[openstack-dev] [magnum][bp] Power Magnum to run on metal withHyper
Adrian Otto
adrian.otto at rackspace.com
Tue Jul 14 18:31:28 UTC 2015
Peng,
On Jul 13, 2015, at 8:37 PM, Peng Zhao <peng at hyper.sh<mailto:peng at hyper.sh>> wrote:
Thanks Adrian!
Hi, all,
Let me recap what is hyper and the idea of hyperstack.
Hyper is a single-host runtime engine. Technically,
Docker = LXC + AUFS
Hyper = Hypervisor + AUFS
where AUFS is the Docker image.
I do not understand the last line above. My understanding is that AUFS == UnionFS, which is used to implement a storage driver for Docker. Others exist for btrfs, and devicemapper. You select which one you want by setting an option like this:
DOCKEROPTS="-s devicemapper”
Are you trying to say that with Hyper, AUFS is used to provide layered Docker image capability that are shared by multiple hypervisor guests?
My guess is that you are trying to articulate that a host running Hyper is a 1:1 substitute for a host running Docker, and will respond using the Docker remote API. This would result in containers running on the same host that have a superior security isolation than they would if LXC was used as the backend to Docker. Is this correct?
Due to the shared-kernel nature of LXC, Docker lacks of the necessary isolation in a multi-tenant CaaS platform, and this is what Hyper/hypervisor is good at.
And because of this, most CaaS today run on top of IaaS: https://trello-attachments.s3.amazonaws.com/55545e127c7cbe0ec5b82f2b/388x275/e286dea1266b46c1999d566b0f9e326b/iaas.png
Hyper enables the native, secure, bare-metal CaaS https://trello-attachments.s3.amazonaws.com/55545e127c7cbe0ec5b82f2b/395x244/828ad577dafb3f357e95899e962651b2/caas.png
From the tech stack perspective, Hyperstack turns Magnum o run in parallel with Nova, not running on atop.
For this to work, we’d expect to get a compute host from Heat, so if the bay type were set to “hyper”, we’d need to use a template that can produce a compute host running Hyper. How would that host be produced, if we do not get it from nova? Might it make more sense to make a dirt driver for nova that could produce a Hyper guest on a host already running the nova-compute agent? That way Magnum would not need to re-create any of Nova’s functionality in order to produce nova instances of type “hyper”.
Is Hyper compatible with libvirt?
Can Hyper support nested Docker containers within the Hyper guest?
Thanks,
Adrian Otto
Best,
Peng
------------------ Original ------------------
From: "Adrian Otto"<adrian.otto at rackspace.com<mailto:adrian.otto at rackspace.com>>;
Date: Tue, Jul 14, 2015 07:18 AM
To: "OpenStack Development Mailing List (not for usage questions)"<openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>>;
Subject: Re: [openstack-dev] [magnum][bp] Power Magnum to run on metal withHyper
Team,
I woud like to ask for your input about adding support for Hyper in Magnum:
https://blueprints.launchpad.net/magnum/+spec/hyperstack
We touched on this in our last team meeting, and it was apparent that achieving a higher level of understanding of the technology before weighing in about the directional approval of this blueprint. Peng Zhao and Xu Wang have graciously agreed to respond to this thread to address questions about how the technology works, and how it could be integrated with Magnum.
Please take a moment to review the blueprint, and ask your questions here on this thread.
Thanks,
Adrian Otto
On Jul 2, 2015, at 8:48 PM, Peng Zhao <peng at hyper.sh<mailto:peng at hyper.sh>> wrote:
Here is the bp of Magnum+Hyper+Metal integration: https://blueprints.launchpad.net/magnum/+spec/hyperstack
Wanted to hear more thoughts and kickstart some brainstorming.
Thanks,
Peng
-----------------------------------------------------
Hyper - Make VM run like Container
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request at lists.openstack.org<mailto:OpenStack-dev-request at lists.openstack.org>?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request at lists.openstack.org<mailto:OpenStack-dev-request at lists.openstack.org>?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150714/56db6255/attachment.html>
More information about the OpenStack-dev
mailing list