RED HAT ENTERPRISE LINUX ATOMIC HOST, CONTAINERS AND KUBERNETES

Similar documents
Investigating Containers for Future Services and User Application Support

Running MarkLogic in Containers (Both Docker and Kubernetes)

agenda PAE Docker Docker PAE

CONTAINERS AND MICROSERVICES WITH CONTRAIL

Docker und IBM Digital Experience in Docker Container

Container Security. Marc Skinner Principal Solutions Architect

[Docker] Containerization

/ Cloud Computing. Recitation 5 February 14th, 2017

Docker All The Things

Container-based virtualization: Docker

ovirt and Docker Integration

An introduction to Docker

Who is Docker and how he can help us? Heino Talvik

WHITE PAPER. RedHat OpenShift Container Platform. Benefits: Abstract. 1.1 Introduction

Deployment Patterns using Docker and Chef

/ Cloud Computing. Recitation 5 September 26 th, 2017

Linux Containers Roadmap Red Hat Enterprise Linux 7 RC. Bhavna Sarathy Senior Technology Product Manager, Red Hat

Amir Zipory Senior Solutions Architect, Redhat Israel, Greece & Cyprus

Networking Approaches in. a Container World. Flavio Castelli Engineering Manager

OpenShift 3 Technical Architecture. Clayton Coleman, Dan McPherson Lead Engineers

Przyspiesz tworzenie aplikacji przy pomocy Openshift Container Platform. Jarosław Stakuń Senior Solution Architect/Red Hat CEE

Docker A FRAMEWORK FOR DATA INTENSIVE COMPUTING

Docker. Master the execution environment of your applications. Aurélien Dumez. Inria Bordeaux - Sud-Ouest. Tuesday, March 24th 2015

Multi-Arch Layered Image Build System

Docker and Oracle Everything You Wanted To Know

Important DevOps Technologies (3+2+3days) for Deployment

Operating and managing an Atomic container-based infrastructure

UP! TO DOCKER PAAS. Ming

Think Small to Scale Big

Red Hat Atomic Details Dockah, Dockah, Dockah! Containerization as a shift of paradigm for the GNU/Linux OS

Introduction to Container Technology. Patrick Ladd Technical Account Manager April 13, 2016

Infoblox Kubernetes1.0.0 IPAM Plugin

개발자와운영자를위한 DevOps 플랫폼 OpenShift Container Platform. Hyunsoo Senior Solution Architect 07.Feb.2017

Code: Slides:

Kuber-what?! Learn about Kubernetes

A REFERENCE ARCHITECTURE FOR DEPLOYING WSO2 MIDDLEWARE ON KUBERNETES

Microservices. Chaos Kontrolle mit Kubernetes. Robert Kubis - Developer Advocate,

Travis Cardwell Technical Meeting

TEN LAYERS OF CONTAINER SECURITY

Red Hat Roadmap for Containers and DevOps

The four forces of Cloud Native

S Implementing DevOps and Hybrid Cloud

Singularity CRI User Documentation

ACCELERATE APPLICATION DELIVERY WITH OPENSHIFT. Siamak Sadeghianfar Sr Technical Marketing Manager, April 2016

ASP.NET Core & Docker

Orchestrating Docker containers at scale

An Introduction to Kubernetes

Getting Started With Containers

Containerisation with Docker & Kubernetes

Asterisk & the Docker revolution Some lessons from the trenches

System Requirements ENTERPRISE

Scaling Jenkins with Docker and Kubernetes Carlos

A DEVOPS STATE OF MIND WITH DOCKER AND KUBERNETES. Chris Van Tuin Chief Technologist, West

Go Faster: Containers, Platforms and the Path to Better Software Development (Including Live Demo)

Introduction to containers

Red Hat OpenShift Roadmap Q4 CY16 and H1 CY17 Releases. Lutz Lange Solution

RED HAT'S CONTAINER STRATEGY. Lars Herrmann General Manager, RHEL, RHEV and Containers June 24, 2015

