container hierarchies and related issues [email protected]
TRANSCRIPT
Hierarchical Containers Occur in Nature
Docker
Platform
Docker
OS
Platform
Docker
OS
VM
Docker
OS
VM
ServerPlatform
Platform
Containers provide resources to containers. They either provision new resources from the environment or partition their own resources.
Providing resources is a capability of containers.
In practice we’d like ignore containers if we don’t care to control them.
If we need more control we might model them declaratively (capability types) or structurally (nodes types)
Container Issues in TOSCA
• The Docker use case forces us to consider container hierarchies• Your platform could host the Docker container directly OR
• Expose a container management framework OR• Actually deploy the container management framework in the topology
• ...
• This is nothing new, consider Java web apps and JVMs. Other languages/frameworks have similar structures
• TOSCA currently specifies resources only at the Compute node level• This requires tweaking the Compute resource configuration each time a nodes are
added/removed from it• Does not allow nodes to specify their resource requirements• Makes monitoring hard if you don’t know what resources a node consumes and how
it obtains those resources from a container
How can we resolve these issues?
• The TOSCA DSL can describe hierarchical container semantics• In a sense, just need to add the container types we want to manage• And ensure any depth of hierarchy can be supported• Allow TOSCA implementations to decide which container they support natively
(i.e. without the user providing lifecycle operations for them)
• Concisely express resource requirements via explicit resource capabilities• Move resource properties into a capability type (well it could still be a node type
but we don’t want to pollute with non-resource related properties)• Support capability delegation semantics
• Allow containee nodes to delegate capability fulfillment to its container. E.g. propagate memory usage down to the root container which actually can fulfill it.
New capability, node and relationship for resource aware containment hierarchies
tosca.capabilities.ComputeResource derived_from: tosca.capabilities.Root properties: num_cpus: type: integer constraints: - greater_or_equal: 1 mem_size: type: scalar-unit.size constraints: - greater_or_equal: 0 MB
tosca.nodes.ResourceContainer: derived_from: tosca.nodes.SoftwareComponent capabilities: host: type: tosca.capabilities.ComputeResource valid_types: [ tosca.nodes.ResourceCompute ] tosca.relationships.ResourceHostedOn: derived_from: tosca.relationships.HostedOn # or not valid_targets: [ tosca.capabilities.ResourceContainer ]
Types for Dockertosca.nodes.DockerApp derived_from: tosca.nodes.Root propreties:requirements: - host: node: tosca.nodes.DockerContainer relationship: tosca.relationships.ResourceHostedOn
webserver: type: tosca.nodes.DockerContainer properties: image: ubuntu/apache requirements: - host: ? # don’t specific if you don’t care to control containers explicitly interfaces: tosca.interfaces.node.Lifecycle: configure: input: links: mysql_dbms
tosca.nodes.DockerContainer: derived_from: tosca.nodes.ResourceContainer properties: image: type: string decription: <docker repo name>/<image name> # could be a real URI too run_privileged: type: boolean description: container is given access to all devices
capabilities: host: type: tosca.capabilities.ComputeResource valid_types: [ tosca.nodes.DockerApp ]
Remaining Container Hierarchy
tosca.nodes.OSApp derived_from: tosca.nodes.Root requirements: - host: node: tosca.nodes.OperatingSystem relationship: tosca.relationships.ResourceHostedOn tosca.nodes.OperatingSystem: derived_from: tosca.nodes.ResourceContainer capabilities: host: type: tosca.capabilities.ComputeResource valid_types: [ tosca.nodes.OSApp ]
tosca.nodes.VirtualMachine: derived_from: tosca.nodes.ResourceContainer capabilities: host: type: tosca.capabilities.ComputeResource valid_types: [ tosca.nodes.OperatingSystem ] tosca.nodes.Server derived_from: tosca.nodes.ResourceContainer capabilities: host: type: tosca.capabilities.ComputeResource valid_types: [ tosca.nodes.OperatingSystem ]
tosca.nodes.ResourceCompute: derived_from: tosca.nodes.Compute capabilities: host: type: tosca.capabilities.ComputeResource valid_types: [tosca.nodes.ResourceContainer ]