Container Management Plane

The container infrastructure is packaged as a separate appliance image that is called VMware Integrated OpenStack with Kubernetes. It is based on Docker runtime that is orchestrated by a Kubernetes cluster that is deployed within the tenancy and managed by the tenant admin.

VMware Integrated OpenStack Kubernetes Manager

The CSP can use the VMware Integrated OpenStack Kubernetes Manager to deploy and manage highly available Kubernetes clusters in an OpenStack environment. When deployed in the management cluster, the CSP can use the VMware Integrated OpenStack Kubernetes Managers to deploy Kubernetes clusters for tenants. During deployment, the Kubernetes manager allows the CSP to specify the VMware Integrated OpenStack project, the number of control plane and worker nodes to deploy the Kubernetes cluster. The cluster deployment creates the following nodes, as instances of each node are contained within separate VMs.

Kubernetes control plane node. Hosts the replicated API servers, and clustered Etcd services. In addition, the worker nodes in a Kubernetes cluster can be scaled out or scale in to meet changing demands for capacity.
Kubernetes worker node. Contains the Docker runtime and servers as the node where the container workloads are deployed. A minimum of two worker nodes are recommended for availability as additional nodes can be added depending on the capacity requirements.

Integrated OpenStack Container Management Plane — Figure 1. VMware Integrated Open Stack Container Management Plane

VMware Integrated OpenStack Integration

The Kubernetes clusters are configured to use VMware Integrated OpenStack enterprise-grade services such as Keystone authentication for the cluster, Block Storage Cinder to provide persistent storage for stateful applications, and Neutron Load Balancing as a Service (LBaaS) for containerized application services. By combining Kubernetes with VMware Integrated OpenStack, tenant administrators can use a common infrastructure management layer to provision both VMs and containers.

Before a CNF can be onboarded, the CSP provisions a VMware Integrated OpenStack tenant by using the VMware Integrated OpenStack project construct to allocate resources to the tenant. The allocated resources are a sum of the resources that are required by the VNFs and the Kubernetes cluster that is deployed in the VMware Integrated OpenStack project. The sizing of the Kubernetes cluster dependents on the resource requirements of the CNF workloads that are planned to be deployed and the availability requirements of the Kubernetes cluster.

Tenant administrators assign quotas to container workloads from the resources available to the project. This provides tenant administrators with full control over VNFs and CNFs, while service providers simply monitor the total resource consumption of the project.