Francesco Fiore, profile picture
Uploaded byFrancesco Fiore
PDF, PPTX563 views

DevOps of Python applications using OpenShift (Italian version)

The document presents a comprehensive overview of using OpenShift for deploying Python applications, covering key topics such as architecture, setup, and integration with CI/CD tools like Jenkins. It details the use of Source-to-Image (S2I) for building applications and explains concepts like application lifecycle management, deployment strategies including blue-green and canary deployments. Additionally, it offers practical examples of using templates and automation to streamline application setup and management.

Embed presentation

Download as PDF, PPTX
DevOps di applicazioni Python (e non solo) su OpenShift Francesco Fiore, System Architect PyCon Nove, 20 aprile 2018
2 Agenda • Cos’è OpenShift • Cenni sull’architettura • Setup di una semplice applicazione • OpenShift per applicazioni Python: source-to-image • Dietro le quinte: API objects • Parametrizzare il setup di applicazioni usando i Template • Git, OpenShift e Jenkins: integrazione nativa per la CI/CD • Application lifecycle management • Application promotion • Strategie di deployment
3 OpenShift overview • Platform as a Service di Red Hat • OpenShift Origin è un progetto opensource • Basato su: – Kubernetes (CaaS) – Docker – Atomic • Add-on rispetto a k8s – API objects – Web console – Software Defined Network – Docker registry – logging centralizzato • Focus su application lifecycle management e automation • Red Hat OpenShift Container Platform
4 OpenShift vs Kubernetes Source to Image (S2I) Integrated Registry Build Configuration Image Stream Deployment Configuration Persistent Volume Claims Replication Controller Replica Sets Daemon Sets Persistent Volumes Secrets Config Maps Services Routes Software Defined Network (SDN) Web console Users and Groups Projects Namespaces OpenShift Kubernetes
5 OpenShift: architettura
6 Setup di una applicazione oc new-project demo oc new-app https://github.com/ffiore/devops-on-openshift-demo.git --context-dir samples/flask --name flask-sample • OpenShift rileva automaticamente qual è la strategy di build – if Jenkinsfile -> Pipeline strategy – elif Dockerfile -> Docker strategy – else -> Source strategy File Linguaggio requirements.txt, setup.py python pom.xml jee app.json, package.json nodejs Godeps, main.go golang cpanfile, index.pl perl composer.json, index.php php Gemfile, Rakefile, config.ru ruby build.sbt scala • Se Source strategy, OpenShift rileva il linguaggio
7 Setup di una applicazione oc new-app https://github.com/ffiore/devops-on-openshift-demo.git --context-dir samples/flask --name flask-sample --env WELCOME_MESSAGE=‘Hello Pycon9!’ --build-env HTTP_PROXY=‘http://x.y.z.w:8080’ oc new-app python:2.7~https://github.com/ffiore/devops-on- openshift-demo.git --context-dir samples/flask --name flask-sample-python27 --env WELCOME_MESSAGE=‘Hello Pycon9!’ oc expose svc flask-sample • Per esporre l’applicazione all’esterno (Route)
8 Source-to-image: Python • s2i è la modalità utilizzata con Source strategy • Nessuna modifica all’applicazione – sufficiente requirements.txt • 4 modalità di esecuzione – Gunicorn • se in requirements.txt o in setup.py (install_requires) • entrypoint: wsgi.py (wsgi:application) o APP_MODULE – Django development server – Python script • APP_FILE, default app.py – Script file • APP_SCRIPT, default app.sh
9 Setup di una applicazione: API objects • BuildConfig – Build • ImageStream – ImageStreamTag • DeploymentConfig – ReplicationController • Pod • Service spec: output: to: kind: ImageStreamTag name: flask-sample:latest source: git: uri: https://github.com/ffiore/devops-on- openshift-demo contextDir: samples/flask type: Git strategy: sourceStrategy: from: kind: ImageStreamTag name: python:3.5 namespace: openshift type: Source triggers: - github: secret: iopmuY9undV5grr7Z8zV type: GitHub - generic: secret: QOhldIxeE2ciwomAgoY9 type: Generic - type: ConfigChange - type: ImageChange apiVersion: v1 kind: BuildConfig metadata: annotations: openshift.io/generated-by: OpenShiftNewApp labels: app: flask-sample name: flask-sample namespace: demo ...
10 Setup di una applicazione: API objects • BuildConfig – Build • ImageStream – ImageStreamTag • DeploymentConfig – ReplicationController • Pod • Service apiVersion: v1 kind: ImageStream metadata: annotations: openshift.io/generated-by: OpenShiftNewApp labels: app: flask-sample name: flask-sample namespace: demo spec: {} status: dockerImageRepository: 172.30.0.128:5000/demo/flask-sample
11 Setup di una applicazione: API objects • BuildConfig – Build • ImageStream – ImageStreamTag • DeploymentConfig – ReplicationController • Pod • Service template: metadata: ... labels: app: flask-sample deploymentconfig: flask-sample spec: containers: - image: flask-sample:latest imagePullPolicy: Always name: flask-sample ports: - containerPort: 8080 protocol: TCP dnsPolicy: ClusterFirst restartPolicy: Always terminationGracePeriodSeconds: 30 triggers: - type: ConfigChange - imageChangeParams: automatic: true containerNames: - flask-sample from: kind: ImageStreamTag name: flask-sample:latest namespace: demo type: ImageChange apiVersion: v1 kind: DeploymentConfig metadata: name: flask-sample namespace: demo spec: replicas: 1 strategy: rollingParams: ... type: Rolling
12 Setup di una applicazione: API objects • BuildConfig – Build • ImageStream – ImageStreamTag • DeploymentConfig – ReplicationController • Pod • Service apiVersion: v1 kind: Service metadata: annotations: openshift.io/generated-by: OpenShiftNewApp labels: app: flask-sample name: flask-sample namespace: demo spec: clusterIP: 172.30.82.11 ports: - name: 8080-tcp port: 8080 protocol: TCP targetPort: 8080 selector: app: flask-sample deploymentconfig: flask-sample type: ClusterIP
