Scribd
Upload
172 views136 pages

OpenShift Presentation

This document outlines an introductory course on OpenShift, targeting developers, system admins, and managers. It covers course structure, objectives, prerequisites, and tools involved in OpenShift, including setup, management, builds, and deployments. The course aims to provide a comprehensive understanding of OpenShift's architecture and its application in microservices and container management.

Uploaded by

Dương Huy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
172 views136 pages

OpenShift Presentation

This document outlines an introductory course on OpenShift, targeting developers, system admins, and managers. It covers course structure, objectives, prerequisites, and tools involved in OpenShift, including setup, management, builds, and deployments. The course aims to provide a comprehensive understanding of OpenShift's architecture and its application in microservices and container management.

Uploaded by

Dương Huy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 136

Red Hat

OPENSHIFT
for the absolute beginners
Who am I?

About me!
Course Structure
Lecture

Demos

Quiz

Coding Exercises

Assignment

Q&A
Who is this for?

Developers System Admins Managers


How to attend this course?

Lectures

Demos

Quizzes

Coding Exercises

Lab Environment Local AWS|GCP Play-with-k8s


Objectives
• Introduction • Microservices Application
• Architectural Overview • Example Voting Application
Deployment in Openshift
• Setup - Minishift
• Management – Web, CLI, API
• Projects and Users
• Builds and Image Streams
• Build Triggers
• Deployments
• Networking • Pre-Requisite – Containers
• Services and Routes • Pre-Requisite – Kubernetes
• Scaling • Pre-Requisite – Source Code Management
• Pre-Requisite – Builds and CI/CD
• Storage
• Pre-Requisite – YAML
• Catalog and Templates
Red Hat

OPENSHIFT
Introduction
PaaS
IaaS SaaS
OPENSHIFT
OPENSHIFT OPENSHIFT OPENSHIFT
Origin Online Dedicated Enterprise

Open source application


Public Application Managed private cluster On-Premise private
container platform
Development hosting service on AWS/Google Clouds PaaS
OPENSHIFT

Origin

Open source application


container platform
OPENSHIFT

Origin

Open source application


container platform
OPENSHIFT Origin is based on top of Docker containers
and the Kubernetes cluster manager, with added
developer and operational centric Tools that enable
rapid application development, deployment and
lifecycle management.
Tools

Kubernetes

Docker
Tools

Governance

SCM

Registry
API

Pipeline
Software
Defined
Networking
Red Hat

OPENSHIFT
Architecture
Components
OPENSHIFT
Container Registry (OCR) Deployments

Services
Images

OPENSHIFT
CI/CD

POD
etcd
Containers
SCM

Users Project
OPENSHIFT
Web Console
Master - Node
Red Hat

OPENSHIFT
Setup - Minishift
Setup OPENSHIFT

All-in-One Single Master Multiple Master


Multiple Nodes Multiple Nodes

On-Premise Package Manager (RPM)

Cloud Containerized (Docker)


All-in-One

Kubernetes

etcd

OpenShift

Minishift
Docker Registry Router Web Console

Minishift.exe
openshift/
origin

Single Node Openshift Cluster


Red Hat

OPENSHIFT
Setup – Using Docker
All-in-One

04 START
OPENSHIFT Cluster
oc cluster up

03 DOWNLOAD
Origin Client Client Tools

without 02 INSTALL
Docker Version 1.13.1
Minishift

01 PROVISION Operating System Fedora CentOS RHEL

Containerized (Docker)
Red Hat

OPENSHIFT
Web Console and CLI
Management Tools

Web Console CLI REST API


Web Console - Homepage
Web Console - Project View
Management Tools

Web Console CLI REST API


CLI
> oc
OpenShift Client

This client helps you develop, build, deploy, and run your applications on any
OpenShift or Kubernetes compatible
platform. It also includes the administrative commands for managing a cluster
under the 'adm' subcommand.

