Kuryr on OpenStack

2 minute read

Kuryr is Kubernetes Container Network Interface (CNI) for OpenStack, supported from OpenStack side from Red Hat OpenStack 13, for OpenShift 3.11 and for OpenShift 4.2 and above.

If you are interested on checking the performance impact, check the post Accelerate your OpenShift Network Performance on OpenStack with Kuryr from the official openshift blog.

Kuryr code lives in Kubernetes/OpenShift space, however there are some prerequisites from OpenStack side in order to properly work:

Octavia, OpenStack load balancer as a service
Open vSwitch as Neutron firewall driver
The trunk extension to be enabled at Neutron

The following TripleO/Director Heat template satisfies these prerequisites:

 resource_registry:
    OS::TripleO::Services::OctaviaApi: /usr/share/openstack-tripleo-heat-templates/docker/services/octavia-api.yaml
    OS::TripleO::Services::OctaviaHousekeeping: /usr/share/openstack-tripleo-heat-templates/docker/services/octavia-housekeeping.yaml
    OS::TripleO::Services::OctaviaHealthManager: /usr/share/openstack-tripleo-heat-templates/docker/services/octavia-health-manager.yaml
    OS::TripleO::Services::OctaviaWorker: /usr/share/openstack-tripleo-heat-templates/docker/services/octavia-worker.yaml
    OS::TripleO::Services::OctaviaDeploymentConfig: /usr/share/openstack-tripleo-heat-templates/docker/services/octavia/octavia-deployment-config.yaml

parameter_defaults:
    # This flag enables internal generation of certificates for communication
    # with amphorae. Use OctaviaCaCert, OctaviaCaKey, OctaviaCaKeyPassphrase
    # and OctaviaClient cert to configure secure production environments.
    OctaviaGenerateCerts: true

    # As an Octavia Load Balancer is used to access the OpenShift API, there is a need to increase their listeners
    # default timeouts for the connections. The default timeout is 50 seconds. Increase the timeout to 20 minutes
    OctaviaTimeoutClientData: 1200000
    OctaviaTimeoutMemberData: 1200000

    NeutronOVSFirewallDriver: 'openvswitch'

    # In RHOSP 13, the trunk extension is enabled by default at Neutron, if that is not the case, make sure
    # to add trunk the comma separated list of service plugin entrypoints defined in NeutronServicePlugins

Twitter Facebook LinkedIn

Jose Castillo Lema

Kuryr on OpenStack

Comments

You May Also Enjoy

Descubre el poder de la programación funcional a través de OCaml

Code the Dream Skill-IT workshops

Flatpak SDK Extension for OCaml

Happy new year!