13 Creare un Template • Aggiungere altri API object – ConfigMap – Secret – PersistentVolumeClaim – ... • Personalizzare gli oggetti – consumare ConfigMap, Secret, PVC, ecc. – creare legami tra componenti applicativi (es. applicazione + database) • Parametrizzare gli oggetti • Riutilizzare il tutto – su project/ambienti diversi – per applicazioni diverse
14 Usare i Template oc process –f python-flask-sample-s2i.yaml -p APPLICATION_NAME=‘welcome-app’ -p SOURCE_REPOSITORY_URL=‘https://github.com/ffiore/devops-on-openshift- demo’ -p CONTEXT_DIR=‘samples/flask’ -p WELCOME_MESSAGE=‘Hello Pycon9!’ –o yaml | oc create –f - • Creare l’applicazione usando il Template • Inserire un Template «a catalogo» oc –n devops create –f django-postgresql-persistent.yaml • Usare un Template «a catalogo» oc –n devops process django-psql-persistent -p NAME=‘django-app’ -p SOURCE_REPOSITORY_URL=‘https://github.com/sclorg/django-ex’ | oc –n demo create –f -
15 Automatizzare con Jenkins • BuildConfig possono avere strategy jenkinsPipelineStrategy – jenkinsfile – webhook per il triggering da Git • OpenShift si aspetta di trovare una istanza di Jenkins – creazione della pipeline in Jenkins – creazione di un Build • In alternativa, jenkins-ephemeral • Jenkins – autoconfigurazione al primo deploy • puntamenti a Kubernetes • provisioning pipeline esistenti – openshift jenkins plugin (deprecato da OpenShift 3.7) – openshift jenkins client plugin (GA da OpenShift 3.7) • Parametrizzare usando Template – automatic setup e CI/CD
16 Lifecycle management • git flow/gitlab flow/... • github/generic webhook git push/merge • build applicazione • unit test (postCommit) • build image build • setup/update database (pre) • deploy applicazione • integration test (post) deploy
17 Lifecycle management e software promotion git push/merge •git flow/gitlab flow/... •github/generic webhook build •build applicazione •unit test (postCommit) •build image deploy DEV •setup/update database (pre) •deploy applicazione •functional/integration test (post) deploy STAGING •setup/update database (pre) •deploy applicazione •smoke test (post) deploy PRODUCTION •setup/update database (pre) •deploy applicazione •smoke test (post)
18 Rolling deployment • Rimpiazzare le istanze della vecchia versione con la nuova – readiness check – canary deployment – rollback automatico • builtin in OpenShift • quando: – no downtime – N-1 compatibility • lifecycle hooks – pre – post pre hook scale in old rc scale out new rc repeat scaling post hook git push build deploy
19 Recreate deployment • Rimpiazzare tutte le istanze della vecchia versione con la nuova – readiness check – rollback automatico • builtin in OpenShift • quando: – migrazione dati – no N-1 compatibility – RWO volume • downtime • lifecycle hooks – pre – mid – post pre hook scale in to 0 mid hook scale out to N post hook git push build deploy
20 Blue-green deployment • Obiettivo: testing prima dello switch del traffico – smoke test – integration test • 2 versioni dell’applicazione – production – internal (release candidate) • ‘internal’ può essere pubblica o privata • 2 service • 2 deployment configuration • switch gestito da Jenkins • alternativa, API manager – <public, staging, private> URL • N-1 compatibility git push build deploy test go live
21 Blue-green deployment Pod Service Route app app-blue app-blue-1-x app-blue-1-y app-green app-green-2-z app-green-2-k app.os.local.int
22 Blue-green deployment Pod Service Route app app-blue app-blue-1-x app-blue-1-y app-green app-green-2-z app-green-2-k app.os.local.int oc patch route app –p ‘{“spec”: {“to”: {“name”: “app-green”}}}’
23 Canary deployment • Obiettivo: ridurre il rischio di deploy di una nuova versione • come blue/green, ma entrambe versioni online • 1 service • 2 deployment configuration • molteplici shard • proxy shard – scale out/in deployment configs -> traffic splitter (%) • N-1 compatibility • gestito da Jenkins git push build deploy go live test scale out/in
24 Canary deployment Pod Service Route app app app1-1-x app1-1-y app1-1-z app2-1-k app.os.local.int
25 Canary deployment Pod Service Route app app app1-1-x app1-1-y app2-1-k app2-1-t app.os.local.int oc scale --replicas=2 dc app2 && oc scale --replicas=2 dc app1
26 Canary deployment Pod Service Route app app app2-1-k app2-1-t app2-1-j app2-1-w app.os.local.int oc scale --replicas=4 dc app2 && oc scale --replicas=0 dc app1
27 A/B deployment • Obiettivi: – testing di 2 (o più) versioni contemporaneamente – 2 (o più) configurazioni, stessa versione (es. più region) • come A/B testing, ma codice + config • 1 service • 2 (o più) deployment configuration • molteplici shard • proxy shard – scale out/in deployment configs -> traffic splitter (%) • N-1 compatibility • gestito da Jenkins git push build deploy go live test scale out/in
28 A/B deployment Pod Service Route app app app-1-x app-1-k app-a-1-y app-b-2-z app.os.local.int
29 A/B deployment Pod Service Route app app app-1-x app-a-1-y app-b-2-z app-b-2-k oc scale --replicas=2 dc app-b && oc scale --replicas=1 dc app app.os.local.int
30 A/B deployment Pod Service Route app app app-a-1-y app-a-1-t app-b-2-z app-b-2-k oc scale --replicas=2 dc app-a && oc scale --replicas=0 dc app app.os.local.int
31 A/B deployment Pod Service Route app app app-b-2-z app-b-2-k app-b-2-t app-b-2-w oc scale --replicas=4 dc app-b && oc scale --replicas=0 dc app-a app.os.local.int
Sede Legale e Unità Operativa Via Alfredo Campanini, 6 20124 Milano Tel: +39 02.66732.1 – Fax: +39 02.66732.300 Unità Operativa Via Cristoforo Colombo, 163 00147 Roma Tel: +39 06.9826.9600 – Fax: +39 06.9826.9680 Grazie per l’attenzione! francesco.fiore@par-tec.it | @ffiore81 https://www.par-tec.it

