SlideShare une entreprise Scribd logo
1  sur  120
OPENSHIFT CONTAINER PLATFORM
TECHNICAL OVERVIEW
Mario Mendoza
Senior Solution Architect
OPENSHIFT TECHNICAL OVERVIEW2
Self-Service
Multi-language
Automation
Collaboration
Seamless
Standards-based
Web-scale
Open Source
Enterprise Grade
Secure
OPENSHIFT ARCHITECTURE
OPENSHIFT TECHNICAL OVERVIEW4
OPENSHIFT ARCHITECTURE
EXISTING
AUTOMATION
TOOLSETS
SCM
(GIT)
CI/CD
SERVICE LAYER
ROUTING LAYER
PERSISTENT
STORAGE
REGISTRY
RHEL
NODE
c
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
C
C
C C
C
C
C CC C
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
OPENSHIFT TECHNICAL OVERVIEW5
YOUR CHOICE OF INFRASTRUCTURE
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
OPENSHIFT TECHNICAL OVERVIEW
NODES RHEL INSTANCES WHERE APPS RUN
6
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
OPENSHIFT TECHNICAL OVERVIEW
RHEL
NODE
c
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
C
C
C C
C
C
C CC C
APPS RUN IN CONTAINERS
7
Container
Image
Container
Pod
OPENSHIFT TECHNICAL OVERVIEW8
PODS ARE THE UNIT OF ORCHESTRATION
RHEL
NODE
c
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
C
C
C C
C
C
C CC C
OPENSHIFT TECHNICAL OVERVIEW
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
9
MASTERS ARE THE CONTROL PLANE
RED HAT
ENTERPRISE LINUX
MASTER
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
OPENSHIFT TECHNICAL OVERVIEW
RHEL
NODE
RHEL
NODE
RHEL
NODE
10
API AND AUTHENTICATION
RHEL
NODE
RHEL
NODE
RHEL
NODE
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
OPENSHIFT TECHNICAL OVERVIEW
RHEL
NODE
RHEL
NODE
RHEL
NODE
11
DESIRED AND CURRENT STATE
RHEL
NODE
RHEL
NODE
RHEL
NODE
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
OPENSHIFT TECHNICAL OVERVIEW12
INTEGRATED CONTAINER REGISTRY
RHEL
NODE
RHEL
NODE
RHEL
RHEL
NODE
RHEL
NODE
RHEL
RHEL
NODE
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
NODE
REGISTRY
RHEL
OPENSHIFT TECHNICAL OVERVIEW13
ORCHESTRATION AND SCHEDULING
RHEL
NODE
RHEL
NODE
RHEL
RHEL
NODE
RHEL
NODE
RHEL
RHEL
NODE
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
NODE
REGISTRY
RHEL
OPENSHIFT TECHNICAL OVERVIEW14
PLACEMENT BY POLICY
RHEL
NODE
RHEL
NODE
RHEL
NODE
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
REGISTRY
RHEL
NODE
RHEL
NODE
C
C
RHEL
NODE
c
C
C
OPENSHIFT TECHNICAL OVERVIEW
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
C
C
RHEL
NODE
c
C
C
15
AUTOSCALING PODS
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
REGISTRY
HEALTH/SCALING
OPENSHIFT TECHNICAL OVERVIEW16
SERVICE DISCOVERY
SERVICE LAYER
REGISTRY
RHEL
NODE
C
C
RHEL
NODE
C C
RHEL
NODE
c
C
C
RHEL
NODE
C C
RHEL
NODE
C
RHEL
NODE
C
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
OPENSHIFT TECHNICAL OVERVIEW17
PERSISTENT DATA IN CONTAINERS
SERVICE LAYER
PERSISTENT
STORAGE
REGISTRY
RHEL
NODE
C
C
RHEL
NODE
C C
RHEL
NODE
c
C
C
RHEL
NODE
C C
RHEL
NODE
C
RHEL
NODE
C
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
OPENSHIFT TECHNICAL OVERVIEW18
ROUTING AND LOAD-BALANCING
SERVICE LAYER
ROUTING LAYER
PERSISTENT
STORAGE
REGISTRY
RHEL
NODE
C
C
RHEL
NODE
C C
RHEL
NODE
c
C
C
RHEL
NODE
C C
RHEL
NODE
C
RHEL
NODE
C
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
OPENSHIFT TECHNICAL OVERVIEW19
ACCESS VIA WEB, CLI, IDE AND API
EXISTING
AUTOMATION
TOOLSETS
SCM
(GIT)
CI/CD
SERVICE LAYER
ROUTING LAYER
PERSISTENT
STORAGE
REGISTRY
RHEL
NODE
C
C
RHEL
NODE
C C
RHEL
NODE
c
C
C
RHEL
NODE
C C
RHEL
NODE
C
RHEL
NODE
C
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
TECHNICAL DEEP DIVE
OPENSHIFT TECHNICAL OVERVIEW21
AUTO-HEALING FAILED CONTAINERS
RHEL
NODE
RHEL
NODE
c
RHEL
NODE
RHEL
NODE
c
RHEL
NODE
C
C
RHEL
NODE
C
C
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
C
OPENSHIFT TECHNICAL OVERVIEW22
AUTO-HEALING FAILED CONTAINERS
RHEL
NODE
RHEL
NODE
c
RHEL
NODE
RHEL
NODE
c
RHEL
NODE
C
C
RHEL
NODE
C
C
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
C
OPENSHIFT TECHNICAL OVERVIEW23
AUTO-HEALING FAILED CONTAINERS
RHEL
NODE
RHEL
NODE
c
RHEL
NODE
RHEL
NODE
c
RHEL
NODE
C
C
RHEL
NODE
C
C
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
C
OPENSHIFT TECHNICAL OVERVIEW24
AUTO-HEALING FAILED CONTAINERS
RHEL
NODE
RHEL
NODE
c
RHEL
NODE
RHEL
NODE
c
RHEL
NODE
C
C
RHEL
NODE
C
C
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
C
OPENSHIFT TECHNICAL OVERVIEW25
AUTO-HEALING FAILED CONTAINERS
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
C
C
RHEL
NODE
C
C
c
RED HAT
ENTERPRISE LINUX
MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
C
c
NETWORKING
OPENSHIFT TECHNICAL OVERVIEW27
BUILT-IN SERVICE DISCOVERY
INTERNAL LOAD-BALANCING
SERVICE
app=payroll role=frontend
POD
app=payroll
role=frontend
POD
app=payroll
role=frontend
Name: payroll-frontend
IP: 172.10.1.23
Port: 8080
POD
app=payroll
role=backendversion=1.0 version=1.0
OPENSHIFT TECHNICAL OVERVIEW28
BUILT-IN SERVICE DISCOVERY
INTERNAL LOAD-BALANCING
SERVICE
app=payroll role=frontend
POD
app=payroll
role=frontend
POD
app=payroll
role=frontend
POD
app=payroll
role=frontend
Name: payroll-frontend
IP: 172.10.1.23
Port: 8080
POD
app=payroll
role=backendversion=2.0 version=1.0 version=1.0
OPENSHIFT TECHNICAL OVERVIEW29
SERVICE
POD POD
ROUTER
POD
EXTERNAL TRAFFIC
INTERNAL TRAFFIC
ROUTE EXPOSES SERVICES EXTERNALLY
OPENSHIFT TECHNICAL OVERVIEW30
● Pluggable routing architecture
○ HAProxy Router
○ F5 Router
● Multiple-routers with traffic sharding
● Router supported protocols
○ HTTP/HTTPS
○ WebSockets
○ TLS with SNI
● Non-standard ports via cloud load-balancers,
external IP, and NodePort
ROUTING AND EXTERNAL LOAD-BALANCING
OPENSHIFT TECHNICAL OVERVIEW31
ROUTE SPLIT TRAFFIC
SERVICE A
App A App A
SERVICE B
App B App B
ROUTE
10% traffic90% traffic
Split Traffic Between
Multiple Services For A/B
Testing, Blue/Green and
Canary Deployments
OPENSHIFT TECHNICAL OVERVIEW
● NodePort binds a service to a
unique port on all the nodes
● Traffic received on any node
redirects to a node with the
running service
● Ports in 30K-60K range which
usually differs from the service
● Firewall rules must allow traffic to
all nodes on the specific port
32
EXTERNAL TRAFFIC TO A SERVICE
ON A RANDOM PORT WITH NODEPORT
NODE
192.10.0.12
NODE
192.10.0.11
NODE
192.10.0.10
SERVICE
INT IP: 172.1.0.20:90
POD
10.1.0.1:90
POD
10.1.0.2:90
POD
10.1.0.3:90
connect
192.10.0.10:31421
192.10.0.11:31421
192.10.0.12:31421
CLIENT
OPENSHIFT TECHNICAL OVERVIEW
NODE
192.10.0.12
NODE
192.10.0.11
NODE
192.10.0.10
33
EXTERNAL TRAFFIC TO A SERVICE
ON ANY PORT WITH INGRESS
SERVICE
EXT IP: 200.1.0.10:90
INT IP: 172.1.0.20:90
POD
10.1.0.1:90
POD
10.1.0.2:90
POD
10.1.0.3:90
connect
200.1.0.10:90
CLIENT● Access a service with an external
IP on any TCP/UDP port, such as
○ Databases
○ Message Brokers
● Automatic IP allocation from a
predefined pool using Ingress IP
Self-Service
● IP failover pods provide high
availability for the IP pool
OPENSHIFT TECHNICAL OVERVIEW34
CONTROL OUTGOING TRAFFIC
SOURCE IP WITH EGRESS ROUTER
NODE
IP1
EGRESS
ROUTER
POD
IP1
EGRESS SERVICE
INTERNAL-IP:8080
EXTERNAL
SERVICE
Whitelist: IP1
POD
POD
POD
OPENSHIFT TECHNICAL OVERVIEW35
● Built-in internal DNS to reach services by name
● Split DNS is supported via SkyDNS
○ Master answers DNS queries for internal services
○ Other nameservers serve the rest of the queries
● Software Defined Networking (SDN) for a unified cluster
network to enable pod-to-pod communication
● OpenShift follows the Kubernetes
Container Networking Interface (CNI) plug-in model
OPENSHIFT NETWORKING
OPENSHIFT TECHNICAL OVERVIEW36
OPENSHIFT NETWORK PLUGINS
OPENSHIFT
KUBERNETES CNI
OpenShift
Plugin
Flannel
Plugin*
Nuage
Plugin
Tigera
Calico
Plugin
Juniper
Contrail
Plugin
Cisco
Contiv
Plugin
Big Switch
Plugin
Certified Plugin Validated Plugin
* Flannel is minimally verified and is supported only and exactly as deployed in the OpenShift on OpenStack reference architecture
VMware
NSX-T
Plugin
In-Progress
For a Complete List of Certified Plugins refer to OpenShift Third-Party SDN FAQ
DEFAULT
OPENSHIFT TECHNICAL OVERVIEW
NODE
172.16.1.10
37
OPENSHIFT NETWORKING
POD
10.1.2.1
POD
10.1.4.1
NODE
172.16.1.20
POD
10.1.2.2
POD
10.1.4.2
IP Network
VxLAN Overlay
Network
OPENSHIFT TECHNICAL OVERVIEW
FLAT NETWORK (Default)
● All pods can communicate with each
other across projects
MULTI-TENANT NETWORK
● Project-level network isolation
● Multicast support
● Egress network policies
NETWORK POLICY (Tech Preview)
● Granular policy-based isolation
38
OPENSHIFT SDN
NODE
POD POD
PODPOD
NODE
POD POD
PODPOD
PROJECT A PROJECT B
DEFAULT NAMESPACE
✓
PROJECT C
Multi-Tenant Network
OPENSHIFT TECHNICAL OVERVIEW
PROJECT A
39
OPENSHIFT SDN - NETWORK POLICY
POD
POD
POD
POD
PROJECT B
POD
POD
POD
POD
Example Policies
● Allow all traffic inside the project
● Allow traffic from green to gray
● Allow traffic to purple on 8080
✓
✓
8080
5432
✓
apiVersion: extensions/v1beta1
kind: NetworkPolicy
metadata:
name: allow-to-purple-on-8080
spec:
podSelector:
matchLabels:
color: purple
ingress:
- ports:
- protocol: tcp
port: 8080
✓
OPENSHIFT TECHNICAL OVERVIEW
Container to Container on the Same Host
40
OPENSHIFT SDN - OVS PACKET FLOW
NODE
POD 1
veth0
10.1.15.2/24
br0
10.1.15.1/24
192.168.0.100
eth0
POD 2
veth1
10.1.15.3/24
vxlan0
OPENSHIFT TECHNICAL OVERVIEW
NODE 2
NODE 1
41
OPENSHIFT SDN - OVS PACKET FLOW
POD 1
veth0
10.1.15.2/24
br0
10.1.15.1/24
vxlan0
POD 2
veth0
10.1.20.2/24
br0
10.1.20.1/24
vxlan0
192.168.0.100
eth0
192.168.0.200
eth0
Container to Container on the Different Hosts
OPENSHIFT TECHNICAL OVERVIEW
Container Connects to External Host
Container to Container on Different Hosts
42
OPENSHIFT SDN - OVS PACKET FLOW
NODE 1
POD 1
veth0
10.1.15.2/24
br0
10.1.15.1/24
tun0
192.168.0.100
External
Host
eth0
OPENSHIFT TECHNICAL OVERVIEW43
OPENSHIFT SDN WITH
FLANNEL FOR OPENSTACK
NODE 1
POD 1
veth0
10.1.15.2/24
docker0
10.1.15.1/24
Routing
Table
flanneld
NODE 2
POD 2
veth0
10.1.20.2/24
docker0
10.1.20.1/24
Routing
Table
flanneld
etcd
192.168.0.100
eth0
192.168.0.200
eth0
Flannel is minimally verified and is supported only and exactly as deployed in the OpenShift on
OpenStack reference architecture https://access.redhat.com/articles/2743631