To create a new application, login to your server and then run new-app:

oc login https://mycluster.mycompany.com
oc new-app centos/ruby-22-centos7~https://github.com/openshift/ruby-ex.git
oc logs -f bc/ruby-ex
CLI - Login
> oc login
OpenShift server [https://localhost:8443]: https://openshift.example.com

Username: developer
Authentication required for https://openshift.example.com (openshift)
Password: ******
Login successful.

> oc login –u developer –p developer


Login successful.

> oc logout
User, developer, logged out of https://openshift.example.com
Management Tools

Web Console CLI REST API


REST API

> curl https://localhost:8443/oapi/v1/users \


-H “Authorization: Bearer <Token>”
"kind": "UserList",
"apiVersion": "v1",
"metadata": {
"selfLink": "/oapi/v1/users",
},
"items": [
> oc whoami -t
{
"metadata": { 27pZjHWn9GU5B5De4H3ICP6ZBd_7txQJMvz79d
27pZjHWn9GU5B5De4H3ICP6ZBd_7txQJMvz79dH0tsY
"name": "developer",
"selfLink": "/oapi/v1/users/developer",
"uid": "271e2b49-47f0-11e8-afb8-4a1a95a6dbc1",
"resourceVersion": "1289",
"creationTimestamp": "2018-04-24T18:49:00Z"
},
"identities": [
"anypassword:developer"
],
"groups": null
},
{
"metadata": {
"name": "mmumshad",
"selfLink": "/oapi/v1/users/mmumshad",
"uid": "c905343d-48a6-11e8-afb8-4a1a95a6dbc1",
"resourceVersion": "108365",
"creationTimestamp": "2018-04-25T16:36:20Z"
},
"identities": [
"anypassword:mmumshad"
],
"groups": null
},
Red Hat

OPENSHIFT
Projects and Users
Projects

Service: team1.myservice
Service: myservice Service: team2.myservice
Service: myservice Service: team3.myservice
Service: myservice Service: team4.myservice
Service: myservice
Users

Regular System Service

developer system:admin system:serviceaccount:proj1:db_user


system:master
OAuth Server

Allow All

Deny All

/etc/openshift/master/master-config.yaml
Red Hat OPENSHIFT

Pre-Requisite
Source Code Management
Source Code Management
Application |-- README.md
|-- Dockerfile
|-- bower.json
|-- package.json
|-- app
|-- app.js
|-- web
Web Console API Backend |-- index.html
|-- mddir.js
|-- routing.js
|-- server.js
|-- api
|-- api.groups.js
|-- api.posts.js
|-- api.users.js
|-- api.widgets.js
|-- authentication
|-- oauth.js
Source Code Management System |-- vendor
|-- database
|-- db.js
|-- integration
Developers |-- servicenow.js
Source Code Management

GitHub
Analyze

GitLab
Revision History Release

BitBucket
File Merging Access Control.

Host
Red Hat OPENSHIFT

Pre-Requisite
CI/CD - Builds and Pipeline
Build
Java Python Ruby

Maven DistUtils Bundler

SCM

app.jar app.tar.gz app.gem

> java –jar app.jar > pip install app.tar.gz > gem install app.gem
Build

Java Python Ruby

Maven DistUtils Bundler

01
Dockerfile
app.jar app.tar.gz app.gem Install Platform

> java –jar app.jar > pip install app.tar.gz > gem install app.gem
02
> docker build Dockerfile

Install and Configure Pre-


requisites
03
Configure Services

04
Start Services
> docker run app
Test
Java Ruby
Python

Maven Bundler
DistUtils

Dockerfile
app.jar app.gem
app.tar.gz

> java –jar app.jar


> pip install app.tar.gz > gem install app.gem
Release
Build Test Release

Dockerfile
Docker Registry
Deploy
Build Test Release Deploy

Dockerfile
Docker Registry Kubernetes
Build Pipeline
Jenkins

Source Code Build Test Release Deploy

Dockerfile Dockerfile
Docker Registry Kubernetes

Continuous Integration

Continuous Delivery

Continuous Deployment
Red Hat

OPENSHIFT
SCM, Builds and Deployments in OPENSHIFT
Pre-Requisites

• Docker
• Docker Image
• Docker Registry
Source Code Management

https://github.com/openshift/django-ex.git
Build
https://github.com/openshift/django-ex.git

