Speaker: Justin Pittman, Solutions Architect, Red Hat

1. Deploying to Enterprise Kubernetes
Jason Mimick - Technical Director @ MongoDB
Justin Pittman - Solutions Architect @ Red Hat
@jp_lilpenguin
linkedin.com/r/justinpittman

2. Abstract:
In this talk, we will present and demonstrate the latest methods of deploying MongoDB clusters to Kubernetes using
Openshift, Red Hat's Enterprise Kubernetes container platform . Topics discussed: container orchestration, Kubernetes
compliant platforms, Open container initiatives, application deployment lifecycles, persistent storage, Kubernetes aware
storage providers, and automated deployment service brokers.

3. Cloud Providers
SaaS applications
3
Red Hat Portfolio
Containerized software
ASSEMBLING A LEADING HYBRID SERVICES CATALOG
Freedom, flexibility and choice for our customers
3rd Party ISVs
Containerized software
TODAY
Certifying on RHEL
Certifying on
OpenShift
*
*

4. COMPREHENSIVECLOUDCUSTOMERSCODE
Strong partnerships
with cloud providers,
ISVs, CCSPs.
Extensive container
catalog of certified
partner images.
Comprehensive portfolio of
container products and
services, including developer
tools, security, application
services, storage, and
management.
Red Hat is the leading
Kubernetes developer and
contributor with Google.
We make container
development easy, reliable,
and more secure.
Most reference customers
running in production.
Years of experience
running OpenShift Online
and OpenShift Dedicated
services.
RED HAT’S STRATEGIC INVESTMENT IN KUBERNETES

5. Kubernetes and OpenShift
PHYSICAL
ORCHESTRATION CLUSTER SERVICES
OPENSHIFT SERVICES SERVICE CATALOG
SELF-SERVICE
APPLICATION LIFECYCLE AUTOMATION
OPENSHIFT BUILDS OPENSHIFT DEPLOYMENTS
PACKAGING FORMAT
CONTAINER CONTAINERCONTAINER CONTAINER CONTAINER
VIRTUAL PRIVATE PUBLIC
RED HAT ENTERPRISE LINUX ATOMIC HOST
SECURITY REGISTRYTELEMETRY STORAGE NETWORKSTORAGE
ORCHESTRATION CLUSTER SERVICES
SECURITY
DEPLOYMENT STRATEGIES
NETWORK

6. CONTRIBUTING TO KUBERNETES TECHNOLOGIES
Google - 29,379
Red Hat - 10,980
CoreOS - 788
IBM - 718
Intel - 254
VMware - 214
Microsoft - 174
Amadeus - 97
Cisco - 92
Oracle - 4
Pivotal - <1
Docker - <1Source: Stackalytics Oct 2017 http://stackalytics.com/?project_type=kubernetes-
group&metric=commits&release=all

7. Standards & Portability
• Cloud Native Computing Foundation (CNCF)
Launches Certified Kubernetes Program with
for Conformant Distributions and Platforms
• https://www.cncf.io/announcement/2017/11/13/cloud-
native-computing-foundation-launches-certified-
kubernetes-program-32-conformant-distributions-
platforms/

8. Red Hat Confidential8

10. CONTAINER CLUSTER WALKTHRU:
TECHNICAL FLOW

11. OPENSHIFT TECHNICAL OVERVIEW11
1. Container = small compute runtime
(a fraction of an OS) for apps
CONTAINER

12. OPENSHIFT TECHNICAL OVERVIEW12
2. Containers created from container Images.
Images are layered filesystems. OS + app + ...
CONTAINER
CONTAINER
IMAGE
BINARY RUNTIME

13. OPENSHIFT TECHNICAL OVERVIEW13
IMAGE REGISTRY
3. container Images are stored in a Registry.
Registries operate like source repositories.
CONTAINER
CONTAINER
IMAGE
CONTAINER
IMAGE
CONTAINER
IMAGE
CONTAINER
IMAGE
CONTAINER
IMAGE
CONTAINER
IMAGE

14. OPENSHIFT TECHNICAL OVERVIEW14
4. Repositories enable build, deploy, and
release of applications.
IMAGE REGISTRY
frontend:latest
frontend:2.0
frontend:1.1
frontend:1.0
CONTAINER
IMAGE
mongo:latest
mongo:3.7
mongo:3.6
mongo:3.4
CONTAINER
IMAGE
myregistry/frontend myregistry/mongo

