THE POWER OF THE CLOUD IN A PROFESSIONAL SERVICES COMPANY

Ivan Krnić, ikrnic@croz.netMladen Knežić, mknezic@croz.net

// Agenda

• Past vs. Present

• What is OpenShift

• Why OpenShift@CROZ

• OpenShift@CROZ

• Projects

• Projects delivery

• Challenges

• Q&A

// Past vs. Present

• Past

• Ticket oriented infrastructure

• Slow-moving, VM oriented

• Resource hungry

• Pets in Pets vs. Cattle

• You take care of it until the project ends

// Past vs. Present

• Present

• Self service

• Fast paced, automated

• Low resource overhead

• Cattle in Pets vs. Cattle

• If something goes down, replace it with another one

• Easy to manage instances

• What backup ?

// What is OpenShift

• lmgtfy:

OpenShift is a computer software product from Red Hat for container-based software deployment and management. In concrete terms it is a supported distribution of Kubernetes using Docker containers and DevOps tools for accelerated application development.

source: Wikipedia

• So, it’s docker + something making a cloud (PaaS)

• Solving business problems:

• Fast deployments

• Reuse common components

//

// Why OpenShift@CROZ

• Let’s see what others are talking about

• Microservices, docker, cloud

• Continuous

• Integration ? We have done that for ages

• Delivery? Not so much

• It goes with DevOps

// OpenShift@CROZ

• 1 master, 2 nodes, setup&manage with Ansible

• Each quad CPU + 8GB RAM + 100 GB storage, RHEL/Centos

• NFS shared storage for persistent storage

• Usage stats:

• 4GB used, load ~0.5

• 5 customer projects (1 with production)

• 3 infrastructure projects (CI, logging, monitoring)

• 2 internal production app

• Replacing 1+ custom VMs with quad CPU, 8+ GB RAM, 80+ GB storage percustomer/project

// OpenShift@CROZ

• CI with Jenkins & OpenShift

• Offload Jenkins nodes to cloud (no need for special VMs)

• Different docker images for Jenkins nodes

• Maven & Java

• Android

• NPM etc.

• Persistent storage for caches (Maven repo etc.)

• GitLab test

• Playground for development setup

• Get people up to speed with GIT

// OpenShift@CROZ

• Logging

• OOB with OpenShift Ansible playbook

• ElasticSearch, Fluentd, Kibana

• Goes with permissions by projects

• Monitoring

• OOB with OpenShift Ansible playbook

• Hawkular, Heapster, Cassandra

• CPU, memory, network by POD

// Projects

• Classic: Spring, Java EE

• Modern Spring boot, Spring cloud, Angular, NodeJS, etc.

• DB persistent or ephemeral, mysql, postgres, etc

• Development and production enviroments as different projects

• Quota & limits for development projects

• Total quota

• Limit per pod, per container

• Min, max, default requested limit

• Liveness/readiness checks

• Rolling deployments

• A/B testing

// Projects delivery

• GIT source (triggering build with commit hook or URL)

• s2i

• Jenkinsfile pipeline

• Dockerfile

• Docker image from Nexus registry

• Jenkins CI build

• Triggers OpenShift deployment

// Challenges

• External docker registry -> use proper SSL certificate

• NFS storage -> don’t touch after first use (permissions)

• Persistent volumes – forbid dynamic provisioning, maybe

• Production env

• Project self-service – disable self-provisioning

• Set quota & limits on non-production projects & rough ones

• Learn permissions

• Read OpenShift v3 Scaling, Performance and Capacity Planning

• Check OpenShift Container Platform Reference Architecture Implementation Guides

// Q&A

• Infrastructure ?

• What next ?

Thank You ☺C U ++2017