01 Create Build

02 Download Source

03 Build Image

04 Push to Registry

Docker Registry
Deployment
04 Push to Registry

Docker Registry

05 Deploy

apiVersion: apps/v1 apiVersion: apps.openshift.io/v1


kind: Deployment kind: DeploymentConfig
Deployment https://github.com/openshift/django-ex.git

01 Create Build

02 Download Source

https://github.com/openshift/django-ex.git

03 Build Image

04 Push to Registry

Docker Registry

05 Deploy
Red Hat

OPENSHIFT
Builds in OPENSHIFT
Objectives

• Build Strategies
• Create a new Build Configuration

Pre-Requisites
• YAML Files
Build Strategy 1 Docker Build
Build Strategy 2 Source-To-Image (S2I)

Python Image

App Image
Build Strategy 3 Custom Build

Python Ruby
Java

app.jar app.tar.gz app.gem


Image Stream

Python Image Application Image

Code
Image Streams

OpenShift Registry Docker Hub Other Registry

sha256:08b750083d53e8fdcf09ab99bc30549141ea44c90763d3e972be264fbec8d706

Java Python Ruby


java:latest python-27:latest ruby:latest

docker.io/centos/python-27:latest

172.30.1.1:5000/myproject/java:latest
Other-registry/ruby/ruby:2.0
View Build Config S2i-build-config.yaml
kind: "BuildConfig"
apiVersion: "v1"
metadata:
name: "simple-webapp"
spec:
runPolicy: "Serial"
triggers:
-
type: "GitHub"
github:
secret: "b5e471d57f79f52e"
- type: "Generic"
generic:
secret: "4be5b473f9985dcf"
-
type: "ImageChange"
source:
git:
uri: "https://github.com/mmumshad/simple-webapp-flask.git"
strategy:
type: Source
sourceStrategy:
from:
kind: "ImageStreamTag"
name: "python:3.6"
output:
to:
kind: "ImageStreamTag"
name: "simple-webapp:latest"
Create Build Configuration
S2i-build-config.yaml
Docker-build-config.yaml
kind: "BuildConfig"
apiVersion: "v1" kind: "BuildConfig"
metadata: apiVersion: "v1"
name: "simple-webapp" metadata:
spec: name: "simple-webapp-docker"
runPolicy: "Serial" spec:
triggers: runPolicy: "Serial"
- triggers:
type: "GitHub" -
github: type: "GitHub"
secret: "b5e471d57f79f52e" github:
- type: "Generic" secret: "b5e471d57f79f52e"
generic: - type: "Generic"
secret: "4be5b473f9985dcf" generic:
- secret: "4be5b473f9985dcf"
type: "ImageChange" -
source: type: "ImageChange"
git: source:
uri: "https://github.com/mmumshad/simple-webapp- git:
flask.git" uri: "https://github.com/mmumshad/simple-webapp-docker.git"
strategy: strategy:
type: Source type: Docker
sourceStrategy: dockerStrategy:
from: from:
kind: "ImageStreamTag" kind: "DockerImage"
name: "python:3.6" name: "ubuntu:16.04"
output: output:
to: to:
kind: "ImageStreamTag" kind: “ImageStreamTag"
name: "simple-webapp:latest" name: "simple-webapp:latest"
Create Build Configuration
Docker-build-config.yaml
kind: "BuildConfig"
apiVersion: "v1"
metadata:
name: "simple-webapp-docker"
spec:
runPolicy: "Serial"
triggers:
-
type: "GitHub"
github:
secret: "b5e471d57f79f52e"
- type: "Generic"
generic:
secret: "4be5b473f9985dcf"
-
type: "ImageChange"
source:
git:
uri: "https://github.com/mmumshad/simple-webapp-docker.git"
strategy:
type: Docker
sourceStrategy:
from:
kind: "DockerImage"
name: "ubuntu:16.04"
output:
to:
kind: “ImageStreamTag"
name: "simple-webapp:latest"
Start a build
Red Hat

OPENSHIFT
Build Triggers
Trigger Build

Automated
ManualBuild
Openshift Code Repository
Webhook

https://192.168.56.115:8443/oapi/v1/namespaces/......

