OPENSHIFT 3.7 and beyond

Similar documents
Red Hat OpenShift Roadmap Q4 CY16 and H1 CY17 Releases. Lutz Lange Solution

Red Hat Roadmap for Containers and DevOps

Eclipse MicroProfile with Thorntail (formerly WildFly Swarm)

Taming your heterogeneous cloud with Red Hat OpenShift Container Platform.

OPENSHIFT CONTAINER PLATFORM TECHNICAL OVERVIEW. Presenter Presenter s title Date

A Comparision of Service Mesh Options

Cloud Native Java with Kubernetes

The Road to Istio: How IBM, Google and Lyft Joined Forces to Simplify Microservices

AGILE RELIABILITY WITH RED HAT IN THE CLOUDS YOUR SOFTWARE LIFECYCLE SPEEDUP RECIPE. Lutz Lange - Senior Solution Architect Red Hat

ISTIO 1.0 INTRODUCTION & OVERVIEW OpenShift Commons Briefing Brian redbeard Harrington Product Manager, Istio

What s New in Red Hat OpenShift Container Platform 3.4. Torben Jäger Red Hat Solution Architect

Red Hat Containers Roadmap. Red Hat A panel of product directors

Przyspiesz tworzenie aplikacji przy pomocy Openshift Container Platform. Jarosław Stakuń Senior Solution Architect/Red Hat CEE

Openshift: Key to modern DevOps

The Modern & Agile Platform for Abstraction. Vasco Neves Application Platform Sales Specialist / Middleware

Istio. A modern service mesh. Louis Ryan Principal

Container in Production : Openshift 구축사례로 이해하는 PaaS. Jongjin Lim Specialist Solution Architect, AppDev

Managing your microservices with Kubernetes and Istio. Craig Box

MSB to Support for Carrier Grade ONAP Microservice Architecture. Huabing Zhao, PTL of MSB Project, ZTE

WHITE PAPER. RedHat OpenShift Container Platform. Benefits: Abstract. 1.1 Introduction

INTRODUCING CONTAINER-NATIVE VIRTUALIZATION

Cloud I - Introduction

S Implementing DevOps and Hybrid Cloud

NGINX: From North/South to East/West

Docker and Oracle Everything You Wanted To Know

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4

Go Faster: Containers, Platforms and the Path to Better Software Development (Including Live Demo)

OpenShift Dedicated 3 Release Notes

TEN LAYERS OF CONTAINER SECURITY

Enabling Multi-Cloud with Istio Stretching an Istio service mesh between Public & Private Clouds. John Joyce Robert Li

Accelerate at DevOps Speed With Openshift v3. Alessandro Vozza & Samuel Terburg Red Hat

RED HAT OPENSHIFT A FOUNDATION FOR SUCCESSFUL DIGITAL TRANSFORMATION

Important DevOps Technologies (3+2+3days) for Deployment

OpenShift 3 Technical Architecture. Clayton Coleman, Dan McPherson Lead Engineers

Kuber-what?! Learn about Kubernetes

OpenShift Container Platform 3.11

EVERYTHING AS CODE A Journey into IT Automation and Standardization. Raphaël Pinson

Containers Infrastructure for Advanced Management. Federico Simoncelli Associate Manager, Red Hat October 2016

Container Management : First Looks

Service Mesh and Related Microservice Technologies in ONAP

Amir Zipory Senior Solutions Architect, Redhat Israel, Greece & Cyprus

Backup strategies for Stateful Containers in OpenShift Using Gluster based Container-Native Storage

Convergence of VM and containers orchestration using KubeVirt. Chunfu Wen

VMWARE ENTERPRISE PKS

Monolith to Microservices

Service Mesh with Istio on Kubernetes. Dmitry Burlea Software FlixCharter

Secure Kubernetes Container Workloads

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

São Paulo. August,

Kubernetes Integration Guide

Red Hat Atomic Details Dockah, Dockah, Dockah! Containerization as a shift of paradigm for the GNU/Linux OS

개발자와운영자를위한 DevOps 플랫폼 OpenShift Container Platform. Hyunsoo Senior Solution Architect 07.Feb.2017

VMWARE PKS. What is VMware PKS? VMware PKS Architecture DATASHEET

SQUASH. Debugger for microservices. Idit Levine solo.io

TEN LAYERS OF CONTAINER SECURITY. Kirsten Newcomer Security Strategist

Securing Containers on the High Seas. Jack OWASP Belgium September 2018

Continuous Delivery for Cloud Native Applications

CONTAINERS AND MICROSERVICES WITH CONTRAIL

Clover Overview: Gambia release. April 16, 2018

Implementing SaaS on Kubernetes

Container-Native Applications

CoreOS and Red Hat. Reza Shafii Joe Fernandes Brandon Philips Clayton Coleman May 2018

