[openstack-dev] [tripleo] Updates on the TripleO on Kubernetes work

Flavio Percoco flavio at redhat.com
Thu Nov 16 13:44:36 UTC 2017


Hi Team,

I wanted to take a chance to send some updates about the work that we have been
doing on the Kubernetes side of things and how things are progressing. As you
read this update, please bear in mind that we are still at the early stages of
this work and there are many things under discussion, as WIP, discussed but not
implemented, etc. I'm sure many of you have many questions and I hope we will be
able to answer them all as the work progresses. For now, let's take the update
bellow and see where we are headed from here:

Kubernetes on the overcloud
===========================

The work on this front started with 2[0][1] patches that some of you might have
seen and then evolved into using the config download mechanism to execute these
tasks as part of the undercloud tasks[2][3] (Thanks a bunch, Jiri, for your work
here). Note that [0] needs to be refactored to use the same mechanism used in
[2].

There are quite a few things to improve here:

- How to configure/manage the loadbalancer/vips on the overcloud Kubespray is
- currently being cloned and we need to build a package for it More CI is likely
- needed for this work

[0] https://review.openstack.org/494470
[1] https://review.openstack.org/471759
[2] https://review.openstack.org/#/c/511272/
[3] https://review.openstack.org/#/c/514730/

Ansible roles for k8s
=====================

We discussed and did research[0] on the topic of whether we should use ansible
or some other tool to deploy OpenStack services on Kubernetes. The conclusion
from that topic was that TripleO would be better fit by a solution based on pure
ansible modules and that's the work we have been pushing forward.

As some of you might have noticed, we started importing some of the roles that
were created for the PoC[0] into openstack. So far we have imported 3 roles
(mariadb, keystone, tripleo) and there are more to come[1] but before importing
the remaining roles, we would like to nail down the CI jobs for the ones that
have been imported.

You'll notice that these roles don't mention tripleo in their name (except for
the tripleo one) because they are intended to be consumed not only by TripleO.
Hopefully, they'll grow into more robust roles that will be consumed by other
tools.

[0] http://lists.openstack.org/pipermail/openstack-dev/2017-July/119696.html
[1] https://github.com/tripleo-apb

CI for the ansible-role-k8s-* repos
===================================

If you look closely to these repos, you'll notice that these roles can be run
standalone, in full Ansible fashion. To follow the same strategy, the first jobs
that have been added test the ability to deploy these roles with the minimum set
of requirements. For example, the ansible-role-k8s-mariadb role is deployed
without extra dependencies, whereas the ansible-role-k8s-keystone role requires
the ansible-role-k8s-mariadb.

This is very very very basic testing. I'm working on running tempest jobs for
openstack services as I write this email and I'll be working on full-blown
integration jobs as soon as we nail some of these basic jobs down.

If we compare what's been done so far to what we have in the rest of tripleo, it
doesn't sound too exciting. It's great progress, nonetheless.

In addition to the things missing in our CI effort, we would also like to build
a CI job that is consumable by other projects in the community (or, eventually,
consume some of the jobs created by other projects in the community).[0]

[0] https://etherpad.openstack.org/p/tripleo-ptg-queens-kolla-collaboration

Integration with TripleO Heat Templates
=======================================

This work is on-going and you should eventually see some patches popping-up on
the reviews list. One of the goals, besides consuming these ansible roles from
t-h-t, is to be able to create a PoC for upgrades and have an end-to-end
test/demo of this work.

As we progress, we are trying to nail down an end-to-end deployment before
creating roles for all the services that are currently supported by TripleO. We
will be adding projects as needed with a focus on the end-to-end goal.

As a final note, we're collecting patches and updates on this etherpad[0] and
we'll provide more concrete updates on the containers squad etherpad as well.
Admitedly, we should be sending updates like this one more often so, I commit to
do so.

[0] https://etherpad.openstack.org/p/tripleo-on-kubernetes

Flavio

--
@flaper87
Flavio Percoco
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20171116/3a5b8d90/attachment.sig>


More information about the OpenStack-dev mailing list