LOGGING & METRICS
OPENSHIFT TECHNICAL OVERVIEW45
● EFK stack to aggregate logs for hosts and applications
○ Elasticsearch: an object store to store all logs
○ Fluentd: gathers logs and sends to Elasticsearch.
○ Kibana: A web UI for Elasticsearch.
● Access control
○ Cluster administrators can view all logs
○ Users can only view logs for their projects
● Ability to send logs elsewhere
○ External elasticsearch, Splunk, etc
CENTRAL LOG MANAGEMENT WITH EFK
OPENSHIFT TECHNICAL OVERVIEW
CENTRAL LOG MANAGEMENT WITH EFK
APPLICATION LOGS
OPERATION LOGS
ELASTIC
ELASTIC
46
RHEL
NODE
POD POD
PODPOD
FLUENTD
RHEL
NODE
POD POD
PODPOD
FLUENTD
ELASTICSEARCH
RHEL
NODE
POD POD
PODPOD
FLUENTD
USER
ELASTIC
ELASTIC
KIBANA
ELASTIC
ELASTIC
ELASTICSEARCH
ELASTIC
ELASTIC
KIBANA
ADMIN
OPENSHIFT TECHNICAL OVERVIEW47
CONTAINER METRICS
OPENSHIFT TECHNICAL OVERVIEW
CONTAINER METRICS
48
RHEL
NODE
POD POD
PODPOD
FLUENTD
CONTAINER METRICS
RHEL
NODE
POD POD
PODPOD
FLUENTD
HEAPSTER
RHEL
NODE
POD POD
PODPOD
CADVISOR
HAWKULAR
OPENSHIFT
WEB CONSOLE
ELASTIC
ELASTIC
CASSANDRA
RED HAT
CLOUDFORMS
CUSTOM
DASHBOARDS
API
USER
SECURITY
OPENSHIFT TECHNICAL OVERVIEW50
TEN LAYERS OF CONTAINER SECURITY
Container Host & Multi-tenancy
Container ContentContainer Registry
Building Containers
Deploying Container
Container Platform
Network Isolation
Storage
API Management
Federated Clusters
OPENSHIFT TECHNICAL OVERVIEW
NODE
MASTER
● Secure mechanism for holding sensitive data e.g.
○ Passwords and credentials
○ SSH Keys
○ Certificates
● Secrets are made available as
○ Environment variables
○ Volume mounts
○ Interaction with external systems
● Encrypted in transit
● Never rest on the nodes
51
SECRET MANAGEMENT
Container
Distributed Store
Container
PERSISTENT STORAGE
OPENSHIFT TECHNICAL OVERVIEW53
● Persistent Volume (PV) is tied to a piece of network storage
● Provisioned by an administrator (static or dynamically)
● Allows admins to describe storage and users to request storage
PERSISTENT STORAGE
NFS GlusterFS
OpenStack
Cinder
Ceph RBD AWS
EBS
GCE
Persistent
Disk
iSCSI
Fibre
Channel
Azure
File
Azure
Disk
OPENSHIFT TECHNICAL OVERVIEW
PROJECT
POOL OF PERSISTENT VOLUMES
54
PERSISTENT STORAGE
NFSP
V
iSCSI
PV
NFSP
V
Admin
User
register PV
create claim
NFSP
V
GlusterFS
PV
Pod
claim
Pod
claim
Pod
claim
Ceph
RBD
PV
OPENSHIFT TECHNICAL OVERVIEW55
DYNAMIC VOLUME PROVISIONING
Admin
User
define StorageClass
create claim: Fastest
Slow
Azure-Disk
Fast
AWS-SSD
Fastest
NetApp-Flash
NetApp
Provisioner
AWS
Provisioner
Pod
claim
PV
OpenShift
PV Controller
provision
Azure
Provisioner
bound
OPENSHIFT TECHNICAL OVERVIEW56
● Containerized Red Hat Gluster Storage
● Native integration with OpenShift
● Unified Orchestration using Kubernetes for
applications and storage
● Greater control & ease of use for developers
● Lower TCO through convergence
● Single vendor Support DISTRIBUTED, SECURE, SCALE-OUT STORAGE
CLUSTER
APPLICATION
CONTAINER
APPLICATION
CONTAINER
APPLICATION
CONTAINER
STORAGE
CONTAINER
STORAGE
CONTAINER
STORAGE
CONTAINER
CONTAINER-NATIVE STORAGE
OPENSHIFT TECHNICAL OVERVIEW
NODENODENODE
CONTAINER-NATIVE STORAGE
57
NODE
POD POD POD POD POD POD POD
POD POD POD
RHGS RHGS RHGS
POD POD POD
MASTER
SERVICE BROKER
OPENSHIFT TECHNICAL OVERVIEW59
● Born out of Cloud Foundry Foundation
● Standard way to deliver services to apps
running on OpenShift, Kubernetes, etc
● A collaboration between multiple vendors
● Integrated with OpenShift and Kubernetes
● Release Timeline
○ OCP 3.6 Tech Preview
○ OCP 3.7 GA
OPEN SERVICE BROKER API
RED HAT
PIVOTAL
IBM
SAP
GOOGLE
FUJITSU
OPENSHIFT TECHNICAL OVERVIEW60
CONSUMING SERVICES
SERVICE
CONSUMER
SERVICE
PROVIDER
☑ Open ticket
☑ Wait for allocation
☑ Receive credentials
☑ Add to app
☑ Deploy app
OPENSHIFT TECHNICAL OVERVIEW61
CONSUMING SERVICES
WITH OPEN SERVICE BROKER API
SERVICE
CONSUMER
SERVICE
PROVIDER
SERVICE
CATALOG
SERVICE
BROKER
OPENSHIFT TECHNICAL OVERVIEW62
OPENSHIFT SERVICE CATALOG
OPENSHIFT SERVICE CATALOG
Ansible
Service
Broker
OpenShift
Template
Broker
Cloud
Service
Broker
Other
Service
Brokers
ANSIBLE
OPENSHIFT
PUBLIC CLOUD
OTHER COMPATIBLE SERVICES
Ansible
Playbook
Bundles
OpenShift
Templates
Public
Cloud
Services
Other
Services
(TECH PREVIEW)
OPERATIONAL
MANAGEMENT
OPENSHIFT TECHNICAL OVERVIEW64
TOP CHALLENGES OF
RUNNING CONTAINERS AT SCALE
SERVICE
HEALTH
SECURITY
& COMPLIANCE
FINANCIAL
MANAGEMENT
OPERATIONAL
EFFICIENCY
OPENSHIFT TECHNICAL OVERVIEW65
Operational Management
Across the Stack
● Real-time discovery
● Visualize relationships
● Monitoring and alerts
● Vulnerability scanning
● Security compliance
● Workflow and policy
● Automation
● Chargeback
OPENSHIFT TECHNICAL OVERVIEW
● CloudForms continuously discovers your
infrastructure in near real time.
● CloudForms discovers and visualizes
relationships between infra components
● CloudForms cross references inventory
across technologies.
● CloudForms offers custom automation via
control policy or UI extensions
66
OPERATIONAL EFFICIENCY
OPENSHIFT TECHNICAL OVERVIEW67
OPERATIONAL EFFICIENCY
OPENSHIFT TECHNICAL OVERVIEW
● CloudForms monitors resource consumption
and shows trends
● CloudForms alerts on performance
thresholds or other events
● CloudForms offers right-sizing
recommendations
● CloudForms enforces configuration and
tracks it over time.
68
SERVICE HEALTH
OPENSHIFT TECHNICAL OVERVIEW69
SERVICE HEALTH
OPENSHIFT TECHNICAL OVERVIEW
● CloudForms finds and marks nodes
non-compliant with policy.
● CloudForms allows reporting on container
provenance.
● CloudForms scans container images using
OpenSCAP.
● CloudForms tracks genealogy between
images and containers.
70
SECURITY & COMPLIANCE
OPENSHIFT TECHNICAL OVERVIEW71
SECURITY & COMPLIANCE
OPENSHIFT TECHNICAL OVERVIEW
● Define cost models for infrastructure and
understand your cost.
● Rate schedules per platform and per tenant
with multi-tiered and multi-currency support
● CloudForms shows top users for CPU,
memory, as well as cost.
● Chargeback/showback to projects based on
container utilization.
72
FINANCIAL MANAGEMENT
OPENSHIFT TECHNICAL OVERVIEW73
FINANCIAL MANAGEMENT
REFERENCE
ARCHITECTURES
OPENSHIFT TECHNICAL OVERVIEW
OpenShift on VMware vCenter
https://access.redhat.com/articles/2745171
OpenShift on Red Hat OpenStack Platform
https://access.redhat.com/articles/2743631
OpenShift on Amazon Web Services
https://access.redhat.com/articles/2623521
OpenShift on Google Cloud Platform
https://access.redhat.com/articles/2751521
OpenShift on Microsoft Azure
https://access.redhat.com/articles/3030691
Deploying an OpenShift Distributed Architecture
https://access.redhat.com/articles/1609803
OpenShift Architecture and Deployment Guide
https://access.redhat.com/articles/1755133
OpenShift Scaling, Performance, and Capacity Planning
https://access.redhat.com/articles/2191731
Application Release Strategies with OpenShift
https://access.redhat.com/articles/2897391
Building Polyglot Microservices on OpenShift
https://access.redhat.com/articles/2893381
Building JBoss EAP 6 Microservices on OpenShift
https://access.redhat.com/articles/2094731
Building JBoss EAP 7 Microservices on OpenShift
https://access.redhat.com/articles/2407801
Business Process Management with JBoss BPMS on OpenShift
https://access.redhat.com/articles/2893421
Build and Deployment of Java Applications on OpenShift
https://access.redhat.com/articles/3016691
Building Microservices on OpenShift with Fuse Integra...
https://access.redhat.com/articles/3068571
JFrog Artifactory on OpenShift Container Platform
https://access.redhat.com/articles/3049611
75
REFERENCE ARCHITECTURES
BUILD AND DEPLOY
CONTAINER IMAGES
OPENSHIFT TECHNICAL OVERVIEW77
BUILD AND DEPLOY CONTAINER IMAGES
DEPLOY YOUR
SOURCE CODE
DEPLOY YOUR
APP BINARY
DEPLOY YOUR
CONTAINER IMAGE
OPENSHIFT TECHNICAL OVERVIEW78
DEPLOY YOUR
SOURCE CODE
OPENSHIFT TECHNICAL OVERVIEW79
DEPLOY SOURCE CODE WITH
SOURCE-TO-IMAGE (S2I)
codeGit
Repository
Source-to-Image
(S2I)
deploy
CODE
BUILD
DEPLOY
Builder
Image
Image
Registry
OPSDEV
Application
Container
OPENSHIFT TECHNICAL OVERVIEW
Developers write code using
existing development tools
such as Maven, NPM, Bower,
PIP, Dockerfile and Git and
then access the OpenShift
Web, CLI or IDE to create an
app from the code
80
DEPLOY SOURCE CODE WITH
SOURCE-TO-IMAGE (S2I)
codeGit
Repository
CODE
DEV
OPENSHIFT TECHNICAL OVERVIEW
S2I combines source code
with a builder image
(language and application
runtimes) and stores the
resulting application image
in the image registry
81
DEPLOY SOURCE CODE WITH
SOURCE-TO-IMAGE (S2I)
codeGit
Repository
Source-to-Image
(S2I)
Builder
Image
Image
Registry
BUILD
DEV
OPENSHIFT TECHNICAL OVERVIEW
OpenShift automates the
deployment of application
containers across multiple
hosts via the Kubernetes.
Users can trigger
deployments, rollback,
configure A/B or other
custom deployments
82
DEPLOY SOURCE CODE WITH
SOURCE-TO-IMAGE (S2I)
codeGit
Repository
Source-to-Image
(S2I)
deploy
Builder
Image
Image
Registry
OPSDEV
DEPLOY
Application
Container
OPENSHIFT TECHNICAL OVERVIEW
DEPLOY YOUR
APP BINARY
83
OPENSHIFT TECHNICAL OVERVIEW
DEPLOY
84
DEPLOY APP BINARY WITH
SOURCE-TO-IMAGE (S2I)
Application
Binary
(e.g. WAR)
Source-to-Image
(S2I)
deploy
Builder
Image
Image
Registry
OPSDEV
BUILD APP
BUILD IMAGE
Existing Build
Process
Application
Container
build
OPENSHIFT TECHNICAL OVERVIEW
Developers use the existing
build process and tools (e.g.
Maven, Gradle, Jenkins, Nexus)
to build the app binaries (e.g.
JAR, WAR, EAR) and use
OpenShift CLI to create an app
from the app binaries
85
DEPLOY APP BINARY WITH
SOURCE-TO-IMAGE (S2I)
Application
Binary
(e.g. WAR)
DEV
BUILD APP Existing Build
Process
...
build
OPENSHIFT TECHNICAL OVERVIEW86
DEPLOY APP BINARY WITH
SOURCE-TO-IMAGE (S2I)
Application
Binary
(e.g. WAR)
Source-to-Image
(S2I)
Builder
Image
Image
Registry
DEV
build
Existing Build
Process
BUILD IMAGE
S2I combines app binaries
(e.g. JAR, WAR, EAR) with a
builder image (language
and application runtimes)
and stores the resulting
application image in the
image registry
OPENSHIFT TECHNICAL OVERVIEW87
DEPLOY APP BINARY WITH
