Magnum agent for nova

Registered by Digambar

Containers are a combination of kernel namespaces, Cgroups, and a filesystem environment (aka container image). All containers on a single host share a common operating system kernel. To create new containers, code must be executed on the host running the kernel. The Magnum agent, similar to the nova-compute agent, is responsible for performing the container creation, management, and deletion on the host. Magnum refers to hosts as "instances" since they can be of any type of instance that Nova can produce using a variety of virt drivers.

For security reasons, the Magnum agent's code will be prepared in advance, and not supplied by clients. The Magnum API service will place messages on a Zaquar queue that belongs to each individual tenant using Magnum. The Magnum agent will listen to a single Zaquar queue in accordance with its local configuration. Messages may trigger the prepared code for operations such as:

create_container (create new namespaces and cgroups, and start processes in them)
kill_container (kill processes, but leave namespaces and cgroups to allow future re-start)
start_container (run default processes again in an existing container)
delete_container (kill processes and delete related cgroups and namespaces)

Additional commands may also be added to allow for additional functionality. No parameters included in the queue message will be blindly copied into the agent's shell execution environment. Instead, commands will be matched against an allowed set, input parameters such as glance_id strings and container names will be properly validated before using them as local arguments.

Blueprint information

Status:
Complete
Approver:
Adrian Otto
Priority:
Medium
Drafter:
Digambar
Direction:
Needs approval
Assignee:
Digambar
Definition:
Obsolete
Series goal:
None
Implementation:
Started
Milestone target:
None
Started by
Digambar
Completed by
Adrian Otto

Related branches

Sprints

Whiteboard

Please add a T-Shirt size estimate for implementation of this feature (S, M, L, XL)

I have started coding on this blueprint, I'll soon commit my code to the Magnum repo.

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.