Download - Open shift enterprise 3.1 paas on kubernetes
![Page 1: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/1.jpg)
a Containerized Application Platform
@SamuelTerburgOpenShift “Specialist” Solution ArchitectMarch 2016
OpenShift Enterprise
![Page 2: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/2.jpg)
• Docker• Kubernetes added-value• OpenShift added-value
• Projects• Source 2 Image Builds• Deployment pre/post-Hooks• External (Oracle) Services
• Demo• Q & A
Agenda
![Page 3: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/3.jpg)
Image BImage AApplication Hosting
4
● “Image”• Unified Packaging format
• Like “war”, “rpm” or “zip”
• For any type of Application
• Portable
● “Container”• Runtime• Isolation
Hardware
Container
APP AImage
Host Minimal OS
Container
APP BImage
Container
APP CImage
Docker Engine
Docker Registry
RHELJDK
Jboss-EAPLibs A Libs BApp A App B
docker pull <image>
![Page 4: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/4.jpg)
But in production we need more than just packaging and isolation
• Scheduling : Where should my containers run?
• Lifecycle : Keep my containers running despite failures• Discovery : Where are my containers now?• Monitoring : What’s happening with my containers?• Auth{n,z} : Control who can do things to my containers• Aggregates : Compose sets of containers into jobs• Scaling : Making jobs bigger or smaller
![Page 5: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/5.jpg)
Kubernetes Cluster
Registry
Master
Node
Storage
Pod
Volume
Node
Service
Pod
Pod
Image
Kubernetes a “Cluster Manager” at scale
Dev / Ops
Visitor
Router
• Manages • 1.000 nodes• 100.000 containers
![Page 6: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/6.jpg)
RED HAT OPENSHIFT ENTERPRISE
We need more than just Cluster Management !
Self Service -Templates
- Web Console
Multi-Language
Automation- Deploy
- Build
DevOpsCollaboration
Secure- Namespaced- RBAC
Scalable- Integrated LB
Open Source
Enterprise- Authentication- Web Console- Central Logging
![Page 7: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/7.jpg)
RED HAT OPENSHIFT ENTERPRISE
We need more than just Orchestration
Self Service -Templates
- Web Console
Multi-Language
Automation- Deploy
- Build
DevOpsCollaboration
Secure- Namespaced- RBAC
Scalable- Integrated LB
Open Source
Enterprise- Authentication- Web Console- Central Logging
OpenShift is Red Hat’s Container Application Platform (PaaS)
![Page 8: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/8.jpg)
Project NamespacesProject
• Sandboxed Environment• Network VXLan• Authorization Policies• Resource Quotas • Ops in Control, Dev
Freedom
oc new-project Project-Devoc policy add-role-to-user admin scientist1oc new-app --source=https://gitlab/MyJavaApp --docker-image=jboss-eap
Project “Prod” Project “Dev” ProjectGlobal Services
OpenShift Platform
APP AImage
APP CImage
App• Images run in Containers• Grouped together as a
Service• Defined as Template
![Page 9: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/9.jpg)
Pods
POD Definition:• Group of Containers• Deployment unit• Same namespace• Emphemeral
Examples:• JBoss-EAP (Wildfly)• MySQL• Wildfly+ MySQL• App + data-load• App + proxy
![Page 10: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/10.jpg)
Kubernetes Cluster
Pod
JBoss
Example: App + DB
• MySQL seperate Scale Deploy
• Out of the Box Scaling Service Discovery Enterprisy
Pod
MySQL
kind: Podmetadata: name: mydbspec:spec: containers: - name: backend image: mysql ports: - containerPort: 3306 volumeMount: - name: data mount: /var/lib/mysql volumes: - name: data claim: requests: storage: 100Gi
Storage
Volume
![Page 11: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/11.jpg)
Kubernetes Cluster
Pod
JBoss
Example: App + DB Versioning
Flyway
• Seperate Flyway container• Mounts git repo• Git tag = DB Version• preDeployHook dependency
Pod
MySQL
Storage
Volume
kind: Podmetadata: name: myappspec:spec: containers: - name: dbversions image: flyway volumes: - gitRepo: repository: “git@git:/” - name: frontend image: jboss-eap ports: - containerPort: 8000 resources: cpu: “100m” memory: “1Gi”
![Page 12: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/12.jpg)
Code
Deploy
Build
Can configure different deployment strategies like A/B, Rolling upgrade, Automated base updates, and more.