Red Hat Enterprise Linux Atomic Host 7 Getting Started with Kubernetes

Docker Cheat Sheet. Introduction

Kubernetes introduction. Container orchestration

Installation and setup guide of 1.1 demonstrator

Arup Nanda VP, Data Services Priceline.com

Brainstorm K Containerization with Docker. Crown Palm 2:30-3:30. Adam W Zheng Nebraska Educational Service Unit 10

CS-580K/480K Advanced Topics in Cloud Computing. Container III

Red Hat Container Strategy Ahmed El-Rayess

@briandorsey #kubernetes #GOTOber

Bringing Security and Multitenancy. Lei (Harry) Zhang

Question: 2 Kubernetes changed the name of cluster members to "Nodes." What were they called before that? Choose the correct answer:

Fixing the "It works on my machine!" Problem with Docker

Red Hat Containers Cheat Sheet

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

A DEVOPS STATE OF MIND. Chris Van Tuin Chief Technologist, West

Cloud I - Introduction

Run containerized applications from pre-existing images stored in a centralized registry

PVS Deployment in the Cloud. Last Updated: June 17, 2016

Dockerized Tizen Platform

How Container Runtimes matter in Kubernetes?

Secure Kubernetes Container Workloads

Convergence of VM and containers orchestration using KubeVirt. Chunfu Wen

Docker and Security. September 28, 2017 VASCAN Michael Irwin

/ Cloud Computing. Recitation 5 September 27 th, 2016

Accelerate at DevOps Speed With Openshift v3. Alessandro Vozza & Samuel Terburg Red Hat

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4

Contrail Networking: Evolve your cloud with Containers

Sunil Shah SECURE, FLEXIBLE CONTINUOUS DELIVERY PIPELINES WITH GITLAB AND DC/OS Mesosphere, Inc. All Rights Reserved.

USING DOCKER FOR MXCUBE DEVELOPMENT AT MAX IV

Wolfram Richter Red Hat. OpenShift Container Netzwerk aus Sicht der Workload

High Performance Containers. Convergence of Hyperscale, Big Data and Big Compute

Portable, lightweight, & interoperable Docker containers across Red Hat solutions

Infrastructure at your Service. Oracle over Docker. Oracle over Docker

Container in Production : Openshift 구축사례로 이해하는 PaaS. Jongjin Lim Specialist Solution Architect, AppDev

TEN LAYERS OF CONTAINER SECURITY

Container Management : First Looks

Dockerize Your IT! Centrale Nantes Information Technology Department Yoann Juet Dec, 2018

Dockerfile & docker CLI Cheat Sheet

OpenShift Hyper-Converged Infrastructure Bare Metal Deployment with Containerized Gluster

Kubernetes: Twelve KeyFeatures

OPENSTACK + KUBERNETES + HYPERCONTAINER. The Container Platform for NFV

DevOps Technologies. for Deployment

What s New in Red Hat OpenShift Container Platform 3.4. Torben Jäger Red Hat Solution Architect

Transcription:

RED HAT ENTERPRISE LINUX ATOMIC HOST, CONTAINERS AND KUBERNETES Adam Miller Senior Software Engineer OpenShift Online Release Engineering January 2015 RHUG 1

THE PROBLEM BUSINESS DEMANDS I.T. ABILITY TO DELIVER 2010 2 2020 Existing systems are inflexible and don t scale Increasing cost and complexity Need to invest in new platforms but do not have the time, resources or budget

CONTAINERS A SOLUTION? Everything at Google, from Search to Gmail, is packaged and run in a Linux container. 1 - Eric Brewer, VP of Infrastructure, Google 1 Source: http://googlecloudplatform.blogspot.com/2014/06/an-update-on-container-support-on-google-cloud-platform.html 3

WHAT ARE CONTAINERS? Software packaging concept that typically includes an application and all of its runtime dependencies. 4 Easy to deploy and portable across host systems Isolates applications on a host operating system. In RHEL, this is done through: CONTAINER APP LIBS Control Groups (cgroups) HOST OS kernel namespaces SERVER SELinux, svirt, iptables