SOURCE-TO-IMAGE (S2I)
Application
Binary
(e.g. WAR)
Source-to-Image
(S2I)
deploy
Builder
Image
Image
Registry
OPSDEV
Existing Build
Process
DEPLOY
Application
Container
OpenShift automates the
deployment of application
containers across multiple
hosts via the Kubernetes.
Users can trigger
deployments, rollback,
configure A/B or other
custom deployments
build
OPENSHIFT TECHNICAL OVERVIEW
DEPLOY YOUR
CONTAINER
IMAGE
88
OPENSHIFT TECHNICAL OVERVIEW
App images are built using an
existing image build process.
OpenShift automates the
deployment of app containers
across multiple hosts via the
Kubernetes. Users can trigger
deployments, rollback,
configure A/B, etc
DEPLOY
89
DEPLOY DOCKER IMAGE
build
Application
Container
deploy
Application
Image
Image
Registry
OPSDEV
BUILD
Existing Image
Build Process
OPENSHIFT TECHNICAL OVERVIEW
BUILD STAGE 3
BUILD STAGE 2
BUILD STAGE 1
90
BUILD IMAGES IN MULTIPLE STAGES
OPENSHIFT TECHNICAL OVERVIEW91
EXAMPLE: USE ANY RUNTIME IMAGE WITH
SOURCE-TO-IMAGE BUILDS
DOCKER BUILDWILDFLY S2I BUILD app.war
WildFly S2I
Builder
Image
WildFly
Runtime
Image
Use Source-to-Image to build app binaries and deploy on lean vanilla runtimes
read more on https://blog.openshift.com/chaining-builds/
OPENSHIFT TECHNICAL OVERVIEW92
EXAMPLE: USE ANY BUILD TOOL WITH
OFFICIAL RUNTIME IMAGES
DOCKER BUILDCUSTOM GRADLE BUILD
Custom
Gradle S2I
Builder Image
Red Hat
OpenJDK
Image
Use your choice of build tool like Gradle and deploy to official images like the JDK image
read more on https://blog.openshift.com/chaining-builds/
app.war
OPENSHIFT TECHNICAL OVERVIEW93
EXAMPLE: SMALL LEAN RUNTIMES
DOCKER BUILDCUSTOM GO BUILD
Custom
Go S2I
Builder Image
Scratch
Image
Build the app binary and deploy on small scratch images
read more on https://blog.openshift.com/chaining-builds/
app
CONTINUOUS INTEGRATION (CI)
CONTINUOUS DELIVERY (CD)
OPENSHIFT TECHNICAL OVERVIEW
CI/CD WITH BUILD AND DEPLOYMENTS
95
BUILDS
● Webhook triggers: build the app image whenever the code changes
● Image trigger: build the app image whenever the base language or app runtime changes
● Build hooks: test the app image before pushing it to an image registry
DEPLOYMENTS
● Deployment triggers: redeploy app containers whenever configuration changes or the
image changes in the OpenShift integrated registry or upstream registries
OPENSHIFT TECHNICAL OVERVIEW96
CONTINUOUS DELIVERY WITH CONTAINERS
source
repository
CI/CD
engine
dev container
physical
virtual
private cloud
public cloud
OPENSHIFT TECHNICAL OVERVIEW97
OPENSHIFT LOVES CI/CD
JENKINS-AS-A SERVICE
ON OPENSHIFT
HYBRID JENKINS INFRA
WITH OPENSHIFT
EXISTING CI/CD
DEPLOY TO OPENSHIFT
OPENSHIFT TECHNICAL OVERVIEW98
JENKINS-AS-A-SERVICE ON OPENSHIFT
● Certified Jenkins images with pre-configured plugins
○ Provided out-of-the-box
○ Follows Jenkins 1.x and 2.x LTS versions
● Jenkins S2I Builder for customizing the image
○ Install Plugins
○ Configure Jenkins
○ Configure Build Jobs
● OpenShift plugins to integrate authentication with
OpenShift and also CI/CD pipelines
● Dynamically deploys Jenkins slave containers
Plugins
Jobs
Configuration
Jenkins
(S2I)
Custom
Jenkins
Image
Jenkins
Image
OPENSHIFT TECHNICAL OVERVIEW
● Scale existing Jenkins infrastructure by dynamically provisioning Jenkins slaves on OpenShift
● Use Kubernetes plug-in on existing Jenkin servers
99
HYBRID JENKINS INFRA WITH OPENSHIFT
OPENSHIFT
APP APPrun job
JENKINS
SLAVE
Run Job
JENKINS
SLAVE
Run Job
build
JENKINS
MASTER
deploy
OPENSHIFT TECHNICAL OVERVIEW
● Existing CI/CD infrastructure outside OpenShift performs operations against OpenShift
○ OpenShift Pipeline Jenkins Plugin for Jenkins
○ OpenShift CLI for integrating other CI Engines with OpenShift
● Without disrupting existing processes, can be combined with previous alternative
100
EXISTING CI/CD DEPLOY TO OPENSHIFT
OPENSHIFT
APP
EXISTING
CI/CD INFRA
Jenkins, Bamboo,
TeamCity, etc
APPbuild
deploy
S2I
Buildrun job
OPENSHIFT TECHNICAL OVERVIEW101
OPENSHIFT PIPELINES
● OpenShift Pipelines allow defining a
CI/CD workflow via a Jenkins pipeline
which can be started, monitored, and
managed similar to other builds
● Dynamic provisioning of Jenkins slaves
● Auto-provisioning of Jenkins server
● OpenShift Pipeline strategies
○ Embedded Jenkinsfile
○ Jenkinsfile from a Git repository
apiVersion: v1
kind: BuildConfig
metadata:
name: app-pipeline
spec:
strategy:
type: JenkinsPipeline
jenkinsPipelineStrategy:
jenkinsfile: |-
node('maven') {
stage('build app') {
git url: 'https://git/app.git'
sh "mvn package"
}
stage('build image') {
sh "oc start-build app --from-file=target/app.jar
}
stage('deploy') {
openshiftDeploy deploymentConfig: 'app'
}
}
Provision a
Jenkins slave for
running Maven
OPENSHIFT TECHNICAL OVERVIEW102
OpenShift
Pipelines in
Web Console
OPENSHIFT TECHNICAL OVERVIEW
APPLICATION
IMAGE
103
CONTINUOUS DELIVERY PIPELINE
DEV TEAM GIT SERVER
ARTIFACT
REPOSITORY
JENKINS
IMAGE BUILD
● S2I build from source code
● S2I build from app binary
● Existing docker container image
build process
OPENSHIFT TECHNICAL OVERVIEW
CONTINUOUS DELIVERY PIPELINE
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
104
DEVELOPER GIT SERVER ARTIFACT REPOSITORY
OPENSHIFT
CI/CD PIPELINE
(JENKINS)
IMAGE BUILD
& DEPLOY
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
NON-PROD PRODDEV
OPENSHIFT TECHNICAL OVERVIEW
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
105
CONTINUOUS DELIVERY PIPELINE
DEVELOPER GIT SERVER ARTIFACT REPOSITORY
OPENSHIFT
CI/CD PIPELINE
(JENKINS)
IMAGE BUILD
& DEPLOY
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
PROMOTE
TO TEST
NON-PROD PRODDEV TEST
OPENSHIFT TECHNICAL OVERVIEW
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
106
CONTINUOUS DELIVERY PIPELINE
DEVELOPER GIT SERVER ARTIFACT REPOSITORY
OPENSHIFT
CI/CD PIPELINE
(JENKINS)
IMAGE BUILD
& DEPLOY
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
PROMOTE
TO TEST
PROMOTE
TO UAT
NON-PROD PRODDEV TEST UAT
OPENSHIFT TECHNICAL OVERVIEW
ServiceNow
JIRA Service Desk
Zendeks
BMC Remedy
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
107
CONTINUOUS DELIVERY PIPELINE
DEVELOPER GIT SERVER ARTIFACT REPOSITORY
OPENSHIFT
CI/CD PIPELINE
(JENKINS)
IMAGE BUILD
& DEPLOY
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
GO
LIVE?
PROMOTE
TO TEST
PROMOTE
TO UAT
RELEASE MANAGER
NON-PROD PROD
☒
☑
DEV TEST UAT
OPENSHIFT TECHNICAL OVERVIEW
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
108
CONTINUOUS DELIVERY PIPELINE
DEVELOPER GIT SERVER ARTIFACT REPOSITORY
OPENSHIFT
CI/CD PIPELINE
(JENKINS)
IMAGE BUILD
& DEPLOY
INTEGRATED
IMAGE
REGISTRY
OPENSHIFT
CLUSTER
GO
LIVE?
PROMOTE
TO TEST
PROMOTE
TO UAT
PROMOTE
TO PROD
RELEASE MANAGER
NON-PROD PRODDEV TEST UAT
☒
☑
DEVELOPER WORKFLOW
OPENSHIFT TECHNICAL OVERVIEW110
LOCAL DEVELOPMENT WORKFLOW
Develop
Local
Deploy
Verify Git Push PipelineBootstrap
OPENSHIFT TECHNICAL OVERVIEW
BOOTSTRAP
● Pick your programming language and application runtime of choice
● Create the project skeleton from scratch or use a generator such as
○ Maven archetypes
○ Quickstarts and Templates
○ OpenShift Generator
○ Spring Initializr
111
LOCAL DEVELOPMENT WORKFLOW
Develop
Local
Deploy
Verify Git Push PipelineBootstrap
OPENSHIFT TECHNICAL OVERVIEW112
DEVELOP
● Pick your framework of choice such as Java EE, Spring, Ruby on Rails, Django, Express, ...
● Develop your application code using your editor or IDE of choice
● Build and test your application code locally using your build tools
● Create or generate OpenShift templates or Kubernetes objects
LOCAL DEVELOPMENT WORKFLOW
Develop
Local
Deploy
Verify Git Push PipelineBootstrap
OPENSHIFT TECHNICAL OVERVIEW113
LOCAL DEPLOY
● Deploy your code on a local OpenShift cluster
○ Red Hat Container Development Kit (CDK), minishift and oc cluster
● Red Hat CDK provides a standard RHEL-based development environment
● Use binary deploy, maven or CLI rsync to push code or app binary directly into containers
LOCAL DEVELOPMENT WORKFLOW
Develop
Local
Deploy
Verify Git Push PipelineBootstrap
OPENSHIFT TECHNICAL OVERVIEW114
VERIFY
● Verify your code is working as expected
● Run any type of tests that are required with or without other components (database, etc)
● Based on the test results, change code, deploy, verify and repeat
LOCAL DEVELOPMENT WORKFLOW
Develop
Local
Deploy
Verify Git Push PipelineBootstrap
OPENSHIFT TECHNICAL OVERVIEW115
GIT PUSH
● Push the code and configuration to the Git repository
● If using Fork & Pull Request workflow, create a Pull Request
● If using code review workflow, participate in code review discussions
LOCAL DEVELOPMENT WORKFLOW
Develop
Local
Deploy
Verify Git Push PipelineBootstrap
OPENSHIFT TECHNICAL OVERVIEW
PIPELINE
● Pushing code to the Git repository triggers one or multiple deployment pipelines
● Design your pipelines based on your development workflow e.g. test the pull request
● Failure in the pipeline? Go back to the code and start again
116
LOCAL DEVELOPMENT WORKFLOW
Develop
Local
Deploy
Verify Git Push PipelineBootstrap
APPLICATION SERVICES
OPENSHIFT TECHNICAL OVERVIEW118
A PLATFORM THAT GROWS WITH YOUR BUSINESS
Data
Virtualization
Real Time
Decision
Intelligent
Process
Integration Messaging Data Grid
Java EE
Application
Web
Application
Single
Sign-On
Mobile
API
Management
Micro
services
OPENSHIFT TECHNICAL OVERVIEW
CrunchyData
GitLab
Iron.io
Couchbase
Sonatype
EnterpriseDB
NuoDB
Fujitsu
and many more
119
...and virtually
any docker
image
out there!
TRUE POLYGLOT PLATFORM
PHPPythonJava NodeJS Perl Ruby
.NET
Core
Apache
HTTP
Server
MySQL Redis
nginx TomcatVarnish
JBoss
EAP
JBoss
A-MQ
JBoss
Fuse
JBoss
BRMS
JBoss
BPMS
JBoss
Data Grid
JBoss
Data Virt
RH
Mobile
RH SSO
3SCALE
API mgmt
JBoss
Web
Server
Spring
Boot
Wildfly
Swarm
Vert.x
PostgreSQL MongoDB
Phusion
Passenger
Third-party
Language
Runtimes
Third-party
Databases
Third-party
App
Runtimes
Third-party
Middleware
Third-party
Middleware
LANGUAGES
DATABASES
WEB SERVERS
MIDDLEWARE
THANK YOU
plus.google.com/+RedHat
linkedin.com/company/red-hat
youtube.com/user/RedHatVideos
facebook.com/redhatinc
twitter.com/RedHatNews

