Add installation doc of tricircle work with container
1.What is the problem ? 1) Lack of installation doc for multi-region container management. 2.What is the solution for the problem? 1) Use zun component to provide container computation and use kuryr component to provide container network.In a word, make zun and kuryr compatible with tricircle. Change-Id: I7dd2ee04409eb20f2e4ad1e919d13cda1f7775a5 Signed-off-by: XuShimin <948026069@qq.com>
This commit is contained in:
parent
6d1a78e3d0
commit
c9f5ddaed1
|
@ -16,3 +16,4 @@ step by step without DevStack for users who install OpenStack manually.
|
|||
.. include:: ./installation-cell.rst
|
||||
.. include:: ./installation-lbaas.rst
|
||||
.. include:: ./installation-lbaas_with_nova_cell_v2.rst
|
||||
.. include:: ./installation-tricircle_work_with_container.rst
|
|
@ -0,0 +1,394 @@
|
|||
====================================================
|
||||
Installation guide for Tricircle work with Container
|
||||
====================================================
|
||||
|
||||
Introduction
|
||||
^^^^^^^^^^^^
|
||||
|
||||
In the `Multi-pod Installation with DevStack <https://docs.openstack.org/tricircle/latest/install/installation-guide.html#multi-pod-installation-with-devstack>`_ ,
|
||||
we have discussed how to deploy Tricircle in multi-region scenario with DevStack.
|
||||
However, the previous installation guides have been on how to
|
||||
manage virtual machines using tricircle and Nova in cross-region
|
||||
openstack cloud environments. So, multi-region container management
|
||||
is not supported in Tricircle. Meanwhile, OpenStack uses Zun
|
||||
component to provide container management service, OpenStack also use
|
||||
kuyr component and kuryr-libnetwork component to provide container network.
|
||||
In view of the Tricircle Central_Neutron-Local_Neutron fashion, Tricircle work
|
||||
with zun and kuryr will provide a cross-region container management solution.
|
||||
This guide is to describe how tricircle work with container management and how
|
||||
to deploy a multi-region container environment.
|
||||
|
||||
|
||||
Prerequisite
|
||||
^^^^^^^^^^^^
|
||||
|
||||
In this guide, we need specific versions of the zun project and
|
||||
kuryr project source code. The source code versions of both projects
|
||||
must be the Train version and upper. If not, we need to manually change
|
||||
the source code for both projects. The modification example is as follows:
|
||||
|
||||
- 1 Zun Source Code Modification:
|
||||
For Zun project, we need modify the **neutron** function
|
||||
in /zun/zun/common/clients.py file.
|
||||
(The '+' sign represents the added line)
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
def neutron(self):
|
||||
if self._neutron:
|
||||
return self._neutron
|
||||
|
||||
session = self.keystone().session
|
||||
session.verify = self._get_client_option('neutron', 'ca_file') or True
|
||||
if self._get_client_option('neutron', 'insecure'):
|
||||
session.verify = False
|
||||
endpoint_type = self._get_client_option('neutron', 'endpoint_type')
|
||||
+ region_name = self._get_client_option('neutron', 'region_name')
|
||||
self._neutron = neutronclient.Client(session=session,
|
||||
endpoint_type=endpoint_type,
|
||||
+ region_name=region_name)
|
||||
|
||||
return self._neutron
|
||||
|
||||
- 2 Kuryr Source Code Modification:
|
||||
For kuryr project, we need modify the **get_neutron_client** function
|
||||
in /kuryr/kuryr/lib/utils.py file.
|
||||
(The '+' sign represents the added line)
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
def get_neutron_client(*args, **kwargs):
|
||||
conf_group = kuryr_config.neutron_group.name
|
||||
auth_plugin = get_auth_plugin(conf_group)
|
||||
session = get_keystone_session(conf_group, auth_plugin)
|
||||
endpoint_type = getattr(getattr(cfg.CONF, conf_group), 'endpoint_type')
|
||||
+ region_name = getattr(getattr(cfg.CONF, conf_group), 'region_name')
|
||||
|
||||
return client.Client(session=session,
|
||||
auth=auth_plugin,
|
||||
endpoint_type=endpoint_type,
|
||||
+ region_name=region_name)
|
||||
|
||||
|
||||
Setup
|
||||
^^^^^
|
||||
|
||||
In this guide we take two nodes deployment as an example, the node1 run as RegionOne and
|
||||
Central Region, the node2 run as RegionTwo.
|
||||
|
||||
- 1 For the node1 in RegionOne and the node2 in RegionTwo, clone the code from Zun repository
|
||||
and Kuryr repository to /opt/stack/ . If the code does not meet the requirements described
|
||||
in the Prerequisite Section, modify it with reference to the modification example of the Prerequisite Section.