More Related Content

PDF
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
byJorge Morales
 
PPTX
Migrating To GitHub
bySridhar Peddinti
 
PPTX
It's a Breeze to develop Airflow (Cloud Native Warsaw)
byJarek Potiuk
 
PDF
Automate Your Automation | DrupalCon Vienna
byPantheon
 
PDF
Git and Github
byWen-Tien Chang
 
PPTX
DevOps with OpenShift - Fabien Dupont - ManageIQ Design Summit 2016
byManageIQ
 
PDF
Brief intro to K8s controller and operator
byShang Xiang Fan
 
PDF
Reproducible development to live applications with Red Hat CDK and Red Hat Op...
byLalatendu Mohanty
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
byJorge Morales
 
Migrating To GitHub
bySridhar Peddinti
 
It's a Breeze to develop Airflow (Cloud Native Warsaw)
byJarek Potiuk
 
Automate Your Automation | DrupalCon Vienna
byPantheon
 
Git and Github
byWen-Tien Chang
 
DevOps with OpenShift - Fabien Dupont - ManageIQ Design Summit 2016
byManageIQ
 
Brief intro to K8s controller and operator
byShang Xiang Fan
 
Reproducible development to live applications with Red Hat CDK and Red Hat Op...
byLalatendu Mohanty
 