15. OPENSHIFT TECHNICAL OVERVIEW15
PODPOD
5. Containers are wrapped in Pods.
Pods are units of configuration, deployment &
management in a Kube Cluster.
CONTAINER CONTAINERCONTAINER
IP: 10.1.0.11 IP: 10.1.0.55

16. OPENSHIFT TECHNICAL OVERVIEW16
6. Pods define dependencies, priorities, etc. to
enable deployment and management.
image name
replicas
labels
cpu
memory
storage
POD
CONTAINER
POD
CONTAINER
POD
CONTAINER
DEPLOYMENT

17. OPENSHIFT TECHNICAL OVERVIEW17
POD1
7. Deployments can register as Services.
Deployment Configs define fault tolerance, load-
balancing, service discovery, replication, etc.
CONTAINER1
POD2
CONTAINER2
POD3
CONTAINER3
BACKEND SERVICE
role: backend
role: backendrole: backendrole: backend

18. OPENSHIFT TECHNICAL OVERVIEW18
POD
8. Apps in Pods can integrate w/ each other
via Services w/in the Cluster
CONTAINER
POD
CONTAINER
POD
CONTAINER
BACKEND SERVICE
POD
CONTAINER
role: backend
role: backendrole: backendrole: backendrole: frontend
Invoke
Backend API

19. OPENSHIFT TECHNICAL OVERVIEW19
POD
9. Routes expose Services for external consumption.
Routes enable secure & manageable services
offered by containerized Apps.
CONTAINER
POD
CONTAINER
POD
CONTAINER
BACKEND SERVICE
ROUTE
app-prod.mycompany.com
> curl http://app-prod.mycompany.com

20. OPENSHIFT TECHNICAL OVERVIEW20
10. Projects/Namespaces group Pods.
Projects enable operational controls: RBAC,
network isolation, etc.
POD
C
POD
C
POD
C
PAYMENT DEV
POD
C
POD
C
POD
C
PAYMENT PROD
POD
C
POD
C
POD
C
CATALOG
POD
C
POD
C
POD
C
INVENTORY
❌
❌❌

21. OPENSHIFT TECHNICAL OVERVIEW21
“Cluster”??
Application
Traffic
Dev and Ops
User
INFRAMASTER
NODE NODE
Recommended Reading:
Designing Distributed Systems by Brendan Burns, co-founder of Kubernetes.

22. CONTAINER NATIVE &
CONTAINER READY STORAGE

23. Pets vs. Cattle
Ephemeral vs. Persistent

24. Storage Lifecycle
● Provisioning
● Binding
● Using
● Releasing
● Reclaiming

25. Persistent Storage
Goals
● Allow admins to describe storage
● Allow users to request storage
● No tight coupling to any disk, server, network,
or storage device

26. Persistent Volume (PV)
● A PV is a real piece of networked storage in the cluster
provisioned by an administrator.
● PVs are resources like nodes are resources
● Long lifecycle independent of any pod

27. PV Sample
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv0003
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Recycle
nfs:
path: /tmp
server: 172.17.0.2

28. Persistent Volume Claim (PVC)
● A request for storage by a user
● Allows specific resource requests (e.g, size, access modes)
● Used like a claim check

29. PVC Sample
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: myclaim
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 3Gi

30. OPENSHIFT TECHNICAL OVERVIEW
PROJECT
POOL OF PERSISTENT VOLUMES
30
PERSISTENT VOLUME CLAIM WORKFLOW
EBSiSCSI NFS
Admin
User / Pod
register PV
create claim
Azure
GlusterFS
PV
Pod
claim
Pod
claim
Pod
claim
Ceph

31. OPENSHIFT TECHNICAL OVERVIEW31
DYNAMIC VOLUME PROVISIONING
Admin
User
define StorageClass
create claim: Fastest
Slow
Azure-Disk
Fast
AWS-SSD
Fastest
NetApp-Flash
NetApp
Provisioner
AWS
Provisioner
Pod
claim
PV
OpenShift
PV Controller
provision
Azure
Provisioner
bound

