OpenShift In a Nutshell - Episode 02 - Architecture
18
Presentation By: Behnam Loghmani Winter 2016 IRAN OpenStack Users Group OPENSHIFT IN A NUTSHELL (Episode 02) Architecture
-
Upload
behnam-loghmani -
Category
Technology
-
view
92 -
download
6
Transcript of OpenShift In a Nutshell - Episode 02 - Architecture
Presentation By:
Behnam Loghmani
Winter 2016
IRAN OpenStack Users Group
OPENSHIFTIN A NUTSHELL
(Episode 02)
Architecture
IRAN Community| OpenStack.ir
Agenda:
● Layers
● What's is the OpenShift Architecture?
● Security in OpenShift
● Iran OpenStack Community
OpenShift Architecture
IRAN Community| OpenStack.ir
OpenShift Architecture
Layers
IRAN Community| OpenStack.ir
OpenShift Architecture
● Docker
● Kubernetes
OpenShift adds:
● Source code management, builds, and deployments
● Managing and promoting images
● Application management at scale
● Team and user tracking
IRAN Community| OpenStack.ir
OpenShift Architecture
IRAN Community| OpenStack.ir
OpenShift Architecture
What's the OpenShift Architecture
IRAN Community| OpenStack.ir
OpenShift Architecture
● Microservices-based
● Running on top of a Kubernetes cluster
● Data about the objects stored in etcd
IRAN Community| OpenStack.ir
OpenShift Architecture
We have two functions
● REST APIs, which expose each of the core objects.
● Controllers, which read those APIs, apply changes to other objects, and report status
or write back to the object.
IRAN Community| OpenStack.ir
OpenShift Architecture
Calling the REST API to change the state of the system.
Controllers use the REST API to read the user’s desired state.
Controller try to bring the other parts of the system into sync.
IRAN Community| OpenStack.ir
OpenShift Architecture
Controller
● Customization of builds and deployments.
● "Business logic" of the system.
● Sync view of the system with what users are doing.
● Changes ripple out through the system very quickly and efficiently.
● Confirm that everything is in the right state.
IRAN Community| OpenStack.ir
OpenShift Architecture
Security in OpenShift
IRAN Community| OpenStack.ir
OpenShift Architecture
● Authenticate with credentials.
● Authorize base on roles.
IRAN Community| OpenStack.ir
OpenShift Architecture
Authentication and Authorization in different parts
● Clients (developers)
● Nodes
● Infrastructure components runs in containers
IRAN Community| OpenStack.ir
OpenShift Architecture
IRAN Community| OpenStack.ir
OpenShift Architecture
Authorization
● Openshift policy engine
● Defines actions
● Different roles
● Policy engine checks requests
● secrets
IRAN Community| OpenStack.ir
OpenShift Architecture
Iran OpenStack Community
IRAN Community| OpenStack.ir
OpenShift Architecture
Stay in Touch and Join Us:
● Home Page: OpenStack.ir
● Meetup Page: Meetup.com/Iran-OpenStack
● Mailing List: [email protected]
● Twitter: @OpenStackIR , #OpenStackIRAN
● IRC Channel on FreeNode: #OpenStack-ir
Thank YouBehnam Loghmani
Iran OpenStack Community Member
OpenStack.ir
We need to work together to build a better community