Can configure triggers for automated deployments, builds, and more. Build & Deploy an Image
Source2
Image BuilderImage
Developer
SCM
Container Image
Builder Images• Jboss-EAP• PHP• Python• Ruby• Jenkins• Customer
• C++ / Go• S2I (bash) scripts
Triggers• Image Change (tagging)• Code Change (webhook)• Config Change
![Page 13: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/13.jpg)
OpenShift Cluster
Master
Node
Storage
Pod
Volume
Node
Service
Pod
Pod
OpenShiftBuild & Deploy Architecture
etcd
SkyDNS
ReplicationController
APIDev/Ops
Router
Deploy
Build
Policies
config
kind: "BuildConfig“metadata: name: “myApp-build“spec: source: type: "Git“ git: uri: "git://gitlab/project/hello.git“ dockerfile: “jboss-eap-6“ strategy: type: "Source“ sourceStrategy: from: kind: "Image“ name: “jboss-eap-6:latest“ output: to: kind: “Image“ name: “myApp:latest“ triggers: - type: "GitHub“ github: secret: "secret101“ - type: "ImageChange“
# oc start-build myApp-build
Registry
Image
Visitor
![Page 14: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/14.jpg)
Deployment Process
• …
• Versions• Strategy• Hooks• Triggers
Deploy• Scale• Monitor
Replicate• Runtime• StatePod
• MyJBossApp • MyJBossApp-v1 (2x)• MyJBossApp-v2 (4x)
![Page 15: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/15.jpg)
OpenShift Cluster
MasterStorage
Deploy - Trigger
etcd
ReplicationController
APIDev/Ops
Deploy
kind: “DeploymentConfig“metadata: name: “myApp“spec: replicas: 2 selector: app: myapp template: metadata: name: myapp labels: app: mine spec: containers: - name: frontend image: jboss-eap:latest ports: - containerPort: 80 triggers: - type: "ImageChange“ from: kind: “Image” name: “myapp:latest
# oc deploy myApp --latest
Registry
Image
Pod
JBoss
Flyway
Pod
MySQL
Volume
![Page 16: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/16.jpg)
OpenShift Cluster
MasterStorage
Deploy - Strategy
etcd
ReplicationController
APIDev/Ops
Deploy
kind: “DeploymentConfig“metadata: name: “myApp“spec: replicas: 2 template: spec: containers: - name: frontend - name: flyway strategy: type: rolling rollingParams: pre: execNewPod: containerName: flyway volumes: [‘git’] command: “flyway do” post: tagImage: containerName: frontend to: “frontend:prod” triggers: … # oc deploy myApp --latest
Registry
Image
Pod
JBoss
Flyway
Pod
MySQL
Volume
![Page 17: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/17.jpg)
Kubernetes Cluster
MySQL
DB
MySQL
Service
Service Definition:• Load-Balanced Virtual-IP (layer 4)• Abstraction layer for your App• Enables Service Discovery
• DNS • ENV
Examples:• frontend• database• api
172.16.0.1:3386
PHP
10.1.0.1:330610.2.0.1:3306
db.project.cluster.local
Visitor
<?php mysql_connect(getenv(“db_host”)) mysql_connect(“db:3306”)?>
![Page 18: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/18.jpg)
Pod
Service
Pod
Pod
Labels & Selectors- apiVersion: v1 kind: Service metadata: labels: app: MyApp role: BE phase: DEV name: MyApp spec: ports: - name: 80-tcp port: 80 protocol: TCP targetPort: 8080 selector: app: MyApp role: BE sessionAffinity: None type: ClusterIP
Role: FEPhase: Dev
Role: BEPhase: DEV
Role: BEPhase: TST
Role: BEthink SQL ‘select ... where ...’- apiVersion: v1 kind: Pod metadata: labels: app: MyApp role: BE phase: DEV name: MyApp
apiVersion: v1kind: Endpointsmetadata: name: my-oraclesubsets: addresses: - ip: 192.168.1.82 - ip: 192.168.1.83
![Page 19: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/19.jpg)
MySQL
Service
MySQL
Ingress / Router
• Router Definition:• Layer 7 Load-Balancer /
Reverse Proxy• SSL/TLS Termination• Name based Virtual Hosting• Context Path based Routing• Customizable (image)