Virtualization and Containers BINS/ LIBS BINS/ LIBS BINS/ LIBS GUEST OS GUEST OS GUEST OS HOST OS HARDWARE APP C APP C APP B APP B APP A APP A HYPERVISOR 5 CONTAINERIZATION CONTAINER VM VIRTUALIZATION BINS/ LIBS BINS/ LIBS BINS/ LIBS HOST OS, SHARED SERVICES HARDWARE

BENEFITS OF CONTAINERS FASTER APP DELIVERY DEPLOYMENT FLEXIBILITY OPERATIONAL EFFICIENCY LOWERED DEPLOYMENT COSTS CONTAINERS TRANSFORM THE WAY YOU DELIVER APPLICATIONS TO ACCELERATE INNOVATION 6

RUN RHEL 6 APPLICATIONS ON RHEL 7 CONTAINER RHEL 6 PLATFORM IMAGE RHEL 6 APP RHEL 6 RHEL 6 APP 7 RHEL 6 APP RHEL 6 APP APP LIBS RED HAT ENTEPRISE LINUX 6 RED HAT ENTEPRISE LINUX 7 HARDWARE OR VIRTUAL MACHINE HARDWARE OR VIRTUAL MACHINE Deploy containerized RHEL 6 applications to RHEL 7 without porting or changing source code Make use of innovations in Red Hat Enterprise Linux 7 without compromising the reliability and security of existing Red Hat Enterprise Linux 6 apps Available as part of your Red Hat Enterprise Linux subscription

8

WHAT IS DOCKER? Docker is an implementation of Linux Container technology, a toolset and image format. Docker is NOT virtualization. Docker requires Linux kernel features. Docker Containers 9 Virtualization

WHAT IS DOCKER? Docker Image Read Only Template. Union FS of layers to compose OS+Platform+App in one image. Layers can be used by other images. # docker history 7413629aa833 IMAGE CREATED 7413629aa833 57 minutes ago dbcecf2c40c5 58 minutes ago b02849afb76a 58 minutes ago ddf64d06c0ef 58 minutes ago dc50405a6f74 59 minutes ago eb5711564c0f About an hour ago 977d769f859b About an hour ago 8dc6a04270df 5 months ago CREATED /bin/sh /bin/sh /bin/sh /bin/sh /bin/sh /bin/sh /bin/sh BY -c -c -c -c -c -c -c #(nop) USER root #(nop) USER jboss #(nop) WORKDIR /opt/jboss groupadd -r jboss -g 1000 && usera yum -y install git saxon unzip && yum -y update && yum clean all #(nop) MAINTAINER Greg Hoelzer gho SIZE 0 B 0 B 0 B 295.3 kb 281.3 MB 255 MB 0 B 151.5 MB Docker Client (rpm: docker) Command line tool to interface with the Docker Engine # docker ps CONTAINER ID IMAGE PORTS NAMES dd775b942ff8 jbossrhel7bld:build5 0.0.0.0:3322->22/tcp jbossrhel7bld-slave1 ed7a15081f4b jbossrhel6bld:build14 0.0.0.0:2222->22/tcp jbossrhel6bld-slave1 b90317dc3b13 eap61helloworld/7jdk7:build11 0.0.0.0:18080->8080/tcp eap61helloworld_7jdk7 10 COMMAND CREATED STATUS "/run.sh" 24 hours ago Up 24 hours "/run.sh" 24 hours ago Up 24 hours "/opt/jboss/eap-6.1/ 25 hours ago Up 25 hours 9990/tcp,

