An OASIS TOSCA TC White Paper
Understanding TOSCA and Containers
Version 1.0
30 December 2014
Editor:
Hemal Surti ([email protected]), Cisco Systems
Technical Committee:
OASIS Topology and Orchestration Specification for Cloud Applications
(TOSCA) TC
Contributors:
Derek Palma, Vnomic
Kapil Thangavelu, Canonical
Chairs:
Paul Lipton ([email protected]), CA Technologies
Simon Moser ([email protected]), IBM
OASIS TOSCA TC White Paper
URI patterns:
(TC Admin will remove this section before publication; please don’t modify.)
Initial publication URI:
http://docs.oasis-open.org/tosca/tosca-containers/v1.0/cnd01/tosca-containers-v1.0cnd01.doc
Permanent “Latest version” URI:
http://docs.oasis-open.org/tosca/tosca-containers/v1.0/tosca-containers-v1.0.doc
[Insert paragraph describing particular TC or Topic area as appropriate.]
Copyright © 2014 OASIS Open. All rights reserved.
All capitalized terms in the following text have the meanings assigned to them in the OASIS Intellectual Property
Rights Policy (the "OASIS IPR Policy"). The full Policy may be found at the OASIS website. This document and
translations of it may be copied and furnished to others, and derivative works that comment on or otherwise
explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in
part, without restriction of any kind, provided that the above copyright notice and this section are included on
all such copies and derivative works. However, this document itself may not be modified in any way, including
by removing the copyright notice or references to OASIS, except as needed for the purpose of developing any
document or deliverable produced by an OASIS Technical Committee (in which case the rules applicable to
copyrights, as set forth in the OASIS IPR Policy, must be followed) or as required to translate it into languages
other than English. The limited permissions granted above are perpetual and will not be revoked by OASIS or its
successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and
OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT
THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES
OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Understanding TOSCA and Containers Version 1.0
30 December 2014
This is a Non-Standards Track Work Product and is not subject to the patent provisions of the OASIS IPR Policy.
2
OASIS TOSCA TC White Paper
Table of Contents
TOSCA Container context ................................................................................. 4
Contextual evaluation ......................................... Error! Bookmark not defined.
Mutability ...........................................................................................................6
Resource Isolation policies ................................................................................6
Deployment methods ........................................................................................6
Container lifecycle mapping to TOSCA ............................................................. 7
Composite node representation through containers .......................................... 8
Sample Use Case: ............................................................................................ 9
Observations: ....................................................................................................9
Understanding TOSCA and Containers Version 1.0
30 December 2014
This is a Non-Standards Track Work Product and is not subject to the patent provisions of the OASIS IPR Policy.
3
OASIS TOSCA TC White Paper
TOSCA Container context
The Topology and Orchestration Specification for Cloud Application (TOSCA)
focuses on enablement and enhancement of the portability of cloud
applications and services. TOSCA enables the interoperable description of
application and infrastructure cloud services, the relationships between parts of
the service, and the operational behavior of these services (e.g., deploy, patch,
shutdown)--independent of the service vendor, cloud provider or hosting
technology. TOSCA also makes it possible for service lifecycle to be associated
with cloud infrastructure management.
By increasing service and application portability in a vendor-neutral ecosystem,
TOSCA will enable:




Portable deployment to any compliant cloud
Smoother migration of existing applications to the cloud
Flexible bursting (consumer choice)
Dynamic, multi-cloud provider applications
Containers are built to provide process isolation and autonomy. Containers allow
portability, security and autonomy for a given process. Container may also
provide higher-level abstraction to process lifecycle management. Containers
also allow physical grouping of the processes.
We can broadly group containers in two major categories for our evaluation.
–
Full OS containers
Examples
• Virtual Machines
• Linux containers
Understanding TOSCA and Containers Version 1.0
30 December 2014
This is a Non-Standards Track Work Product and is not subject to the patent provisions of the OASIS IPR Policy.
4
OASIS TOSCA TC White Paper
–
Application containers
Examples
• Docker
• PaaS containers
In TOSCA a Node Type is a reusable entity that defines the type of one or more
Node Templates. As such, a Node Type defines the structure of observable
properties via a Properties Definition, i.e. the names, data types and allowed
values the properties defined in Node Templates using a Node Type or instances
of such Node Templates can have.
In nutshell Node Types represent processes. Node Type allows definition of
properties, attributes and lifecycle management of a given process group. Can
Node Type in TOSCA represent containers? Can containment policies be
represented by requirements and capabilities of the Node Types?