Contenu connexe

Tendances

Bare Metal Cluster with Kubernetes, Istio and Metallb | Nguyen Phuong An, Ngu...
Bare Metal Cluster with Kubernetes, Istio and Metallb | Nguyen Phuong An, Ngu...Bare Metal Cluster with Kubernetes, Istio and Metallb | Nguyen Phuong An, Ngu...
Bare Metal Cluster with Kubernetes, Istio and Metallb | Nguyen Phuong An, Ngu...Vietnam Open Infrastructure User Group
 
Red Hat OpenShift Operators - Operators ABC
Red Hat OpenShift Operators - Operators ABCRed Hat OpenShift Operators - Operators ABC
Red Hat OpenShift Operators - Operators ABCRobert Bohne
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionStefan Schimanski
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
 
CI-CD Jenkins, GitHub Actions, Tekton
CI-CD Jenkins, GitHub Actions, Tekton CI-CD Jenkins, GitHub Actions, Tekton
CI-CD Jenkins, GitHub Actions, Tekton Araf Karsh Hamid
 
Issues of OpenStack multi-region mode
Issues of OpenStack multi-region modeIssues of OpenStack multi-region mode
Issues of OpenStack multi-region modeJoe Huang
 
How OpenShift SDN helps to automate
How OpenShift SDN helps to automateHow OpenShift SDN helps to automate
How OpenShift SDN helps to automateIlkka Tengvall
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes VMware Tanzu
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak Abhishek Koserwal
 
Red Hat - Corporate Presentation
Red Hat - Corporate PresentationRed Hat - Corporate Presentation
Red Hat - Corporate PresentationRenato Adrião
 
Ansible Automation Platform.pdf
Ansible Automation Platform.pdfAnsible Automation Platform.pdf
Ansible Automation Platform.pdfVuHoangAnh14
 
Istio : Service Mesh
Istio : Service MeshIstio : Service Mesh
Istio : Service MeshKnoldus Inc.
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchTe-Yen Liu
 
OpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfOpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfssuser1490e8
 
Istio Service Mesh
Istio Service MeshIstio Service Mesh
Istio Service MeshLuke Marsden
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...Edureka!
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
 
OpenShift-Technical-Overview.pdf
OpenShift-Technical-Overview.pdfOpenShift-Technical-Overview.pdf
OpenShift-Technical-Overview.pdfJuanSalinas593459
 

Tendances (20)

Bare Metal Cluster with Kubernetes, Istio and Metallb | Nguyen Phuong An, Ngu...
Bare Metal Cluster with Kubernetes, Istio and Metallb | Nguyen Phuong An, Ngu...Bare Metal Cluster with Kubernetes, Istio and Metallb | Nguyen Phuong An, Ngu...
Bare Metal Cluster with Kubernetes, Istio and Metallb | Nguyen Phuong An, Ngu...
 
Red Hat OpenShift Operators - Operators ABC
Red Hat OpenShift Operators - Operators ABCRed Hat OpenShift Operators - Operators ABC
Red Hat OpenShift Operators - Operators ABC
 
Gitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDGitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCD
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and Introduction
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
 
CI-CD Jenkins, GitHub Actions, Tekton
CI-CD Jenkins, GitHub Actions, Tekton CI-CD Jenkins, GitHub Actions, Tekton
CI-CD Jenkins, GitHub Actions, Tekton
 
Issues of OpenStack multi-region mode
Issues of OpenStack multi-region modeIssues of OpenStack multi-region mode
Issues of OpenStack multi-region mode
 
How OpenShift SDN helps to automate
How OpenShift SDN helps to automateHow OpenShift SDN helps to automate
How OpenShift SDN helps to automate
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak
 
Red Hat - Corporate Presentation
Red Hat - Corporate PresentationRed Hat - Corporate Presentation
Red Hat - Corporate Presentation
 
Ansible Automation Platform.pdf
Ansible Automation Platform.pdfAnsible Automation Platform.pdf
Ansible Automation Platform.pdf
 
"DevOps > CI+CD "
"DevOps > CI+CD ""DevOps > CI+CD "
"DevOps > CI+CD "
 
Istio : Service Mesh
Istio : Service MeshIstio : Service Mesh
Istio : Service Mesh
 
The Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitchThe Basic Introduction of Open vSwitch
The Basic Introduction of Open vSwitch
 
OpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfOpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdf
 
Istio Service Mesh
Istio Service MeshIstio Service Mesh
Istio Service Mesh
 
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
Kubernetes Networking | Kubernetes Services, Pods & Ingress Networks | Kubern...
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals Training
 
OpenShift-Technical-Overview.pdf
OpenShift-Technical-Overview.pdfOpenShift-Technical-Overview.pdf
OpenShift-Technical-Overview.pdf
 

Similaire à The Real World with OpenShift - Red Hat DevOps & Microservices Conference 2017

C&CNR2019 - Containers Landscape Review
C&CNR2019 - Containers Landscape ReviewC&CNR2019 - Containers Landscape Review
C&CNR2019 - Containers Landscape ReviewPar-Tec S.p.A.
 
App Mod 02: A developer intro to open shift
App Mod 02: A developer intro to open shiftApp Mod 02: A developer intro to open shift
App Mod 02: A developer intro to open shiftJudy Breedlove
 
Digitizing your factory the open source way
Digitizing your factory the open source wayDigitizing your factory the open source way
Digitizing your factory the open source wayChristofer Dutz
 
Open shift container platform an intelligent platform for intelligence applic...
Open shift container platform an intelligent platform for intelligence applic...Open shift container platform an intelligent platform for intelligence applic...
Open shift container platform an intelligent platform for intelligence applic...Capgemini
 
Containerized Cloud Computing - Redhat
Containerized Cloud Computing - RedhatContainerized Cloud Computing - Redhat
Containerized Cloud Computing - RedhatAmazon Web Services
 
Openstack Benelux Conference 2014 Red Hat Keynote
Openstack Benelux Conference 2014  Red Hat KeynoteOpenstack Benelux Conference 2014  Red Hat Keynote
Openstack Benelux Conference 2014 Red Hat KeynoteMicrosoft
 
Developer Intro to OpenShift
Developer Intro to OpenShiftDeveloper Intro to OpenShift
Developer Intro to OpenShiftTiera Fann, MBA
 
OpenStack Benelux Conference 2014 | Plenair | RedHat
OpenStack Benelux Conference 2014 | Plenair | RedHatOpenStack Benelux Conference 2014 | Plenair | RedHat
OpenStack Benelux Conference 2014 | Plenair | RedHatGuston Remie
 
Openshift 3.10 & Container solutions for Blockchain, IoT and Data Science
Openshift 3.10 & Container solutions for Blockchain, IoT and Data ScienceOpenshift 3.10 & Container solutions for Blockchain, IoT and Data Science
Openshift 3.10 & Container solutions for Blockchain, IoT and Data ScienceJohn Archer
 
Hands-on lab: Open Cloud Day México
Hands-on lab: Open Cloud Day MéxicoHands-on lab: Open Cloud Day México
Hands-on lab: Open Cloud Day MéxicoSoftware Guru
 
Red Hat Container Strategy
Red Hat Container StrategyRed Hat Container Strategy
Red Hat Container StrategyRed Hat Events
 
Transforming Application Delivery with PaaS and Linux Containers
Transforming Application Delivery with PaaS and Linux ContainersTransforming Application Delivery with PaaS and Linux Containers
Transforming Application Delivery with PaaS and Linux ContainersGiovanni Galloro
 
Kubernetes Deployments: A "Hands-off" Approach
Kubernetes Deployments: A "Hands-off" ApproachKubernetes Deployments: A "Hands-off" Approach
Kubernetes Deployments: A "Hands-off" ApproachRodrigo Reis
 
IAU workshop 2018 day one
IAU workshop 2018 day oneIAU workshop 2018 day one
IAU workshop 2018 day oneWalid Shaari
 
RHTE2015_CloudForms_Containers
RHTE2015_CloudForms_ContainersRHTE2015_CloudForms_Containers
RHTE2015_CloudForms_ContainersJerome Marc
 
Containers in the Enterprise
Containers in the EnterpriseContainers in the Enterprise
Containers in the EnterpriseKen Thompson
 
[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack Platform
[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack Platform[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack Platform
[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack PlatformOpenStack Korea Community
 
2011-11-03 Intelligence Community Cloud Users Group
2011-11-03 Intelligence Community Cloud Users Group2011-11-03 Intelligence Community Cloud Users Group
2011-11-03 Intelligence Community Cloud Users GroupShawn Wells
 

Similaire à The Real World with OpenShift - Red Hat DevOps & Microservices Conference 2017 (20)

C&CNR2019 - Containers Landscape Review
C&CNR2019 - Containers Landscape ReviewC&CNR2019 - Containers Landscape Review
C&CNR2019 - Containers Landscape Review
 
App Mod 02: A developer intro to open shift
App Mod 02: A developer intro to open shiftApp Mod 02: A developer intro to open shift
App Mod 02: A developer intro to open shift
 
Digitizing your factory the open source way
Digitizing your factory the open source wayDigitizing your factory the open source way
Digitizing your factory the open source way
 
Open shift container platform an intelligent platform for intelligence applic...
Open shift container platform an intelligent platform for intelligence applic...Open shift container platform an intelligent platform for intelligence applic...
Open shift container platform an intelligent platform for intelligence applic...
 