What's hot

PDF
Cloud-Native CI/CD on Kubernetes with Tekton Pipelines
byNikhil Thomas
 
PDF
Red Hat OpenShift Operators - Operators ABC
byRobert Bohne
 
PDF
It's a Breeze to develop Apache Airflow (Apache Con Berlin)
byJarek Potiuk
 
PDF
Introduction to Tekton
byVictor Iglesias
 
PDF
GitLab as an Alternative Development Platform for Github.com
byB1 Systems GmbH
 
PDF
はじめての JFrog Artifactory
byTsuyoshi Miyake
 
PDF
Open Source tools overview
byLuciano Resende
 
PDF
Build and run applications in a dockerless kubernetes world
byJorge Morales
 
ODP
An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)
byEric D. Schabell
 
PDF
Meetup Openshift Geneva 03/10
byMagaliDavidCruz
 
PDF
OpenShift-Build-Pipelines: Build -> Test -> Run! @JavaForumStuttgart
byTobias Schneck
 
PDF
Continuous delivery with jenkins pipelines @ devdays
byRoman Pickl
 
PDF
Assign, commit, and review - A developer’s guide to OpenStack contribution-20...
byOpenCity Community
 
PDF
Brief tutorial on Git
by聖文 鄭
 
PDF
Gitlab ci, cncf.sk
byJuraj Hantak
 
PDF
Operator SDK for K8s using Go
byCloudOps2005
 
PDF
How to plan and define your CI-CD pipeline
byElasTest Project
 
PDF
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
byOpenbar
 
PDF
Assign, Commit, and Review
byZhongyue Luo
 
PPTX
Workflows using Git GitHub | Edureka
byEdureka!
 
Cloud-Native CI/CD on Kubernetes with Tekton Pipelines
byNikhil Thomas
 
Red Hat OpenShift Operators - Operators ABC
byRobert Bohne
 
It's a Breeze to develop Apache Airflow (Apache Con Berlin)
byJarek Potiuk
 
Introduction to Tekton
byVictor Iglesias
 
GitLab as an Alternative Development Platform for Github.com
byB1 Systems GmbH
 
はじめての JFrog Artifactory
byTsuyoshi Miyake
 
Open Source tools overview
byLuciano Resende
 
Build and run applications in a dockerless kubernetes world
byJorge Morales
 
An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)
byEric D. Schabell
 
Meetup Openshift Geneva 03/10
byMagaliDavidCruz
 
OpenShift-Build-Pipelines: Build -> Test -> Run! @JavaForumStuttgart
byTobias Schneck
 
Continuous delivery with jenkins pipelines @ devdays
byRoman Pickl
 
Assign, commit, and review - A developer’s guide to OpenStack contribution-20...
byOpenCity Community
 
Brief tutorial on Git
by聖文 鄭
 
Gitlab ci, cncf.sk
byJuraj Hantak
 
Operator SDK for K8s using Go
byCloudOps2005
 
How to plan and define your CI-CD pipeline
byElasTest Project
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
byOpenbar
 
Assign, Commit, and Review
byZhongyue Luo
 
Workflows using Git GitHub | Edureka
byEdureka!
 

Similar to DevOps of Python applications using OpenShift (Italian version)

PDF
Openshift cheat rhce_r3v1 rhce
byDarnette A
 
PDF
Rodando *qualquer coisa* na nuvem com OpenShift, o PaaS open source da Red Hat
byFabiano Franz
 
PPTX
DevOps best practices with OpenShift
byMichael Lehmann
 
PDF
Red Hat Forum Benelux 2015
byMicrosoft
 
ODP
Deploying & Scaling OpenShift on OpenStack using Heat - OpenStack Seattle Mee...
byOpenShift Origin
 
ODP
Deploying & Scaling OpenShift on OpenStack using Heat - OpenStack Seattle Mee...
byDiane Mueller
 
ODP
Openshift: Build, deploy & manage open, standard containers
byJonh Wendell
 
PPTX
OpenShift: Devops Made Easy
byBent Terp
 
PDF
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
byNatale Vinto
 
ODP
OpenShift PaaS Anywhere (Infrastructure.Next Ghent 2014-02-24) Diane Mueller
byOpenShift Origin
 
PDF
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
byOpenShift Origin
 
PDF
TechEvent OpenShift for Developers
byTrivadis
 
PPTX
Accelerating Application Delivery with OpenShift
byPOSSCON
 
PDF
OpenShift As A DevOps Platform
byLalatendu Mohanty
 
ODP
OpenShift Anywhere given at Infrastructure.Next Talk at #Scale12X
byOpenShift Origin
 
PDF
NLUUG Spring 2012 - OpenShift Primer
byEric D. Schabell
 
PDF
Codemotion 2012 Rome - An OpenShift Primer
byEric D. Schabell
 
PDF
PuppetConf 2016: Using Puppet with Kubernetes and OpenShift – Diane Mueller, ...
byPuppet
 
