[openstack-dev] [neutron][kuryr][magnum] Magnum/Kuryr Integration

Gal Sagie gal.sagie at gmail.com
Fri Aug 14 05:11:46 UTC 2015


Thanks Daneyon for raising the integration in your IRC meeting and for
starting the ether pad. (i hope to attend your next online meeting)
As requested i will start writing a detailed spec about Kuryr where
everyone can add and comment.
We already have a basic design document [1] describing the mapping model to
Neutron API. (thanks to Taku)

We haven't made any hard decisions design wise, we have our goals and
roadmap but we are at a learning period
where we want to learn and understand the use cases and missing parts in
Neutron and in Containers networking to address them.
I believe (and i am sure the rest of Kuryr team agrees) that Magnum use
cases and integration is top priority for us and we want
to learn and work together with you guys.

At this stage we are focusing on mapping Kuryr to Neutron for host
containers networking (and all the configuration
options needed for that) and building containerised Neutron plugins (form
existing plugins)
with Kuryr adding the missing parts (VIF-binding the container to the
networking infrastructure).

It is obvious that this same solution can be applied to nested VM, but as
you mentioned in the IRC talk
this has its overhead and we want to provide agent less solution which fits
Magnum use cases.

Its important to note that Neutron doesn't nessaccraily mean the OVS-L2
Agent, this is just one implementation of Neutron
and we already have Neutron implementations which support the use cases of
containers in nested VM's
(And i am sure more will come in the future like Midonet)

For example if we look at OVN (which has Neutron plugin): (and i have CC'ed
shettyg from VMware which works on that for corrections/additions)

We can configure container ports in OVN that are in a nested VM (with a
parent-port) and attach these ports
to any logical Neutron network we desire (which can be different from the
port of the VM), OVN in the host will make sure to apply
all the needed logic in the host and in the VM docker only need to attach
the container port to OVS bridge with the correct VLAN
(Which is dynamically allocated by Neutron/OVN plugin).

I tried to keep this description minimal here but you can read more about
it in my blog [2] and also i intend to describe
this in more detail in the spec.
We want to formalise  his part with Kuryr to fit other solutions as well
(and future solutions) and adjust Neutron missing parts, and i believe with
something like that Magnum
can leverage nested containers without the overhead of agent in the VM
(Magnum or Kuryr at this point will need to just provide the binding and
VLAN attachment in the VM)

Hope that make sense and lets continue iterating in IRC/over email and in
Kuryr spec which i will provide next week.

Feel free to share any thoughts/comments you have on this

[1] https://github.com/openstack/kuryr/blob/master/doc/source/design.rst
[2] http://galsagie.github.io/sdn/openstack/ovs/2015/04/26/ovn-containers/


On Thu, Aug 13, 2015 at 10:16 PM, Daneyon Hansen (danehans) <
danehans at cisco.com> wrote:

>
> The Magnum Networking Subteam just concluded our weekly meeting. Feel free
> to review the logs[1], as Kuryr integration was an agenda topic that drew
> considerable discussion. An etherpad[2] has been created to foster
> collaboration on the topic. Kuryr integration is scheduled as a topic for
> next week’s agenda. It would be a big help if the Kuryr team can review the
> etherpad and have representation during next week's meeting[3]. I look
> forward to our continued collaboration.
>
> [1]
> http://eavesdrop.openstack.org/meetings/container_networking/2015/container_networking.2015-08-13-18.00.log.txt
> [2] https://etherpad.openstack.org/p/magnum-kuryr
> [3]
> https://wiki.openstack.org/wiki/Meetings/Containers#Container_Networking_Subteam_Meeting
>
> Regards,
> Daneyon Hansen
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>


-- 
Best Regards ,

The G.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150814/1fdf769e/attachment.html>


More information about the OpenStack-dev mailing list