Red Hat Containers Roadmap Red Hat A panel of product directors
Joe Fernandes Sr. Director Product Mgmt, Red Hat Rich Sharples Sr. Director of Product Mgmt, Red Hat Sayan Saha Sr. Manager of Product Mgmt, Red Hat Ben Breard Sr. Technical Product Mgmt, Red Hat Steve Gordon Principal Product Manager - OpenStack, Red Hat Xavier Lecauchois Director Product Mgmt, Red Hat
Disclaimer The content set forth herein does not constitute in any way a binding or legal agreement or impose any legal obligation or duty on Red Hat. This information is provided for discussion purposes only and is subject to change for any or no reason.
RED HAT ENTERPRISE LINUX & CONTAINERS
Container Runtime & Security Dual versions of Docker docker & docker-latest Docker-1.10 & moving to 1.12 soon Multiprocess Containers Runc as a lightweight container runtime System & Application Containers Atomic Scan with OpenSCAP will move to GA in 7.3. Pluggable backend also enables Black Duck scanning. Enterprise-wide container scanning with CloudForms 4.1+ Image signing coming soon!
RHEL Atomic Host - Streamlined for Containers Developer Mode - get started FAST Bypass cloud-init and go straight to the Cockpit Web UI. OStree package layering & admin-unlock Multi-host Mgr- provides a RESTful API & CLI for common cluster-wide actions: Rolling upgrades Rolling reboots Atomic command enhancements: top - top-like view for running containers diff - file & rpm diffs between images migrate - Enables storage backend migrations
Cockpit - A Modern Web UI for RHEL Goal: Make Linux discoverable and simple to administer Description: A lightweight interface with added support for: OStree updates & roll backs Performance profiles SELinux troubleshooting Expanded storage capabilities Docker RestartPolicy Generate sosreports
OPENSHIFT & KUBERNETES
Kubernetes Project
Kubernetes Features Core Concepts & Capabilities Pods, Services, Labels, Replication Controllers Service Discovery, Self-Healing, Autoscaling,... Kubernetes 1.2 (OpenShift 3.2 - available today) Dynamic application configuration Scalability enhancements New scheduling features Kubernetes 1.3 (OpenShift 3.3 - coming soon) Enhanced support for stateful services Multi-cluster federation More performance & scaling enhancements
OpenShift Container Platform CONTAINER CONTAINER CONTAINER CONTAINER CONTAINER SELF-SERVICE SERVICE CATALOG (LANGUAGE RUNTIMES, MIDDLEWARE, DATABASES, ) BUILD AUTOMATION DEPLOYMENT AUTOMATION APPLICATION LIFECYCLE MANAGEMENT (CI / CD) CONTAINER ORCHESTRATION & CLUSTER MANAGEMENT (KUBERNETES) NETWORKING STORAGE REGISTRY LOGS & METRICS INFRASTRUCTURE AUTOMATION & COCKPIT CONTAINER RUNTIME & PACKAGING (DOCKER) ATOMIC HOST RED HAT ENTERPRISE LINUX SECURITY
OpenShift - Build & Deployment Automation Code Can configure triggers for automated deployments, builds, and more. Build Deploy Can configure different deployment strategies like A/B, Rolling upgrade, Automated base updates, and more.
CD Pipelines in OpenShift 3.3 Define and manage the whole application lifecycle Build/Deploy workflow from Dev to Production Integrated Jenkins 2 Pipeline extensibility Real time status and integrated metrics
Enterprise Registry in OpenShift 3.3 Manage image content with new integrated registry capabilities Registry quota and access management Visualization of images and image layers Also available for standalone Registry deployments
Red Hat JBoss Middleware
Traditional View of Middleware
JBoss Middleware Services on OpenShift Application Container Services Integration Services Business Process Services JBoss EAP Fuse BPM JBoss Web Server A-MQ BRMS JBoss Developer Studio Data Virtualization Core Services Data Grid (Caching) SSO (Identity Management) Resilience Mobile Services... Red Hat Mobile
Microservices - A Definition... is an approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API. These services are built around business capabilities and independently deployable by fully automated deployment machinery. There is a bare minimum of centralized management of these services, which may be written in different programming languages and use different data storage technologies. - Martin Fowler http://martinfowler.com/articles/microservices.html
Microservices scorecard Service Isolation Linux Containers / Docker Lightweight Kubernetes: Services, Service Registry, HTTP, DNS Interconnect Polyglot Language Choice (Java, Ruby, Node.js, ) Middleware Choice (EAP, Fuse, BRMS, JDG, A-MQ, ) Automation Automated Build & Provisioning with OpenShift and source-toimage, CDK Centralized OpenShift Administration Console Management No pollution of application (not invasive) Consolidated logging (EFK) Drill-down into domain-specific management views
CALL TO ACTION - we need your input! Without OpenShift, is container image support for JBoss EAP / JWS still important? Is Kubernetes important to you for JBoss EAP or other M/W products? For your containerized applications, is HTTP Load Balancing important? For your containerized applications, is Clustering / HA important? For your containerized applications is EAP Domain Management important?