OPENSTACK Building Block for Cloud. Ng Hwee Ming Principal Technologist (Telco) APAC Office of Technology

RED HAT GLUSTER TECHSESSION CONTAINER NATIVE STORAGE OPENSHIFT + RHGS. MARCEL HERGAARDEN SR. SOLUTION ARCHITECT, RED HAT BENELUX April 2017

A Greybeard's Worst Nightmare

Building a Kubernetes on Bare-Metal Cluster to Serve Wikipedia. Alexandros Kosiaris Giuseppe Lavagetto

Continuous delivery while migrating to Kubernetes

RED HAT CLOUDFORMS. Chris Saunders Cloud Solutions

Virtual Infrastructure: VMs and Containers

CHALLENGES IN A MICROSERVICES AGE: MONITORING, LOGGING AND TRACING ON OPENSHIFT. Martin Etmajer Technology May 4, 2017

Istio s Mixer: Policy Enforcement with Custom Adapters Limin Wang, Software Engineer, Google Torin Sandall, Software Engineer, Styra

CREATING A CLOUD STRONGHOLD: Strategies and Methods to Manage and Secure Your Cloud

TEN LAYERS OF CONTAINER SECURITY

Containers, Serverless and Functions in a nutshell. Eugene Fedorenko

Dynamic App Services in Containerized Environments

How to Re-Architect without Breaking Stuff (too much) Owen Garrett March 2018

Red Hat CloudForms 4.6

Kubernetes 101. Doug Davis, STSM September, 2017

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Implementing Container Application Platforms with Cisco ACI

What s New in Red Hat OpenShift Container Platform 3.9. OpenShift Commons Briefing 21 March 2018

70-532: Developing Microsoft Azure Solutions

EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER

Security oriented OpenShift within regulated environments

RED HAT'S CONTAINER STRATEGY. Lars Herrmann General Manager, RHEL, RHEV and Containers June 24, 2015

Microservices and Container Development

MODERN APPLICATION ARCHITECTURE DEMO. Wanja Pernath EMEA Partner Enablement Manager, Middleware & OpenShift

Ingress Kubernetes Tutorial

Service Mesh and Microservices Networking

Kuberiter White Paper. Kubernetes. Cloud Provider Comparison Chart. Lawrence Manickam Kuberiter Inc

Kubernetes. Introduction

Container-Native Storage

You Have Stateful Apps - What if Kubernetes Would Also Run Your Storage?

Project Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads.

Kick CaaS with HPE Express Containers. Ka Wai Leung HPE Solutions Product Management

Kubernetes 1.8 and Beyond

PUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS

ACCELERATE APPLICATION DELIVERY WITH OPENSHIFT. Siamak Sadeghianfar Sr Technical Marketing Manager, April 2016

Kubernetes 1.9 Features and Future

VMWARE PIVOTAL CONTAINER SERVICE

Transcription:

OPENSHIFT 3.7 and beyond

Qu est qu un conteneur? APPLICATIONS INFRASTRUCTURE 2 Processus sur un système d exploitation Applications et toutes ses dépendances Plus simple, léger et dense des VMs Portable entre environnements Déploiement dans un environnement en quelques secondes Facile d accès et facile à partager

Machine Virtuelle vs Conteneur Virtual Machine Container Application Application OS dependencies OS dependencies Operating System Isolation par VM OS complet Compute fixe Mémoire Fixe Utilisation de ressources élevée 3 Container Host Isolation par conteneur Noyau de l OS partagé Compute à la demande Mémoire à la demande Faible utilisation des ressources

Conteneurs plusieurs couches indépendantes Image Layer 3 Image Layer 2 Image Layer 1 Base Image Container Image Layers 4 Application Layer Java Runtime Layer OS Update Layer Base RHEL Example Container Image

OPENSHIFT

OpenShift = Enterprise Kubernetes+ Bâtir, déployer et gérer des applications en conteneurs CONTAINER CONTAINER CONTAINER CONTAINER CONTAINER SELF-SERVICE SERVICE CATALOG (LANGUAGE RUNTIMES, MIDDLEWARE, DATABASES, ) BUILD AUTOMATION DEPLOYMENT AUTOMATION APPLICATION LIFECYCLE MANAGEMENT (CI / CD) CONTAINER ORCHESTRATION & CLUSTER MANAGEMENT (KUBERNETES) NETWORKING STORAGE REGISTRY LOGS & METRICS INFRASTRUCTURE AUTOMATION & COCKPIT OCI CONTAINER RUNTIME & PACKAGING ATOMIC HOST / RED HAT ENTERPRISE LINUX SECURITY

OCP 3.7 - Thèmes Services Multi-Cloud Service Catalog/Broker Partenariat Amazon Web Services Services AWS Livrés et maintenus par AWS. Déploiement d application sur plusieurs IAAS géré par Ansible Déploiement par phases Ansible Playbook Bundles «APB» API de gestion et monitoring par événement Prometheus et CloudForms Sécurité NetworkPolicy, Auditing, Node API Restrictions, RBAC