Lets review if Node Type can support both full OS and application container
constructs.
Understanding TOSCA and Containers Version 1.0
30 December 2014
This is a Non-Standards Track Work Product and is not subject to the patent provisions of the OASIS IPR Policy.
5
OASIS TOSCA TC White Paper
Mutability
Mutability describes if a container allows any modification after
creation. Application containers are normally pre fabricated and
generally immutable. However, full OS containers allow modifications
to its configurations, processes and interfaces, and can be classified as
mutable. TOSCA supports both type of containment policies.
Resource Isolation policies
Resource isolation is the key construct of containers. TOSCA supports
resource isolation and abstraction through Node Type properties,
capabilities and requirements.
Deployment methods
Container deployment is done through the concept of layering.
Layering is done during container build process. This allows, containers
to be deployed as building blocks. Though TOSCA does not support
layering concept, it does support the deployment and lifecycle
management through Plans. Plans allow deployment descriptions and
lifecycle management for the containers.
Understanding TOSCA and Containers Version 1.0
30 December 2014
This is a Non-Standards Track Work Product and is not subject to the patent provisions of the OASIS IPR Policy.
6
OASIS TOSCA TC White Paper
Container lifecycle mapping to TOSCA
Lets look at the supported lifecycle events in containers and TOSCA. Typical
containers support CRUD events in runtime. Some containers (e.g. Docker) have
proprietary layered build process.
TOSCA supports pre and post configure events in addition to typical runtime
CRUD events. However, TOSCA does not have a way to describe how to build
the container itself. Like any NodeType, containers are pre fabricated.
Typical container events
• deploy/init/stop/dispose (Runtime)
• build/modify/delete (Devtime) – Not covered by TOSCA
• Multi host environment
TOSCA events
•
create/pre-configure/configure/post-configure/start/stop
(Runtime)
We can conclude that TOSCA runtime lifecycle events are superset of typical
container runtime events. This further supports the notion that a pre-fabricated
container can be managed as NodeType in TOSCA.
Understanding TOSCA and Containers Version 1.0
30 December 2014
This is a Non-Standards Track Work Product and is not subject to the patent provisions of the OASIS IPR Policy.
7
OASIS TOSCA TC White Paper
Composite node representation through containers
Pre-fabricated containers pose one maintainability challenge. For variations in
requirements and capabilities of NodeType, there would be need for different
version of the same base container. This leads to node proliferation challenge.
There are two approaches to address this challenge.
1> Depending on the system design, node proliferation may not be a big
challenge. One can potentially create new Node Type for each
container variation. You may be able to limit the variations using
NodeType properties. DerivedFrom properties can be used for creating
right level of containment hierarchy.
2> Right level of containment abstractions through Requirements and
Capability Type can help reduce/avoid proliferations.
Understanding TOSCA and Containers Version 1.0
30 December 2014
This is a Non-Standards Track Work Product and is not subject to the patent provisions of the OASIS IPR Policy.
8
OASIS TOSCA TC White Paper
Sample Use Case:
Let review these conclusion using a sample use case.
Use sample containers to build TOSCA service template
•
•
•
•
Pick one Full OS and one application container
Create 2 tier application topology
Map lifecycle of these containers
Identify constraints and challenges
Link to Sample use case:
https://docs.google.com/a/canonical.com/document/d/17TMNmlDKI_HcKSuFts
PPqOk8PqcWpPNGoydtqw-uLgM/edit
Observations:
As you can see from the sample, containers can be represented in TOSCA using
Node Type constructs. Implementation may have some challenges with
describing the networking of containers.
In case of multi node container stack, inter host communication through bridge
could be a problem for containers (e.g. for OpenStack using Docker containers).
TOSCA keeps the network description at higher abstraction. Given the containers
rely on host identifier for networking, describing host bridging may be a
challenge if containers are distributed in mixed multi-host and co-host model.
There are a couple of ways to address this situation.
•
•
Workaround using Port forward from host to Docker
OVS bridge between hosts with containers getting private IP address
bridged with local host
Additionally, TOSCA allows nesting of containers through Node Type modeling.
TOSCA also supports topology constructs to enable Node Type placement
policies. Topology constructs can be leveraged for the container placement
policies. Overall, TOSCA fully supports containers through its current structure.
Understanding TOSCA and Containers Version 1.0
30 December 2014
This is a Non-Standards Track Work Product and is not subject to the patent provisions of the OASIS IPR Policy.
9