STORAGE
Persistent Storage for Containers Containers need persistent storage They need to store state, data and configuration Container storage must be easy to deploy, agile & flexible
Supported Storage Back-ends for OpenShift iscsi NFS Amazon EBS Google Persistent Disk GlusterFS Ceph RBD OpenStack Cinder Fibre Channel pdisk EBS iscsi Cinder Fiber Channel NFS
OPENSTACK
OpenShift on OpenStack Architectural tenets:? Technical independence Avoiding redundancy Contextual awareness Simplified management
OpenShift on OpenStack - Current Networking via Neutron networks. Load Balancing via Neutron LBaaS V1 Block Storage via Cinder volumes. Compute via Nova virtual machines. Orchestration via Heat templates. Reference architecture to be published real soon now
OpenShift on OpenStack - Future Load Balancing via Octavia (LBaaS V2) DNS via Designate File Storage via Manila Re-validate architecture on bare-metal using Ironic
What about deployment of OpenStack? Toward an unified and common orchestration tool for your platform, Kubernetes. OpenStack is just another application on your container stack OpenStack Kolla Provides production-ready containers to operate OpenStack Orchestration using Ansible or Kubernetes (kolla-kubernetes project) Tech preview of containerized compute nodes in Red Hat OpenStack Platform 8: http://red.ht/27hrudn
Red Hat Management Managing Containers
Digital Transformation APPLICATIONS New architectures and ways to integrate INFRASTRUCTURE New cloud-based infrastructure and ways to serve applications DEV New ways of developing and delivering applications OPS More agile process to support both IT and the business RED HAT MANAGEMENT
RED HAT MANAGEMENT SATELLITE CLOUDFORMS BUILD A TRUSTED & SECURE RED HAT ENVIRONMENT DELIVER SERVICES ACROSS YOUR HYBRID CLOUD Manage the Red Hat Lifecycle Hybrid Cloud Management Provision & Configure at Scale Self-Service Provisioning Standardize Your Environment Policy-driven Compliance ANSIBLE INSIGHTS AUTOMATE YOUR IT PROCESSES & DEPLOYMENTS PREVENT CRITICAL ISSUES BEFORE THEY OCCUR Simple & powerful language Continuous Insights No agents to install Verified Knowledge Scale with Ansible Tower Proactive Resolution
Container Journey COMPLEXITY SCALE Ansible One developer. How do I docker? Atomic Host Dev team. How can we move faster? OpenShift Dev meets Ops. How do we run at scale? Satellite DevOps. Can we turn it into a platform? Insights CloudForms Production Ops. How do we manage at scale?
Managing Containers Today 4.0 RED HAT CLOUDFORMS Support - OpenShift and Atomic Host as container providers Dedicated dashboard - Topology mapping for containers, nodes, pods and registries Configuration management - Drift analysis of container image packages Performance monitoring - CPU & memory utilization Introspection - Agent-less container content analysis for security and compliance assessment Policy automation - Kubernetes events in policy definition Performance monitoring - Networking & storage utilization Chargeback 6.1 RED HAT SATELLITE 4.1 Container Deployment - Integrate container deployment in lifecycle workflow Lifecycle management - Atomic Host: provision, patch and update, retire 6.2
Managing Containers Today 2.1 Service Design - Multi-container service definition through Ansible playbooks Security - Configure SELinux to secure docker containers and storage space Today Visibility into image configuration - Identify risks inside a container before it is deployed Optimization of Container Infrastructure - Operational analysis & remediation guidance for underlying container platform ANSIBLE RED HAT INSIGHTS
Managing Containers - Short Term Additions RED HAT CLOUDFORMS RED HAT SATELLITE 4.2 Openshift management - Deployment and lifecycle management of OpenShift infrastructure Application instantiation - Openshift Template integration 6.3 Container registry role - Enterprise-approved registry for content governance ProdOps meet DevOps - Satellite + Openshift to coordinate multiple teams for application lifecycle at scale Next Ansible Container - Build Docker images and orchestrate containers with playbooks OpenShift and Kubernetes modules - Manage OpenShift and Kubernetes Application topology awareness - Automatically identify related containers and analyze compound risks to the overall application Security policy analysis - Assign containers specific risk policies (SANs, CIS,...) and receive tailored alerts ANSIBLE Next RED HAT INSIGHTS
POWER UP and PARTY DOWN with Red Hat Mobile, Middleware and OpenShift. Wednesday evening 9PM 12AM Pick up your invitation for the party that beats all parties at: Mobile, Middleware or OpenShift demo pods in the Red Hat Booth, Partner Pavilion
Divider Slide
Divider Slides