|
||||
|
||||
- 2 Follow "Multi-pod Installation with DevStack" document `Multi-pod Installation with DevStack <https://docs.openstack.org/tricircle/latest/install/installation-guide.html#multi-pod-installation-with-devstack>`_
|
||||
to prepare your local.conf for the node1 in RegionOne and the node12 in RegionTwo, and add the
|
||||
following lines before installation. Start DevStack in node1 and node2.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
enable_plugin zun https://git.openstack.org/openstack/zun
|
||||
enable_plugin zun-tempest-plugin https://git.openstack.org/openstack/zun-tempest-plugin
|
||||
enable_plugin devstack-plugin-container https://git.openstack.org/openstack/devstack-plugin-container
|
||||
enable_plugin kuryr-libnetwork https://git.openstack.org/openstack/kuryr-libnetwork
|
||||
|
||||
KURYR_CAPABILITY_SCOPE=local
|
||||
KURYR_PROCESS_EXTERNAL_CONNECTIVITY=False
|
||||
|
||||
- 3 After DevStack successfully started and finished, we need make some configuration changes to
|
||||
Zun component and Kuryr component in node1 and node2.
|
||||
|
||||
- For Zun in node1, modify the /etc/zun/zun.conf
|
||||
|
||||
.. csv-table::
|
||||
:header: "Group", "Option", "Value"
|
||||
|
||||
[neutron_client], region_name, RegionOne
|
||||
|
||||
- Restart all the services of Zun in node1.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ sudo systemctl restart devstack@zun*
|
||||
|
||||
- For Kuryr in node1, modify the /etc/kuryr/kuryr.conf
|
||||
|
||||
.. csv-table::
|
||||
:header: "Group", "Option", "Value"
|
||||
|
||||
[neutron], region_name, RegionOne
|
||||
|
||||
- Restart all the services of Kuryr in node1.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ sudo systemctl restart devstack@kur*
|
||||
|
||||
- For Zun in node2, modify the /etc/zun/zun.conf
|
||||
|
||||
.. csv-table::
|
||||
:header: "Group", "Option", "Value"
|
||||
|
||||
[neutron_client], region_name, RegionTwo
|
||||
|
||||
- Restart all the services of Zun in node2.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ sudo systemctl restart devstack@zun*
|
||||
|
||||
- For Kuryr in node2, modify the /etc/kuryr/kuryr.conf
|
||||
|
||||
.. csv-table::
|
||||
:header: "Group", "Option", "Value"
|
||||
|
||||
[neutron], region_name, RegionTwo
|
||||
|
||||
- Restart all the services of Zun in node2.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ sudo systemctl restart devstack@kur*
|
||||
|
||||
- 4 Then, we must create environment variables for the admin user and use the admin project.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ source openrc admin admin
|
||||
$ unset OS_REGION_NAME
|
||||
|
||||
- 5 Finally, use tricircle client to create pods for multi-region.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ openstack --os-region-name CentralRegion multiregion networking pod create --region-name CentralRegion
|
||||
$ openstack --os-region-name CentralRegion multiregion networking pod create --region-name RegionOne --availability-zone az1
|
||||
$ openstack --os-region-name CentralRegion multiregion networking pod create --region-name RegionTwo --availability-zone az2
|
||||
|
||||
|
||||
How to play
|
||||
^^^^^^^^^^^
|
||||
|
||||
- 1 Create container glance image in RegionOne and RegionTwo.
|
||||
|
||||
- Get docker image from Docker Hub. Run these command in the node1 and the node2.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ docker pull cirros
|
||||
$ docker save cirros -o /opt/stack/container_cirros
|
||||
|
||||
- Use glance client to create container image.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ glance --os-region-name=RegionOne image-create --file /opt/stack/container_cirros --container-format=docker --disk-format=raw --name container_cirros --progress
|
||||
$ glance --os-region-name=RegionTwo image-create --file /opt/stack/container_cirros --container-format=docker --disk-format=raw --name container_cirros --progress
|
||||
|
||||
$ openstack --os-region-name RegionOne image list
|
||||
|
||||
+--------------------------------------+--------------------------+--------+
|
||||
| ID | Name | Status |
|
||||
+--------------------------------------+--------------------------+--------+
|
||||
| 11186baf-4381-4e52-956c-22878b0642df | cirros-0.4.0-x86_64-disk | active |
|
||||
| 87864205-4352-4a2c-b9b1-ca95df52c93c | container_cirros | active |
|
||||
+--------------------------------------+--------------------------+--------+
|
||||
|
||||
$ openstack --os-region-name RegionTwo image list
|
||||
|
||||
+--------------------------------------+--------------------------+--------+
|
||||
| ID | Name | Status |
|
||||
+--------------------------------------+--------------------------+--------+
|
||||
| cd062c19-bb3a-4f60-b5ef-9688eb67b3da | container_cirros | active |
|
||||
| cf4a2dc7-6d6e-4b7e-a772-44247246e1ff | cirros-0.4.0-x86_64-disk | active |
|
||||
+--------------------------------------+--------------------------+--------+
|
||||
|
||||
- 2 Create container network in CentralRegion.