32. OPENSHIFT TECHNICAL OVERVIEW
NODENODENODE
CONTAINER-NATIVE STORAGE
32
NODE
POD POD POD POD POD POD POD
POD POD POD
RHGS RHGS RHGS
POD POD POD
MASTER

33. OPENSHIFT TECHNICAL OVERVIEW33
● Persistent Volume (PV) is tied to a piece of network storage
● Provisioned by an administrator (static or dynamically)
● Allows admins to describe storage and users to request storage
● Assigned to pods based on the requested size, access mode, labels and type
STORAGE PROVIDERS & RECAP
NFS
GlusterFS
OpenStack
Cinder
Ceph RBD
AWS EBS
GCE Persistent
Disk
iSCSI
Fiber Channel
Azure Disk
Azure File
FlexVolume
VMWare
vSphere VMDK

34. DEPLOYING TO OPENSHIFT VIA
SERVICE BROKERS

35. OPENSHIFT TECHNICAL OVERVIEW35
WHAT IS A SERVICE BROKER?
SERVICE
CONSUMER
SERVICE
PROVIDER
SERVICE
CATALOG
SERVICE
BROKER
Automated, Standard and Consistent

36. OPENSHIFT TECHNICAL OVERVIEW36
A multi-vendor project to
standardize how services are
consumed on cloud-native
platforms across service
providers

37. OPENSHIFT TECHNICAL OVERVIEW37
OPENSHIFT SERVICE CATALOG
OPENSHIFT SERVICE CATALOG
OpenShift
Ansible
Broker
OpenShift
Template
Broker
AWS
Service
Broker
Other
Service
Brokers
ANSIBLE
OPENSHIFT
AWS
OTHER COMPATIBLE SERVICES
Ansible
Playbook
Bundles
OpenShift
Templates
AWS
Services
Other
Services

38. OPENSHIFT TECHNICAL OVERVIEW38
TEMPLATE SERVER BROKER
PROVISIONING
Template Service
Broker
MongoDB
Container
openshift
namespace
mongodb-template
OpenShift
Service Catalog
Service Broker creates a
the objects from the
template
MongoDB
Container

39. OPENSHIFT TECHNICAL OVERVIEW39
TEMPLATE SERVICE BROKER
BINDING
Template Service
Broker
openshift
namespace
OpenShift
Service Catalog
create binding
Service Broker creates a
binding and secret for
any credentials (config
map, secret, etc) created
by the template
MongoDB
Container
mongodb-template
MongoDB
Container

40. DEMO OF MONGODB IN OPENSHIFT

41. GENERAL DISTRIBUTION
DEMO PLACEHOLDER
Inventory
Service
JBoss EAP
Cart
Service
Spring Boot
Catalog
Service
JWS
Coolstore
Gateway
JBoss FIS
MongoDBPSQL
Web UI
Angular
NodeJS

42. OPENSHIFT TECHNICAL OVERVIEW
Application Release Strategies with OpenShift
Building Polyglot Microservices on OpenShift
Building JBoss EAP 6 Microservices on OpenShift
Building JBoss EAP 7 Microservices on OpenShift
Business Process Management with JBoss BPMS on OpenShift
Build and Deployment of Java Applications on OpenShift
Building Microservices on OpenShift with Fuse Integration...
JFrog Artifactory on OpenShift Container Platform
Spring Boot Microservices on Red Hat OpenShift
API Management with Red Hat 3scale on OpenShift
App CI/CD on OCP with Jenkins
OpenShift on VMware vCenter
OpenShift on Red Hat OpenStack Platform
OpenShift on Amazon Web Services
OpenShift on Google Cloud Platform
OpenShift on Microsoft Azure
OpenShift on Red Hat Virtualization
OpenShift on HPE Servers with Ansible Tower
OpenShift on VMware vCenter 6 with Gluster
Deploying an OpenShift Distributed Architecture
OpenShift Architecture and Deployment Guide
OpenShift Scaling, Performance, and Capacity Planning
42
REFERENCE ARCHITECTURES

43. THANK YOU
plus.google.com/+RedHat
linkedin.com/company/red-hat
youtube.com/user/RedHatVideos
facebook.com/redhatinc
twitter.com/RedHatNews