PDF
OpenShift State of the Union, brought to you by JBoss
byEric D. Schabell
 
PPTX
Chapter 06: Eclipse Vert.x - Reactive Microservices with OpenShift
byFirmansyah, SCJP, OCEWCD, OCEWSD, TOGAF, OCMJEA, CEH
 
Openshift cheat rhce_r3v1 rhce
byDarnette A
 
Rodando *qualquer coisa* na nuvem com OpenShift, o PaaS open source da Red Hat
byFabiano Franz
 
DevOps best practices with OpenShift
byMichael Lehmann
 
Red Hat Forum Benelux 2015
byMicrosoft
 
Deploying & Scaling OpenShift on OpenStack using Heat - OpenStack Seattle Mee...
byOpenShift Origin
 
Deploying & Scaling OpenShift on OpenStack using Heat - OpenStack Seattle Mee...
byDiane Mueller
 
Openshift: Build, deploy & manage open, standard containers
byJonh Wendell
 
OpenShift: Devops Made Easy
byBent Terp
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
byNatale Vinto
 
OpenShift PaaS Anywhere (Infrastructure.Next Ghent 2014-02-24) Diane Mueller
byOpenShift Origin
 
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
byOpenShift Origin
 
TechEvent OpenShift for Developers
byTrivadis
 
Accelerating Application Delivery with OpenShift
byPOSSCON
 
OpenShift As A DevOps Platform
byLalatendu Mohanty
 
OpenShift Anywhere given at Infrastructure.Next Talk at #Scale12X
byOpenShift Origin
 
NLUUG Spring 2012 - OpenShift Primer
byEric D. Schabell
 
Codemotion 2012 Rome - An OpenShift Primer
byEric D. Schabell
 
PuppetConf 2016: Using Puppet with Kubernetes and OpenShift – Diane Mueller, ...
byPuppet
 
OpenShift State of the Union, brought to you by JBoss
byEric D. Schabell
 
Chapter 06: Eclipse Vert.x - Reactive Microservices with OpenShift
byFirmansyah, SCJP, OCEWCD, OCEWSD, TOGAF, OCMJEA, CEH
 

Recently uploaded

PPTX
SAP S4 HANA Conversion and Migration .pptx
bysabeenakouser
 
PDF
Track Phone Location on iPhone (2026)_ What Actually Works, What’s a Scam, an...
byOlive Dimitrescu
 
PDF
Massage Booking App Development Company
byV3CUBE TECHNOLABS
 
PDF
Build a Scalable On-Demand Courier Service App
byV3CUBE TECHNOLABS
 
PDF
Attendance Dashboard – Time & Attendance Analytics
byHajir Pro
 
PDF
Animated Safety Induction: A Smarter Way to Onboard for Workplace Safety
byTECH EHS Solution
 
PPTX
HackYourBrain_JFokusConference_03022026.pptx
bySimonedeGijt
 
PPTX
BUSY Software Business Management Solution.pptx
byMoving Cloud
 
PDF
2026 Safety Roadmap: Systems, Skills, and Scale for EHS Leaders
byTECH EHS Solution
 
PDF
software architecture for busy developers
byMuhammadAwaisQaisran
 
PPTX
HR Software for Construction: Smarter Workforce & Payroll Management
byhelixtahr
 
PDF
apidays Australia 2025 | Orchestrator vs. Choreography
byapidays
 
PDF
apidays Australia 2025 | Build Your First MCP Server with Postman Flows
byapidays
 
PDF
Track Phone Location Free by Number (2026)_ What’s Real, What’s a Scam, and t...
byRachel Green
 
PPTX
2025 S/4HANA Cloud Release Upgrade Overview.pptx
byssuser835a7b
 
PDF
Image and video processing: From Mars to Hollywood with a stop at the hospita...
byHarinath Palavalli
 
PDF
Azure DevOps Services: Complete Guide to DevOps Tools, Automation & End-to-En...
byjohncarterjn
 
PDF
Project Tracking in Software Project Management
bySahanaBarveen1
 
PDF
apidays Amsterdam 2025 | APIs with a Purpose
byapidays
 
PDF
On Demand Grocery Delivery App Development
byV3CUBE TECHNOLABS
 
SAP S4 HANA Conversion and Migration .pptx
bysabeenakouser
 
Track Phone Location on iPhone (2026)_ What Actually Works, What’s a Scam, an...
byOlive Dimitrescu
 
Massage Booking App Development Company
byV3CUBE TECHNOLABS
 
Build a Scalable On-Demand Courier Service App
byV3CUBE TECHNOLABS
 
Attendance Dashboard – Time & Attendance Analytics
byHajir Pro
 
Animated Safety Induction: A Smarter Way to Onboard for Workplace Safety
byTECH EHS Solution
 