Containerized Cloud Computing - Redhat
Containerized Cloud Computing - RedhatContainerized Cloud Computing - Redhat
Containerized Cloud Computing - Redhat
 
Openstack Benelux Conference 2014 Red Hat Keynote
Openstack Benelux Conference 2014  Red Hat KeynoteOpenstack Benelux Conference 2014  Red Hat Keynote
Openstack Benelux Conference 2014 Red Hat Keynote
 
Developer Intro to OpenShift
Developer Intro to OpenShiftDeveloper Intro to OpenShift
Developer Intro to OpenShift
 
OpenStack Benelux Conference 2014 | Plenair | RedHat
OpenStack Benelux Conference 2014 | Plenair | RedHatOpenStack Benelux Conference 2014 | Plenair | RedHat
OpenStack Benelux Conference 2014 | Plenair | RedHat
 
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7
 
Openshift 3.10 & Container solutions for Blockchain, IoT and Data Science
Openshift 3.10 & Container solutions for Blockchain, IoT and Data ScienceOpenshift 3.10 & Container solutions for Blockchain, IoT and Data Science
Openshift 3.10 & Container solutions for Blockchain, IoT and Data Science
 
Hands-on lab: Open Cloud Day México
Hands-on lab: Open Cloud Day MéxicoHands-on lab: Open Cloud Day México
Hands-on lab: Open Cloud Day México
 
Red Hat Container Strategy
Red Hat Container StrategyRed Hat Container Strategy
Red Hat Container Strategy
 
Transforming Application Delivery with PaaS and Linux Containers
Transforming Application Delivery with PaaS and Linux ContainersTransforming Application Delivery with PaaS and Linux Containers
Transforming Application Delivery with PaaS and Linux Containers
 
Kubernetes Deployments: A "Hands-off" Approach
Kubernetes Deployments: A "Hands-off" ApproachKubernetes Deployments: A "Hands-off" Approach
Kubernetes Deployments: A "Hands-off" Approach
 
IAU workshop 2018 day one
IAU workshop 2018 day oneIAU workshop 2018 day one
IAU workshop 2018 day one
 
Ose mod march11
Ose mod march11Ose mod march11
Ose mod march11
 
RHTE2015_CloudForms_Containers
RHTE2015_CloudForms_ContainersRHTE2015_CloudForms_Containers
RHTE2015_CloudForms_Containers
 
Containers in the Enterprise
Containers in the EnterpriseContainers in the Enterprise
Containers in the Enterprise
 
[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack Platform
[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack Platform[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack Platform
[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack Platform
 
2011-11-03 Intelligence Community Cloud Users Group
2011-11-03 Intelligence Community Cloud Users Group2011-11-03 Intelligence Community Cloud Users Group
2011-11-03 Intelligence Community Cloud Users Group
 

Plus de Xpand IT

Xray & Xporter were in Austria: Jira & Confluence Solutions Day 2018
Xray & Xporter were in Austria: Jira & Confluence Solutions Day 2018Xray & Xporter were in Austria: Jira & Confluence Solutions Day 2018
Xray & Xporter were in Austria: Jira & Confluence Solutions Day 2018Xpand IT
 
Using Xamarin for your Mobile+ Apps – Xamarin Experience London 2017
Using Xamarin for your Mobile+ Apps – Xamarin Experience London 2017Using Xamarin for your Mobile+ Apps – Xamarin Experience London 2017
Using Xamarin for your Mobile+ Apps – Xamarin Experience London 2017Xpand IT
 
Xporter for Jira - Overview
Xporter for Jira - OverviewXporter for Jira - Overview
Xporter for Jira - OverviewXpand IT
 
Xray for Jira - How to automate your QA process
Xray for Jira - How to automate your QA processXray for Jira - How to automate your QA process
Xray for Jira - How to automate your QA processXpand IT
 
Xpand Addons - Addon Discovery Day 2017
Xpand Addons - Addon Discovery Day 2017Xpand Addons - Addon Discovery Day 2017
Xpand Addons - Addon Discovery Day 2017Xpand IT
 
Xray for Jira 3.0 - What's New?
Xray for Jira 3.0 - What's New?Xray for Jira 3.0 - What's New?
Xray for Jira 3.0 - What's New?Xpand IT
 
Xray for Jira - Overview
Xray for Jira - OverviewXray for Jira - Overview
Xray for Jira - OverviewXpand IT
 
Xporter for Jira - Advanced topics
Xporter for Jira  - Advanced topicsXporter for Jira  - Advanced topics
Xporter for Jira - Advanced topicsXpand IT
 
Keynote - Xamarin Experience London 2017
Keynote - Xamarin Experience London 2017 Keynote - Xamarin Experience London 2017
Keynote - Xamarin Experience London 2017 Xpand IT
 
Welcome & Introduction – Xamarin Experience London 2017
Welcome & Introduction – Xamarin Experience London 2017 Welcome & Introduction – Xamarin Experience London 2017
Welcome & Introduction – Xamarin Experience London 2017 Xpand IT
 
Gathering Customer Insights with Sitecore - Xamarin Experience London 2017
Gathering Customer Insights with Sitecore - Xamarin Experience London 2017Gathering Customer Insights with Sitecore - Xamarin Experience London 2017
Gathering Customer Insights with Sitecore - Xamarin Experience London 2017Xpand IT
 
Why Speed Matters in Mobile Apps – Xamarin Experience London 2017
Why Speed Matters in Mobile Apps – Xamarin Experience London 2017Why Speed Matters in Mobile Apps – Xamarin Experience London 2017
Why Speed Matters in Mobile Apps – Xamarin Experience London 2017Xpand IT
 
Mobile & Cognitive Services | Harnessing the Power of IoT – Xamarin Experienc...
Mobile & Cognitive Services | Harnessing the Power of IoT – Xamarin Experienc...Mobile & Cognitive Services | Harnessing the Power of IoT – Xamarin Experienc...
Mobile & Cognitive Services | Harnessing the Power of IoT – Xamarin Experienc...Xpand IT
 
Atlassian Tools in Practice: A Customer Success Story – Xpand IT & Atlassian ...
Atlassian Tools in Practice: A Customer Success Story – Xpand IT & Atlassian ...Atlassian Tools in Practice: A Customer Success Story – Xpand IT & Atlassian ...
Atlassian Tools in Practice: A Customer Success Story – Xpand IT & Atlassian ...Xpand IT
 
The Secret Sauce of Successful Teams - Xpand IT & Atlassian JAM Sessions 2017
The Secret Sauce of Successful Teams - Xpand IT & Atlassian JAM Sessions 2017The Secret Sauce of Successful Teams - Xpand IT & Atlassian JAM Sessions 2017
The Secret Sauce of Successful Teams - Xpand IT & Atlassian JAM Sessions 2017Xpand IT
 
Quality Assurance Made Easy in JIRA - Xpand IT & Atlassian JAM Sessions 2017
Quality Assurance Made Easy in JIRA - Xpand IT & Atlassian JAM Sessions 2017Quality Assurance Made Easy in JIRA - Xpand IT & Atlassian JAM Sessions 2017
Quality Assurance Made Easy in JIRA - Xpand IT & Atlassian JAM Sessions 2017Xpand IT
 
Improved Reporting with JIRA Add-ons - Xpand IT & Atlassian JAM Sessions 2017
Improved Reporting with JIRA Add-ons - Xpand IT & Atlassian JAM Sessions 2017Improved Reporting with JIRA Add-ons - Xpand IT & Atlassian JAM Sessions 2017
Improved Reporting with JIRA Add-ons - Xpand IT & Atlassian JAM Sessions 2017Xpand IT
 
How our Team Collaborates with Atlassian Tools - Xpand IT & Atlassian JAM Ses...
How our Team Collaborates with Atlassian Tools - Xpand IT & Atlassian JAM Ses...How our Team Collaborates with Atlassian Tools - Xpand IT & Atlassian JAM Ses...
How our Team Collaborates with Atlassian Tools - Xpand IT & Atlassian JAM Ses...Xpand IT
 
Welcome & Introduction - Xpand IT & Atlassian JAM Sessions 2017
Welcome & Introduction - Xpand IT & Atlassian JAM Sessions 2017 Welcome & Introduction - Xpand IT & Atlassian JAM Sessions 2017
Welcome & Introduction - Xpand IT & Atlassian JAM Sessions 2017 Xpand IT
 
Red Hat Value Proposition - Red Hat DevOps & Microservices Conference 2017
Red Hat Value Proposition - Red Hat DevOps & Microservices Conference 2017Red Hat Value Proposition - Red Hat DevOps & Microservices Conference 2017
Red Hat Value Proposition - Red Hat DevOps & Microservices Conference 2017Xpand IT
 

Plus de Xpand IT (20)

Xray & Xporter were in Austria: Jira & Confluence Solutions Day 2018
Xray & Xporter were in Austria: Jira & Confluence Solutions Day 2018Xray & Xporter were in Austria: Jira & Confluence Solutions Day 2018
Xray & Xporter were in Austria: Jira & Confluence Solutions Day 2018
 
Using Xamarin for your Mobile+ Apps – Xamarin Experience London 2017
Using Xamarin for your Mobile+ Apps – Xamarin Experience London 2017Using Xamarin for your Mobile+ Apps – Xamarin Experience London 2017
Using Xamarin for your Mobile+ Apps – Xamarin Experience London 2017
 
Xporter for Jira - Overview
Xporter for Jira - OverviewXporter for Jira - Overview
Xporter for Jira - Overview
 
Xray for Jira - How to automate your QA process
Xray for Jira - How to automate your QA processXray for Jira - How to automate your QA process
Xray for Jira - How to automate your QA process
 
Xpand Addons - Addon Discovery Day 2017
Xpand Addons - Addon Discovery Day 2017Xpand Addons - Addon Discovery Day 2017
Xpand Addons - Addon Discovery Day 2017
 
Xray for Jira 3.0 - What's New?
Xray for Jira 3.0 - What's New?Xray for Jira 3.0 - What's New?
Xray for Jira 3.0 - What's New?
 
Xray for Jira - Overview
Xray for Jira - OverviewXray for Jira - Overview
Xray for Jira - Overview
 
Xporter for Jira - Advanced topics
Xporter for Jira  - Advanced topicsXporter for Jira  - Advanced topics
Xporter for Jira - Advanced topics
 
Keynote - Xamarin Experience London 2017
Keynote - Xamarin Experience London 2017 Keynote - Xamarin Experience London 2017
Keynote - Xamarin Experience London 2017
 
Welcome & Introduction – Xamarin Experience London 2017
Welcome & Introduction – Xamarin Experience London 2017 Welcome & Introduction – Xamarin Experience London 2017
Welcome & Introduction – Xamarin Experience London 2017
 
Gathering Customer Insights with Sitecore - Xamarin Experience London 2017
Gathering Customer Insights with Sitecore - Xamarin Experience London 2017Gathering Customer Insights with Sitecore - Xamarin Experience London 2017
Gathering Customer Insights with Sitecore - Xamarin Experience London 2017
 
Why Speed Matters in Mobile Apps – Xamarin Experience London 2017
Why Speed Matters in Mobile Apps – Xamarin Experience London 2017Why Speed Matters in Mobile Apps – Xamarin Experience London 2017
Why Speed Matters in Mobile Apps – Xamarin Experience London 2017
 
Mobile & Cognitive Services | Harnessing the Power of IoT – Xamarin Experienc...
Mobile & Cognitive Services | Harnessing the Power of IoT – Xamarin Experienc...Mobile & Cognitive Services | Harnessing the Power of IoT – Xamarin Experienc...
Mobile & Cognitive Services | Harnessing the Power of IoT – Xamarin Experienc...
 
Atlassian Tools in Practice: A Customer Success Story – Xpand IT & Atlassian ...
Atlassian Tools in Practice: A Customer Success Story – Xpand IT & Atlassian ...Atlassian Tools in Practice: A Customer Success Story – Xpand IT & Atlassian ...
Atlassian Tools in Practice: A Customer Success Story – Xpand IT & Atlassian ...
 
The Secret Sauce of Successful Teams - Xpand IT & Atlassian JAM Sessions 2017
The Secret Sauce of Successful Teams - Xpand IT & Atlassian JAM Sessions 2017The Secret Sauce of Successful Teams - Xpand IT & Atlassian JAM Sessions 2017
The Secret Sauce of Successful Teams - Xpand IT & Atlassian JAM Sessions 2017
 
Quality Assurance Made Easy in JIRA - Xpand IT & Atlassian JAM Sessions 2017
Quality Assurance Made Easy in JIRA - Xpand IT & Atlassian JAM Sessions 2017Quality Assurance Made Easy in JIRA - Xpand IT & Atlassian JAM Sessions 2017
Quality Assurance Made Easy in JIRA - Xpand IT & Atlassian JAM Sessions 2017
 
Improved Reporting with JIRA Add-ons - Xpand IT & Atlassian JAM Sessions 2017
Improved Reporting with JIRA Add-ons - Xpand IT & Atlassian JAM Sessions 2017Improved Reporting with JIRA Add-ons - Xpand IT & Atlassian JAM Sessions 2017
Improved Reporting with JIRA Add-ons - Xpand IT & Atlassian JAM Sessions 2017
 
How our Team Collaborates with Atlassian Tools - Xpand IT & Atlassian JAM Ses...
How our Team Collaborates with Atlassian Tools - Xpand IT & Atlassian JAM Ses...How our Team Collaborates with Atlassian Tools - Xpand IT & Atlassian JAM Ses...
How our Team Collaborates with Atlassian Tools - Xpand IT & Atlassian JAM Ses...
 
