Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

OpenShift In a Nutshell - Episode 06 - Core Concepts Part II

346 vues

Publié le

Episode 06 of "OpenShift in a nutshell" presentations in Iran OpenStack community group
This episode is about core concepts in OpenShift.
Part 2 includes concepts of Users, Projects, Builds and Image streams
At the end of presentation you can find a link that helps you to setup OpenShift in your local system ( this setup is not a enterprise setup and it's only for creating a small test environment ).
I hope you will find it useful.

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

OpenShift In a Nutshell - Episode 06 - Core Concepts Part II

  1. 1. Presentation By: Behnam Loghmani Summer 2016 IRAN OpenStack Users Group OPENSHIFT IN A NUTSHELL (Episode 06) Core Concepts part II
  2. 2. IRAN Community| OpenStack.ir Agenda: ● Users and Projects ● Builds and Image Streams ● Running OpenShift in your system ● Iran OpenStack Community OpenShift Core Concepts
  3. 3. IRAN Community| OpenStack.ir Users and Projects OpenShift Core Concepts
  4. 4. IRAN Community| OpenStack.ir OpenShift Core Concepts Users Interaction with OpenShift Origin is associated with a user. An OpenShift Origin user object represents an actor which may be granted permissions in the system by adding roles to them or to their groups.
  5. 5. IRAN Community| OpenStack.ir OpenShift Core Concepts Different user types ● Regular users This is the way most interactive OpenShift Origin users will be represented. Regular users are created automatically in the system upon first login, or can be created via the API. EX: Behnam Loghmani ● System users Many of these are created automatically when the infrastructure is defined, mainly for the purpose of enabling the infrastructure to interact with the API securely. They include a cluster administrator (with access to everything), a per-node user, users for use by routers and registries, and various others. Finally, there is an anonymous system user that is used by default for unauthenticated requests. EX: system:node:node1.abc.com
  6. 6. IRAN Community| OpenStack.ir OpenShift Core Concepts Different user types(Cont.) ● Service accounts These are special system users associated with projects; some are created automatically when the project is first created, while project administrators can create more for the purpose of defining access to the contents of each project. Service accounts are represented with the “ServiceAccount” object. EX: system:serviceaccount:foo:deployer
  7. 7. IRAN Community| OpenStack.ir OpenShift Core Concepts Every user must authenticate in some way in order to access OpenShift Origin. API requests with no authentication or invalid authentication are authenticated as requests by the anonymous system user. Once authenticated, policy determines what the user is authorized to do.
  8. 8. IRAN Community| OpenStack.ir OpenShift Core Concepts Namespaces A Kubernetes namespace provides a mechanism to scope resources in a cluster. In OpenShift Origin, a project is a Kubernetes namespace with additional annotations. Namespaces provide a unique scope for: ● Named resources to avoid basic naming collisions. ● Delegated management authority to trusted users. ● The ability to limit community resource consumption.
  9. 9. IRAN Community| OpenStack.ir OpenShift Core Concepts Most objects in the system are scoped by namespace, but some are excepted and have no namespace, including nodes,users and projects name.
  10. 10. IRAN Community| OpenStack.ir OpenShift Core Concepts Projects A project is a Kubernetes namespace with additional annotations, and is the central vehicle by which access to resources for regular users is managed. A project allows a community of users to organize and manage their content in isolation from other communities. Users must be given access to projects by administrators, or if allowed to create projects, automatically have access to their own projects.
  11. 11. IRAN Community| OpenStack.ir OpenShift Core Concepts Projects(Cont.) Projects can have a separate, ● Name : is a unique identifier for the project and is most visible when using the CLI tools or API. The maximum name length is 63 characters. ● DisplayName : The optional displayName is how the project is displayed in the web console (defaults to name). ● Description : The optional description can be a more detailed description of the project and is also visible in the web console.