HackYourBrain_JFokusConference_03022026.pptx
bySimonedeGijt
 
BUSY Software Business Management Solution.pptx
byMoving Cloud
 
2026 Safety Roadmap: Systems, Skills, and Scale for EHS Leaders
byTECH EHS Solution
 
software architecture for busy developers
byMuhammadAwaisQaisran
 
HR Software for Construction: Smarter Workforce & Payroll Management
byhelixtahr
 
apidays Australia 2025 | Orchestrator vs. Choreography
byapidays
 
apidays Australia 2025 | Build Your First MCP Server with Postman Flows
byapidays
 
Track Phone Location Free by Number (2026)_ What’s Real, What’s a Scam, and t...
byRachel Green
 
2025 S/4HANA Cloud Release Upgrade Overview.pptx
byssuser835a7b
 
Image and video processing: From Mars to Hollywood with a stop at the hospita...
byHarinath Palavalli
 
Azure DevOps Services: Complete Guide to DevOps Tools, Automation & End-to-En...
byjohncarterjn
 
Project Tracking in Software Project Management
bySahanaBarveen1
 
apidays Amsterdam 2025 | APIs with a Purpose
byapidays
 
On Demand Grocery Delivery App Development
byV3CUBE TECHNOLABS
 

DevOps of Python applications using OpenShift (Italian version)

