Switch to host networking for docker on master

Registered by Matthew Mosesohn on 2014-09-09

Host networking is now available on Docker for newer versions. This depends on upgrading Docker, but simplifies many iptables requirements. It will also reduce dependency on dhcrelay.

Benefits (host networking and new docker):
 * Remove need for iptables workarounds to clean up where docker 0.10 fails
 * Remove need for umount workarounds when stopping containers
 * Docker runs faster
 * New version does not have ip provisioning duplicate bug
Cons:
 * Requires rework of upgrade/rollback script
 * Upgrade needs to stop all containers before upgrade
 * Upgrade needs to back up old containers before host upgrade
 * Rollback requires downgrade of docker and purge of 6.0 containers first (they won't be backward compatible to 0.10)
 * Rollback should require backup of /var/lib/docker directory just in case. Backing up devicemapper block device needs a bit of research to improve performance. Alternatively, we could just save 5.x containers to disk with dockerctl backup.

Blueprint information

Status:
Started
Approver:
Vladimir Kuklin
Priority:
Medium
Drafter:
Matthew Mosesohn
Direction:
Approved
Assignee:
Matthew Mosesohn
Definition:
Approved
Series goal:
Accepted for 6.1.x
Implementation:
Needs Code Review
Milestone target:
milestone icon 6.1
Started by
Matthew Mosesohn on 2014-10-08

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/fuel-master-docker-host-networking,n,z

Addressed by: https://review.openstack.org/121559
    Run docker containers with host networking

Addressed by: https://review.openstack.org/122694
    Add root workdir for nginx contianer

Addressed by: https://review.openstack.org/123423
    Add nsenter container

Addressed by: https://review.openstack.org/146885
    Use --net=host for containers, remove cobbler hack

Addressed by: https://review.openstack.org/157863
    Create persistent directories for container data

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.