/pub/alt/atomic/stable/Fedora-Atomic-27-20180419.0/CloudImages/x86_64/images/Fedora-Atomic-27-20180419.0.x86_64.qcow2
Register the image to the Image service setting the
os_distro
property tofedora-atomic
:$ openstack image create \ --disk-format=qcow2 \ --container-format=bare \ --file=Fedora-Atomic-27-20180419.0.x86_64.qcow2\ --property os_distro='fedora-atomic' \ fedora-atomic-latest +------------------+------------------------------------------------------+ | Field | Value | +------------------+------------------------------------------------------+ | checksum | a987b691e23dce54c03d7a57c104b195 | | container_format | bare | | created_at | 2016-09-14T12:58:01Z | | disk_format | qcow2 | | file | /v2/images/81b25935-3400-441a-9f2e-f984a46c89dd/file | | id | 81b25935-3400-441a-9f2e-f984a46c89dd | | min_disk | 0 | | min_ram | 0 | | name | fedora-atomic-latest | | owner | c4b42942156741dfbc4775dbcb032841 | | properties | os_distro='fedora-atomic' | | protected | False | | schema | /v2/schemas/image | | size | 507928064 | | status | active | | tags | | | updated_at | 2016-09-14T12:58:03Z | | virtual_size | None | | visibility | private | +------------------+------------------------------------------------------+
Provision a Docker Swarm cluster and create a container
Following this example, you will provision a Docker Swarm cluster with one master and one node. Then, using docker's native API you will create a container.
Create a cluster template for a Docker Swarm cluster using the
fedora-atomic-latest
image,m1.small
as the flavor for the master and the node,public
as the external network and8.8.8.8
for the DNS nameserver, using the following command:$ openstack coe cluster template create swarm-cluster-template \ --image fedora-atomic-latest \ --external-network public \ --dns-nameserver 8.8.8.8 \ --master-flavor m1.small \ --flavor m1.small \ --coe swarm +-----------------------+--------------------------------------+ | Property | Value | +-----------------------+--------------------------------------+ | insecure_registry | - | | labels | {} | | updated_at | - | | floating_ip_enabled | True | | fixed_subnet | - | | master_flavor_id | m1.small | | uuid | 47c6ce77-50ae-43bd-8e2a-06980392693d | | no_proxy | - | | https_proxy | - | | tls_disabled | False | | keypair_id | mykey | | public | False | | http_proxy | - | | docker_volume_size | - | | server_type | vm | | external_network_id | public | | cluster_distro | fedora-atomic | | image_id | fedora-atomic-latest | | volume_driver | - | | registry_enabled | False | | docker_storage_driver | devicemapper | | apiserver_port | - | | name | swarm-cluster-template | | created_at | 2016-09-14T13:05:11+00:00 | | network_driver | docker | | fixed_network | - | | coe | swarm | | flavor_id | m1.small | | master_lb_enabled | False | | dns_nameserver | 8.8.8.8 | +-----------------------+--------------------------------------+
Create a cluster with one node and one master using
mykey
as the keypair, using the following command:$ openstack coe cluster create swarm-cluster \ --cluster-template swarm-cluster-template \ --master-count 1 \ --node-count 1 \ --keypair mykey Request to create cluster 2582f192-480e-4329-ac05-32a8e5b1166b has been accepted.
Your cluster is now being created. Creation time depends on your infrastructure's performance. You can check the status of your cluster using the commands:
openstack coe cluster list
oropenstack coe cluster show swarm-cluster
.$ openstack coe cluster list +--------------------------------------+---------------+---------+------------+--------------+-----------------+ | uuid | name | keypair | node_count | master_count | status | +--------------------------------------+---------------+---------+------------+--------------+-----------------+ | 2582f192-480e-4329-ac05-32a8e5b1166b | swarm-cluster | mykey | 1 | 1 | CREATE_COMPLETE | +--------------------------------------+---------------+---------+------------+--------------+-----------------+
$ openstack coe cluster show swarm-cluster +---------------------+------------------------------------------------------------+ | Property | Value | +---------------------+------------------------------------------------------------+ | status | CREATE_COMPLETE | | cluster_template_id | 47c6ce77-50ae-43bd-8e2a-06980392693d | | uuid | 2582f192-480e-4329-ac05-32a8e5b1166b | | stack_id | 3d7bbf1c-49bd-4930-84e0-ab71ba200687 | | status_reason | Stack CREATE completed successfully | | created_at | 2016-09-14T13:36:54+00:00 | | name | swarm-cluster | | updated_at | 2016-09-14T13:38:08+00:00 | | discovery_url | https://discovery.etcd.io/a5ece414689287eca62e35555512bfd5 | | api_address | tcp://172.24.4.10:2376 | | coe_version | 1.2.5 | | master_addresses | ['172.24.4.10'] | | create_timeout | 60 | | node_addresses | ['172.24.4.8'] | | master_count | 1 | | container_version | 1.12.6 | | node_count | 1 | +---------------------+------------------------------------------------------------+
Add the credentials of the above cluster to your environment:
$ mkdir myclusterconfig $ $(openstack coe cluster config swarm-cluster --dir myclusterconfig)
The above command will save the authentication artifacts in the myclusterconfig directory and it will export the environment variables: DOCKER_HOST, DOCKER_CERT_PATH and DOCKER_TLS_VERIFY. Sample output:
export DOCKER_HOST=tcp://172.24.4.10:2376 export DOCKER_CERT_PATH=myclusterconfig export DOCKER_TLS_VERIFY=True
Create a container:
$ docker run busybox echo "Hello from Docker!" Hello from Docker!
Delete the cluster:
$ openstack coe cluster delete swarm-cluster Request to delete cluster swarm-cluster has been accepted.