DOCKER DAEMON Docker daemon ('docker' rpm in RHEL, 'docker-io' in Fedora) Runs containers from images within a kernel namespace and cgroups Runs as a service: # systemctl status docker docker.service - Docker Application Container Engine Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled) Active: active (running) since Wed 2014-11-26 14:03:50 EST; 5 days ago Docs: http://docs.docker.io Main PID: 2216 (docker) CGroup: /system.slice/docker.service 2216 /usr/bin/docker -d --selinux-enabled -H fd:// 9039 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 18080 -container-ip 172.17.0.82 -container-port 8080 10472 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 2222 -container-ip 172.17.0.84 -container-port 22 10566 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 3322 -container-ip 172.17.0.85 -container-port 22 Uses loopback sparse file devicemapper storage in /var/lib/docker by default: # du -h --apparent-size -s /var/lib/docker 106G /var/lib/docker # du -h -s /var/lib/docker 9.9G /var/lib/docker (NOTE: RHEL Atomic Hosts uses direct LVM for more performance out of the box. This isn't realistic on RHEL standard because of varied storage configurations) 11

DOCKER NETWORKING Uses docker0 bridge by default for network: # ifconfig docker0 docker0: flags=4163<up,broadcast,running,multicast> mtu 1454 inet 172.17.42.1 netmask 255.255.0.0 broadcast 0.0.0.0 inet6 fe80::5484:7aff:fefe:9799 prefixlen 64 scopeid 0x20<link> ether 56:84:7a:fe:97:99 txqueuelen 0 (Ethernet) RX packets 689190 bytes 107560060 (102.5 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1672232 bytes 2490681128 (2.3 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 # bridge link 165: vethec8d state UP : <BROADCAST,UP,LOWER_UP> mtu 1454 master docker0 state forwarding priority 32 cost 2 169: veth845f state UP : <BROADCAST,UP,LOWER_UP> mtu 1454 master docker0 state forwarding priority 32 cost 2 171: vetha958 state UP : <BROADCAST,UP,LOWER_UP> mtu 1454 master docker0 state forwarding priority 32 cost 2 # iptables -L -t nat -n Chain DOCKER (2 references) target prot opt source destination DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 12 tcp dpt:18080 to:172.17.0.82:8080 tcp dpt:2222 to:172.17.0.84:22 tcp dpt:3322 to:172.17.0.85:22

RED HAT SUPPORTS DOCKER Red Hat provides Docker in RHEL7 in the extras channel https://access.redhat.com/support/policy/updates/extras Red Hat Enterprise Linux Extras Product Life Cycle Red Hat is introducing a new channel in the Red Hat Customer Portal for Red Hat Enterprise Linux called Extras. The Extras channel is intended to give customers access to select, rapidly evolving technologies. These technologies may be updated more frequently than they would otherwise be in a Red Hat Enterprise Linux minor release. The technologies delivered in the Extras channel are fully supported. Red Hat Container Certification: http://www.redhat.com/en/about/press-releases/red-hat-announces-certificatio n-for-containerized-applications-extends-customer-confidence-and-trust-to-th e-cloud 13

REINVENTING THE WHEEL? Solaris Zones AIX WPARS Linux LXC Unix chroot Why Docker is different: Docker Image format Docker toolchain Docker networking SELinux support Much much more... 14

DOCKER IN ACTION RHEL7 host with subscription management # docker pull rhel7 # docker run -i -t --name some-name rhel7 bash # yum install httpd # exit # docker ps -a # docker commit -m comment -a author imageid name:tag 15

DOCKER IN ACTION: TAGS Tags are mutable and one image can have more than one tag. Use tags symbolically. # docker tag image yourname/httpd-rhel7:rhug # docker tag image yourname/httpd:latest REPOSITORY IMAGE ID CREATED mheldebr/httpd-rhel7 rhug dbe0a806463e 13 minutes ago 220.5 MB mheldebr/httpd dbe0a806463e 13 minutes ago 220.5 MB 16 TAG latest VIRTUAL SIZE

DOCKER IN ACTION: REGISTRY docker push tag send it to the registry server1 # docker tag httpd-rhel7 registry-host:5000/user/httpd-rhel7 server1 # docker push registry-host:5000/user/httpd-rhel7 On another server, pull down that docker image via tag and run it server2 # docker pull registry-host:5000/user/httpd-rhel7 17

DOCKER REGISTRY GOTCHYAS No security for the registry built in Frontend it with apache/nginx: https://github.com/docker/docker-registry/blob/master/advance D.md Search not yet working from the docker command Browser based search: 18 http://your.registry:5000/v1/search http://your.registry:5000/v1/search?q=rhel