Openshift Code Repository


Red Hat

OPENSHIFT
Deployments
Deployment Controller

Container POD Replication Controller Deployment Controller


Deployment
Deployment
deployment-config.yaml
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
name: sample-webapp-docker
spec:
replicas: 1
selector:
deploymentconfig: sample-webapp-docker
strategy:
type: Rolling
template:
metadata:
labels:
app: sample-webapp-docker
deploymentconfig: sample-webapp-docker
spec:
containers:
- image: myproject/sample-webapp-docker
imagePullPolicy: Always
name: sample-webapp-docker
ports:
- containerPort: 8080
protocol: TCP
triggers:
- imageChangeParams:
automatic: true
containerNames:
- sample-webapp-docker
from:
kind: ImageStreamTag
name: 'sample-webapp-docker:latest'
namespace: myproject
lastTriggeredImage: >-
172.30.1.1:5000/myproject/sample-webapp-
docker@sha256:08b750083d53e8fdcf09ab99bc30549141ea44c90763d3e972be264fbec8d706
type: ImageChange
- type: ConfigChange
Edit Deployment Configuration
History
Rollback
Deployment Strategies

nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.1 nginx:1.7.1 nginx:1.7.1 nginx:1.7.1 nginx:1.7.1
Recreate
Application
Down

Rolling nginx:1.7.1
nginx:1.7.0 nginx:1.7.1 nginx:1.7.0 nginx:1.7.1 nginx:1.7.0 nginx:1.7.1 nginx:1.7.0
Update nginx:1.7.0 nginx:1.7.1

Application Up
Advanced Strategies – Blue/Green

app:v1 app:v1 app:v2 app:v2


Advanced Strategies – A/B

10%
50%
40%
0%
30%
20%
70%
60%
80% 100%
40%
90%
30%
80%
70%
20%
60%
50%

app:v1 app:v1 app:v1 app:v1 app:v2 app:v2 app:v2 app:v2


Commands - Review
> oc rollout latest dc/simple-webapp-docker

> oc rollout history dc/simple-webapp-docker

> oc rollout describe dc simple-webapp-docker

> oc rollout undo dc/simple-webapp-docker


Red Hat

OPENSHIFT
Networking
Challenge

IP Address

IP Address OPENSHIFT
??
IP Address SDN
POD

POD
POD
OPENSHIFT SDN
> oc get pods –o wide
my-web-app 1/1 Running 0 2d 10.128.0.5 localhost
my-sql-db 1/1 Running 0 1d 10.128.2.2 localhost

Open vSwitch
10.128.0.5 10.128.2.2
• VLAN tagging
• Trunking
POD POD • LACP
• Port Mirroring

Overlay Network (10.128.0.0/14)


10.128.0.0/23 10.128.2.0/23 10.128.4.0/23
OPENSHIFT DNS

10.128.2.2
mysql.connect( mysql) )

10.128.0.5 10.128.2.2
SkyDNS

POD POD

DNS Overlay Network (10.128.0.0/14)


10.128.0.0/23 10.128.2.0/23 10.128.4.0/23
SDN Plugins

ovs-multitenant ovs-multitenant ovs-multitenant ovs-multitenant

ovs-subnet
Additional Plugins
External Connectivity

Route
Service

10.128.0.5 10.128.2.2

POD POD

DNS Overlay Network (10.128.0.0/14)