Provision a Kubernetes cluster and create a deployment
Following this example, you will provision a Kubernetes cluster with
one master and one node. Then, using Kubernetes's native client
kubectl
, you will create a deployment.
Create a cluster template for a Kubernetes cluster using the
fedora-atomic-latest
image,m1.small
as the flavor for the master and the node,public
as the external network and8.8.8.8
for the DNS nameserver, using the following command:$ openstack coe cluster template create kubernetes-cluster-template \ --image fedora-atomic-latest \ --external-network public \ --dns-nameserver 8.8.8.8 \ --master-flavor m1.small \ --flavor m1.small \ --coe kubernetes +-----------------------+--------------------------------------+ | Property | Value | +-----------------------+--------------------------------------+ | insecure_registry | - | | labels | {} | | updated_at | - | | floating_ip_enabled | True | | fixed_subnet | - | | master_flavor_id | m1.small | | uuid | 0a601cc4-8fef-41aa-8036-d113e719ed7a | | no_proxy | - | | https_proxy | - | | tls_disabled | False | | keypair_id | - | | public | False | | http_proxy | - | | docker_volume_size | - | | server_type | vm | | external_network_id | public | | cluster_distro | fedora-atomic | | image_id | fedora-atomic-latest | | volume_driver | - | | registry_enabled | False | | docker_storage_driver | devicemapper | | apiserver_port | - | | name | kubernetes-cluster-template | | created_at | 2017-05-16T09:53:00+00:00 | | network_driver | flannel | | fixed_network | - | | coe | kubernetes | | flavor_id | m1.small | | master_lb_enabled | False | | dns_nameserver | 8.8.8.8 | +-----------------------+--------------------------------------+
Create a cluster with one node and one master using
mykey
as the keypair, using the following command:$ openstack coe cluster create kubernetes-cluster \ --cluster-template kubernetes-cluster-template \ --master-count 1 \ --node-count 1 \ --keypair mykey Request to create cluster b1ef3528-ac03-4459-bbf7-22649bfbc84f has been accepted.
Your cluster is now being created. Creation time depends on your infrastructure's performance. You can check the status of your cluster using the commands:
openstack coe cluster list
oropenstack coe cluster show kubernetes-cluster
.$ openstack coe cluster list +--------------------------------------+--------------------+---------+------------+--------------+-----------------+ | uuid | name | keypair | node_count | master_count | status | +--------------------------------------+--------------------+---------+------------+--------------+-----------------+ | b1ef3528-ac03-4459-bbf7-22649bfbc84f | kubernetes-cluster | mykey | 1 | 1 | CREATE_COMPLETE | +--------------------------------------+--------------------+---------+------------+--------------+-----------------+
$ openstack coe cluster show kubernetes-cluster +---------------------+------------------------------------------------------------+ | Property | Value | +---------------------+------------------------------------------------------------+ | status | CREATE_COMPLETE | | cluster_template_id | 0a601cc4-8fef-41aa-8036-d113e719ed7a | | node_addresses | ['172.24.4.5'] | | uuid | b1ef3528-ac03-4459-bbf7-22649bfbc84f | | stack_id | 8296624c-3c0e-45e1-967e-b6ff05105a3b | | status_reason | Stack CREATE completed successfully | | created_at | 2017-05-16T09:58:02+00:00 | | updated_at | 2017-05-16T10:00:02+00:00 | | coe_version | v1.6.7 | | keypair | default | | api_address | https://172.24.4.13:6443 | | master_addresses | ['172.24.4.13'] | | create_timeout | 60 | | node_count | 1 | | discovery_url | https://discovery.etcd.io/69c7cd3b3b06c98b4771410bd166a7c6 | | master_count | 1 | | container_version | 1.12.6 | | name | kubernetes-cluster | +---------------------+------------------------------------------------------------+
Add the credentials of the above cluster to your environment:
$ mkdir -p ~/clusters/kubernetes-cluster $ $(openstack coe cluster config kubernetes-cluster --dir ~/clusters/kubernetes-cluster)
The above command will save the authentication artifacts in the directory
~/clusters/kubernetes-cluster
and it will export theKUBECONFIG
environment variable:export KUBECONFIG=/home/user/clusters/kubernetes-cluster/config
You can list the controller components of your Kubernetes cluster and check if they are
Running
:$ kubectl -n kube-system get po NAME READY STATUS RESTARTS AGE kube-controller-manager-ku-hesuip7l3i-0-5mqijvszepxw-kube-master-rqwmwne7rjh2 1/1 Running 0 1h kube-proxy-ku-hesuip7l3i-0-5mqijvszepxw-kube-master-rqwmwne7rjh2 1/1 Running 0 1h kube-proxy-ku-wmmticfvdr-0-k53p22xmlxvx-kube-minion-x4ly6zfhrrui 1/1 Running 0 1h kube-scheduler-ku-hesuip7l3i-0-5mqijvszepxw-kube-master-rqwmwne7rjh2 1/1 Running 0 1h kubernetes-dashboard-3203831700-zvj2d 1/1 Running 0 1h
Now, you can create a nginx deployment and verify it is running:
$ kubectl run nginx --image=nginx --replicas=5 deployment "nginx" created $ kubectl get po NAME READY STATUS RESTARTS AGE nginx-701339712-2ngt8 1/1 Running 0 15s nginx-701339712-j8r3d 1/1 Running 0 15s nginx-701339712-mb6jb 1/1 Running 0 15s nginx-701339712-q115k 1/1 Running 0 15s nginx-701339712-tb5lp 1/1 Running 0 15s
Delete the cluster:
$ openstack coe cluster delete kubernetes-cluster Request to delete cluster kubernetes-cluster has been accepted.