Welcome & Introduction - Xpand IT & Atlassian JAM Sessions 2017
Welcome & Introduction - Xpand IT & Atlassian JAM Sessions 2017 Welcome & Introduction - Xpand IT & Atlassian JAM Sessions 2017
Welcome & Introduction - Xpand IT & Atlassian JAM Sessions 2017
 
Red Hat Value Proposition - Red Hat DevOps & Microservices Conference 2017
Red Hat Value Proposition - Red Hat DevOps & Microservices Conference 2017Red Hat Value Proposition - Red Hat DevOps & Microservices Conference 2017
Red Hat Value Proposition - Red Hat DevOps & Microservices Conference 2017
 

Dernier

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 

Dernier (20)

201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 

The Real World with OpenShift - Red Hat DevOps & Microservices Conference 2017

  • 1. OPENSHIFT CONTAINER PLATFORM TECHNICAL OVERVIEW Mario Mendoza Senior Solution Architect
  • 4. OPENSHIFT TECHNICAL OVERVIEW4 OPENSHIFT ARCHITECTURE EXISTING AUTOMATION TOOLSETS SCM (GIT) CI/CD SERVICE LAYER ROUTING LAYER PERSISTENT STORAGE REGISTRY RHEL NODE c RHEL NODE RHEL NODE RHEL NODE RHEL NODE RHEL NODE C C C C C C C CC C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 5. OPENSHIFT TECHNICAL OVERVIEW5 YOUR CHOICE OF INFRASTRUCTURE PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 6. OPENSHIFT TECHNICAL OVERVIEW NODES RHEL INSTANCES WHERE APPS RUN 6 RHEL NODE RHEL NODE RHEL NODE RHEL NODE RHEL NODE RHEL NODE PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 7. OPENSHIFT TECHNICAL OVERVIEW RHEL NODE c RHEL NODE RHEL NODE RHEL NODE RHEL NODE RHEL NODE C C C C C C C CC C APPS RUN IN CONTAINERS 7 Container Image Container Pod
  • 8. OPENSHIFT TECHNICAL OVERVIEW8 PODS ARE THE UNIT OF ORCHESTRATION RHEL NODE c RHEL NODE RHEL NODE RHEL NODE RHEL NODE RHEL NODE C C C C C C C CC C
  • 9. OPENSHIFT TECHNICAL OVERVIEW RHEL NODE RHEL NODE RHEL NODE RHEL NODE RHEL NODE RHEL NODE 9 MASTERS ARE THE CONTROL PLANE RED HAT ENTERPRISE LINUX MASTER PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 10. OPENSHIFT TECHNICAL OVERVIEW RHEL NODE RHEL NODE RHEL NODE 10 API AND AUTHENTICATION RHEL NODE RHEL NODE RHEL NODE RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 11. OPENSHIFT TECHNICAL OVERVIEW RHEL NODE RHEL NODE RHEL NODE 11 DESIRED AND CURRENT STATE RHEL NODE RHEL NODE RHEL NODE PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 12. OPENSHIFT TECHNICAL OVERVIEW12 INTEGRATED CONTAINER REGISTRY RHEL NODE RHEL NODE RHEL RHEL NODE RHEL NODE RHEL RHEL NODE PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE NODE REGISTRY RHEL
  • 13. OPENSHIFT TECHNICAL OVERVIEW13 ORCHESTRATION AND SCHEDULING RHEL NODE RHEL NODE RHEL RHEL NODE RHEL NODE RHEL RHEL NODE PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER NODE REGISTRY RHEL
  • 14. OPENSHIFT TECHNICAL OVERVIEW14 PLACEMENT BY POLICY RHEL NODE RHEL NODE RHEL NODE PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER REGISTRY RHEL NODE RHEL NODE C C RHEL NODE c C C
  • 15. OPENSHIFT TECHNICAL OVERVIEW RHEL NODE RHEL NODE RHEL NODE RHEL NODE RHEL NODE C C RHEL NODE c C C 15 AUTOSCALING PODS PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER REGISTRY HEALTH/SCALING
  • 16. OPENSHIFT TECHNICAL OVERVIEW16 SERVICE DISCOVERY SERVICE LAYER REGISTRY RHEL NODE C C RHEL NODE C C RHEL NODE c C C RHEL NODE C C RHEL NODE C RHEL NODE C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 17. OPENSHIFT TECHNICAL OVERVIEW17 PERSISTENT DATA IN CONTAINERS SERVICE LAYER PERSISTENT STORAGE REGISTRY RHEL NODE C C RHEL NODE C C RHEL NODE c C C RHEL NODE C C RHEL NODE C RHEL NODE C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 18. OPENSHIFT TECHNICAL OVERVIEW18 ROUTING AND LOAD-BALANCING SERVICE LAYER ROUTING LAYER PERSISTENT STORAGE REGISTRY RHEL NODE C C RHEL NODE C C RHEL NODE c C C RHEL NODE C C RHEL NODE C RHEL NODE C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 19. OPENSHIFT TECHNICAL OVERVIEW19 ACCESS VIA WEB, CLI, IDE AND API EXISTING AUTOMATION TOOLSETS SCM (GIT) CI/CD SERVICE LAYER ROUTING LAYER PERSISTENT STORAGE REGISTRY RHEL NODE C C RHEL NODE C C RHEL NODE c C C RHEL NODE C C RHEL NODE C RHEL NODE C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
  • 21. OPENSHIFT TECHNICAL OVERVIEW21 AUTO-HEALING FAILED CONTAINERS RHEL NODE RHEL NODE c RHEL NODE RHEL NODE c RHEL NODE C C RHEL NODE C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C
  • 22. OPENSHIFT TECHNICAL OVERVIEW22 AUTO-HEALING FAILED CONTAINERS RHEL NODE RHEL NODE c RHEL NODE RHEL NODE c RHEL NODE C C RHEL NODE C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C
  • 23. OPENSHIFT TECHNICAL OVERVIEW23 AUTO-HEALING FAILED CONTAINERS RHEL NODE RHEL NODE c RHEL NODE RHEL NODE c RHEL NODE C C RHEL NODE C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C
  • 24. OPENSHIFT TECHNICAL OVERVIEW24 AUTO-HEALING FAILED CONTAINERS RHEL NODE RHEL NODE c RHEL NODE RHEL NODE c RHEL NODE C C RHEL NODE C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C
  • 25. OPENSHIFT TECHNICAL OVERVIEW25 AUTO-HEALING FAILED CONTAINERS RHEL NODE RHEL NODE RHEL NODE RHEL NODE C C RHEL NODE C C c RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C c
  • 27. OPENSHIFT TECHNICAL OVERVIEW27 BUILT-IN SERVICE DISCOVERY INTERNAL LOAD-BALANCING SERVICE app=payroll role=frontend POD app=payroll role=frontend POD app=payroll role=frontend Name: payroll-frontend IP: 172.10.1.23 Port: 8080 POD app=payroll role=backendversion=1.0 version=1.0
  • 28. OPENSHIFT TECHNICAL OVERVIEW28 BUILT-IN SERVICE DISCOVERY INTERNAL LOAD-BALANCING SERVICE app=payroll role=frontend POD app=payroll role=frontend POD app=payroll role=frontend POD app=payroll role=frontend Name: payroll-frontend IP: 172.10.1.23 Port: 8080 POD app=payroll role=backendversion=2.0 version=1.0 version=1.0
  • 29. OPENSHIFT TECHNICAL OVERVIEW29 SERVICE POD POD ROUTER POD EXTERNAL TRAFFIC INTERNAL TRAFFIC ROUTE EXPOSES SERVICES EXTERNALLY
  • 30. OPENSHIFT TECHNICAL OVERVIEW30 ● Pluggable routing architecture ○ HAProxy Router ○ F5 Router ● Multiple-routers with traffic sharding ● Router supported protocols ○ HTTP/HTTPS ○ WebSockets ○ TLS with SNI ● Non-standard ports via cloud load-balancers, external IP, and NodePort ROUTING AND EXTERNAL LOAD-BALANCING
  • 31. OPENSHIFT TECHNICAL OVERVIEW31 ROUTE SPLIT TRAFFIC SERVICE A App A App A SERVICE B App B App B ROUTE 10% traffic90% traffic Split Traffic Between Multiple Services For A/B Testing, Blue/Green and Canary Deployments
  • 32. OPENSHIFT TECHNICAL OVERVIEW ● NodePort binds a service to a unique port on all the nodes ● Traffic received on any node redirects to a node with the running service ● Ports in 30K-60K range which usually differs from the service ● Firewall rules must allow traffic to all nodes on the specific port 32 EXTERNAL TRAFFIC TO A SERVICE ON A RANDOM PORT WITH NODEPORT NODE 192.10.0.12 NODE 192.10.0.11 NODE 192.10.0.10 SERVICE INT IP: 172.1.0.20:90 POD 10.1.0.1:90 POD 10.1.0.2:90 POD 10.1.0.3:90 connect 192.10.0.10:31421 192.10.0.11:31421 192.10.0.12:31421 CLIENT
  • 33. OPENSHIFT TECHNICAL OVERVIEW NODE 192.10.0.12 NODE 192.10.0.11 NODE 192.10.0.10 33 EXTERNAL TRAFFIC TO A SERVICE ON ANY PORT WITH INGRESS SERVICE EXT IP: 200.1.0.10:90 INT IP: 172.1.0.20:90 POD 10.1.0.1:90 POD 10.1.0.2:90 POD 10.1.0.3:90 connect 200.1.0.10:90 CLIENT● Access a service with an external IP on any TCP/UDP port, such as ○ Databases ○ Message Brokers ● Automatic IP allocation from a predefined pool using Ingress IP Self-Service ● IP failover pods provide high availability for the IP pool
  • 34. OPENSHIFT TECHNICAL OVERVIEW34 CONTROL OUTGOING TRAFFIC SOURCE IP WITH EGRESS ROUTER NODE IP1 EGRESS ROUTER POD IP1 EGRESS SERVICE INTERNAL-IP:8080 EXTERNAL SERVICE Whitelist: IP1 POD POD POD
  • 35. OPENSHIFT TECHNICAL OVERVIEW35 ● Built-in internal DNS to reach services by name ● Split DNS is supported via SkyDNS ○ Master answers DNS queries for internal services ○ Other nameservers serve the rest of the queries ● Software Defined Networking (SDN) for a unified cluster network to enable pod-to-pod communication ● OpenShift follows the Kubernetes Container Networking Interface (CNI) plug-in model OPENSHIFT NETWORKING
  • 36. OPENSHIFT TECHNICAL OVERVIEW36 OPENSHIFT NETWORK PLUGINS OPENSHIFT KUBERNETES CNI OpenShift Plugin Flannel Plugin* Nuage Plugin Tigera Calico Plugin Juniper Contrail Plugin Cisco Contiv Plugin Big Switch Plugin Certified Plugin Validated Plugin * Flannel is minimally verified and is supported only and exactly as deployed in the OpenShift on OpenStack reference architecture VMware NSX-T Plugin In-Progress For a Complete List of Certified Plugins refer to OpenShift Third-Party SDN FAQ DEFAULT
  • 37. OPENSHIFT TECHNICAL OVERVIEW NODE 172.16.1.10 37 OPENSHIFT NETWORKING POD 10.1.2.1 POD 10.1.4.1 NODE 172.16.1.20 POD 10.1.2.2 POD 10.1.4.2 IP Network VxLAN Overlay Network
  • 38. OPENSHIFT TECHNICAL OVERVIEW FLAT NETWORK (Default) ● All pods can communicate with each other across projects MULTI-TENANT NETWORK ● Project-level network isolation ● Multicast support ● Egress network policies NETWORK POLICY (Tech Preview) ● Granular policy-based isolation 38 OPENSHIFT SDN NODE POD POD PODPOD NODE POD POD PODPOD PROJECT A PROJECT B DEFAULT NAMESPACE ✓ PROJECT C Multi-Tenant Network
  • 39. OPENSHIFT TECHNICAL OVERVIEW PROJECT A 39 OPENSHIFT SDN - NETWORK POLICY POD POD POD POD PROJECT B POD POD POD POD Example Policies ● Allow all traffic inside the project ● Allow traffic from green to gray ● Allow traffic to purple on 8080 ✓ ✓ 8080 5432 ✓ apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: name: allow-to-purple-on-8080 spec: podSelector: matchLabels: color: purple ingress: - ports: - protocol: tcp port: 8080 ✓
  • 40. OPENSHIFT TECHNICAL OVERVIEW Container to Container on the Same Host 40 OPENSHIFT SDN - OVS PACKET FLOW NODE POD 1 veth0 10.1.15.2/24 br0 10.1.15.1/24 192.168.0.100 eth0 POD 2 veth1 10.1.15.3/24 vxlan0
  • 41. OPENSHIFT TECHNICAL OVERVIEW NODE 2 NODE 1 41 OPENSHIFT SDN - OVS PACKET FLOW POD 1 veth0 10.1.15.2/24 br0 10.1.15.1/24 vxlan0 POD 2 veth0 10.1.20.2/24 br0 10.1.20.1/24 vxlan0 192.168.0.100 eth0 192.168.0.200 eth0 Container to Container on the Different Hosts
