OpenShift in 1h...Containers, Kubernetes, and hybrid cloud are key ingredients. OpenShift is the...

GENERAL DISTRIBUTION

OpenShift in 1h

Robert BohneSPECIALIST SOLUTION ARCHITECT | OPENSHIFTTwitter: @RobertBohne

Why Red Hat OpenShift

CREATING VALUE DEPENDS ON YOUR ABILITY TO DELIVER APPLICATIONS FASTER

Containers, Kubernetes, and hybrid cloud are key ingredients.OpenShift is the best container platform to deliver innovative applications.

Innovation Culture

Cloud-native Applications

AI & Machine Learning

Internet of Things Analytics

OPENSHIFT IS GAINING MOMENTUMMORE THAN 1,000 CUSTOMERS WORLDWIDE

WHY CUSTOMERS CHOOSE OPENSHIFT

OPEN SOURCE INNOVATION

ONE PLATFORMANY CLOUD

EMPOWERING DEVELOPERS

TRUSTED ENTERPRISE KUBERNETES

THE POWER OF THE OPENSHIFT ECOSYSTEMIT’S ALL HERE—ON A CONSISTENT PLATFORM FOR DEVELOPERS & IT OPS

RED HAT ENTERPRISE LINUX ECOSYSTEMHardware, Virtualization, Cloud and Service Provider Certifications

RED HAT PORTFOLIOOptimized for Containers

ISV ECOSYSTEMCertified Containers and Operations

CLOUD SERVICES

Bare metal, vSphere, OpenStack, AWS, Azure, GCP

Single workflow for containers and virtual machines running on

OpenShift

CONTAINER-NATIVE VIRTUALIZATION*

Container-optimized software-defined storage on

OpenShift

Enterprise image registry with geo-replication, time machine

and security scanning

MORE THAN JUST A KUBERNETES PLATFORM

* coming soon

Trusted enterprise Kubernetes● Trusted Host, Content, Platform● Full Stack Automated Install● Over the Air Updates & Day 2 Mgt

A cloud-like experience, everywhere● Hybrid, Multi-Cluster Management● Operator Framework ● Operator Hub & Certified ISVs

Empowering developers to innovate● OpenShift Service Mesh (Istio)● OpenShift Serverless (Knative)● CodeReady Workspaces (Che)

Red Hat OpenShift in detail

Automated operations

A CONSISTENT CONTAINER APPLICATION PLATFORMFROM YOUR DATACENTER TO THE CLOUD

Multi-tenant Networktraffic control

Over-the-airupdates

BARE METAL, VSPHERE, RHV, OPENSTACK, AWS, AZURE, GOOGLE

Pluggable architecture

Monitoring& chargeback

Secure by default

WHAT ARE CONTAINERS?CONTAINER BENEFITS FOR MULTIPLE TEAMS

DEVELOPERS

IT OPERATIONS

BUSINESS LEADERS

● CLOUD-NATIVE APPS● SIMPLIFY PACKAGING● SIMPLIFY TESTING

● CONSISTENT APP DEPLOYS● AUTOMATED APP DEPLOYS● IMPROVED APP PERFORMANCE● MULTI-CLOUD CONSISTENCY

● ENABLE DEVOPS CULTURE● ENABLE HYBRID CLOUD● REDUCE VM LICENSING COSTS● ACCELERATE APP-DEV CYCLES

CONTAINERS

Package all app dependenciesIntegrated in Linux OS

Fully Open SourceSecure Isolation of Applications

Eliminates need for VM HypervisorRuns on Any Cloud Platform

CLOUD INFRASTRUCTURE

LINUX HOST (KERNEL)

Container

CONTAINER INFRASTRUCTUREWITH CONTAINERS, THE OS MATTERS MORE THAN EVER

CONTAINER CONTAINER CONTAINER

LINUX CONTAINER HOST (KERNEL)

LINUX O/SDEPENDENCY

APP APP APP

Linux OS host spans every container

1 2Linux is in

every single container

CONTAINERS ARE LINUX

Red Hat Enterprise Linux is a leader in paid

70%CY2016 paidLinux share

HOW OPENSHIFT ENABLES DEVELOPER PRODUCTIVITY

SPRING & JAVA EE MICROSERVICES FUNCTIONS

LANGUAGES DATABASES APPLICATION SERVICES

LINUX WINDOWS*

* coming soon

BUILD TEST DEPLOY

MONITORREVIEW

Self-service Provisioning

Automatedbuild & deploy

CI/CDpipelines

Consistentenvironments

Configuration management

App logs & metrics

OPENSHIFT TECHNICAL OVERVIEW15

BUILD AND DEPLOY CONTAINER IMAGES

DEPLOY YOURSOURCE CODE

DEPLOY YOURCONTAINER IMAGE

DEPLOY YOURAPP BINARY

DEPLOY SOURCE CODE WITH SOURCE-TO-IMAGE (S2I)

