Barcelona, Spain
October 25-28, 2016
Magnum: Cluster Upgrades
This is a follow-up of Lifecycle Operations, Cluster Maintenance, and Trust where we discuss the security implementation of how lifecycle operations in Container Orchestration Engines (COEs) should interact with OpenStack APIs, and what those actions should be. This session will focus more on what we plan to support for upgrades, and how those will be implemented.
Questions to discuss in this session:
1) How do we roll out newer versions of COEs faster? Currently, we bake Docker into the image. Should we continue this practice? Building new images could make our project iteration slower, but deployments are faster when this is set up in the image in advance. Should we try to strike a balance between the two choices? If so, how?
NOTE: Creating an Fedora Atomic image with the current docker version is trivial and is done automatically. However, if you want to install a version of docker that is NOT in the current fedora release it IS very difficult.
NOTE: If we continue using Fedora Atomic, we will follow the stable release of that project, not intermediate and experimental midpoints.
NOTE: SECURITY WARNING: Using non-distro packages is not the best practice for installing important components, such as Docker, as blindly piping shell code from the internet through sudo should terrify us all. Also, if we no not use the upstream Atomic versions of Docker, we lose the SELINUX patches provided by RedHat.
2) How should we support upgrading COEs?
3) How should we support upgrading Infrastructure (Cloud Resources such as Nova instances) that compose a Magnum cluster?
4) Should we Replace the heat agent with a magnum-specifc agent for handling lifecycle operations (like Trove has). See previous discussion on this topic.
Questions to discuss in this session:
1) How do we roll out newer versions of COEs faster? Currently, we bake Docker into the image. Should we continue this practice? Building new images could make our project iteration slower, but deployments are faster when this is set up in the image in advance. Should we try to strike a balance between the two choices? If so, how?
NOTE: Creating an Fedora Atomic image with the current docker version is trivial and is done automatically. However, if you want to install a version of docker that is NOT in the current fedora release it IS very difficult.
NOTE: If we continue using Fedora Atomic, we will follow the stable release of that project, not intermediate and experimental midpoints.
NOTE: SECURITY WARNING: Using non-distro packages is not the best practice for installing important components, such as Docker, as blindly piping shell code from the internet through sudo should terrify us all. Also, if we no not use the upstream Atomic versions of Docker, we lose the SELINUX patches provided by RedHat.
2) How should we support upgrading COEs?
3) How should we support upgrading Infrastructure (Cloud Resources such as Nova instances) that compose a Magnum cluster?
4) Should we Replace the heat agent with a magnum-specifc agent for handling lifecycle operations (like Trove has). See previous discussion on this topic.
Thursday, October 27, 2:40pm-3:20pm (12:40pm - 1:20pm UTC)
Registration Opening Soon
Registration will open for you to purchase passes for the OpenStack Summit very soon!
We're excited to see you there!
Download App
