There’s lots of talk about multi-cloud environments, but not everyone realizes it’s already possible to create a single cloud that can span, say, OpenStack and Google Container Engine. Last month Bhasker Nallapothula of Biarca joined Mirantis’ Ihor Dvoretskyi and John Jainschigg in giving a webinar showing how it’s done with a combination of OpenStack Murano, Kubernetes, and OpenVPN. Here’s the Q&A.
Q: Why demonstrate Hybrid-Scaleout with Kubernetes and Murano on devstack rather than MOS 7.0?
Q: Why GCE and why not AWS or other public cloud for integration story?
A: We wanted to stabilize the full app against one remote Kubernetes host before enabling more hosts (and Kubernetes implementations on those hosts) as options, which we envision doing.
Q: What other VPN services are possible?
A: GCE and AWS each have their own VPN services made available for subscription. Having a VPN connectivity solution not tied to a vendor is the USP of going with the OpenVPN solution.
Q: Why did you use C-Advisor? Are there other metrics tools to work with?
A: cAdvisor comes native with Kubernetes installation, so it was easy to quickly build a demonstrable metrics driven auto scaling infrastructure solution. Other possibilities for a Kubernetes cluster would be Heapster, also from Google, and tools from 3rd party vendors such as zabbix and sysdig.
Q: Why Murano?
A: Murano is maturing to be a good application deployment vehicle on OpenStack. Besides, the Murano App catalog already includes a base, readily deployable, Kubernetes Application. It was a matter of extending and building up the existing Kubernetes application from the Murano App Catalog.
Q: What are the benefits of using Kubernetes, why can’t we set up a similar environment using pure Docker?
A: If course you can. But if you are going to configure and manage a highly-loaded cluster, as opposed to single containers, the best solutions will be to use some kind of container cluster orchestration tool. One of the most popular, and possibly the most mature container orchestration tool, is Kubernetes.
Q: What is the configuration on Kubernetes and GCE to see all these minion nodes as one cluster? Is it account based?
First of all, it has to be clarified that Kubernetes itself is a higher level of infrastructure and application abstraction. It doesn’t matter to Kubernetes, on what environment the cluster runs – it is isolated from the underlying level. We have created a Murano package that sets up an OpenVPN connection between the OpenStack cluster and GCE, but for Kubernetes, it is a single environment.
Q: Which mechanism is used to onboard the Public Cloud nodes where the Minion Apps are instantiated ?
There are 2 aspects to this question.
- For each node that already exists in GCE under the user account, its Public IPs are added in the Murano hybrid configuration screen. The OpenVPN fabric then provisions this node to be part of the Kubernetes cluster-ip pool.
- Then the Murano Kubernetes recipe on the master node takes over this node and brings up required Kubernetes client node services (kubelet, etcd), and finally completes on-boarding to the cluster through the etcd service.
Q: Utilization metrics like CPU shown in the demo, will those metrics be captured with ceilometer for the cluster overall and/or nodes or only through logs?
A: Because these are Kubernetes cluster metrics that we are monitoring, we are using a Kubernetes native metric service such as cAdvisor that runs on master node to monitor Kubernetes nodes on the cluster. Also, Ceilometer may not be suitable across Hybrid cloud, while cAdvisor is available in every cloud in which Kubernetes runs.
Q: Is there a solution to support automation and management of both Openstack and AWS?
A: Most of the universal solutions used for cloud automation and management are compatible either with OpenStack or with AWS – if we are speaking about the most common tools like Puppet, Chef, Ansible or SaltStack. At the same time, if you’d like to extend capabilities of OpenStack to AWS or other public cloud system, you may use Murano applications for that (as we have described in the demo during the webinar session).