Nova Docker driver

Blog
Search…
Blog
Welcome to egonzalez blog
Hacking
Index
OpenStack
Docker and DevOps
Index
Nova Docker driver
Cloud computing has evolved too fast over the last years, currently is a totally different thing as the 5 years ago cloud, today is a common thing listening words like containers, instances, microservices, queue messages on linkedin, twitter, etc.
OpenStack is not a lazy community, new capabilities are daily added to the OpenStack catalog reaching more users and business needs who are discovered at the several summits and meetups over the world. One of that needs is the capability to easy create and manage docker containers. 
Now we have two main methods, directly launching instances as containers from nova driver or with heat/kubernetes/messos. 
The second method is the one with more followers, but there are some projects which are using nova driver as Solum, for this reason I'm going to show you how to configure docker as nova driver.
The fist step is install docker on the compute nodes
1
curl -sSL https://get.docker.com/ | sh
2
​
3
+ sh -c 'sleep 3; yum -y -q install docker-engine'
4
advertencia:/var/cache/yum/x86_64/7/docker-main-repo/packages/docker-engine-selinux-1.9.1-1.el7.centos.noarch.rpm: EncabezadoV4 RSA/SHA512 Signature, ID de clave 2c52609d: NOKEY
5
No se ha instalado la llave pública de docker-engine-selinux-1.9.1-1.el7.centos.noarch.rpm
6
Importando llave GPG 0x2C52609D:
7
Usuarioid  : "Docker Release Tool (releasedocker) <[email protected]>"
8
Huella       : 5811 8e89 f3a9 1289 7c07 0adb f762 2157 2c52 609d
9
Desde      : https://yum.dockerproject.org/gpg
10
Full path required for exclude: net:[4026532228].
11
Full path required for exclude: net:[4026532228].
12
Full path required for exclude: net:[4026532285].
13
Full path required for exclude: net:[4026532285].
14
Full path required for exclude: net:[4026532228].
15
Full path required for exclude: net:[4026532228].
16
Full path required for exclude: net:[4026532285].
17
Full path required for exclude: net:[4026532285].
Copied!
Add nova user to docker group, docker group will be created during docker installation
1
usermod -aG docker nova
Copied!
Start docker service
1
sudo systemctl start docker
Copied!
Test docker installation with the following command, a Hello from Docker message should be prompted
1
sudo docker run hello-world
2
​
3
Unable to find image 'hello-world:latest' locally
4
latest: Pulling from library/hello-world
5
b901d36b6f2f: Pull complete
6
0a6ba66e537a: Pull complete
7
Digest: sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7
8
Status: Downloaded newer image for hello-world:latest
9
​
10
Hello from Docker.
11
This message shows that your installation appears to be working correctly.
Copied!
Once docker runs in a proper way, enable docker service at boot
1
sudo systemctl enable docker
2
ln -s '/usr/lib/systemd/system/docker.service' '/etc/systemd/system/multi-user.target.wants/docker.service'
Copied!
Give docker socket the apropiate permissions
1
chmod 666  /var/run/docker.sock
Copied!
Restart nova-compute service
1
systemctl restart openstack-nova-compute
Copied!
Install git and pip if not present on the system
1
sudo yum install -y git
2
sudo easy_install pip
Copied!
Clone docker driver for nova from OpenStack repositories
1
git clone -b stable/liberty https://github.com/openstack/nova-docker
Copied!
Install basic requirements
1
cd nova-docker
2
sudo  pip install -r requirements.txt
Copied!
Install docker driver
1
python setup.py install
Copied!
Edit nova.conf and allow docker driver as compute driver
1
vi /etc/nova/nova.conf
2
compute_driver=novadocker.virt.docker.DockerDriver
Copied!
Create the following directory
1
mkdir /etc/nova/rootwrap.d
Copied!
Create a file with the following content to allow setting networking in docker containers
1
vi /etc/nova/rootwrap.d/docker.filters
2
​
3
[Filters]
4
# nova/virt/docker/driver.py: 'ln', '-sf', '/var/run/netns/.*'
5
ln: CommandFilter, /bin/ln, root
Copied!
Edit glance-api.conf and allow docker as container format
1
vi /etc/glance/glance-api.conf
2
container_formats=ami,ari,aki,bare,ovf,ova,docker
Copied!
Restart glance-api to apply changes
1
systemctl restart openstack-glance-api
Copied!
Pull a docker image, i use hipache as testing image
1
docker pull hipache
2
​
3
Using default tag: latest
4
latest: Pulling from library/hipache
5
0a85502c06c9: Pull complete
6
0998bf8fb9e9: Pull complete
7
a6785352b25c: Pull complete
8
e9ae3c220b23: Pull complete
9
84d61e35041c: Pull complete
10
0fd25fcc737a: Pull complete
11
c0af65e2f918: Pull complete
12
dc335e9e58f4: Pull complete
13
7245129ed8a4: Pull complete
14
52a015bc8761: Pull complete
15
d38065541924: Pull complete
16
0b8658d6c429: Pull complete
17
188468e0ae8d: Pull complete
18
741abf992884: Pull complete
19
Digest: sha256:7774cf9155a8cc83b6964c7ea0d655143c152debc6d11d4f6dfa918c7a7ea099
20
Status: Downloaded newer image for hipache:latest
Copied!
Upload the image to glance
1
docker save hipache | openstack image create hipache --public --container-format docker --disk-format raw
2
​
3
+------------------+------------------------------------------------------+
4
| Field            | Value                                                |
5
+------------------+------------------------------------------------------+
6
| checksum         | e93b7c1ddeb2d38419bf44aaf07cc811                     |
7
| container_format | docker                                               |
8
| created_at       | 2015-12-18T10:06:31Z                                 |
9
| disk_format      | raw                                                  |
10
| file             | /v2/images/7f05f7d6-88af-4d0f-adad-66ca025404fa/file |
11
| id               | 7f05f7d6-88af-4d0f-adad-66ca025404fa                 |
12
| min_disk         | 0                                                    |
13
| min_ram          | 0                                                    |
14
| name             | hipache                                              |
15
| owner            | 74675bfffc3c4e1a9d9fb2f1388217d4                     |
16
| protected        | False                                                |
17
| schema           | /v2/schemas/image                                    |
18
| size             | 384304640                                            |
19
| status           | active                                               |
20
| updated_at       | 2015-12-18T10:07:03Z                                 |
21
| virtual_size     | None                                                 |
22
| visibility       | public                                               |
23
+------------------+------------------------------------------------------+
Copied!
Once the image is active at glance, create a new instance, the instance won\'t be a KVM virtual machine, now will be a docker container
1
nova boot --flavor m1.tiny --image hipache --nic net-id=a1aa6336-9ae2-4ffb-99f5-1b6d1130989c --key-name mykey test1
Copied!
After a while, the instance should be in ACTIVE state
1
watch nova list
2
+--------------------------------------+-------+--------+------------+-------------+-----------------------------+
3
| ID                                   | Name  | Status | Task State | Power State | Networks                    |
4
+--------------------------------------+-------+--------+------------+-------------+-----------------------------+
5
| fb192405-4150-4c2d-98ad-316141f48cc5 | test1 | ACTIVE | -          | Running     | private_network=192.168.1.3 |
6
+--------------------------------------+-------+--------+------------+-------------+-----------------------------+
Copied!
If all the steps worked fine, you can use docker as nova backend. 
Regards
OpenStack segregation with availability zones and host aggregates
Murano in RDO OpenStack manual installation
Last modified 1yr ago
Copy link