[openstack-dev] [TripleO] Let's use Ansible to deploy OpenStack services on Kubernetes
Flavio Percoco
flavio at redhat.com
Fri Jul 14 16:41:41 UTC 2017
First and foremost I just realized that I forgot to tag kolla and openstack-helm
in the subject so, I apologize. I'm glad the subject was catchy enough to get
your attention.
Just want to raise here what I just mentioned on IRC:
It's late in EU so I shouldn't be here right now but, I do want to point out
that, as usual, I asked for feedback and clarifications from everyone in this
thread.
I'm not trying to re-invent the wheel. What's in my original email is my
conclusion based on a research I did across the different tools there are. I
can, of course, be wrong and I'd like you all to help us by providing feedback.
I'm not expecting sales pitches but I'd love to have a more technical discussion
on how we can, hopefully, make this work.
On 14/07/17 16:16 +0000, Fox, Kevin M wrote:
>https://xkcd.com/927/
>
>I don't think adopting helm as a dependency adds more complexity then writing more new k8s object deployment tooling?
>
>There are efforts to make it easy to deploy kolla-kubernetes microservice charts using ansible for orchestration in kolla-kubernetes. See:
>https://review.openstack.org/#/c/473588/
>What kolla-kubernetes brings to the table is a tested/shared base k8s object layer. Orchestration is done by ansible via TripleO, and the solutions already found/debugged to how to deploy OpenStack in containers on Kubernetes can be reused/shared.
>
>See for example:
>https://github.com/tripleo-apb/ansible-role-k8s-keystone/blob/331f405bd3f7ad346d99e964538b5b27447a0ebf/provision-keystone-apb/tasks/main.yaml
>
>I don't see much by way of dealing with fernet token rotation. That was a tricky bit of code to get to work, but kolla-kubernetes has a solution to it. You can get it by: helm install kolla/keystone-fernet-rotate-job.
It's just a PoC, don't take the implementation as definitive.
>We designed this layer to be shareable so we all can contribute to the commons rather then having every project reimplement their own and have to chase bugs across all the implementations. The deployment projects will be stronger together if we can share as much as possible.
>
>Please reconsider. I'd be happy to talk with you more if you want.
Let's talk, that's the whole point of this thread.
Flavio
--
@flaper87
Flavio Percoco
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20170714/a7c7bbaa/attachment.sig>
More information about the OpenStack-dev
mailing list