GitRepositoryBUILD APP

(OpenShift)Developer

Source-to-Image(S2I)

Builder Image

ImageRegistry

BUILD IMAGE(OpenShift)

DEPLOY(OpenShift)

deployApplication Container

OpenShift DoesUser/Tool Does

DEPLOY APP BINARY WITH SOURCE-TO-IMAGE (S2I)

ApplicationBinary

(e.g. WAR)BUILD APP(Build Infra) Existing Build

Process

Source-to-Image(S2I)

Builder Image

ImageRegistry

BUILD IMAGE(OpenShift)

DEPLOY(OpenShift)

deployApplication Container

OPENSHIFT TECHNICAL OVERVIEW

DEPLOY(Openshift)

DEPLOY DOCKER IMAGEbuild

Application Container

deploy

Application Image

ImageRegistry

BUILD IMAGE (Build Infra) Existing Image

Build Process

PUSH(Build Infra)

CONTINUOUS DELIVERY WITH CONTAINERS

sourcerepository

CI/CDengine

dev container

physical

virtual

private cloud

public cloud

OPENSHIFT LOVES CI/CD

JENKINS-AS-A SERVICEON OPENSHIFT

HYBRID JENKINS INFRA WITH OPENSHIFT

EXISTING CI/CD DEPLOY TO OPENSHIFT

OPENSHIFT CONCEPTS OVERVIEW

A container is the smallest compute unit

CONTAINER

containers are created from container images

CONTAINERCONTAINERIMAGE

BINARY RUNTIME

IMAGE REGISTRY

container images are stored in an image registry

CONTAINER

CONTAINERIMAGE

an image repository contains all versions of an image in the image registry

IMAGE REGISTRY

frontend:latestfrontend:2.0frontend:1.1frontend:1.0

CONTAINERIMAGE

mongo:latestmongo:3.7mongo:3.6mongo:3.4

CONTAINERIMAGE

myregistry/frontend myregistry/mongo

PODPOD

containers are wrapped in pods which are units of deployment and management

CONTAINER CONTAINERCONTAINER

IP: 10.1.0.11 IP: 10.1.0.55

pods configuration is defined in a deployment

image namereplicaslabelscpumemorystorage

CONTAINER

DEPLOYMENT

services provide internal load-balancing and service discovery across pods

CONTAINER

BACKEND SERVICE

CONTAINER

role: backend

role: backendrole: backendrole: backendrole: frontend10.110.1.11 10.120.2.22 10.130.3.3310.140.4.44

172.30.170.110

apps can talk to each other via services

InvokeBackend API

CONTAINER

BACKEND SERVICE

CONTAINER

role: backend

role: backendrole: backendrole: backendrole: frontend10.110.1.11 10.120.2.22 10.130.3.3310.140.4.44

172.30.170.110

routes add services to the external load-balancer and provide readable urls for the app

CONTAINER

BACKEND SERVICE

ROUTEapp-prod.mycompany.com

> curl http://app-prod.mycompany.com

projects isolate apps across environments, teams, groups and departments

PAYMENT DEV

PAYMENT PROD

CATALOG

INVENTORY

❌❌

OPENSHIFT ARCHITECTURE

YOUR CHOICE OF INFRASTRUCTURE

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

NODES RHEL INSTANCES WHERE APPS RUN

C CC C

APPS RUN IN CONTAINERS

Container Image

Container

PODS ARE THE UNIT OF ORCHESTRATION

C CC C

MASTERS ARE THE CONTROL PLANE

RED HATENTERPRISE LINUX

MASTER

API AND AUTHENTICATION

MASTER

API/AUTHENTICATION

DESIRED AND CURRENT STATE

MASTER

API/AUTHENTICATION

DATA STORE

INTEGRATED CONTAINER REGISTRY

MASTER

API/AUTHENTICATION

DATA STORE

REGISTRY

ORCHESTRATION AND SCHEDULING

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

REGISTRY

PLACEMENT BY POLICY

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULERREGISTRY

AUTOSCALING PODS

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULERREGISTRY

HEALTH/SCALING

SERVICE DISCOVERY

SERVICE LAYER

REGISTRY

CRED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

PERSISTENT DATA IN CONTAINERS

SERVICE LAYER

PERSISTENTSTORAGE

REGISTRY

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

ROUTING AND LOAD-BALANCING

SERVICE LAYER

ROUTING LAYER

PERSISTENTSTORAGE

REGISTRY

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

ACCESS VIA WEB, CLI, IDE AND API

EXISTING AUTOMATION

TOOLSETS

SCM(GIT)