10.128.0.0/23 10.128.2.0/23 10.128.4.0/23
Red Hat

OPENSHIFT
Services and Routes
Service

Service

Front-end

Service
Service

Back-end Data Processing


Service

Service

172.30.85.124
8080
deploymentconfig=simple-webapp-docker

8080

172.17.0.7
simple-webapp-docker
Route

www.somewebapp.com
Load Balancing
Route
Security

Split Traffic

Service
172.30.85.124
8080

deploymentconfig=simple-webapp-docker

8080

172.17.0.7
simple-webapp-docker
Route – Load Balancing

www.somewebapp.com
Load Balancing

source
192.168.1.12 Route
roundrobin

leastconn
Service
172.30.85.124
8080

8080

172.17.0.7
simple-webapp-docker
Route – Load Balancing

www.somewebapp.com
Load Balancing

source
Route
roundrobin

leastconn
Service
172.30.85.124
8080

8080

172.17.0.7
simple-webapp-docker
Route – Load Balancing

www.somewebapp.com
Load Balancing

source
Route
roundrobin

leastconn
Service
172.30.85.124
8080

8080

172.17.0.7
simple-webapp-docker
Route - Security

https://www.somewebapp.com

Route
Security

Service
172.30.85.124
8080

deploymentconfig=simple-webapp-docker

8080

172.17.0.7
simple-webapp-docker
Route – Split Traffic

https://www.somewebapp.com

Route

Split Traffic

Service Service
172.30.85.124 172.30.85.125
8080 8080

8080 8080

172.17.0.7 172.17.0.8
simple-webapp-docker simple-webapp-docker-new
Red Hat

OPENSHIFT
Example Voting Application
Design www.vote.myapp.com www.result.myapp.com

Service Service

voting-app result-app
voting-app result-app

redis db

Service

Service
Route Secret Secret

Secrets
DB Credentials

Deployment
worker

Build worker

Image Stream

Service
Red Hat

OPENSHIFT
Scaling
Scale Deployment

52134
spec:
replicas: 1

Replication Controller

Deployment Controller
Red Hat

OPENSHIFT
Storage
Persistent Volume

/data
Plugins
• Local
• iSCSI
• Fibre Channel
• NFS
• GlusterFS
• Ceph RDB
• OpenStack Cinder
• AWS Elastic Block Store
• GCE Persistent Disk
• Azure Disk
• Azure File
• VMWare vSphere
PVC – 20GB

PVC – 100GB

PVC – 10GB

PV Resources – 1TB
Create Storage
Create Storage
Deployments - Volumes
Red Hat

OPENSHIFT
Templates and Catalog
Catalog
Template
Parameters
Route
Application - 8080

Service
Application - 8080

Service
Database - 5432

Deployment Secrets Deployment


Application DB Credentials Database

Build
Application

Custom App

Image Stream
Application
template-config.yaml

Template apiVersion: v1
kind: Template
metadata:
name: custom-app
objects:
- apiVersion: v1
Parameters kind: Secret
<.. code hidden ..>
Route
Application - 8080 - apiVersion: v1
kind: Service
<.. code hidden ..>
- apiVersion: v1
kind: Service
Service <.. code hidden ..>
Application - 8080
- apiVersion: v1
kind: Route
Service <.. code hidden ..>
Database - 5432
- apiVersion: v1
kind: BuildConfig
Deployment Secrets Deployment <.. code hidden ..>
Application DB Credentials Database

- apiVersion: v1
kind: DeploymentConfig
<.. code hidden ..>
Build
Application > oc create –f template-config.yml - apiVersion: v1
kind: DeploymentConfig
template “custom-app" created <.. code hidden ..>
- apiVersion: v1
kind: ImageStream
Image Stream <.. code hidden ..>
Application
parameters:
- displayName: "Namespace"
name: "NAMESPACE"
Export
> oc export service db
apiVersion: v1
kind: Service
metadata:
annotations:
template.openshift.io/expose-uri:
postgres://{.spec.clusterIP}:{.spec.ports[?(.name=="postgresq
l")].port}
creationTimestamp: null
labels:
app: postgresql-persistent
template: postgresql-persistent-template
name: db
spec:
ports:
- name: postgresql
port: 5432
protocol: TCP
targetPort: 5432
selector:
name: db
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
Conclusion
OpenShift Overview
Architecture
Projects and Users
Builds and Deployments
Networking
Services and Routes
YAML Definition Files
Example Voting Application

You might also like