DOCKER COMMANDS docker build build a docker image docker run image run a container Interactive: -i -t (interactive, attach TTY) Background: -d (daemonize) Ports: -p ip:container:host Name: --name name Linking: --link name:alias 19 sets environment variables in containers <name>_port_<port>_<protocol>

DOCKER COMMANDS CONTINUED 20 docker images what images are on this server docker ps what containers are running on the server docker ps -a what containers are and were running on the server

DOCKER COMMANDS CONTINUED docker logs container stdout of a container docker inspect container JSON metadata docker history image layers of an image docker rm container delete a container docker rmi image delete an image 21

DOCKERFILE BUILDING DOCKER IMAGES Choose a base image Red Hat registry RHEL image docker load from your own server Install your platform Configuration of OS and platform Install your application 22

DOCKERFILE - EXAMPLE FROM rhel7 MAINTAINER you # Update image RUN yum update -y && yum clean all # Install platform RUN yum install httpd -y && yum clean all # Create an index.html file ADD index.html /var/www/html/index.html' #Run httpd in the foreground ENTRYPOINT [ /usr/sbin/httpd, -DFOREGROUND ] 23

DOCKERFILE - BUILDING # mkdir httpd-project # cd httpd-project # cp /src/index.html. # vi Dockerfile # docker build -t httpd-rhel7. Sending build context to Docker daemon 3.584 kb Sending build context to Docker daemon Step 0 : FROM rhel7 ---> bef54b8f8a2f Step 1 : MAINTAINER you ---> Running in ba42e5f739b5 ---> 7a132d9b0dae Removing intermediate container ba42e5f739b5 24

DOCKERFILE - BUILDING Step 2 : RUN yum update -y && yum clean all ---> Running in 4cb8ce9be33a Loaded plugins: product-id, subscription-manager Resolving Dependencies --> Running transaction check ---> Package ca-certificates.noarch 0:2013.1.95-71.el7 will be updated <SNIP> Cleaning up everything ---> d159981178f4 Removing intermediate container 4cb8ce9be33a 25

DOCKERFILE - BUILDING Step 3 : RUN yum install httpd -y && yum clean all ---> Running in 0cae6a32272a Loaded plugins: product-id, subscription-manager Resolving Dependencies --> Running transaction check ---> Package httpd.x86_64 0:2.4.6-18.el7_0 will be installed --> Processing Dependency: httpd-tools = 2.4.6-18.el7_0 for package: httpd-2.4.6-18.el7_0.x86_64 <SNIP> Cleaning up everything ---> 98603b985c90 Removing intermediate container 0cae6a32272a Step 4 : ADD index.html /var/www/html/index.html' ---> 781d160e0124 Removing intermediate container 7938e8e72b23 26

DOCKERFILE RUN IT Step 5 : ENTRYPOINT [ /usr/sbin/httpd, -DFOREGROUND ] ---> Running in 04b4aa491300 ---> ea0f5eb865da Removing intermediate container 04b4aa491300 Successfully built ea0f5eb865da Run it: # docker run -d -p 8081:80 httpd-rhel7 # curl localhost:8081 <HTML><HEAD></HEAD><BODY>Webpage!</BODY> Next -> WORKFLOW 27

28

DOCKER INSPECTING CONTAINERS If entrypoint is defined arguments are passed to the entrypoint command instead of a shell Override the entrypoint # docker run -i -t --rm \ --name mycontainer --entrypoint /bin/bash httpd-rhel7 Enter the namespace of a running container # docker exec -i -t mycontainer /bin/bash bash-4.2# ps -ef UID PID PPID root 1 0 root 8 0 root 38 8 29 C 0 0 0 STIME 18:10 18:10 18:16 TTY??? TIME 00:00:00 00:00:00 00:00:00 CMD /bin/bash /bin/bash ps -ef

DOCKER RUNNING APPLICATIONS Run one thing per image Connect containers together Run traditional daemons in the foreground in the image ssh -D httpd -DFOREGROUND Plan your ports for your containers 30 You can share ports with a different ip address on a single server