SERVICE LAYER

ROUTING LAYER

PERSISTENTSTORAGE

REGISTRY

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

MONITORING APPLICATION HEALTH

AUTO-HEALING FAILED PODS

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

AUTO-HEALING FAILED CONTAINERS

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

PERSISTENT STORAGE

● Persistent Volume (PV) is tied to a piece of network storage● Provisioned by an administrator (static or dynamically)● Allows admins to describe storage and users to request storage● Assigned to pods based on the requested size, access mode, labels and type

PERSISTENT STORAGE

GlusterFS

OpenStack Cinder

Ceph RBD

AWS EBS

GCE Persistent Disk

Fiber Channel

Azure Disk

Azure File

FlexVolume

VMWare vSphere VMDK

Container Storage Interface (CSI)**

* Shipped and supported by NetApp via TSANet** Tech Preview

NetApp Trident*

PROJECT

POOL OF PERSISTENT VOLUMES

PERSISTENT STORAGE

iSCSIPV

register PV

create claim

GlusterFSPV

CephRBDPV

DYNAMIC VOLUME PROVISIONING

define StorageClass

create claim: Fastest

SlowAzure-Disk

FastAWS-SSD

FastestNetApp-Flash

NetAppProvisioner

AWSProvisioner

OpenShiftPV Controller

provision

AzureProvisioner

● Containerized Red Hat Gluster Storage

● Native integration with OpenShift

● Unified Orchestration using Kubernetes for

applications and storage

● Greater control & ease of use for developers

● Lower TCO through convergence

● Single vendor SupportDISTRIBUTED, SECURE, SCALE-OUT STORAGE

CLUSTER

APPLICATIONCONTAINER

APPLICATION CONTAINER

STORAGECONTAINER

OPENSHIFT CONTAINER STORAGE

OpenShift in 1h...Containers, Kubernetes, and hybrid cloud are key ingredients. OpenShift is the...

Documents

Transcript of OpenShift in 1h...Containers, Kubernetes, and hybrid cloud are key ingredients. OpenShift is the...

KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kubernetes

Kubernetes - OpenShift

Red Hat OpenShift and Kubernetes what’s the difference?

Kubernetes with Terraform, Ansible and OpenShift … with Terraform, Ansible and OpenShift on OpenStack and Anywhere (QuadrupleO: OpenShift Origin On OpenStack) 2017, January 26th

DevFestMN 2017 - Learning Docker and Kubernetes with Openshift

fabric8 ... and Docker, Kubernetes & OpenShift

Automated Image Builds in OpenShift and Kubernetes

OpenShift, Docker, Kubernetes: The next generation of PaaS

OpenShift on NVIDIA GPU Accelerated Clusters · Red Hat OpenShift is a security-centric and enterprise-grade hardened Kubernetes platform for deploying and managing Kubernetes clusters

Javantura v4 - Self-service app deployment with Kubernetes and OpenShift - Marko Lukša

Scalable Python with Docker, Kubernetes, OpenShift Aarno ... · Managed Docker, Kubernetes, OpenShift Flavours: Big shared plattform in the cloud, private plattform in the cloud or

Persistent Storage with Containers with Kubernetes & OpenShift

Cloud Native Logging - OpenShift Blog · About Fluentd More than 600 plugins available Pluggable Architecture Built-in Reliability Full integration with Docker and Kubernetes

Scalable Python with Docker, Kubernetes, OpenShift

An Introduction to IBM Cloud Pak for Integration · Red Hat OpenShift Kubernetes CP4I Cloud-Native Architecture 14. CP4I product components 15 API Lifecycle Unlock business data and

MTF OpenShift on Docker- and Kubernetes-based container ... · Title: MTF OpenShift on Docker- and Kubernetes-based container platform (PaaS) Created Date: 10/1/2019 12:42:33 PM

FOR BIG IDEAS THE KUBERNETES PLATFORM€¦ · (Cloud Foundry Diego, Nomad, Blox, etc.) 3 YEARS AGO Fragmented landscape TODAY Kubernetes consolidation ... OPENSHIFT MAKES DOCKER UND

Hybrid cloud and Kubernetes

THE PRIVILEGE CONNECTION: CLOUD AND DEVOPS SECURITY Hurter - CyberArk... · Google Cloud IAM / KMS Docker Secrets Kubernetes Secrets OpenShift Secrets. THE ATTACKERS OPPORTUNITY:

Openshift/Kubernetes integration with Apache YARN