OpenShift Presentation
OpenShift Presentation
OPENSHIFT
for the absolute beginners
Who am I?
About me!
Course Structure
Lecture
Demos
Quiz
Coding Exercises
Assignment
Q&A
Who is this for?
Lectures
Demos
Quizzes
Coding Exercises
OPENSHIFT
Introduction
PaaS
IaaS SaaS
OPENSHIFT
OPENSHIFT OPENSHIFT OPENSHIFT
Origin Online Dedicated Enterprise
Origin
Origin
Kubernetes
Docker
Tools
Governance
SCM
Registry
API
Pipeline
Software
Defined
Networking
Red Hat
OPENSHIFT
Architecture
Components
OPENSHIFT
Container Registry (OCR) Deployments
Services
Images
OPENSHIFT
CI/CD
POD
etcd
Containers
SCM
Users Project
OPENSHIFT
Web Console
Master - Node
Red Hat
OPENSHIFT
Setup - Minishift
Setup OPENSHIFT
Kubernetes
etcd
OpenShift
Minishift
Docker Registry Router Web Console
Minishift.exe
openshift/
origin
OPENSHIFT
Setup – Using Docker
All-in-One
04 START
OPENSHIFT Cluster
oc cluster up
03 DOWNLOAD
Origin Client Client Tools
without 02 INSTALL
Docker Version 1.13.1
Minishift
Containerized (Docker)
Red Hat
OPENSHIFT
Web Console and CLI
Management Tools
This client helps you develop, build, deploy, and run your applications on any
OpenShift or Kubernetes compatible
platform. It also includes the administrative commands for managing a cluster
under the 'adm' subcommand.
To create a new application, login to your server and then run new-app:
oc login https://mycluster.mycompany.com
oc new-app centos/ruby-22-centos7~https://github.com/openshift/ruby-ex.git
oc logs -f bc/ruby-ex
CLI - Login
> oc login
OpenShift server [https://localhost:8443]: https://openshift.example.com
Username: developer
Authentication required for https://openshift.example.com (openshift)
Password: ******
Login successful.
> oc logout
User, developer, logged out of https://openshift.example.com
Management Tools
OPENSHIFT
Projects and Users
Projects
Service: team1.myservice
Service: myservice Service: team2.myservice
Service: myservice Service: team3.myservice
Service: myservice Service: team4.myservice
Service: myservice
Users
Allow All
Deny All
/etc/openshift/master/master-config.yaml
Red Hat OPENSHIFT
Pre-Requisite
Source Code Management
Source Code Management
Application |-- README.md
|-- Dockerfile
|-- bower.json
|-- package.json
|-- app
|-- app.js
|-- web
Web Console API Backend |-- index.html
|-- mddir.js
|-- routing.js
|-- server.js
|-- api
|-- api.groups.js
|-- api.posts.js
|-- api.users.js
|-- api.widgets.js
|-- authentication
|-- oauth.js
Source Code Management System |-- vendor
|-- database
|-- db.js
|-- integration
Developers |-- servicenow.js
Source Code Management
GitHub
Analyze
GitLab
Revision History Release
BitBucket
File Merging Access Control.
Host
Red Hat OPENSHIFT
Pre-Requisite
CI/CD - Builds and Pipeline
Build
Java Python Ruby
SCM
> java –jar app.jar > pip install app.tar.gz > gem install app.gem
Build
01
Dockerfile
app.jar app.tar.gz app.gem Install Platform
> java –jar app.jar > pip install app.tar.gz > gem install app.gem
02
> docker build Dockerfile
04
Start Services
> docker run app
Test
Java Ruby
Python
Maven Bundler
DistUtils
Dockerfile
app.jar app.gem
app.tar.gz
Dockerfile
Docker Registry
Deploy
Build Test Release Deploy
Dockerfile
Docker Registry Kubernetes
Build Pipeline
Jenkins
Dockerfile Dockerfile
Docker Registry Kubernetes
Continuous Integration
Continuous Delivery
Continuous Deployment
Red Hat
OPENSHIFT
SCM, Builds and Deployments in OPENSHIFT
Pre-Requisites
• Docker
• Docker Image
• Docker Registry
Source Code Management
https://github.com/openshift/django-ex.git