|
||||
|
||||
- Create a net in CentralRegion.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ openstack --os-region-name CentralRegion network create container-net
|
||||
|
||||
+---------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
| Field | Value |
|
||||
+---------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
| admin_state_up | UP |
|
||||
| availability_zone_hints | |
|
||||
| availability_zones | None |
|
||||
| created_at | None |
|
||||
| description | None |
|
||||
| dns_domain | None |
|
||||
| id | 5e73dda5-902b-4322-b5b6-4121437fde26 |
|
||||
| ipv4_address_scope | None |
|
||||
| ipv6_address_scope | None |
|
||||
| is_default | None |
|
||||
| is_vlan_transparent | None |
|
||||
| location | cloud='', project.domain_id='default', project.domain_name=, project.id='2f314a39de10467bb62745bd96c5fe4d', project.name='admin', region_name='CentralRegion', zone= |
|
||||
| mtu | None |
|
||||
| name | container-net |
|
||||
| port_security_enabled | False |
|
||||
| project_id | 2f314a39de10467bb62745bd96c5fe4d |
|
||||
| provider:network_type | vxlan |
|
||||
| provider:physical_network | None |
|
||||
| provider:segmentation_id | 1070 |
|
||||
| qos_policy_id | None |
|
||||
| revision_number | None |
|
||||
| router:external | Internal |
|
||||
| segments | None |
|
||||
| shared | False |
|
||||
| status | ACTIVE |
|
||||
| subnets | |
|
||||
| tags | |
|
||||
| updated_at | None |
|
||||
+---------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
|
||||
- Create a subnet in container-net
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ openstack --os-region-name CentralRegion subnet create --subnet-range 10.0.60.0/24 --network container-net container-subnet
|
||||
|
||||
+-------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
| Field | Value |
|
||||
+-------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
| allocation_pools | 10.0.60.2-10.0.60.254 |
|
||||
| cidr | 10.0.60.0/24 |
|
||||
| created_at | 2019-12-10T07:13:21Z |
|
||||
| description | |
|
||||
| dns_nameservers | |
|
||||
| enable_dhcp | True |
|
||||
| gateway_ip | 10.0.60.1 |
|
||||
| host_routes | |
|
||||
| id | b7a7adbd-afd3-4449-9cbc-fbce16c7a2e7 |
|
||||
| ip_version | 4 |
|
||||
| ipv6_address_mode | None |
|
||||
| ipv6_ra_mode | None |
|
||||
| location | cloud='', project.domain_id='default', project.domain_name=, project.id='2f314a39de10467bb62745bd96c5fe4d', project.name='admin', region_name='CentralRegion', zone= |
|
||||
| name | container-subnet |
|
||||
| network_id | 5e73dda5-902b-4322-b5b6-4121437fde26 |
|
||||
| prefix_length | None |
|
||||
| project_id | 2f314a39de10467bb62745bd96c5fe4d |
|
||||
| revision_number | 0 |
|
||||
| segment_id | None |
|
||||
| service_types | None |
|
||||
| subnetpool_id | None |
|
||||
| tags | |
|
||||
| updated_at | 2019-12-10T07:13:21Z |
|
||||
+-------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
|
||||
- 3 Create container in RegionOne and RegionTwo.
|
||||
|
||||
.. note:: We can give container a specific command to run it continually, e.g. "sudo nc -l -p 5000" .
