Book Image

Containers in OpenStack

Book Image

Containers in OpenStack

Overview of this book

Containers are one of the most talked about technologies of recent times. They have become increasingly popular as they are changing the way we develop, deploy, and run software applications. OpenStack gets tremendous traction as it is used by many organizations across the globe and as containers gain in popularity and become complex, it’s necessary for OpenStack to provide various infrastructure resources for containers, such as compute, network, and storage. Containers in OpenStack answers the question, how can OpenStack keep ahead of the increasing challenges of container technology? You will start by getting familiar with container and OpenStack basics, so that you understand how the container ecosystem and OpenStack work together. To understand networking, managing application services and deployment tools, the book has dedicated chapters for different OpenStack projects: Magnum, Zun, Kuryr, Murano, and Kolla. Towards the end, you will be introduced to some best practices to secure your containers and COE on OpenStack, with an overview of using each OpenStack projects for different use cases.

Related Content you might be interested in

Current Title:

Small book image
Containers in OpenStack
Dec, 2017 | 176 pages
Small book image
Troubleshooting Docker
John Wooten | Rajdeep Dua | Vaibhav Kohli
Mar, 2017 | 290 pages
Small book image
Extending OpenStack
Omar Khedher
Feb, 2018 | 300 pages
Small book image
OpenStack Bootcamp
Vinoth Kumar Selvaraj
Nov, 2017 | 302 pages
Table of Contents (17 chapters)
Title Page
Title Page
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Customer Feedback
Customer Feedback
Preface
Preface
Free Chapter
1
Working with Containers
Working with Containers
The historical context of virtualization
Introduction to containers
Container components
Types of containers
Types of container runtime tools
Installation of Docker
Docker hands-on
Summary
2
Working with Container Orchestration Engines
Working with Container Orchestration Engines
Introduction to COE
Docker Swarm
Apache Mesos
Kubernetes
Kubernetes installation
Kubernetes hands-on
Summary
3
OpenStack Architecture
OpenStack Architecture
Introduction to OpenStack
OpenStack architecture
Introduction to KeyStone, the OpenStack identity service
Introduction to Nova, the OpenStack compute service
Introduction to Neutron, the OpenStack network service
Introduction to Cinder, the OpenStack block storage service
Introduction to Glance, the OpenStack image service
Introduction to Swift, the OpenStack object store
DevStack installation
Summary
4
Containerization in OpenStack
Containerization in OpenStack
The need for containers in OpenStack
Efforts within the OpenStack community to support containers
Summary
5
Magnum – COE Management in OpenStack
Magnum – COE Management in OpenStack
Magnum introduction
Concepts
Key features
Components
Walk-through
Magnum DevStack installation
Managing COEs
Summary
6
Zun – Container Management in OpenStack
Zun – Container Management in OpenStack
Introduction to Zun
Concepts
Key features
Components
Walk-through
Zun DevStack installation
Managing containers
Summary
7
Kuryr – Container Plugin for OpenStack Networking
Kuryr – Container Plugin for OpenStack Networking
Introducing Kuryr
Kuryr architecture
Installation of Kuryr
Walk-through
Summary
8
Murano – Containerized Application Deployment on OpenStack
Murano – Containerized Application Deployment on OpenStack
Introduction to Murano
Murano concepts
Key features
Murano components
Walk-through
Murano DevStack installation
Deploying a containerized application
Summary
9
Kolla – Containerized Deployment of OpenStack
Kolla – Containerized Deployment of OpenStack
Kolla introduction
Key features
Architecture
Deploying containerized OpenStack services
Summary
10
Best Practices for Containers and OpenStack
Best Practices for Containers and OpenStack
The advantages of different OpenStack projects
Best practices for securing and deploying containers
Summary

Best practices for securing and deploying containers

Containers are replacing virtual machines for running most of the enterprise software due to their modularity and portability between servers. However, there are some risks associated with containers. One obvious risk is related to distributing containers by cloning them as images. If there is any unpatched vulnerability in a base image, all clones and applications inheriting from the base image will suffer too.

The second and major risk is the default user of the container systems, that is, the root user. If an attacker gains access to a root user, which allows an escape from the container, he can get access to not only inside the other containers, but also to the root privileges in the host operating system. And it can be devastating!

Here are some best practices for securing and deploying containers:

  • Users should always use a lightweight Linux operating system. A lightweight operating system, reduces the chances of attack. It also makes...
Previous Section
End of Section 3
Next Section