  • 1.
    DevOps di applicazioniPython (e non solo) su OpenShift Francesco Fiore, System Architect PyCon Nove, 20 aprile 2018
  • 2.
    2 Agenda • Cos’è OpenShift •Cenni sull’architettura • Setup di una semplice applicazione • OpenShift per applicazioni Python: source-to-image • Dietro le quinte: API objects • Parametrizzare il setup di applicazioni usando i Template • Git, OpenShift e Jenkins: integrazione nativa per la CI/CD • Application lifecycle management • Application promotion • Strategie di deployment
  • 3.
    3 OpenShift overview • Platformas a Service di Red Hat • OpenShift Origin è un progetto opensource • Basato su: – Kubernetes (CaaS) – Docker – Atomic • Add-on rispetto a k8s – API objects – Web console – Software Defined Network – Docker registry – logging centralizzato • Focus su application lifecycle management e automation • Red Hat OpenShift Container Platform
  • 4.
    4 OpenShift vs Kubernetes Sourceto Image (S2I) Integrated Registry Build Configuration Image Stream Deployment Configuration Persistent Volume Claims Replication Controller Replica Sets Daemon Sets Persistent Volumes Secrets Config Maps Services Routes Software Defined Network (SDN) Web console Users and Groups Projects Namespaces OpenShift Kubernetes
  • 5.
  • 6.
    6 Setup di unaapplicazione oc new-project demo oc new-app https://github.com/ffiore/devops-on-openshift-demo.git --context-dir samples/flask --name flask-sample • OpenShift rileva automaticamente qual è la strategy di build – if Jenkinsfile -> Pipeline strategy – elif Dockerfile -> Docker strategy – else -> Source strategy File Linguaggio requirements.txt, setup.py python pom.xml jee app.json, package.json nodejs Godeps, main.go golang cpanfile, index.pl perl composer.json, index.php php Gemfile, Rakefile, config.ru ruby build.sbt scala • Se Source strategy, OpenShift rileva il linguaggio
  • 7.
    7 Setup di unaapplicazione oc new-app https://github.com/ffiore/devops-on-openshift-demo.git --context-dir samples/flask --name flask-sample --env WELCOME_MESSAGE=‘Hello Pycon9!’ --build-env HTTP_PROXY=‘http://x.y.z.w:8080’ oc new-app python:2.7~https://github.com/ffiore/devops-on- openshift-demo.git --context-dir samples/flask --name flask-sample-python27 --env WELCOME_MESSAGE=‘Hello Pycon9!’ oc expose svc flask-sample • Per esporre l’applicazione all’esterno (Route)
  • 8.
    8 Source-to-image: Python • s2iè la modalità utilizzata con Source strategy • Nessuna modifica all’applicazione – sufficiente requirements.txt • 4 modalità di esecuzione – Gunicorn • se in requirements.txt o in setup.py (install_requires) • entrypoint: wsgi.py (wsgi:application) o APP_MODULE – Django development server – Python script • APP_FILE, default app.py – Script file • APP_SCRIPT, default app.sh
  • 9.
    9 Setup di unaapplicazione: API objects • BuildConfig – Build • ImageStream – ImageStreamTag • DeploymentConfig – ReplicationController • Pod • Service spec: output: to: kind: ImageStreamTag name: flask-sample:latest source: git: uri: https://github.com/ffiore/devops-on- openshift-demo contextDir: samples/flask type: Git strategy: sourceStrategy: from: kind: ImageStreamTag name: python:3.5 namespace: openshift type: Source triggers: - github: secret: iopmuY9undV5grr7Z8zV type: GitHub - generic: secret: QOhldIxeE2ciwomAgoY9 type: Generic - type: ConfigChange - type: ImageChange apiVersion: v1 kind: BuildConfig metadata: annotations: openshift.io/generated-by: OpenShiftNewApp labels: app: flask-sample name: flask-sample namespace: demo ...
  • 10.
    10 Setup di unaapplicazione: API objects • BuildConfig – Build • ImageStream – ImageStreamTag • DeploymentConfig – ReplicationController • Pod • Service apiVersion: v1 kind: ImageStream metadata: annotations: openshift.io/generated-by: OpenShiftNewApp labels: app: flask-sample name: flask-sample namespace: demo spec: {} status: dockerImageRepository: 172.30.0.128:5000/demo/flask-sample
  • 11.
    11 Setup di unaapplicazione: API objects • BuildConfig – Build • ImageStream – ImageStreamTag • DeploymentConfig – ReplicationController • Pod • Service template: metadata: ... labels: app: flask-sample deploymentconfig: flask-sample spec: containers: - image: flask-sample:latest imagePullPolicy: Always name: flask-sample ports: - containerPort: 8080 protocol: TCP dnsPolicy: ClusterFirst restartPolicy: Always terminationGracePeriodSeconds: 30 triggers: - type: ConfigChange - imageChangeParams: automatic: true containerNames: - flask-sample from: kind: ImageStreamTag name: flask-sample:latest namespace: demo type: ImageChange apiVersion: v1 kind: DeploymentConfig metadata: name: flask-sample namespace: demo spec: replicas: 1 strategy: rollingParams: ... type: Rolling
  • 12.
    12 Setup di unaapplicazione: API objects • BuildConfig – Build • ImageStream – ImageStreamTag • DeploymentConfig – ReplicationController • Pod • Service apiVersion: v1 kind: Service metadata: annotations: openshift.io/generated-by: OpenShiftNewApp labels: app: flask-sample name: flask-sample namespace: demo spec: clusterIP: 172.30.82.11 ports: - name: 8080-tcp port: 8080 protocol: TCP targetPort: 8080 selector: app: flask-sample deploymentconfig: flask-sample type: ClusterIP
  • 13.
    13 Creare un Template •Aggiungere altri API object – ConfigMap – Secret – PersistentVolumeClaim – ... • Personalizzare gli oggetti – consumare ConfigMap, Secret, PVC, ecc. – creare legami tra componenti applicativi (es. applicazione + database) • Parametrizzare gli oggetti • Riutilizzare il tutto – su project/ambienti diversi – per applicazioni diverse