CONTAINERS ENABLE CONTINUOUS DELIVERY HOST OS SERVER APP LIBS CONTAINER CONTAINER APP LIBS HOST OS SERVER DEVELOPMENT FOCUS CODE APPLICATIONS LIBRARIES / DEPENDENCIES DATA STORE 31 OPERATIONS FOCUS HARDWARE OPERATING SYSTEM NETWORKING MONITORING

WHAT ABOUT DENSITY? 10 virtual machines ----------------------------------- 100 containers 32 ADD NAME (View > Master > Slide master)

OPERATIONAL EFFICIENCY TIME TO SET UP 33 27 HRS 12 MINS 10 SECS PHYSICAL SERVER VIRTUAL MACHINE CONTAINER INSTANCE

KUBERNETES 34

KUBERNETES An orchestration engine for containers. Runs on RHEL7 and RHEL7 Atomic Host Provides a declarative language to specify desired system state. In June 2014 Google open sourced a container management project Named for a shipmaster in Greek Red Hat is collaborating in the kubernetes project http://www.redhat.com/en/about/blog/red-hat-and-google-collaborate-kubernetes-manage -docker-containers-scale 35

WHAT IS KUBERNETES? CONTINUED 36 Sometimes called: kube k8s (that's 'k' + 8 letters + 's') Start, stop, update, and manage a cluster of machines running containers in a consistent and maintainable way. Additional functionality to make containers easier to use in a cluster (reachability and discovery). Kubernetes does NOT and will not expose all of the 'features' of the docker command line.

WHAT DOES IT SOLVE? Describe networked applications simply Put app components into Docker containers Containers see flat network Simple relationships between containers Make networked storage easy to use Build resiliency and redundancy into infra 37 Health checking, load balancing, failure detection Run many workloads on the same machines

KUBERNETES PRIMITIVES AND KEYWORDS Master Minion/Node Pod Replication Controller Service Label 38

MASTER 39 Typically consists of: kube-apiserver kube-scheduler kube-controller-manager etcd Might contain: kube-proxy a network management utility

MINION (NODE) Typically consists of: kubelet kube-proxy cadvisor Might contain: 40 a network management utility May be referred to by either name.

SYSTEMS AND BINARIES 41

POD Single schedulable unit of work Can not move between machines Can not span machines One or more containers Shared network namespace Metadata about the container(s) Env vars configuration for the container Every pod gets an unique IP 42 Assigned by the container engine, not kube!

POD 43

POD (CONTINUED) 44

KUBERNETES POD DEFINITION EXAMPLE {"apiversion": "v1beta1", kind": "Pod","id": "apache","namespace": "default", "labels": { name": "apache"}, "desiredstate": {"manifest": { "version": "v1beta1","id": "apache","volumes": null, "containers": [ { "name": "master","image": "fedora/apache", "ports": [ { "containerport": 80,"hostPort": 80,"protocol": "TCP" } ], } ], "restartpolicy": { "always": {} } }, }, } 45

REPLICATION CONTROLLER 46 Consists of Pod template Count Label Selector Kube will try to keep $count copies of pods matching the label selector running If too few copies are running the replication controller will start a new pod somewhere in the cluster

REPLICATION CONTROLLER 47

SERVICES How 'stuff' finds pods which could be anywhere Define: 48 What port in the container Labels on pods which should respond to this type of request Can define: What the 'internal' IP should be What the 'external' IP should be What port the service should listen on

SERVICES 49

LABELS List of key=value pairs Attached to all objects Currently used in 2 main places 50 Matching pods to replication controllers Matching pods to services Objects can be queried from the API server by label

SERVICES AND LABELS 51

NETWORKING SETUP (WORK IN PROGRESS) Networking is a docker problem not kube Kube makes those problems apparent! If any two docker containers on any two hosts can talk over IP, kube will just work. 52 Every container within a pod gets an unique IP within the same network space. Overlay networks allow this to just work

Networking Docker Out Of The Box 53

NETWORKING SETUP (UNDER DEVELOPMENT) Flannel (Not yet in RHEL) Extremely easy configuration Can create a vxlan overlay network Pods just work! There are many other solutions. 54 Can configure docker to launch pods in this overlay This one is easy.