  • 42. OPENSHIFT TECHNICAL OVERVIEW Container Connects to External Host Container to Container on Different Hosts 42 OPENSHIFT SDN - OVS PACKET FLOW NODE 1 POD 1 veth0 10.1.15.2/24 br0 10.1.15.1/24 tun0 192.168.0.100 External Host eth0
  • 43. OPENSHIFT TECHNICAL OVERVIEW43 OPENSHIFT SDN WITH FLANNEL FOR OPENSTACK NODE 1 POD 1 veth0 10.1.15.2/24 docker0 10.1.15.1/24 Routing Table flanneld NODE 2 POD 2 veth0 10.1.20.2/24 docker0 10.1.20.1/24 Routing Table flanneld etcd 192.168.0.100 eth0 192.168.0.200 eth0 Flannel is minimally verified and is supported only and exactly as deployed in the OpenShift on OpenStack reference architecture https://access.redhat.com/articles/2743631
  • 45. OPENSHIFT TECHNICAL OVERVIEW45 ● EFK stack to aggregate logs for hosts and applications ○ Elasticsearch: an object store to store all logs ○ Fluentd: gathers logs and sends to Elasticsearch. ○ Kibana: A web UI for Elasticsearch. ● Access control ○ Cluster administrators can view all logs ○ Users can only view logs for their projects ● Ability to send logs elsewhere ○ External elasticsearch, Splunk, etc CENTRAL LOG MANAGEMENT WITH EFK
  • 46. OPENSHIFT TECHNICAL OVERVIEW CENTRAL LOG MANAGEMENT WITH EFK APPLICATION LOGS OPERATION LOGS ELASTIC ELASTIC 46 RHEL NODE POD POD PODPOD FLUENTD RHEL NODE POD POD PODPOD FLUENTD ELASTICSEARCH RHEL NODE POD POD PODPOD FLUENTD USER ELASTIC ELASTIC KIBANA ELASTIC ELASTIC ELASTICSEARCH ELASTIC ELASTIC KIBANA ADMIN
  • 48. OPENSHIFT TECHNICAL OVERVIEW CONTAINER METRICS 48 RHEL NODE POD POD PODPOD FLUENTD CONTAINER METRICS RHEL NODE POD POD PODPOD FLUENTD HEAPSTER RHEL NODE POD POD PODPOD CADVISOR HAWKULAR OPENSHIFT WEB CONSOLE ELASTIC ELASTIC CASSANDRA RED HAT CLOUDFORMS CUSTOM DASHBOARDS API USER
  • 50. OPENSHIFT TECHNICAL OVERVIEW50 TEN LAYERS OF CONTAINER SECURITY Container Host & Multi-tenancy Container ContentContainer Registry Building Containers Deploying Container Container Platform Network Isolation Storage API Management Federated Clusters
  • 51. OPENSHIFT TECHNICAL OVERVIEW NODE MASTER ● Secure mechanism for holding sensitive data e.g. ○ Passwords and credentials ○ SSH Keys ○ Certificates ● Secrets are made available as ○ Environment variables ○ Volume mounts ○ Interaction with external systems ● Encrypted in transit ● Never rest on the nodes 51 SECRET MANAGEMENT Container Distributed Store Container
  • 53. OPENSHIFT TECHNICAL OVERVIEW53 ● Persistent Volume (PV) is tied to a piece of network storage ● Provisioned by an administrator (static or dynamically) ● Allows admins to describe storage and users to request storage PERSISTENT STORAGE NFS GlusterFS OpenStack Cinder Ceph RBD AWS EBS GCE Persistent Disk iSCSI Fibre Channel Azure File Azure Disk
  • 54. OPENSHIFT TECHNICAL OVERVIEW PROJECT POOL OF PERSISTENT VOLUMES 54 PERSISTENT STORAGE NFSP V iSCSI PV NFSP V Admin User register PV create claim NFSP V GlusterFS PV Pod claim Pod claim Pod claim Ceph RBD PV
  • 55. OPENSHIFT TECHNICAL OVERVIEW55 DYNAMIC VOLUME PROVISIONING Admin User define StorageClass create claim: Fastest Slow Azure-Disk Fast AWS-SSD Fastest NetApp-Flash NetApp Provisioner AWS Provisioner Pod claim PV OpenShift PV Controller provision Azure Provisioner bound
  • 56. OPENSHIFT TECHNICAL OVERVIEW56 ● Containerized Red Hat Gluster Storage ● Native integration with OpenShift ● Unified Orchestration using Kubernetes for applications and storage ● Greater control & ease of use for developers ● Lower TCO through convergence ● Single vendor Support DISTRIBUTED, SECURE, SCALE-OUT STORAGE CLUSTER APPLICATION CONTAINER APPLICATION CONTAINER APPLICATION CONTAINER STORAGE CONTAINER STORAGE CONTAINER STORAGE CONTAINER CONTAINER-NATIVE STORAGE
  • 57. OPENSHIFT TECHNICAL OVERVIEW NODENODENODE CONTAINER-NATIVE STORAGE 57 NODE POD POD POD POD POD POD POD POD POD POD RHGS RHGS RHGS POD POD POD MASTER
  • 59. OPENSHIFT TECHNICAL OVERVIEW59 ● Born out of Cloud Foundry Foundation ● Standard way to deliver services to apps running on OpenShift, Kubernetes, etc ● A collaboration between multiple vendors ● Integrated with OpenShift and Kubernetes ● Release Timeline ○ OCP 3.6 Tech Preview ○ OCP 3.7 GA OPEN SERVICE BROKER API RED HAT PIVOTAL IBM SAP GOOGLE FUJITSU
  • 60. OPENSHIFT TECHNICAL OVERVIEW60 CONSUMING SERVICES SERVICE CONSUMER SERVICE PROVIDER ☑ Open ticket ☑ Wait for allocation ☑ Receive credentials ☑ Add to app ☑ Deploy app
  • 61. OPENSHIFT TECHNICAL OVERVIEW61 CONSUMING SERVICES WITH OPEN SERVICE BROKER API SERVICE CONSUMER SERVICE PROVIDER SERVICE CATALOG SERVICE BROKER
  • 62. OPENSHIFT TECHNICAL OVERVIEW62 OPENSHIFT SERVICE CATALOG OPENSHIFT SERVICE CATALOG Ansible Service Broker OpenShift Template Broker Cloud Service Broker Other Service Brokers ANSIBLE OPENSHIFT PUBLIC CLOUD OTHER COMPATIBLE SERVICES Ansible Playbook Bundles OpenShift Templates Public Cloud Services Other Services (TECH PREVIEW)
  • 64. OPENSHIFT TECHNICAL OVERVIEW64 TOP CHALLENGES OF RUNNING CONTAINERS AT SCALE SERVICE HEALTH SECURITY & COMPLIANCE FINANCIAL MANAGEMENT OPERATIONAL EFFICIENCY
  • 65. OPENSHIFT TECHNICAL OVERVIEW65 Operational Management Across the Stack ● Real-time discovery ● Visualize relationships ● Monitoring and alerts ● Vulnerability scanning ● Security compliance ● Workflow and policy ● Automation ● Chargeback
  • 66. OPENSHIFT TECHNICAL OVERVIEW ● CloudForms continuously discovers your infrastructure in near real time. ● CloudForms discovers and visualizes relationships between infra components ● CloudForms cross references inventory across technologies. ● CloudForms offers custom automation via control policy or UI extensions 66 OPERATIONAL EFFICIENCY
  • 68. OPENSHIFT TECHNICAL OVERVIEW ● CloudForms monitors resource consumption and shows trends ● CloudForms alerts on performance thresholds or other events ● CloudForms offers right-sizing recommendations ● CloudForms enforces configuration and tracks it over time. 68 SERVICE HEALTH
  • 70. OPENSHIFT TECHNICAL OVERVIEW ● CloudForms finds and marks nodes non-compliant with policy. ● CloudForms allows reporting on container provenance. ● CloudForms scans container images using OpenSCAP. ● CloudForms tracks genealogy between images and containers. 70 SECURITY & COMPLIANCE
  • 72. OPENSHIFT TECHNICAL OVERVIEW ● Define cost models for infrastructure and understand your cost. ● Rate schedules per platform and per tenant with multi-tiered and multi-currency support ● CloudForms shows top users for CPU, memory, as well as cost. ● Chargeback/showback to projects based on container utilization. 72 FINANCIAL MANAGEMENT
  • 75. OPENSHIFT TECHNICAL OVERVIEW OpenShift on VMware vCenter https://access.redhat.com/articles/2745171 OpenShift on Red Hat OpenStack Platform https://access.redhat.com/articles/2743631 OpenShift on Amazon Web Services https://access.redhat.com/articles/2623521 OpenShift on Google Cloud Platform https://access.redhat.com/articles/2751521 OpenShift on Microsoft Azure https://access.redhat.com/articles/3030691 Deploying an OpenShift Distributed Architecture https://access.redhat.com/articles/1609803 OpenShift Architecture and Deployment Guide https://access.redhat.com/articles/1755133 OpenShift Scaling, Performance, and Capacity Planning https://access.redhat.com/articles/2191731 Application Release Strategies with OpenShift https://access.redhat.com/articles/2897391 Building Polyglot Microservices on OpenShift https://access.redhat.com/articles/2893381 Building JBoss EAP 6 Microservices on OpenShift https://access.redhat.com/articles/2094731 Building JBoss EAP 7 Microservices on OpenShift https://access.redhat.com/articles/2407801 Business Process Management with JBoss BPMS on OpenShift https://access.redhat.com/articles/2893421 Build and Deployment of Java Applications on OpenShift https://access.redhat.com/articles/3016691 Building Microservices on OpenShift with Fuse Integra... https://access.redhat.com/articles/3068571 JFrog Artifactory on OpenShift Container Platform https://access.redhat.com/articles/3049611 75 REFERENCE ARCHITECTURES
  • 77. OPENSHIFT TECHNICAL OVERVIEW77 BUILD AND DEPLOY CONTAINER IMAGES DEPLOY YOUR SOURCE CODE DEPLOY YOUR APP BINARY DEPLOY YOUR CONTAINER IMAGE
  • 79. OPENSHIFT TECHNICAL OVERVIEW79 DEPLOY SOURCE CODE WITH SOURCE-TO-IMAGE (S2I) codeGit Repository Source-to-Image (S2I) deploy CODE BUILD DEPLOY Builder Image Image Registry OPSDEV Application Container
  • 80. OPENSHIFT TECHNICAL OVERVIEW Developers write code using existing development tools such as Maven, NPM, Bower, PIP, Dockerfile and Git and then access the OpenShift Web, CLI or IDE to create an app from the code 80 DEPLOY SOURCE CODE WITH SOURCE-TO-IMAGE (S2I) codeGit Repository CODE DEV
  • 81. OPENSHIFT TECHNICAL OVERVIEW S2I combines source code with a builder image (language and application runtimes) and stores the resulting application image in the image registry 81 DEPLOY SOURCE CODE WITH SOURCE-TO-IMAGE (S2I) codeGit Repository Source-to-Image (S2I) Builder Image Image Registry BUILD DEV
  • 82. OPENSHIFT TECHNICAL OVERVIEW OpenShift automates the deployment of application containers across multiple hosts via the Kubernetes. Users can trigger deployments, rollback, configure A/B or other custom deployments 82 DEPLOY SOURCE CODE WITH SOURCE-TO-IMAGE (S2I) codeGit Repository Source-to-Image (S2I) deploy Builder Image Image Registry OPSDEV DEPLOY Application Container
  • 84. OPENSHIFT TECHNICAL OVERVIEW DEPLOY 84 DEPLOY APP BINARY WITH SOURCE-TO-IMAGE (S2I) Application Binary (e.g. WAR) Source-to-Image (S2I) deploy Builder Image Image Registry OPSDEV BUILD APP BUILD IMAGE Existing Build Process Application Container build
  • 85. OPENSHIFT TECHNICAL OVERVIEW Developers use the existing build process and tools (e.g. Maven, Gradle, Jenkins, Nexus) to build the app binaries (e.g. JAR, WAR, EAR) and use OpenShift CLI to create an app from the app binaries 85 DEPLOY APP BINARY WITH SOURCE-TO-IMAGE (S2I) Application Binary (e.g. WAR) DEV BUILD APP Existing Build Process ... build
