This is the beginning of a short series detailing how to deploy OpenStack on ARM64, using Docker containers with Kolla and Kolla-ansible.
The objective of this first post is to create the ARM64 container images and push them to a remote registry in order to be used later on, when deploying our OpenStack cloud. We are going to use Azure Container Registry to store the images, but any other OCI compliant registry will do.
Create a container registry
Let’s start by creating the container registry and related access credentials. This can be done anywhere, e.g. from a laptop, doesn’t need to be ARM. All we need is to have the Azure CLI installed.
|
1 2 3 4 |
az login # If you have more than one Azure subscription, choose one: az account list --output table az account set --subscription "Your subscription" |
Next, let’s create a resource group and a container registry with a unique name. Choose also an Azure region based on your location.
|
1 2 3 4 5 6 |
RG=kolla ACR_NAME=your_registry_name_here LOCATION=eastus az group create --name $RG --location $LOCATION az acr create --resource-group $RG --name $ACR_NAME --sku Basic |
We’re now creating two sets of credentials, one with push and pull access to be used when creating the images and one with pull only access to be used later on during the OpenStack deployment.
|
1 2 3 4 5 6 7 8 9 10 11 12 |
ACR_REGISTRY_ID=$(az acr show --name $ACR_NAME --query id --output tsv) SERVICE_PRINCIPAL_NAME=acr-kolla-sp-push SP_PASSWD=$(az ad sp create-for-rbac --name http://$SERVICE_PRINCIPAL_NAME --scopes $ACR_REGISTRY_ID --role acrpush --query password --output tsv) SP_APP_ID=$(az ad sp show --id http://$SERVICE_PRINCIPAL_NAME --query appId --output tsv) echo "SP_APP_ID=$SP_APP_ID" echo "SP_PASSWD=$SP_PASSWD" SERVICE_PRINCIPAL_NAME=acr-kolla-sp-pull SP_PASSWD_PULL_ONLY=$(az ad sp create-for-rbac --name http://$SERVICE_PRINCIPAL_NAME --scopes $ACR_REGISTRY_ID --role acrpull --query password --output tsv) SP_APP_ID_PULL_ONLY=$(az ad sp show --id http://$SERVICE_PRINCIPAL_NAME --query appId --output tsv) echo "SP_APP_ID_PULL_ONLY=$SP_APP_ID_PULL_ONLY" echo "SP_PASSWD_PULL_ONLY=$SP_PASSWD_PULL_ONLY" |
Create and push the OpenStack Kolla container images
It’s now time to switch to an ARM server where the Kolla container images will be built. We are going to use a Lenovo server with an eMAG 32 cores Armv8 64-bit CPU provided by Ampere Computing. The host operating system is Ubuntu 20.04, but the following instructions can be easily adapted to other Linux distros.
Let’s start with installing the dependencies and add your current user to the docker group (or create a separate user).
|
1 2 3 4 |
sudo apt update sudo apt install -y docker-ce python3-venv git sudo usermod -aG docker $USER newgrp docker |
Let’s get Docker to login into the remote registry that we just created. Set ACR_NAME, SP_APP_ID and SP_PASSWD as obtained in the previous steps.
|
1 2 |
REGISTRY=$ACR_NAME.azurecr.io docker login $REGISTRY --username $SP_APP_ID --password $SP_PASSWD |
Now we can install Kolla in a Python virtual environment and get ready to start building our container images. The OpenStack version is the recently released Victoria but a previous version can be used if needed (e.g. Ussuri).
|
1 2 3 4 5 6 7 |
mkdir kolla-build cd kolla-build python3 -m venv venv source venv/bin/activate pip install wheel # Install Kolla, Victoria version pip install "kolla>=11,<12" |
Edit: the following step can be skipped on Victoria since it defaults to Ubuntu 20.04 where pmdk-tools is available. Additionally, thanks to a recent patch, it can be skipped on Ussuri and Train.
The pmdk-tools Ubuntu package is not available on ARM, so we need to remove it from the nova-compute docker image build. This is done by creating a “template override” that we are going to pass to the build process.
|
1 2 3 4 5 6 |
tee template-overrides.j2 << EOT {% extends parent_template %} # nova-compute {% set nova_compute_packages_remove = ['pmdk-tools'] %} EOT |
We can now build the container images and push them to the registry. This will take a while since it’s building and pushing container images for all OpenStack projects and services. Alternatively, it is possible to reduce the number of containers to a subset by creating a profile in kolla-build.conf as explained here.
|
1 2 3 |
kolla-build -b ubuntu --registry $REGISTRY --push # If you created a template override run: # kolla-build -b ubuntu --registry $REGISTRY --template-override template-overrides.j2 --push |
We are finally ready for our OpenStack AMR64 deployment with Kolla-ansible in the next post!