Build
https://github.com/openshift/django-ex.git
01 Create Build
02 Download Source
03 Build Image
04 Push to Registry
Docker Registry
Deployment
04 Push to Registry
Docker Registry
05 Deploy
01 Create Build
02 Download Source
https://github.com/openshift/django-ex.git
03 Build Image
04 Push to Registry
Docker Registry
05 Deploy
Red Hat
OPENSHIFT
Builds in OPENSHIFT
Objectives
• Build Strategies
• Create a new Build Configuration
Pre-Requisites
• YAML Files
Build Strategy 1 Docker Build
Build Strategy 2 Source-To-Image (S2I)
Python Image
App Image
Build Strategy 3 Custom Build
Python Ruby
Java
Code
Image Streams
sha256:08b750083d53e8fdcf09ab99bc30549141ea44c90763d3e972be264fbec8d706
docker.io/centos/python-27:latest
172.30.1.1:5000/myproject/java:latest
Other-registry/ruby/ruby:2.0
View Build Config S2i-build-config.yaml
kind: "BuildConfig"
apiVersion: "v1"
metadata:
name: "simple-webapp"
spec:
runPolicy: "Serial"
triggers:
-
type: "GitHub"
github:
secret: "b5e471d57f79f52e"
- type: "Generic"
generic:
secret: "4be5b473f9985dcf"
-
type: "ImageChange"
source:
git:
uri: "https://github.com/mmumshad/simple-webapp-flask.git"
strategy:
type: Source
sourceStrategy:
from:
kind: "ImageStreamTag"
name: "python:3.6"
output:
to:
kind: "ImageStreamTag"
name: "simple-webapp:latest"
Create Build Configuration
S2i-build-config.yaml
Docker-build-config.yaml
kind: "BuildConfig"
apiVersion: "v1" kind: "BuildConfig"
metadata: apiVersion: "v1"
name: "simple-webapp" metadata:
spec: name: "simple-webapp-docker"
runPolicy: "Serial" spec:
triggers: runPolicy: "Serial"
- triggers:
type: "GitHub" -
github: type: "GitHub"
secret: "b5e471d57f79f52e" github:
- type: "Generic" secret: "b5e471d57f79f52e"
generic: - type: "Generic"
secret: "4be5b473f9985dcf" generic:
- secret: "4be5b473f9985dcf"
type: "ImageChange" -
source: type: "ImageChange"
git: source:
uri: "https://github.com/mmumshad/simple-webapp- git:
flask.git" uri: "https://github.com/mmumshad/simple-webapp-docker.git"
strategy: strategy:
type: Source type: Docker
sourceStrategy: dockerStrategy:
from: from:
kind: "ImageStreamTag" kind: "DockerImage"
name: "python:3.6" name: "ubuntu:16.04"
output: output:
to: to:
kind: "ImageStreamTag" kind: “ImageStreamTag"
name: "simple-webapp:latest" name: "simple-webapp:latest"
Create Build Configuration
Docker-build-config.yaml
kind: "BuildConfig"
apiVersion: "v1"
metadata:
name: "simple-webapp-docker"
spec:
runPolicy: "Serial"
triggers:
-
type: "GitHub"
github:
secret: "b5e471d57f79f52e"
- type: "Generic"
generic:
secret: "4be5b473f9985dcf"
-
type: "ImageChange"
source:
git:
uri: "https://github.com/mmumshad/simple-webapp-docker.git"
strategy:
type: Docker
sourceStrategy:
from:
kind: "DockerImage"
name: "ubuntu:16.04"
output:
to:
kind: “ImageStreamTag"
name: "simple-webapp:latest"
Start a build
Red Hat
OPENSHIFT
Build Triggers
Trigger Build
Automated
ManualBuild
Openshift Code Repository
Webhook
https://192.168.56.115:8443/oapi/v1/namespaces/......
OPENSHIFT
Deployments
Deployment Controller
nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.0 nginx:1.7.1 nginx:1.7.1 nginx:1.7.1 nginx:1.7.1 nginx:1.7.1
Recreate
Application
Down
Rolling nginx:1.7.1
nginx:1.7.0 nginx:1.7.1 nginx:1.7.0 nginx:1.7.1 nginx:1.7.0 nginx:1.7.1 nginx:1.7.0
Update nginx:1.7.0 nginx:1.7.1
Application Up
Advanced Strategies – Blue/Green
10%
50%
40%
0%
30%
20%
70%
60%
80% 100%
40%
90%
30%
80%
70%
20%
60%
50%
OPENSHIFT
Networking
Challenge
IP Address
IP Address OPENSHIFT
??