  • 86. OPENSHIFT TECHNICAL OVERVIEW86 DEPLOY APP BINARY WITH SOURCE-TO-IMAGE (S2I) Application Binary (e.g. WAR) Source-to-Image (S2I) Builder Image Image Registry DEV build Existing Build Process BUILD IMAGE S2I combines app binaries (e.g. JAR, WAR, EAR) with a builder image (language and application runtimes) and stores the resulting application image in the image registry
  • 87. OPENSHIFT TECHNICAL OVERVIEW87 DEPLOY APP BINARY WITH SOURCE-TO-IMAGE (S2I) Application Binary (e.g. WAR) Source-to-Image (S2I) deploy Builder Image Image Registry OPSDEV Existing Build Process DEPLOY Application Container OpenShift automates the deployment of application containers across multiple hosts via the Kubernetes. Users can trigger deployments, rollback, configure A/B or other custom deployments build
  • 88. OPENSHIFT TECHNICAL OVERVIEW DEPLOY YOUR CONTAINER IMAGE 88
  • 89. OPENSHIFT TECHNICAL OVERVIEW App images are built using an existing image build process. OpenShift automates the deployment of app containers across multiple hosts via the Kubernetes. Users can trigger deployments, rollback, configure A/B, etc DEPLOY 89 DEPLOY DOCKER IMAGE build Application Container deploy Application Image Image Registry OPSDEV BUILD Existing Image Build Process
  • 90. OPENSHIFT TECHNICAL OVERVIEW BUILD STAGE 3 BUILD STAGE 2 BUILD STAGE 1 90 BUILD IMAGES IN MULTIPLE STAGES
  • 91. OPENSHIFT TECHNICAL OVERVIEW91 EXAMPLE: USE ANY RUNTIME IMAGE WITH SOURCE-TO-IMAGE BUILDS DOCKER BUILDWILDFLY S2I BUILD app.war WildFly S2I Builder Image WildFly Runtime Image Use Source-to-Image to build app binaries and deploy on lean vanilla runtimes read more on https://blog.openshift.com/chaining-builds/
  • 92. OPENSHIFT TECHNICAL OVERVIEW92 EXAMPLE: USE ANY BUILD TOOL WITH OFFICIAL RUNTIME IMAGES DOCKER BUILDCUSTOM GRADLE BUILD Custom Gradle S2I Builder Image Red Hat OpenJDK Image Use your choice of build tool like Gradle and deploy to official images like the JDK image read more on https://blog.openshift.com/chaining-builds/ app.war
  • 93. OPENSHIFT TECHNICAL OVERVIEW93 EXAMPLE: SMALL LEAN RUNTIMES DOCKER BUILDCUSTOM GO BUILD Custom Go S2I Builder Image Scratch Image Build the app binary and deploy on small scratch images read more on https://blog.openshift.com/chaining-builds/ app
  • 95. OPENSHIFT TECHNICAL OVERVIEW CI/CD WITH BUILD AND DEPLOYMENTS 95 BUILDS ● Webhook triggers: build the app image whenever the code changes ● Image trigger: build the app image whenever the base language or app runtime changes ● Build hooks: test the app image before pushing it to an image registry DEPLOYMENTS ● Deployment triggers: redeploy app containers whenever configuration changes or the image changes in the OpenShift integrated registry or upstream registries
  • 96. OPENSHIFT TECHNICAL OVERVIEW96 CONTINUOUS DELIVERY WITH CONTAINERS source repository CI/CD engine dev container physical virtual private cloud public cloud
  • 97. OPENSHIFT TECHNICAL OVERVIEW97 OPENSHIFT LOVES CI/CD JENKINS-AS-A SERVICE ON OPENSHIFT HYBRID JENKINS INFRA WITH OPENSHIFT EXISTING CI/CD DEPLOY TO OPENSHIFT
  • 98. OPENSHIFT TECHNICAL OVERVIEW98 JENKINS-AS-A-SERVICE ON OPENSHIFT ● Certified Jenkins images with pre-configured plugins ○ Provided out-of-the-box ○ Follows Jenkins 1.x and 2.x LTS versions ● Jenkins S2I Builder for customizing the image ○ Install Plugins ○ Configure Jenkins ○ Configure Build Jobs ● OpenShift plugins to integrate authentication with OpenShift and also CI/CD pipelines ● Dynamically deploys Jenkins slave containers Plugins Jobs Configuration Jenkins (S2I) Custom Jenkins Image Jenkins Image
  • 99. OPENSHIFT TECHNICAL OVERVIEW ● Scale existing Jenkins infrastructure by dynamically provisioning Jenkins slaves on OpenShift ● Use Kubernetes plug-in on existing Jenkin servers 99 HYBRID JENKINS INFRA WITH OPENSHIFT OPENSHIFT APP APPrun job JENKINS SLAVE Run Job JENKINS SLAVE Run Job build JENKINS MASTER deploy
  • 100. OPENSHIFT TECHNICAL OVERVIEW ● Existing CI/CD infrastructure outside OpenShift performs operations against OpenShift ○ OpenShift Pipeline Jenkins Plugin for Jenkins ○ OpenShift CLI for integrating other CI Engines with OpenShift ● Without disrupting existing processes, can be combined with previous alternative 100 EXISTING CI/CD DEPLOY TO OPENSHIFT OPENSHIFT APP EXISTING CI/CD INFRA Jenkins, Bamboo, TeamCity, etc APPbuild deploy S2I Buildrun job
  • 101. OPENSHIFT TECHNICAL OVERVIEW101 OPENSHIFT PIPELINES ● OpenShift Pipelines allow defining a CI/CD workflow via a Jenkins pipeline which can be started, monitored, and managed similar to other builds ● Dynamic provisioning of Jenkins slaves ● Auto-provisioning of Jenkins server ● OpenShift Pipeline strategies ○ Embedded Jenkinsfile ○ Jenkinsfile from a Git repository apiVersion: v1 kind: BuildConfig metadata: name: app-pipeline spec: strategy: type: JenkinsPipeline jenkinsPipelineStrategy: jenkinsfile: |- node('maven') { stage('build app') { git url: 'https://git/app.git' sh "mvn package" } stage('build image') { sh "oc start-build app --from-file=target/app.jar } stage('deploy') { openshiftDeploy deploymentConfig: 'app' } } Provision a Jenkins slave for running Maven
  • 103. OPENSHIFT TECHNICAL OVERVIEW APPLICATION IMAGE 103 CONTINUOUS DELIVERY PIPELINE DEV TEAM GIT SERVER ARTIFACT REPOSITORY JENKINS IMAGE BUILD ● S2I build from source code ● S2I build from app binary ● Existing docker container image build process
  • 104. OPENSHIFT TECHNICAL OVERVIEW CONTINUOUS DELIVERY PIPELINE INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER 104 DEVELOPER GIT SERVER ARTIFACT REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER NON-PROD PRODDEV
  • 105. OPENSHIFT TECHNICAL OVERVIEW INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER 105 CONTINUOUS DELIVERY PIPELINE DEVELOPER GIT SERVER ARTIFACT REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER PROMOTE TO TEST NON-PROD PRODDEV TEST
  • 106. OPENSHIFT TECHNICAL OVERVIEW INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER 106 CONTINUOUS DELIVERY PIPELINE DEVELOPER GIT SERVER ARTIFACT REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER PROMOTE TO TEST PROMOTE TO UAT NON-PROD PRODDEV TEST UAT
  • 107. OPENSHIFT TECHNICAL OVERVIEW ServiceNow JIRA Service Desk Zendeks BMC Remedy INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER 107 CONTINUOUS DELIVERY PIPELINE DEVELOPER GIT SERVER ARTIFACT REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER GO LIVE? PROMOTE TO TEST PROMOTE TO UAT RELEASE MANAGER NON-PROD PROD ☒ ☑ DEV TEST UAT
  • 108. OPENSHIFT TECHNICAL OVERVIEW INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER 108 CONTINUOUS DELIVERY PIPELINE DEVELOPER GIT SERVER ARTIFACT REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY INTEGRATED IMAGE REGISTRY OPENSHIFT CLUSTER GO LIVE? PROMOTE TO TEST PROMOTE TO UAT PROMOTE TO PROD RELEASE MANAGER NON-PROD PRODDEV TEST UAT ☒ ☑
  • 110. OPENSHIFT TECHNICAL OVERVIEW110 LOCAL DEVELOPMENT WORKFLOW Develop Local Deploy Verify Git Push PipelineBootstrap
  • 111. OPENSHIFT TECHNICAL OVERVIEW BOOTSTRAP ● Pick your programming language and application runtime of choice ● Create the project skeleton from scratch or use a generator such as ○ Maven archetypes ○ Quickstarts and Templates ○ OpenShift Generator ○ Spring Initializr 111 LOCAL DEVELOPMENT WORKFLOW Develop Local Deploy Verify Git Push PipelineBootstrap
  • 112. OPENSHIFT TECHNICAL OVERVIEW112 DEVELOP ● Pick your framework of choice such as Java EE, Spring, Ruby on Rails, Django, Express, ... ● Develop your application code using your editor or IDE of choice ● Build and test your application code locally using your build tools ● Create or generate OpenShift templates or Kubernetes objects LOCAL DEVELOPMENT WORKFLOW Develop Local Deploy Verify Git Push PipelineBootstrap
  • 113. OPENSHIFT TECHNICAL OVERVIEW113 LOCAL DEPLOY ● Deploy your code on a local OpenShift cluster ○ Red Hat Container Development Kit (CDK), minishift and oc cluster ● Red Hat CDK provides a standard RHEL-based development environment ● Use binary deploy, maven or CLI rsync to push code or app binary directly into containers LOCAL DEVELOPMENT WORKFLOW Develop Local Deploy Verify Git Push PipelineBootstrap
  • 114. OPENSHIFT TECHNICAL OVERVIEW114 VERIFY ● Verify your code is working as expected ● Run any type of tests that are required with or without other components (database, etc) ● Based on the test results, change code, deploy, verify and repeat LOCAL DEVELOPMENT WORKFLOW Develop Local Deploy Verify Git Push PipelineBootstrap
  • 115. OPENSHIFT TECHNICAL OVERVIEW115 GIT PUSH ● Push the code and configuration to the Git repository ● If using Fork & Pull Request workflow, create a Pull Request ● If using code review workflow, participate in code review discussions LOCAL DEVELOPMENT WORKFLOW Develop Local Deploy Verify Git Push PipelineBootstrap
  • 116. OPENSHIFT TECHNICAL OVERVIEW PIPELINE ● Pushing code to the Git repository triggers one or multiple deployment pipelines ● Design your pipelines based on your development workflow e.g. test the pull request ● Failure in the pipeline? Go back to the code and start again 116 LOCAL DEVELOPMENT WORKFLOW Develop Local Deploy Verify Git Push PipelineBootstrap
  • 118. OPENSHIFT TECHNICAL OVERVIEW118 A PLATFORM THAT GROWS WITH YOUR BUSINESS Data Virtualization Real Time Decision Intelligent Process Integration Messaging Data Grid Java EE Application Web Application Single Sign-On Mobile API Management Micro services
  • 119. OPENSHIFT TECHNICAL OVERVIEW CrunchyData GitLab Iron.io Couchbase Sonatype EnterpriseDB NuoDB Fujitsu and many more 119 ...and virtually any docker image out there! TRUE POLYGLOT PLATFORM PHPPythonJava NodeJS Perl Ruby .NET Core Apache HTTP Server MySQL Redis nginx TomcatVarnish JBoss EAP JBoss A-MQ JBoss Fuse JBoss BRMS JBoss BPMS JBoss Data Grid JBoss Data Virt RH Mobile RH SSO 3SCALE API mgmt JBoss Web Server Spring Boot Wildfly Swarm Vert.x PostgreSQL MongoDB Phusion Passenger Third-party Language Runtimes Third-party Databases Third-party App Runtimes Third-party Middleware Third-party Middleware LANGUAGES DATABASES WEB SERVERS MIDDLEWARE