  • 14.
    14 Usare i Template ocprocess –f python-flask-sample-s2i.yaml -p APPLICATION_NAME=‘welcome-app’ -p SOURCE_REPOSITORY_URL=‘https://github.com/ffiore/devops-on-openshift- demo’ -p CONTEXT_DIR=‘samples/flask’ -p WELCOME_MESSAGE=‘Hello Pycon9!’ –o yaml | oc create –f - • Creare l’applicazione usando il Template • Inserire un Template «a catalogo» oc –n devops create –f django-postgresql-persistent.yaml • Usare un Template «a catalogo» oc –n devops process django-psql-persistent -p NAME=‘django-app’ -p SOURCE_REPOSITORY_URL=‘https://github.com/sclorg/django-ex’ | oc –n demo create –f -
  • 15.
    15 Automatizzare con Jenkins •BuildConfig possono avere strategy jenkinsPipelineStrategy – jenkinsfile – webhook per il triggering da Git • OpenShift si aspetta di trovare una istanza di Jenkins – creazione della pipeline in Jenkins – creazione di un Build • In alternativa, jenkins-ephemeral • Jenkins – autoconfigurazione al primo deploy • puntamenti a Kubernetes • provisioning pipeline esistenti – openshift jenkins plugin (deprecato da OpenShift 3.7) – openshift jenkins client plugin (GA da OpenShift 3.7) • Parametrizzare usando Template – automatic setup e CI/CD
  • 16.
    16 Lifecycle management • gitflow/gitlab flow/... • github/generic webhook git push/merge • build applicazione • unit test (postCommit) • build image build • setup/update database (pre) • deploy applicazione • integration test (post) deploy
  • 17.
    17 Lifecycle management esoftware promotion git push/merge •git flow/gitlab flow/... •github/generic webhook build •build applicazione •unit test (postCommit) •build image deploy DEV •setup/update database (pre) •deploy applicazione •functional/integration test (post) deploy STAGING •setup/update database (pre) •deploy applicazione •smoke test (post) deploy PRODUCTION •setup/update database (pre) •deploy applicazione •smoke test (post)
  • 18.
    18 Rolling deployment • Rimpiazzarele istanze della vecchia versione con la nuova – readiness check – canary deployment – rollback automatico • builtin in OpenShift • quando: – no downtime – N-1 compatibility • lifecycle hooks – pre – post pre hook scale in old rc scale out new rc repeat scaling post hook git push build deploy
  • 19.
    19 Recreate deployment • Rimpiazzaretutte le istanze della vecchia versione con la nuova – readiness check – rollback automatico • builtin in OpenShift • quando: – migrazione dati – no N-1 compatibility – RWO volume • downtime • lifecycle hooks – pre – mid – post pre hook scale in to 0 mid hook scale out to N post hook git push build deploy
  • 20.
    20 Blue-green deployment • Obiettivo:testing prima dello switch del traffico – smoke test – integration test • 2 versioni dell’applicazione – production – internal (release candidate) • ‘internal’ può essere pubblica o privata • 2 service • 2 deployment configuration • switch gestito da Jenkins • alternativa, API manager – <public, staging, private> URL • N-1 compatibility git push build deploy test go live
  • 21.
    21 Blue-green deployment Pod Service Route app app-blue app-blue-1-xapp-blue-1-y app-green app-green-2-z app-green-2-k app.os.local.int
  • 22.
    22 Blue-green deployment Pod Service Route app app-blue app-blue-1-xapp-blue-1-y app-green app-green-2-z app-green-2-k app.os.local.int oc patch route app –p ‘{“spec”: {“to”: {“name”: “app-green”}}}’
  • 23.
    23 Canary deployment • Obiettivo:ridurre il rischio di deploy di una nuova versione • come blue/green, ma entrambe versioni online • 1 service • 2 deployment configuration • molteplici shard • proxy shard – scale out/in deployment configs -> traffic splitter (%) • N-1 compatibility • gestito da Jenkins git push build deploy go live test scale out/in
  • 24.
    24 Canary deployment Pod Service Route app app app1-1-xapp1-1-y app1-1-z app2-1-k app.os.local.int
  • 25.
    25 Canary deployment Pod Service Route app app app1-1-xapp1-1-y app2-1-k app2-1-t app.os.local.int oc scale --replicas=2 dc app2 && oc scale --replicas=2 dc app1
  • 26.
    26 Canary deployment Pod Service Route app app app2-1-kapp2-1-t app2-1-j app2-1-w app.os.local.int oc scale --replicas=4 dc app2 && oc scale --replicas=0 dc app1
  • 27.
    27 A/B deployment • Obiettivi: –testing di 2 (o più) versioni contemporaneamente – 2 (o più) configurazioni, stessa versione (es. più region) • come A/B testing, ma codice + config • 1 service • 2 (o più) deployment configuration • molteplici shard • proxy shard – scale out/in deployment configs -> traffic splitter (%) • N-1 compatibility • gestito da Jenkins git push build deploy go live test scale out/in
  • 28.
    28 A/B deployment Pod Service Route app app app-1-xapp-1-k app-a-1-y app-b-2-z app.os.local.int
  • 29.
    29 A/B deployment Pod Service Route app app app-1-xapp-a-1-y app-b-2-z app-b-2-k oc scale --replicas=2 dc app-b && oc scale --replicas=1 dc app app.os.local.int
  • 30.
    30 A/B deployment Pod Service Route app app app-a-1-yapp-a-1-t app-b-2-z app-b-2-k oc scale --replicas=2 dc app-a && oc scale --replicas=0 dc app app.os.local.int
  • 31.
    31 A/B deployment Pod Service Route app app app-b-2-zapp-b-2-k app-b-2-t app-b-2-w oc scale --replicas=4 dc app-b && oc scale --replicas=0 dc app-a app.os.local.int
  • 32.
    Sede Legale eUnità Operativa Via Alfredo Campanini, 6 20124 Milano Tel: +39 02.66732.1 – Fax: +39 02.66732.300 Unità Operativa Via Cristoforo Colombo, 163 00147 Roma Tel: +39 06.9826.9600 – Fax: +39 06.9826.9680 Grazie per l’attenzione! francesco.fiore@par-tec.it | @ffiore81 https://www.par-tec.it