SERVICE BROKER

WHY A SERVICE BROKER? Open ticket Wait for allocation Receive credentials Add to app Deploy app SERVICE CONSUMER SERVICE PROVIDER Manual, Time-consuming and Inconsistent 9 OPENSHIFT TECHNICAL OVERVIEW

A multi-vendor project to standardize how services are consumed on cloud-native platforms across service providers 10 OPENSHIFT TECHNICAL OVERVIEW

WHAT IS A SERVICE BROKER? SERVICE CONSUMER SERVICE CATALOG SERVICE BROKER Automated, Standard and Consistent 11 OPENSHIFT TECHNICAL OVERVIEW SERVICE PROVIDER

OPENSHIFT SERVICE CATALOG OPENSHIFT SERVICE CATALOG 12 OPENSHIFT TECHNICAL OVERVIEW OpenShift Template Broker OPENSHIFT OpenShift Ansible Broker ANSIBLE AWS Service Broker AWS Other Service Brokers OTHER COMPATIBLE SERVICES OpenShift Templates Ansible Playbook Bundles AWS Services Other Services

DÉMO #1 13 Service Broker OPENSHIFT TECHNICAL OVERVIEW

Installation Feature(s): Make the installer modular to allow playbooks to run independently. Description: The installer has been enhanced to allow admins to install specific components. How it Works: By breaking up the roles and playbooks, we allow for a better targeting of ad hoc administration tasks. Sample ordering of playbooks: playbooks/byo/openshift-checks/pre-install.yml playbooks/byo/openshift-etcd/config.yml playbooks/byo/openshift-nfs/config.yml (if required) playbooks/byo/openshift-loadbalancer/config.yml (if required) playbooks/byo/openshift-master/config.yml playbooks/byo/openshift-master/additional_config.yml playbooks/byo/openshift-node/config.yml playbooks/byo/openshift-glusterfs/config.yml (if required) playbooks/byo/openshift-cluster/openshift-hosted.yml playbooks/byo/openshift-cluster/openshift-metrics.yml (if required) playbooks/byo/openshift-cluster/openshift-logging.yml (if required) playbooks/byo/openshift-cluster/service-catalog.yml (if required) playbooks/byo/openshift-management/config.yml (if required)

Installation Feature(s): Both Install AND Configure CFME 4.6 from the OpenShift installer - To install CFME 4.6: Description: CloudForms 4.6 will be fully supported running on OCP 3.7 as a set of containers. - To configure CFME 4.6 to consume the OpenShift installation it is running on: # ansible-playbook -v -i <YOUR_INVENTORY> playbooks/byo/openshift-management/config.yml # ansible-playbook -v -i <YOUR_INVENTORY> playbooks/byo/openshift-management/add_container_provider.yml - You can also automate the configuration of the provider to point to multiple OpenShift clusters: How it Works: We have automated the installation experience to the level we have only done for metrics and logging in the past. Now management (CloudForms) is an available API endpoint on all OpenShift clusters that choose to use it. More cluster admins will be able to leverage CloudForms and begin experiencing the insight and automations available to them in the full OpenShift container platform. # ansible-playbook -v -e container_providers_config=/tmp/cp.yml playbooks/byo/openshift-management/add_many_container_providers.yml

Networking Feature(s): Network Policy Description: Optional plugin specification of how selections of pods are allowed to communicate with each other and other network endpoints. How it Works: Fine-grained network namespace isolation using labels and port specifications what ingress traffic is allowed to any pod, from any other pod on specific ports including traffic from pods located in other projects Policy applied to namespace: project-a kind: NetworkPolicy apiversion: extensions/v1beta1 metadata: name: allow-to-red spec: podselector: matchlabels: type: red ingress: - {}

DÉMO #2 17 Network Policy

Metrics Feature(s): Introducing Prometheus (Tech Preview) PS: Hawkular is still the supported Metrics stack Description: OpenShift Operators deploy Prometheus on an OCP cluster, collect Kubernetes and Infrastructure metrics, get alerts. Operators can see and query metrics and alerts on Prometheus web dashboard. Or They can bring their own Grafana and hook it up to Prometheus. How it Works: New OpenShift installer playbook for installing Prometheus (2.0) server, alert manager and oauth-proxy Deploys Statefulset comprising server, alert-manager, buffer and oauthproxy in front and a PVC one for server and one for alert manager Alerts can be created in a rule file and selected via inventory file

DÉMO #3 19 Prometheus

CloudForms OpenShift Provider - CF 4.6 Containerized (aka podified) CF Installed on OpenShift with Installer or Template OpenShift Provider for Prometheus Metrics and Alerts in container dashboards Chargeback 20 INSERT DESIGNATOR, IF NEEDED Alerts management By Allocation (vs. Usage)

