Skip to main content

Magnum

Magnum is an OpenStack project that provides Container Infrastructure Management service APIs for provisioning and operating container orchestration engines on OpenStack infrastructure (container orchestration / infrastructure automation).

  • Exposes OpenStack service APIs to manage container orchestration clusters such as Kubernetes, using Nova, Cinder, Neutron, Heat, and other OpenStack services (container orchestration / Infrastructure-as-a-Service (IaaS) integration).
  • Implements the concept of Baymodels and clusters for defining and deploying container clusters with predefined configurations (container infrastructure management).
  • Supports integration with common container orchestration engines, most prominently Kubernetes, for running containerized workloads on OpenStack (container orchestration).
  • Provides multi-tenant support and Role-Based Access Control (RBAC) by leveraging OpenStack Identity (Keystone) for authentication and authorization (identity and access management).
  • Enables operators and users to manage the lifecycle of container clusters, including creation, update, and deletion, through Representational State Transfer (REST) APIs and command-line clients (infrastructure lifecycle management).

More About Magnum

Magnum is an official OpenStack project designed to deliver a Container Infrastructure Management service that provisions and manages container orchestration engines on top of OpenStack cloud resources. It addresses the requirement for cloud operators and application teams to run Kubernetes and other container orchestration environments while reusing existing OpenStack compute, storage, and networking capabilities through a unified Application Programming Interface (API) layer.

At its core, Magnum defines and manages container clusters using OpenStack-native abstractions. It uses templates and configuration objects, historically known as baymodels and clusters, to describe the properties of container environments, such as node counts, image selection, network configuration, and orchestration engine type. Magnum then relies on OpenStack components including Nova for compute provisioning, Cinder for block storage, Neutron for networking, Heat for orchestration, and Keystone for identity to instantiate and maintain these clusters. This design places Magnum in the container orchestration and infrastructure automation categories, tightly integrated with OpenStack IaaS.

Magnum exposes a REST API and corresponding client tools that allow users and operators to create, list, update, and delete container clusters in a programmatic and repeatable manner. Through these interfaces, platform teams can standardize cluster configurations, enforce policies, and integrate cluster lifecycle operations into broader Continuous Integration and Continuous Deployment (CI/CD) pipelines or cloud management workflows. Magnum also exposes credentials and endpoints needed for end users to interact directly with the underlying Container Orchestration Engine (COE), such as Kubernetes APIs, after a cluster is deployed.

For enterprise and institutional environments, Magnum is used to offer container orchestration as a managed service on top of an OpenStack cloud. Cloud administrators configure supported drivers for Kubernetes and other engines and define reference templates that conform to organizational standards for security, networking, storage, and scaling. Application teams then request clusters through Magnum without needing direct access to the lower-level OpenStack services, which supports Separation of Duties (SoD) and consistent resource governance. Magnum’s use of Keystone enables multi-tenant access control aligned with existing OpenStack identity and project structures.

Magnum is positioned in the OpenStack ecosystem as the container infrastructure management and container orchestration integration layer. It interoperates with core OpenStack services rather than replacing them, and its role is to orchestrate container cluster deployment and lifecycle on top of the virtual infrastructure that OpenStack provides. This makes it relevant for organizations standardizing on OpenStack as a private or public cloud platform but that also require Kubernetes or similar container-based platforms delivered as an internal service.