Networking with an overlay network 55

BUT... IT S MORE THAN JUST THE CONTAINER 56

57 ADD NAME (View > Master > Slide master)

IT S MORE THAN THE CONTAINER SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate MULTIPLE DEPLOYMENT TARGETS on RHEL certified hardware, hypervisors and CCPs 58

IT S MORE THAN THE CONTAINER MANY CONTAINER SOURCES (trusted and untrusted) CERTIFIED IMAGES Red Hat Customer Portal PRIVATE REGISTRIES on premise PUBLIC REGISTRIES such as Docker Hub SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate MULTIPLE DEPLOYMENT TARGETS on RHEL certified hardware, hypervisors and CCPs 59

IT S MORE THAN THE CONTAINER MANAGEMENT AND ORCHESTRATION MANY CONTAINER SOURCES (trusted and untrusted) CERTIFIED IMAGES Red Hat Customer Portal PRIVATE REGISTRIES on premise PUBLIC REGISTRIES such as Docker Hub SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate MULTIPLE DEPLOYMENT TARGETS on RHEL certified hardware, hypervisors and CCPs 60

IT S MORE THAN THE CONTAINER MANAGEMENT AND ORCHESTRATION KUBERNETES MANY CONTAINER SOURCES (trusted and untrusted) CERTIFIED IMAGES Red Hat Customer Portal PRIVATE REGISTRIES on premise PUBLIC REGISTRIES such as Docker Hub SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate 61

RED HAT ENTERPRISE LINUX ATOMIC HOST (BETA) IT IS RED HAT ENTERPRISE LINUX OPTIMIZED FOR CONTAINERS MINIMIZED FOOTPRINT Inherits the complete hardware ecosystem, military-grade security, stability and reliability for which Red Hat Enterprise Linux is known. 62 Minimized host environment tuned for running Linux containers while maintaining compatibility with Red Hat Enterprise Linux. SIMPLIFIED MAINTENANCE ORCHESTRATION AT SCALE Atomic updating and rollback means it s easy to deploy, update, and rollback using imaged-based technology. Build composite applications by orchestrating multiple containers as microservices on a single host instance.

RED HAT ENTERPRISE LINUX ATOMIC HOST (BETA) RED HAT ENTERPRISE LINUX 7 Linux Kernel EXTRAS CHANNEL kubernetes SELinux rpm-ostree systemd tuned... 63 docker

RHEL ATOMIC BETA Container Oriented OS based on RHEL7 and Project Atomic Docker and Kubernetes All applications are to run in a container Atomic updates of the OS 64 rpm-ostree

SECURING HOSTS AND CONTAINERS RED HAT CONTAINER CERTIFICATION UNTRUSTED CERTIFIED How can you validate what s in the host and the containers? Will it compromise your infrastructure? 65 It should work from host to host, but can you be sure? Trusted source for the host and the containers Instant portability across multiple hosts CONTAINER CONTAINER CONTAINER CONTAINER APP APP APP APP LIBS LIBS LIBS LIBS HOST OS HOST OS SERVER SERVER

ONLY RED HAT... Provides a single application delivery platform across deployment targets 66 Certified to run on common hardware, hypervisors and cloud service providers Delivers a safe, cost-effective way to consume containers Transforms application delivery with the first credible hybrid cloud platform for container-based applications and services

DEMO! 67

LEARN MORE Access the Red Hat Enterprise Linux Atomic Host Beta https://access.redhat.com/products/red-hat-enterprise-linux/atomic-host-beta Stay informed via the Red Hat Enterprise Linux blog http://rhelblog.redhat.com/tag/containers/ 68

QUESTIONS? 69

Thank You! Adam Miller (@TheMaxamillion) Senior Software Engineer OpenShift Online Release Engineering January 2015 RHUG 70

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback