Jump to: navigation, search

Containerizing StarlingX Infrastructure

Revision as of 17:59, 1 March 2019 by Ildiko (talk | contribs)



  • The first release of StarlingX provided a hardened OpenStack platform
  • Evolution plan to move to a cloud native (Kubernetes) platform was presented at the Vancouver Summit
    • Run the infrastructure including OpenStack services as containerized applications on Kubernetes
    • Containerization work is planned to be done in phases having OpenStack and dependencies the initial focus

Container Platform

  • Kubernetes master configuration on two nodes with high availability (HA)
    • Run on existing StarlingX nodes
    • Deployed by StarlingX system configuration
  • Calico CNI plugin
  • Docker runtime
  • CEPH as persistent storage backend
    • Leverage existing bare metal CEPH cluster
    • Extend CEPH support to one- and two-node configuration
  • Authentication/authorization of Kubernetes APIs with Keystone
  • Local Docker image registry, authentication with Keystone
  • Helm as package manager
  • Airship Armada for orchestrating the deployment of multiple Helm charts (ex. OpenStack)
  • Initial Kubernetes hosting environment for applications, the infrastructure including OpenStack will also be containerized

StarlingX Container Platform.png

Initial Infrastructure Containerization


  • The "Flock" services with the exceptions called out later are not planned to be containerized for the initial phase
  • An instance of Keystone, RabbitMQ, and PostgreSQL will remain on bare metal and will be used for the "Flock" service
  • An instance of Horizon will remain on bare metal for the "Flock" services only

StarlingX Initial Containerized Infrastructure.png

OpenStack services

  • All OpenStack services currently integrated by StarlingX are planned to be containerized
    • Including dependencies such as MariaDB
    • Pike based
  • nova-api proxy from stx-nfv will be containerized
  • rbd-provisioner pod: enabling pvc's from the CEPH cluster
  • An instance of the Fault Management service will be containerized for alarming in OpenStack
  • Keystone container will run in the 'openstack' namespace for the OpenStack services only

Containerization overview 6.png
Containerization overview 7.png
Containerization overview 8.png
Containerization overview 9.png
Containerization overview 10.png
Containerization overview 12.png
Containerization overview 13.png