Openstack and Docker – Part 1 | Sreenivas Makam's Blog

In this blog, I will cover the different ways in which Openstack can create and manage Docker Containers. The 3 predominant approaches are using Nova Docker driver, Heat Docker plugin and Magnum. Magnum is pretty new and is under development. Openstack is opensource cloud orchestration software and Docker is opensource container management software. For this blog, I am assuming users are already familiar with Openstack and Docker. There are lot of resources for learning Openstack and Docker available in the web, my blogs related to these topics can be found here and here.

Nova Docker Driver:

Nova typically manages VMs. In this approach, Nova driver is extended to spawn Docker Containers. Following is the architecture diagram mentioned in the Nova Docker wiki.

To spawn containers Nova compute driver is pointed to Docker driver.
Nova Docker Virt driver talks to Docker agent using http api calls.
Docker images are stored in the Docker registry and images are exported to glance from Docker registry which Nova uses to create Containers.

Nova Docker driver with Devstack:

I followed the procedure mentioned in this wiki to get Nova Docker driver working with Openstack Devstack Kilo. There were few minor tweaks I had to do to get it working in my system. I used Ubuntu 14.04 VM running in Virtualbox for the tests below. Following are the major steps:

Install docker
Install Nova docker plugin
Do stacking of Devstack
Install nova-docker rootwrap filters
Apply Kilo workaround
Create docker images and export to glance
Spawn Docker containers from Nova.

1. Install Docker:

Docker can be installed using the procedure here. Following is the version running in my system. I enabled user access so that I dont have to run sudo for each Docker command.

$ docker --version
Docker version 1.6.2, build 7c8fca2

2. Install Nova docker plugin

The procedure mentioned in the wiki works fine. I used stable branch kilo when I checked out the driver.

git clone -b stable/kilo https://github.com/stackforge/nova-docker.git

Following is the version after successful install:

$ sudo pip list | grep nova-docker
nova-docker (0.0.1.dev197)

3. Stacking of Devstack

First, checkout devstack Kilo codebase.

git clone -b stable/kilo https://github.com/openstack-dev/devstack.git

I modified the local.conf file a little. My modified version is available here. Next, do the stacking.

cd devstack;./stack.sh

4. Install nova-docker rootwrap filters

The procedure mentioned in the wiki works good.

sudo cp nova-docker/etc/nova/rootwrap.d/docker.filters \
  /etc/nova/rootwrap.d/

5. Apply Kilo workaround

Stacking throws up the following error:

2015-06-03 22:28:57.870 ERROR nova.openstack.common.threadgroup [req-f89bc2cd-5fcc-42e4-a588-ef92ab101fb3 None None] 'module' object has no attribute 'DOCKER'
n-cpu.log.2015-06-03-222501:2015-06-03 22:28:57.870 TRACE nova.openstack.common.threadgroup AttributeError: 'module' object has no attribute 'DOCKER'

The same issue was discussed in Openstack mailing list and the solution was to edit docker driver file. In my case, file was located at “/usr/local/lib/python2.7/dist-packages/novadocker/virt/docker”.

6. Create docker images and export to glance

I first pulled nginx container from Docker hub using “docker pull nginx”

$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
nginx               latest              a785ba7493fd        2 weeks ago         132.9 MB

Then, we save the image to glance.

docker save nginx |  glance image-create --is-public=True --container-format=docker --disk-format=raw --name nginx

Now, looking at glance image list, we can see docker image along with other instance images. We can see that nginx type is docker.

$ glance image-list
+--------------------------------------+---------------------------------+-------------+------------------+-----------+--------+
| ID                                   | Name                            | Disk Format | Container Format | Size      | Status |
+--------------------------------------+---------------------------------+-------------+------------------+-----------+--------+
| dfcf5dc8-c644-4a55-acce-8a4b2b90900f | cirros-0.3.2-x86_64-uec         | ami         | ami              | 25165824  | active |
| 1811b08b-792c-4c66-b120-4209353d9d83 | cirros-0.3.2-x86_64-uec-kernel  | aki         | aki              | 4969360   | active |
| 891e28df-3c69-47dc-a340-cfe68d40cbf5 | cirros-0.3.2-x86_64-uec-ramdisk | ari         | ari              | 3723817   | active |
| 3736e3f4-7fc1-49ad-9688-90a2764c6865 | nginx                           | raw         | docker           | 139358208 | active |
+--------------------------------------+---------------------------------+-------------+------------------+-----------+--------+

7. Spawn Docker Containers from Nova
Lets create a nginx container with the image we created in Glance. The flavor actually does not matter.

nova boot --flavor m1.small --image nginx nginxtest

Lets look at the running Docker containers in host machine.

$ docker ps
CONTAINER ID        IMAGE               COMMAND                CREATED             STATUS              PORTS               NAMES
4f514bc59a41        nginx:latest        "nginx -g 'daemon of   12 seconds ago      Up 11 seconds                           nova-931335f8-ac5c-4c28-967b-25b9474ab2de

Lets list the Nova instances:

$ nova list
+--------------------------------------+-----------+--------+------------+-------------+------------------+
| ID                                   | Name      | Status | Task State | Power State | Networks         |
+--------------------------------------+-----------+--------+------------+-------------+------------------+
| 931335f8-ac5c-4c28-967b-25b9474ab2de | nginxtest | ACTIVE | -          | Running     | private=10.0.0.5 |
+--------------------------------------+-----------+--------+------------+-------------+------------------+

To verify if nginx is running fine:

$ curl 10.0.0.5Welcome to nginx!
|
|

Thank you for using nginx.

References:

Note:

Picture used in this blog is from references.

11 thoughts on “Openstack and Docker – Part 1”

Pingback: Openstack and Docker – Part 2 | Sreenivas Makam's Blog
Liyingjie says:

June 29, 2015 at 12:40 am

We have translated your articles to Chinese.Very great article:http://dockone.io/article/475

1. Sreenivas Makam says:
  
  June 29, 2015 at 3:30 am
  
  Thats great to hear, thanks for letting me know.
  
  Sreenivas
  
Dean Meehan says:

September 21, 2015 at 4:30 pm

Any chance of some tips in working / setting up magnum? It’s still new but I’d love to get it fired up!

1. Sreenivas Makam says:
  
  September 21, 2015 at 4:35 pm
  
  Had issues when I tried it last(captured in https://sreeninet.wordpress.com/2015/06/14/openstack-and-docker-part-2/), will try again in next few weeks and update.
  
Pingback: ¿OpenStack o docker? | Desde lo alto del Cerro
Pradeep says:

October 28, 2015 at 6:02 am

Excellent article. I have a fundamental question. I saw a presentation in Vancouver summit where dome compute nodes can be used for launching VM’s and a specific compute node can be used for launching dockers using availability zones.
I assume, the compute driver should be set to docker only in the compute node that’s meant to run docker? compute_driver=novadocker.virt.docker.DockerDriver.
Should there be any changes in the controller node? It also appears like the main devstack has support for dockers and no special commands like below need to be run as given in the wiki?
./contrib/devstack/prepare_devstack.sh

Thanks,
KP

Mansoor says:

December 9, 2015 at 9:23 am

I got below errors :
Error: Service n-cpu is not running

df: ‘/run/user/112/gvfs’: Permission denied

Pingback: 使用OpenStack管理Docker容器（一）-鲸鱼云
Pingback: Docker Links – Best resources links
Pingback: Docker Links – Welcome