  12. 12. IRAN Community| OpenStack.ir OpenShift Core Concepts Scopes Each project scopes its own set of: ● Objects : Pods, services, replication controllers, etc. ● Policies : Rules for which users can or cannot perform actions on objects. ● Constraints : Quotas for each kind of object that can be limited. ● Service accounts : Service accounts act automatically with designated access to objects in the project.
  13. 13. IRAN Community| OpenStack.ir OpenShift Core Concepts Cluster administrators can create projects and delegate administrative rights for the project to any member of the user community. Cluster administrators can also allow developers to create their own projects. Developers and administrators can interact with projects using the CLI or the web console.
  14. 14. IRAN Community| OpenStack.ir Builds and Image Streams OpenShift Core Concepts
  15. 15. IRAN Community| OpenStack.ir OpenShift Core Concepts Builds A build is the process of transforming input parameters into a resulting object. Most often, the process is used to transform input parameters or source code into a runnable image. A BuildConfig object is the definition of the entire build process. Build configurations are characterized by a strategy and one or more sources.
  16. 16. IRAN Community| OpenStack.ir OpenShift Core Concepts Build strategies ● Source-To-Image (S2I) : Source-to-Image (S2I) is a tool for building reproducible Docker images. It produces ready-to-run images by injecting application source into a Docker image and assembling a new Docker image. The new image incorporates the base image (the builder) and built source and is ready to use with the docker run command. S2I supports incremental builds, which re-use previously downloaded dependencies, previously built artifacts, etc. Advantages : Image flexibility – Speed – Patchability - Operational efficiency - Operational security - User efficiency - Reproducibility
  17. 17. IRAN Community| OpenStack.ir OpenShift Core Concepts Build strategies(Cont.) ● Docker : The Docker build strategy invokes the plain docker build command, and it therefore expects a repository with a Dockerfile and all required artifacts in it to produce a runnable image. ● Pipeline : The Pipeline build strategy allows developers to define a Jenkins pipeline for execution by the Jenkins pipeline plugin. The build can be started, monitored, and managed by OpenShift Origin in the same way as any other build type.
  18. 18. IRAN Community| OpenStack.ir OpenShift Core Concepts Build strategies(Cont.) ● Custom : The Custom build strategy allows developers to define a specific builder image responsible for the entire build process. Using your own builder image allows you to customize your build process. A Custom builder image is a plain Docker image embedded with build process logic, for example for building RPMs or base Docker images.
  19. 19. IRAN Community| OpenStack.ir OpenShift Core Concepts Build sources ● Git : use source codes from git repository. ● Dockerfile : Dockerfile is used as the build input ● Binary : Streaming content in binary format from a local file system to the builder ● Image Source : Additional files can be provided to the build process via images. Files will copy from source image to destination image
  20. 20. IRAN Community| OpenStack.ir OpenShift Core Concepts Image Streams An image stream comprises any number of Docker images identified by tags. It presents a single virtual view of related images, similar to a Docker image repository. Image streams can be used to automatically perform an action when new images are created. Builds and deployments can watch an image stream to receive notifications when new images are added and react by performing a build or deployment, respectively.
  21. 21. IRAN Community| OpenStack.ir OpenShift Core Concepts Image Streams(Cont.) For example, if a deployment is using a certain image and a new version of that image is created, a deployment could be automatically performed.
  22. 22. IRAN Community| OpenStack.ir Running OpenShift in your system OpenShift Core Concepts https://asciinema.org/a/84195 https://asciinema.org/~Behnam
  23. 23. IRAN Community| OpenStack.ir Video Channels https://www.youtube.com/behnamloghmani http://www.aparat.com/behnamloghmani OpenShift Core Concepts
  24. 24. IRAN Community| OpenStack.ir Iran OpenStack Community OpenShift Core Concepts
  25. 25. IRAN Community| OpenStack.ir Stay in Touch and Join Us: ● Home Page: OpenStack.ir ● Meetup Page: Meetup.com/Iran-OpenStack ● Mailing List: OpenStack-ir@Lists.OpenStack.org ● Twitter: @OpenStackIR , #OpenStackIRAN ● IRC Channel on FreeNode: #OpenStack-ir OpenShift Core Concepts
  26. 26. Thank You Behnam Loghmani Iran OpenStack Community Member Behnam.loghmani@gmail.com OpenStack.ir We need to work together to build a better community

×