More Related Content Similar to Legacy To Docker - Lessons learned and demo of OpenUnison (20) Legacy To Docker - Lessons learned and demo of OpenUnison1. Legacy to Docker: Lessons
Learned Containerizing Unison
and OpenUnison and S2I
With Demo of Identity
Management for OpenShift
2. What is Unison/OpenUnison?
• Identity Management Solution
• User Provisioning
• Self Service
• LDAP Virtual Directory
• SSO & Web Access Management
• Java Application
• Multiple Services
• Reverse Proxy / Identity Provider
• LDAP Virtual Directory
• Administrative Interface
• Web Services
3. OpenUnison Source2Image
• J2EE Application
• War File
• Built using Maven
• Requires Keystore
• Image Requirements
• Servlet Container
• TLS
• Java 1.8
• Source2Image - https://github.com/openshift/source-to-
image
6. First Rule of Creating Docker
Images
Don’t Talk About Creating
Docker Images
7. First Rule of Creating Docker
Images
Don’t Treat Containers Like
VMs
8. Challenges
• No Static IP Addresses
• Persistent Volumes
• File System Permissions
• Consistency
• Not Requiring “Base” Image
• RHEL vs CentOS
• OpenShift
• Logging
11. Lessons Learned
• Security
• Users in container vs host
• Don’t run as root
• OpenShift – Running as a random user
• Conflict with Dockerhub images
• Persistent Volumes
• OpenShift – Can’t guaruntee PV->PVC Mapping
• Minimize number of peristent volumes
• Permissions – Other readable
• Odd issues