CF 4.6 and Chargeback Set Rate By Usage By Allocation 21 INSERT DESIGNATOR, IF NEEDED Create Reports Assign Rate The Enterprise By Container Provider By Image Label By Image Tag By Project By Image/Project

RED HAT OPENSHIFT APPLICATION RUNTIMES Providing curated set of integrated runtimes and frameworks that standardizes Cloud Native App Dev YOUR APPS AND SERVICES Simplified development Strategic flexibility RED HAT OPENSHIFT APPLICATION RUNTIMES Launch Service Reactive Vert.x MicroProfile WildFly Swarm Spring Boot Tomcat JavaScript Node.js Java EE JBoss EAP APPLICATIONS LIFECYCLE MANAGEMENT SUPPORTING MIDDLEWARE SERVICES DevOps automation CONTAINER ORCHESTRATION & MANAGEMENT (KUBERNETES) RED HAT OPENSHIFT Laptop Datacenter OpenStack Amazon Web Services Microsoft Azure Google Cloud YOUR INFRASTRUCTURE 22

RHOAR GETTING STARTED EXPERIENCE Enhance Choose your runtimes Pick your use case (mission-booster) Customize to fit your requirements developers.redhat.com/launch Deploy and run Test MISSION-BOOSTER: A working application-implementation showcasing different pieces of cloud native application.

MICROSERVICES INFRASTRUCTURE: ISTIO SERVICE MESH

Microservices tooling API Discovery and Invocation Tracing Integration Monitoring MyService Elasticity Logging Authentication Resilience Pipeline

Istio - Sail (Kubernetes - Helmsman or ship s pilot) OPENSHIFT TECHNICAL OVERVIEW

What if? SERVICE network Network Functions Authentication Routing Telemetry OPENSHIFT TECHNICAL OVERVIEW 27

What if? SERVICE PROXY network Network Functions Authentication Routing Telemetry OPENSHIFT TECHNICAL OVERVIEW 28

More details SERVICE PROXY SERVICE PROXY Network Functions Authentication Routing Telemetry SERVICE PROXY OPENSHIFT TECHNICAL OVERVIEW 29

More details SERVICE PROXY SERVICE PROXY Network Functions Authentication Routing Telemetry SERVICE PROXY OPENSHIFT TECHNICAL OVERVIEW 30

Pod Pod Container Container JVM JVM Service A Service C Pods can have 2 containers Sidecar Container Sidecar Container Pod Container JVM Service B Sidecar Container

OPENSHIFT TECHNICAL OVERVIEW Service Proxy Highly parallel, non-blocking L3/4 network filter Out of the box L7 filters HTTP 2 Baked in service discovery/health checking Metadata based routing and load balancing Stats, metrics, tracing Dynamic configuration 32

Next Generation Microservices - Service Mesh Code Independent (Polyglot) Intelligent Routing and Load-Balancing Control A/B Tests Smarter Canary Releases Dark Launches Distributed Tracing Observability Circuit Breakers Access Control Telemetry, metrics and Logs Fleet wide policy enforcement OPENSHIFT TECHNICAL OVERVIEW

Istio Control Plane HTTP1.1, HTTP2, grpc, TCP w/tls Pod Pod Pod Container Container Container JVM JVM JVM Service A HTTP1.1, HTTP2, grpc, TCP w/tls Envoy Side-car HTTP1.1, HTTP2, grpc, TCP w/tls Envoy Side-car Istio Pilot istioctl, API, config OPENSHIFT TECHNICAL OVERVIEW Service B Service C Envoy Side-car Istio Mixer Istio Auth Quota, Telemetry Rate Limiting, ACL CA, SPIFFE

EVOLUTION OF MICROSERVICES Simplification Microservice Business Logic Service Registration Circuit Breaker Distributed Tracing Supporting Services Distributed Tracing Smart Routing API Mgmt Messaging Cache / DataGrid Configuration Service SSO Service Service Registry Infrastructure 2014 OPENSHIFT TECHNICAL OVERVIEW Circuit Breaker Distributed Tracing Supporting Services Distrib.Tracing Smart Routing API Mgmt Cache / DataGrid Messaging SSO Service Container Platform Services Configuration (ConfigMap) Server-Side Load Balancing Service Registry Infrastructure Current Microservice Business Logic Supporting Services API Mgmt Messaging Cache / DataGrid SSO Service Container Platform Services + Istio Distributed Tracing Smart Routing Circuit Breaker Server-Side Load Balancing Configuration (ConfigMap) Service Registry Commodification Client-side Load Balancing Microservice Business Logic Infrastructure Near Future 35

DÉMO #4 3 6 ISTIO OPENSHIFT TECHNICAL OVERVIEW

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback