Day 3: OpenShift, CodeReady Containers and Operators https://www.youtube.com/watch?v=0txK3icU2Pg
Experience new tools to build, manage and deploy containerized applications following best practices. Learn how to build containers locally with podman, skopeo and buildah, publish and scan containers for vulnerabilities - and deploy containerized applications locally or on cloud using Kubernetes and OpenShift!
Mihai will take you through the process of:
Day 1 = Build: Building and running container images locally with podman, skopeo and buildah. Building containers for years or just getting started? Check out these new tools that help you build and run containers locally, and how they can help you get started with Kubernetes and OpenShift.
Learn some of the best practices on how you can build containers that run as regular users and how to automate the container build process using buildah. Learn about the Universal Base Image and how you can start your image builds from a known, trusted source.
and then over the next two Fridays the story will evolve as follows...
Day 2 = Publish: Publishing container images to quay.io and scanning containers for vulnerabilities and container best practices
Day 3 = Deploy: Getting started with OpenShift using CodeReady Containers or OKD and deploying containers on a Kubernetes Platform (Red Hat OpenShift / OKD / CRC)
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
1. Red Hat OpenShift Workshop
Deploy MySQL and Wordpress on CodeReady Containers
Mihai Criveti, Cloud Native Solutioning Leader, RHCE
November 23, 2020
1
5. Steps
0. Test MySQL + Wordpress using podman.
1. Install CodeReady Containers
2. Create a project called wordpress
3. Create users and groups and setup htpassword authentication
• User admin as cluster admin
• developers:developer as edit for project
• leaders:leader as self-provisioner group
• testers:tester as view for project
4. Deploy mysql from registry.redhat.io/rhel8/mysql-80 and configure the secret
5. Deploy wordpress from docker.io/library/wordpress:5.5.0-php7.2-apache
6. Create a route and test wordpress
7. Scale
8. Setup probes and monitoring
4
8. Install CodeReady Containers
Download CodeReady Containers
Go to http://cloud.redhat.com and download CodeReady Containers and the Pull Secret.
Unpack the archive
tar Jxf crc-linux-amd64.tar.xz
cd crc-linux-1.14.0-amd64
Setup CRC
./crc setup
./crc config set memory 16536
./crc config set cpus 8
./crc start
6
15. Setup cluster admin
Give the admin user cluster-admin permissions
oc adm policy add-cluster-role-to-user cluster-admin admin
Login as admin
oc login -u admin -p $PASS
oc login -u admin -p $PASS --loglevel 10 $API
oc whoami
13
16. Setup groups
Create groups
oc adm groups new leaders
oc adm groups new developers
oc adm groups new testers
oc get groups
Setup groups users
oc adm groups add-users leaders leader
oc adm groups add-users developers developer
oc adm groups add-users testers tester
oc get groups
14
17. Setup self-provisioning
Disable self-provisioning for all users
oc api-resources | grep rbac
oc get clusterrolebindings | grep self
oc describe clusterrolebindings self-provisioner
oc adm policy remove-cluster-role-from-group
self-provisioner system:authenticated:oauth
Leaders can create projects
oc adm policy add-cluster-role-to-group self-provisioner leaders
15
22. Create a project and setup policies
Create a new project and assign to developer
oc login -u leader -p $PASS $API
oc new-project wordpress
oc adm policy add-role-to-group edit developers
oc adm policy add-role-to-group view testers
oc login -u developer -p $PASS
18
23. Deploy MySQL
Create a mysql secret
oc create secret generic mysql
--from-literal database=wordpress
--from-literal user=wpuser
--from-literal password=password
Deploy MySQL from Red Hat
oc new-app --name mysql
--docker-image=registry.redhat.io/rhel8/mysql-80
--as-deployment-config=true
Check status - env is not yet set, app will crash
oc get dc,pod
oc status
oc logs pod/mysql-1-xxxxx
19
24. Configure my.cnf with ConfigMaps
Create a my.cnf file from the existing one
oc rsh mysql-2-hcstt cat /etc/my.cnf > my.cnf
echo 'default-authentication-plugin=mysql_native_password' >> my.cnf
Create a configmap
oc create configmap mysql-config --from-file my.cnf
oc set volume dc/mysql --add --name mysql-config --overwrite
--type=configmap --configmap-name=mysql-config
--mount-path=/etc/mysql-config
Check the settings
oc describe configmaps mysql-config
oc set volume dc --all
oc get all -l app=mysql
20
25. Configure the environment to use secrets
Set the environment to use the secret and config file
oc set env dc/mysql --from=secret/mysql
--prefix=MYSQL_ DEFAULTS_FILE=/etc/mysql-config/my.cnf
oc set env pods --all --list
Get status
oc get dc,pod
oc status
oc logs pod/mysql-3-deploy
oc logs pod/mysql-3-xxxx
oc get all -l app=mysql
21
26. Test your database
Log into your container using oc rsh
oc rsh mysql-2-xxxxx
mysql -u wpuser --password=password wordpress -e 'show databases;'
exit
22
28. Deploy the Wordpress Pods
Deploy wordpress
oc new-app --name wordpress
--docker-image docker.io/library/wordpress:5.5.0-php7.2-apache
-e WORDPRESS_DB_HOST=mysql
-e WORDPRESS_DB_NAME=wordpress
-e WORDPRESS_DB_USER=wpuser
-e WORDPRESS_DB_PASSWORD=password
--as-deployment-config=true
Get status
oc get pod
oc logs pod/wordpress-1-7kf49
23
29. Create a service account
Create a service account
oc login -u admin -p $PASS
oc create sa wordpress-sa
oc adm policy add-scc-to-user anyuid -z wordpress-sa
Set wordpress-sa for the deploymentconfig
oc login -u developer -p $PASS
oc set serviceaccount deploymentconfig wordpress wordpress-sa
Get the status
oc get all
oc get events
oc logs pod/wordpress-2-468kp
24
30. Expose the application
Create a route
oc expose svc/wordpress
oc get routes
Setup WordPress
Go to http://wordpress-wordpress.apps-crc.testing/ to setup WordPress.
25
31. Cleanup
Deleting individual apps
oc delete all -l app=wordpress
oc delete all -l app=mysql
Deleting the entire project
oc delete projects wordpress
26
32. Debugging
Debug a deployment as root to check for permissions
oc debug -t deployment/wordpress --as-root
Replace the image
oc debug -t deployment/mysql
--image registry.access.redehat.com/ubi/ubi:8.0
27
34. Manual Scaling
Get the dc
oc get dc
NAME REVISION DESIRED CURRENT
mysql 5 1 1
wordpress 2 1 1
Scale the dc
oc scale dc wordpress --replicas=3
oc get dc,pod
28
35. Create a PostgreSQL Operator using CLI
Operators
• MariaDB ?
• PostgreSQL
29