• HA-Proxy• F5 Big-IP
Examples:• https://www.mysite.nl/myapp1/• http://www.mysite.nl/myapp2
172.16.0.1:3386
PHP
10.1.0.1:330610.2.0.1:3306
db.project.cluster.local
Visitor
Router https://mysite.nl/service1/apiVersion: extensions/v1beta1kind: Ingressmetadata: name: mysitespec: rules: - host: www.mysite.nl http: paths: - path: /foo backend: serviceName: s1 servicePort: 80 - path: /bar backend: serviceName: s2 servicePort: 80
![Page 20: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/20.jpg)
Kubernetes Cluster
Master
Node
Storage
Pod
Volume
Node
Service
Pod
Pod
KubernetesHosting Architecture
etcd
SkyDNS
ReplicationController
APIDev/Ops
Ingress
Policies
Registry
Image
VisitorLogging
ELK
![Page 21: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/21.jpg)
OpenShift Cluster
Master
Node
Storage
Pod
Volume
Node
Service
Pod
Pod
OpenShift PaaS Architecture
etcd
SkyDNS
ReplicationController
APIDev/Ops
Router
Deploy
Build
Policies
config
Registry
Image
VisitorLogging
EFK
• Added “Build”• Added “Deployment”• s/ELK/EFK/g• s/Ingress/Router/g• Added Policies + tools• Added WebConsole• Added Projects
• OpenShift-SDN isolation
WebConsole
![Page 22: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/22.jpg)
Demo• docker run openshift/origin• Image Layers
![Page 23: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/23.jpg)
Setup
yum install docker-engine
docker run openshift/origin
![Page 24: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/24.jpg)
Setup
yum install docker-engine
docker run openshift/origin
curl –s https://get.helm.sh | bashhelm update
yum install docker-engine
docker run -d --name "ose" --privileged --net=host --pid=host \ -v /:/rootfs:ro \ -v /var/run:/var/run:rw \ -v /sys:/sys:ro \ -v /var/lib/docker:/var/lib/docker:rw \ -v /var/lib/origin/openshift.local.volumes:/var/lib/origin/openshift.local.volumes:z \ -v /var/lib/origin/openshift.local.config:/var/lib/origin/openshift.local.config:z \ -v /var/lib/origin/openshift.local.etcd:/var/lib/origin/openshift.local.etcd:z \ openshift3/ose start \ --master="https://${OSE_MASTER_IP}:8443" \ --etcd-dir="/var/lib/origin/openshift.local.etcd" \ --hostname=`hostname` \ --cors-allowed-origins=.*
![Page 25: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/25.jpg)
Image Layers
redhat/jboss-eap-64
sterburg/jboss-oracle
sterburg/jboss-flyway add /jboss/modules/oracle
add /usr/local/flywaysterburg/myapp
add /jboss/deployments/
myapp.war
![Page 26: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/26.jpg)
• JBoss EAP• JBoss Web Server /
Tomcat• JBoss Developer Studio
• Fuse• A-MQ• Data Virtualization
• Business Process Management *
• Business Rules Management System
• Red Hat Mobile / FeedHenry *
Application Container Services
IntegrationServices
BusinessProcess Services
MobileServices
* Coming Soon
Our JBoss Middleware xPaas Service Catalog
![Page 27: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/27.jpg)
RED HAT OPENSHIFT ENTERPRISE
CloudForms Management
![Page 28: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/28.jpg)
RED HAT OPENSHIFT ENTERPRISE
RED HAT CLOUD SUITE FOR APPLICATIONSCloud Management – Alternative Virtualization – OpenStack – Containers – Development
![Page 29: Open shift enterprise 3.1 paas on kubernetes](https://reader036.vdocuments.net/reader036/viewer/2022062306/5875876a1a28ab901c8b505d/html5/thumbnails/29.jpg)
RED HAT OPENSHIFT ENTERPRISE
Questions?plus.google.com/+RedHat
nl.linkedin.com/in/samuelterburg
youtube.com/user/RedHatVideos
facebook.com/redhatinc
twitter.com/SamuelTerburg
github.com/sterburg/