IP Address SDN
POD
POD
POD
OPENSHIFT SDN
> oc get pods –o wide
my-web-app 1/1 Running 0 2d 10.128.0.5 localhost
my-sql-db 1/1 Running 0 1d 10.128.2.2 localhost
Open vSwitch
10.128.0.5 10.128.2.2
• VLAN tagging
• Trunking
POD POD • LACP
• Port Mirroring
10.128.2.2
mysql.connect( mysql) )
10.128.0.5 10.128.2.2
SkyDNS
POD POD
ovs-subnet
Additional Plugins
External Connectivity
Route
Service
10.128.0.5 10.128.2.2
POD POD
OPENSHIFT
Services and Routes
Service
Service
Front-end
Service
Service
Service
172.30.85.124
8080
deploymentconfig=simple-webapp-docker
8080
172.17.0.7
simple-webapp-docker
Route
www.somewebapp.com
Load Balancing
Route
Security
Split Traffic
Service
172.30.85.124
8080
deploymentconfig=simple-webapp-docker
8080
172.17.0.7
simple-webapp-docker
Route – Load Balancing
www.somewebapp.com
Load Balancing
source
192.168.1.12 Route
roundrobin
leastconn
Service
172.30.85.124
8080
8080
172.17.0.7
simple-webapp-docker
Route – Load Balancing
www.somewebapp.com
Load Balancing
source
Route
roundrobin
leastconn
Service
172.30.85.124
8080
8080
172.17.0.7
simple-webapp-docker
Route – Load Balancing
www.somewebapp.com
Load Balancing
source
Route
roundrobin
leastconn
Service
172.30.85.124
8080
8080
172.17.0.7
simple-webapp-docker
Route - Security
https://www.somewebapp.com
Route
Security
Service
172.30.85.124
8080
deploymentconfig=simple-webapp-docker
8080
172.17.0.7
simple-webapp-docker
Route – Split Traffic
https://www.somewebapp.com
Route
Split Traffic
Service Service
172.30.85.124 172.30.85.125
8080 8080
8080 8080
172.17.0.7 172.17.0.8
simple-webapp-docker simple-webapp-docker-new
Red Hat
OPENSHIFT
Example Voting Application
Design www.vote.myapp.com www.result.myapp.com
Service Service
voting-app result-app
voting-app result-app
redis db
Service
Service
Route Secret Secret
Secrets
DB Credentials
Deployment
worker
Build worker
Image Stream
Service
Red Hat
OPENSHIFT
Scaling
Scale Deployment
52134
spec:
replicas: 1
Replication Controller
Deployment Controller
Red Hat
OPENSHIFT
Storage
Persistent Volume
/data
Plugins
• Local
• iSCSI
• Fibre Channel
• NFS
• GlusterFS
• Ceph RDB
• OpenStack Cinder
• AWS Elastic Block Store
• GCE Persistent Disk
• Azure Disk
• Azure File
• VMWare vSphere
PVC – 20GB
PVC – 100GB
PVC – 10GB
PV Resources – 1TB
Create Storage
Create Storage
Deployments - Volumes
Red Hat
OPENSHIFT
Templates and Catalog
Catalog
Template
Parameters
Route
Application - 8080
Service
Application - 8080
Service
Database - 5432
Build
Application
Custom App
Image Stream
Application
template-config.yaml
Template apiVersion: v1
kind: Template
metadata:
name: custom-app
objects:
- apiVersion: v1
Parameters kind: Secret
<.. code hidden ..>
Route
Application - 8080 - apiVersion: v1
kind: Service
<.. code hidden ..>
- apiVersion: v1
kind: Service
Service <.. code hidden ..>
Application - 8080
- apiVersion: v1
kind: Route
Service <.. code hidden ..>
Database - 5432
- apiVersion: v1
kind: BuildConfig
Deployment Secrets Deployment <.. code hidden ..>
Application DB Credentials Database
- apiVersion: v1
kind: DeploymentConfig
<.. code hidden ..>
Build
Application > oc create –f template-config.yml - apiVersion: v1
kind: DeploymentConfig
template “custom-app" created <.. code hidden ..>
- apiVersion: v1
kind: ImageStream
Image Stream <.. code hidden ..>
Application
parameters:
- displayName: "Namespace"
name: "NAMESPACE"
Export
> oc export service db
apiVersion: v1
kind: Service
metadata:
annotations:
template.openshift.io/expose-uri:
postgres://{.spec.clusterIP}:{.spec.ports[?(.name=="postgresq
l")].port}
creationTimestamp: null
labels:
app: postgresql-persistent
template: postgresql-persistent-template
name: db
spec:
ports:
- name: postgresql
port: 5432
protocol: TCP
targetPort: 5432
selector:
name: db
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
Conclusion
OpenShift Overview
Architecture
Projects and Users
Builds and Deployments
Networking
Services and Routes
YAML Definition Files
Example Voting Application