|
||||
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ openstack --os-region-name RegionOne appcontainer run --name container01 --net network=$container_net_id --image-driver glance $RegionTwo_container_cirros_id sudo nc -l -p 5000
|
||||
|
||||
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
| Field | Value |
|
||||
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
| tty | False |
|
||||
| addresses | None |
|
||||
| links | [{u'href': u'http://192.168.1.81/v1/containers/ca67055c-635d-4603-9b0b-19c16eed7ef9', u'rel': u'self'}, {u'href': u'http://192.168.1.81/containers/ca67055c-635d-4603-9b0b-19c16eed7ef9', u'rel': u'bookmark'}] |
|
||||
| image | 87864205-4352-4a2c-b9b1-ca95df52c93c |
|
||||
| labels | {} |
|
||||
| disk | 0 |
|
||||
| security_groups | None |
|
||||
| image_pull_policy | None |
|
||||
| user_id | 57df611fd8c7415dad6d2530bf962ecd |
|
||||
| uuid | ca67055c-635d-4603-9b0b-19c16eed7ef9 |
|
||||
| hostname | None |
|
||||
| auto_heal | False |
|
||||
| environment | {} |
|
||||
| memory | 0 |
|
||||
| project_id | 2f314a39de10467bb62745bd96c5fe4d |
|
||||
| privileged | False |
|
||||
| status | Creating |
|
||||
| workdir | None |
|
||||
| healthcheck | None |
|
||||
| auto_remove | False |
|
||||
| status_detail | None |
|
||||
| cpu_policy | shared |
|
||||
| host | None |
|
||||
| image_driver | glance |
|
||||
| task_state | None |
|
||||
| status_reason | None |
|
||||
| name | container01 |
|
||||
| restart_policy | None |
|
||||
| ports | None |
|
||||
| command | [u'sudo', u'nc', u'-l', u'-p', u'5000'] |
|
||||
| runtime | None |
|
||||
| registry_id | None |
|
||||
| cpu | 0.0 |
|
||||
| interactive | False |
|
||||
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
|
||||
$ openstack --os-region-name RegionOne appcontainer list
|
||||
|
||||
+--------------------------------------+-------------+--------------------------------------+---------+------------+------------+-------+
|
||||
| uuid | name | image | status | task_state | addresses | ports |
|
||||
+--------------------------------------+-------------+--------------------------------------+---------+------------+------------+-------+
|
||||
| ca67055c-635d-4603-9b0b-19c16eed7ef9 | container01 | 87864205-4352-4a2c-b9b1-ca95df52c93c | Running | None | 10.0.60.62 | [] |
|
||||
+--------------------------------------+-------------+--------------------------------------+---------+------------+------------+-------+
|
||||
|
||||
|
||||
$ openstack --os-region-name RegionTwo appcontainer run --name container02 --net network=$container_net_id --image-driver glance $RegionTwo_container_cirros_id sudo nc -l -p 5000
|
||||
|
||||
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
| Field | Value |
|
||||
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
| tty | False |
|
||||
| addresses | None |
|
||||
| links | [{u'href': u'http://192.168.1.82/v1/containers/c359e48c-7637-4d9f-8219-95a4577683c3', u'rel': u'self'}, {u'href': u'http://192.168.1.82/containers/c359e48c-7637-4d9f-8219-95a4577683c3', u'rel': u'bookmark'}] |
|
||||
| image | cd062c19-bb3a-4f60-b5ef-9688eb67b3da |
|
||||
| labels | {} |
|
||||
| disk | 0 |
|
||||
| security_groups | None |
|
||||
| image_pull_policy | None |
|
||||
| user_id | 57df611fd8c7415dad6d2530bf962ecd |
|
||||
| uuid | c359e48c-7637-4d9f-8219-95a4577683c3 |
|
||||
| hostname | None |
|
||||
| auto_heal | False |
|
||||
| environment | {} |
|
||||
| memory | 0 |
|
||||
| project_id | 2f314a39de10467bb62745bd96c5fe4d |
|
||||
| privileged | False |
|
||||
| status | Creating |
|
||||
| workdir | None |
|
||||
| healthcheck | None |
|
||||
| auto_remove | False |
|
||||
| status_detail | None |
|
||||
| cpu_policy | shared |
|
||||
| host | None |
|
||||
| image_driver | glance |
|
||||
| task_state | None |
|
||||
| status_reason | None |
|
||||
| name | container02 |
|
||||
| restart_policy | None |
|
||||
| ports | None |
|
||||
| command | [u'sudo', u'nc', u'-l', u'-p', u'5000'] |
|
||||
| runtime | None |
|
||||
| registry_id | None |
|
||||
| cpu | 0.0 |
|
||||
| interactive | False |
|
||||
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
||||
|
||||
$ openstack --os-region-name RegionTwo appcontainer list
|
||||
|
||||
+--------------------------------------+-------------+--------------------------------------+---------+------------+-------------+-------+
|
||||
| uuid | name | image | status | task_state | addresses | ports |
|
||||
+--------------------------------------+-------------+--------------------------------------+---------+------------+-------------+-------+
|
||||
| c359e48c-7637-4d9f-8219-95a4577683c3 | container02 | cd062c19-bb3a-4f60-b5ef-9688eb67b3da | Running | None | 10.0.60.134 | [] |
|
||||
+--------------------------------------+-------------+--------------------------------------+---------+------------+-------------+-------+
|
||||
|
||||
- 4 Execute container in RegionOne and RegionTwo.
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ openstack --os-region-name RegionOne appcontainer exec --interactive container01 /bin/sh
|
||||
$ openstack --os-region-name RegionTwo appcontainer exec --interactive container02 /bin/sh
|
||||
|
||||
- 5 By now, we successfully created multi-region container scenario. So we can do something
|
||||
on cross-region container, e.g. 1) RegionOne container ping RegionTwo container 2) Cross-Region Container Load Balancing.
|
Loading…
Reference in New Issue