Professional Documents
Culture Documents
OpenShift Technical Overview
OpenShift Technical Overview
TECHNICAL OVERVIEW
Presenter
Presenter’s title
Date
Self-Service Standards-based
Multi-language Web-scale
Multi-tenant Secure
INFRASTRUCTURE APPLICATIONS
Hypervisor
Hardware
Hardware
Application Application
OS dependencies OS dependencies
Operating System
Container Host
Application Application
Clear ownership boundary Dev
IT Ops OS dependencies between Dev and IT Ops OS dependencies
(and Dev, sort of)
drives DevOps adoption
Operating System and fosters agility Container Host
IT Ops
Infrastructure Infrastructure
Image Layer 3
Application Layer
Any OCI-compliant
Optimized for container from any Improve Security and
Kubernetes OCI registry Performance at scale
(including docker)
c c
* Flannel is minimally verified and is supported only and exactly as deployed in the OpenShift on OpenStack reference architecture
MULTI-TENANT NETWORK
NODE NODE
● Multicast support
● Egress network policies POD POD POD POD
Example Policies
● Allow all traffic inside the project
● Allow traffic from green to gray
● Allow traffic to purple on 8080
apiVersion: extensions/v1beta1
kind: NetworkPolicy
metadata:
name: allow-to-purple-on-8080
spec:
podSelector:
matchLabels:
color: purple
ingress:
- ports:
- protocol: tcp
port: 8080
Flannel is minimally verified and is supported only and exactly as deployed in the OpenShift
on OpenStack reference architecture https://access.redhat.com/articles/2743631
● Access control
○ Cluster administrators can view all logs
○ Users can only view logs for their projects
NODE
POD POD
FLUENTD
NODE
ELASTIC ELASTIC
POD POD ELASTIC ELASTIC
POD POD
FLUENTD
NODE
RHEL
POD POD
POD POD
FLUENTD
ELASTIC ELASTIC
ELASTIC ELASTIC
RHEL
POD POD
RHEL
NODE
POD POD
FLUENTD
NODE
POD POD
POD POD
FLUENTD
NODE
RHEL
POD POD
ELASTIC
RHEL
POD POD
RHEL
● Encrypted in transit
OpenStack
NFS iSCSI Azure Disk AWS EBS FlexVolume
Cinder
apiVersion: servicecatalog.k8s.io/v1alpha1
kind: Broker
metadata:
name: asb-broker
spec:
url: https://asb-1338-ansible-service-broker.10.2.2.15.nip.io
create binding
OpenShift Registry
Docker Hub
Red Hat
Container Catalog
mediawiki-apb
postgresql-apb
Discover and list
OpenShift
APBs from the
Service Catalog configured image
registries
OpenShift
Ansible Broker
OpenShift Registry
Docker Hub
Red Hat
Container Catalog
run it with the broker
mediawiki-apb
action as a parameter
postgresql-apb
OpenShift
Service Catalog
APB
OpenShift
Container
Ansible Broker (postgresql)
OpenShift Registry
Docker Hub
Red Hat
Container Catalog
provision.yaml
mediawiki-apb
playbook to create a
postgresql-apb
PostgreSQL container
OpenShift
Service Catalog
APB Postgre
OpenShift
Ansible SQL
Container
Service Broker
Ansible (postgresql) Container
OpenShift Registry
Docker Hub
Red Hat
Container Catalog
bind.yaml
mediawiki-apb
playbook to create
postgresql-apb
database user
OpenShift
Service Catalog
APB Postgre
OpenShift SQL
Container
Ansible Broker (postgresql) Container
MediaWiki
Container
OpenShift Registry
Docker Hub
Red Hat
Container Catalog
away and Service Broker
mediawiki-apb
creates a binding for
postgresql-apb
the PostgreSQL service
OpenShift
Service Catalog
Postgre
OpenShift SQL
Ansible Broker Container
MediaWiki
create binding Container
OpenShift Registry
Docker Hub
Red Hat
Container Catalog
a secret for the binding,
mediawiki-apb
containing the database
postgresql-apb
credentials
OpenShift
Service Catalog
Postgre
OpenShift SQL
Ansible Broker Container
MediaWiki
Container
mount binding secret
MediaWiki container
OpenShift Registry
Docker Hub
Red Hat
Container Catalog
uses the credentials in
mediawiki-apb
the secret to connect
postgresql-apb
to the PostgreSQL
OpenShift
Service Catalog
database
Postgre
OpenShift SQL
Ansible Broker Container
MediaWiki
Container
mount binding secret
Registries
Compatible Docker
AWS ECR
provision.yaml playbook
s3-apb
to interact with CFN and
rds-apb
create RDS instance
OpenShift
Service Catalog
APB AWS
OpenShift Cloud
AWS
Container RDS
Ansible Broker (rds) Formation
OpenShift on Microsoft Azure Business Process Management with JBoss BPMS on OpenShift
OpenShift on Red Hat Virtualization Build and Deployment of Java Applications on OpenShift
OpenShift on HPE Servers with Ansible Tower Building Microservices on OpenShift with Fuse Integration...
OpenShift on VMware vCenter 6 with Gluster JFrog Artifactory on OpenShift Container Platform
Deploying an OpenShift Distributed Architecture Spring Boot Microservices on Red Hat OpenShift
OpenShift Architecture and Deployment Guide API Management with Red Hat 3scale on OpenShift
Use Source-to-Image to build app binaries and deploy on lean vanilla runtimes
Use your choice of build tool like Gradle and deploy to official images like the JDK image
BUILDS
● Webhook triggers: build the app image whenever the code changes
● Image trigger: build the app image whenever the base language or app runtime changes
● Build hooks: test the app image before pushing it to an image registry
DEPLOYMENTS
● Deployment triggers: redeploy app containers whenever configuration changes or the
image changes in the OpenShift integrated registry or upstream registries
●
●
●
☒
☑
☒
☑
BOOTSTRAP
● Pick your programming language and application runtime of choice
● Create the project skeleton from scratch or use a generator such as
○ Maven archetypes
○ Quickstarts and Templates
○ OpenShift Generator
○ Spring Initializr
DEVELOP
● Pick your framework of choice such as Java EE, Spring, Ruby on Rails, Django, Express, ...
● Develop your application code using your editor or IDE of choice
● Build and test your application code locally using your build tools
● Create or generate OpenShift templates or Kubernetes objects
LOCAL DEPLOY
● Deploy your code on a local OpenShift cluster
○ Red Hat Container Development Kit (CDK), minishift and oc cluster
● Red Hat CDK provides a standard RHEL-based development environment
● Use binary deploy, maven or CLI rsync to push code or app binary directly into
containers
VERIFY
● Verify your code is working as expected
● Run any type of tests that are required with or without other components (database, etc)
● Based on the test results, change code, deploy, verify and repeat
GIT PUSH
● Push the code and configuration to the Git repository
● If using Fork & Pull Request workflow, create a Pull Request
● If using code review workflow, participate in code review discussions
PIPELINE
● Pushing code to the Git repository triggers one or multiple deployment pipelines
● Design your pipelines based on your development workflow e.g. test the pull request
● Failure in the pipeline? Go back to the code and start again
Real Time
Integration Messaging Data Grid
Decision
DATABASES CrunchyData
GitLab
Iron.io
WEB SERVERS
Couchbase
Sonatype
EnterpriseDB
NuoDB
Fujitsu
MIDDLEWARE and many more
LAUNCH
Policy Enforcement
Data
Plane
App App App App