red hat forum benelux 2015
TRANSCRIPT
Accelerate at DevOps SpeedWith Openshift v3Alessandro Vozza & Samuel TerburgRed Hat
IT (R)Evolution
Red Hat Brings It All Together
What is Kubernetes ● Open source container cluster manager○ Inspired by the technology that runs
● RUns anywhere:○ Public cloud○ Private cloud○ Bare metal
● Strong ecosystem○ Partners: Red Hat, VMware,
CoreOS..○ Community: clients, integration
Benefits for developers
OpenShift Technical Architecture
openshift.com
openshift.com
OpenShift runs on your choice of infrastructure
openshift.com
Nodes are instances of RHEL where apps will run
openshift.com
App services run in docker containers on each node
openshift.com
Pods run one or more docker containers as a unit
openshift.com
Registries are where application images are stored
openshift.com
Masters leverage kubernetes to orchestrate nodes / apps
openshift.com
Master provides authenticated API for users & clients
openshift.com
Master uses etcd key-value data store for persistence
openshift.com
Master provides scheduler for pod placement on nodes
openshift.com
Pod placement is determined based on defined policy
openshift.com
Services allow related pods to connect to each other
openshift.com
Management/Replication controller manages the pod lifecycle
openshift.com
What if a pod goes down?
openshift.com
OpenShift automatically recovers and deploys a new Pod
openshift.com
Pods can attach to shared storage for stateful services
openshift.com
Routing layer routes external app requests to pods
openshift.com
Developers access OpenShift via Web, CLI or IDE
Kubernetes Cluster
Architecture
Registry
DeployBuild
Master
Nodeconfig config
Storage
Pod
Volume
Node
Service
Pod
Pod
Route
Agile
Faster: From Idea to Production
Cycle time is defined as the time it takes from starting to code a new feature to the time it takes to deploy
that feature into production. The goal of any business should be to reduce this cycle time without compromising
on quality.
OPENSHIFT
CONTINUOUS DELIVERY
CYCLE TIME
Selfprovisioning
Environmentstandardization
Autoscaling
CentralizedManagement
Productmanagers
Developers Test engineers
Operationspersonnel
IDE Configurationmanagement
Continuousintegration Monitoring
DEV PRODQA UAT
Idea Productionfeature
DevOps experience
Developer provides git repo
$> oc new-app --code=http://github.com/mycompany/myapp.git
Providing the Builder image
$> oc new-app --code=... --image-stream=wildfly-8-centos
auto detect
Java JEEPHPRubyNodeJSDocker
: pom.xml: index.php: Rakefile / Gemfile: app.jon / package.json: Dockerfile
scripts
- assemble- run- save-artifact
Layer is applied to image
$> oc start-build my-build
Layer is added back to registry
my-app:latest
Image is deployed
ImageChange Triggers "Deployment"
$> oc deploy my-app --latest
my-app:latest
Trigger a new BuildWebHook
BaseImageChange
Updated image is added back to the registry
my-app:latest
WebHook
New image is deployed as rolling update
App.1 App.2
App.1App.1
App.1 App.2App.1 App.2
App.1 App.2App.2App.2App.1
App.1App.1App.2
App.2App.2
Rep
lica:
3
WebHook
step 1 step 2 step 3
Continuous Integration Pipeline example
Source Build Deploy:testStore
:testDeploytest-fw
Test Tag:uat
Deploy:uat
commit webhook registry ImageChange
registry
ImageChangeApprove Tag
:prod
Deploy:prod
registry
ImageChange
ITIL
OpenShift Demo
WebUI and CLI & IDE$> oc build openshift/hello-world
openshift.com
Logging
● Elasticsearch, Fluentd, and Kibana
● Full build, deploy, docker (std error/out) log consolidation for admins
● Developer gets real-time logs to console
openshift.com
Metrics
● Heapster● Connect it to Hawkular (and therefore Cassandra)● Container metrics from cgroups (via the Heapster data model) ● Java app metrics from JAdvisor/Jolokia attributes*
* still under active development
OpenShift Integrations
Authentication
● RBAC● LDAP● HTPasswd● GitHub / Google / OpenID● SSO - Request Header (eg “X-Remote-User”)● Tokens
Trust● Trusted Red Hat Registry
openshift.com
JBoss Developer Studio and Eclipse Plugin
● You can:- Create new Project- Create new App- Use Templates
● Import existing OpenShift app● Local docker tools, deploy image● Connect to your application via port forwarding● Build and Runtime logs
openshift.com
OpenShift On OpenStack
A True Open Hybrid Cloud
● Deploy OpenShift on OpenStack via Heat
● Integrate Apps with OpenStack services
● Manage it all with CloudForms
● Get it all at once with Red Hat Cloud Suite
45
openshift.com
Administration & Container Mgt. with CloudForms
● Red Hat CloudForms 4 adds new providers for OpenShift and Containers (Dec 2015)
● Monitor containers running in OpenShift Enterprise
● Docker and Kubernetes aware (containers, pods, services...)
● OpenShift provider adds even more features (projects, users, registries, images)
● Included with OSE subscriptions
Available in 3 flavors
● docker run openshift/origin
Q & A
CASE DESCRIPTION
● IT Challenges
● Proposes solutions
● How did we do it
● How did the solution solved the issues
LESSONS LEARNED
● What worked well?
● What needs to be improved
NEXT STEPS
● Tell something about the future of IT in your company in relation to this project
by52/62
Build automation
Developer Dockerfile Build Image Deploy to App
Developer Code Build Layer Image Deploy to App
Source-to-Image builds
Integrated Docker builds
openshift.com
OpenShift Product Roadmap3.0 - June 2015●Docker container runtime & image packaging format●Kubernetes orchestration & mgt.●Source-to-Image & Docker builds ●JBoss EAP 6.4, JWS 3.0, A-MQ 6.2●SCL images (Node, Python, PHP, Ruby...)●Shared storage volumes for stateful apps●Projects & team collaboration●OAuth & enterprise auth integration (LDAP)●Enhanced Web, CLI and IDE interfaces●Manual scaling
3.0.x - Q3CY2015●Auto-scaling basic●F5 and External Routing Examples●Reference architectures●Bug fixes
●Additional storage plugins●Networking enhancements●Enhanced logging / ELK ●CPU/Memory Overcommit●Better Master HA●Job Controller●LDAP teams integration ●Better CI integration●Atomic Host
3.2 - 1HCY16●Mobile Service / FeedHenry●Idling ●Expanded Fabric8 Integration●Non-SNI / non-HTTP routing●Git hosting●OpenStack Network Integrations●CloudForms Active Management●Pipelines●Service Registry
3.1 - Q4CY15●Metric-driven autoscaling●Integration Service / Fuse 6.x●Decision Service / BRMS●Cache Service / JDG ●Eclipse IDE completion●Web/CLI UX enhancements●SCL 2 image updates●External service bridge/registry●CloudForms OSE Provider
openshift.com
● Streamlined app creation flows● Streamlined overview page● Ability to delete projects● Access to pod logs● 3rd party extensions API for pluggability● Trigger deployments and rollbacks● Cancel builds
Web Console Updates
openshift.com
Notes
openshift.com
Change vs. ImmutabilityFinding the Developer Comfort Zone
Time to Production
Inception Production
Cha
nge
Leve
l
High Iterations
$ oc syncCDKIDE port forwardingHot deploy
Git BranchesS2IJenkins S2I
Binary Deployvia Assembly
by57/62
Deployment automation
Manual change Code change Config change Image change
openshift.com
● Immediate builds triggered after app creation● Build and deploy performance improvements● Security improvements for source to image builds● Jenkins image available to run within OpenShift● Git - additional authentication methods● Eclipse / JBoss Developer Tools● Hot deploy● Offline / Local (CDK) : Vagrant, Docker
Developer Experience