The document provides an overview of Red Hat OpenShift Enterprise, which is Red Hat's container application platform. It discusses key OpenShift concepts like Docker containers, Kubernetes cluster management, projects for sandboxing environments, image builds, deployments, services and routes. It also summarizes added value of OpenShift over plain Docker and Kubernetes through features like templates, web console, multi-language support, automated builds and deployments, and enterprise capabilities.

1. a Containerized Application Platform
@SamuelTerburg
OpenShift “Specialist” Solution Architect
March 2016
OpenShift Enterprise

2. • Docker
• Kubernetes added-value
• OpenShift added-value
• Projects
• Source 2 Image Builds
• Deployment pre/post-Hooks
• External (Oracle) Services
• Demo
• Q & A
Agenda

3. Image BImage A
Application Hosting
4
● “Image”
• Unified Packaging format
• Like “war”, “rpm” or “zip”
• For any type of Application
• Portable
● “Container”
• Runtime
• Isolation Hardware
Container
APP A
Image
Host Minimal OS
Container
APP B
Image
Container
APP C
Image
Docker Engine
Docker Registry
RHEL
JDK
Jboss-EAP
Libs A Libs B
App A App B
docker pull <image>

4. But in production we need more than just packaging and isolation
• Scheduling
• Lifecycle
• Discovery
• Monitoring
• Auth{n,z}
• Aggregates
• Scaling

5. Kubernetes Cluster
Registry
Master
Node
Storage
Pod
Volume
Node
Service
Pod
Pod
Image
Kubernetes
a “Cluster Manager” at scale
Dev / Ops
Visitor
Router
• Manages
• 1.000 nodes
• 100.000 containers

6. RED HAT OPENSHIFT ENTERPRISE
We need more than just Cluster Management !
Self Service
-Templates
- Web Console
Multi-Language
Automation
- Deploy
- Build
DevOps
Collaboration
Secure
- Namespaced
- RBAC
Scalable
- Integrated LB
Open Source
Enterprise
- Authentication
- Web Console
- Central Logging

7. RED HAT OPENSHIFT ENTERPRISE
We need more than just Orchestration
Self Service
-Templates
- Web Console
Multi-Language
Automation
- Deploy
- Build
DevOps
Collaboration
Secure
- Namespaced
- RBAC
Scalable
- Integrated LB
Open Source
Enterprise
- Authentication
- Web Console
- Central Logging
OpenShift is Red Hat’s Container Application Platform (PaaS)

8. Project Namespaces
Project
• Sandboxed Environment
• Network VXLan
• Authorization Policies
• Resource Quotas
• Ops in Control, Dev Freedom
oc new-project Project-Dev
oc policy add-role-to-user admin scientist1
oc new-app
--source=https://gitlab/MyJavaApp
--docker-image=jboss-eap
Project “Prod” Project “Dev” Project
Global Services
OpenShift Platform
APP A
Image
APP C
Image
App
• Images run in Containers
• Grouped together as a Service
• Defined as Template

9. Pods
POD Definition:
• Group of Containers
• Deployment unit
• Same namespace
• Emphemeral
Examples:
• JBoss-EAP (Wildfly)
• MySQL
• Wildfly+ MySQL
• App + data-load
• App + proxy

10. Kubernetes Cluster
Pod
JBoss
Example: App + DB
• MySQL seperate
 Scale
 Deploy
• Out of the Box
 Scaling
 Service Discovery
 Enterprisy
Pod
MySQL
kind: Pod
metadata:
name: mydb
spec:
spec:
containers:
- name: backend
image: mysql
ports:
- containerPort: 3306
volumeMount:
- name: data
mount: /var/lib/mysql
volumes:
- name: data
claim:
requests:
storage: 100Gi
Storage
Volume

11. Kubernetes Cluster
Pod
JBoss
Example: App + DB Versioning
Flyway
• Seperate Flyway container
• Mounts git repo
• Git tag = DB Version
• preDeployHook dependency
Pod
MySQL
Storage
Volume
kind: Pod
metadata:
name: myapp
spec:
spec:
containers:
- name: dbversions
image: flyway
volumes:
- gitRepo:
repository: “git@git:/”
- name: frontend
image: jboss-eap
ports:
- containerPort: 8000
resources:
cpu: “100m”
memory: “1Gi”

12. Code
Deploy
Build
Can configure different
deployment strategies
like A/B, Rolling upgrade,
Automated base updates,
and more.
Can configure triggers for
automated deployments,
builds, and more.
Build & Deploy an Image
Source
2
Image Builder
Image
Developer
SCM
Container Image
Builder Images
• Jboss-EAP
• PHP
• Python
• Ruby
• Jenkins
• Customer
• C++ / Go
• S2I (bash) scripts
Triggers
• Image Change (tagging)
• Code Change (webhook)
• Config Change

13. OpenShift Cluster
Master
Node
Storage
Pod
Volume
Node
Service
Pod
Pod
OpenShift
Build & Deploy Architecture
etcd
SkyDNS
Replication
Controller
APIDev/Ops
Router
Deploy
Build
Policies
config
kind: "BuildConfig“
metadata:
name: “myApp-build“
spec:
source:
type: "Git“
git:
uri: "git://gitlab/project/hello.git“
dockerfile: “jboss-eap-6“
strategy:
type: "Source“
sourceStrategy:
from:
kind: "Image“
name: “jboss-eap-6:latest“
output:
to:
kind: “Image“
name: “myApp:latest“
triggers:
- type: "GitHub“
github:
secret: "secret101“
- type: "ImageChange“
# oc start-build myApp-build
Registry
Image
Visitor

14. Deployment Process
• …
• Versions
• Strategy
• Hooks
• Triggers
Deploy
• Scale
• Monitor
Replicate
• Runtime
• State
Pod
• MyJBossApp • MyJBossApp-v1 (2x)
• MyJBossApp-v2 (4x)

15. OpenShift Cluster
Master
Storage
Deploy - Trigger
etcd
Replication
Controller
APIDev/Ops
Deploy
kind: “DeploymentConfig“
metadata:
name: “myApp“
spec:
replicas: 2
selector:
app: myapp
template:
metadata:
name: myapp
labels:
app: mine
spec:
containers:
- name: frontend
image: jboss-eap:latest
ports:
- containerPort: 80
triggers:
- type: "ImageChange“
from:
kind: “Image”
name: “myapp:latest
# oc deploy myApp --latest
Registry
Image
Pod
JBoss
Flyway
Pod
MySQL
Volume

16. OpenShift Cluster
Master
Storage
Deploy - Strategy
etcd
Replication
Controller
APIDev/Ops
Deploy
kind: “DeploymentConfig“
metadata:
name: “myApp“
spec:
replicas: 2
template:
spec:
containers:
- name: frontend
- name: flyway
strategy:
type: rolling
rollingParams:
pre:
execNewPod:
containerName: flyway
volumes: [‘git’]
command: “flyway do”
post:
tagImage:
containerName: frontend
to: “frontend:prod”
triggers: …
# oc deploy myApp --latest
Registry
Image
Pod
JBoss
Flyway
Pod
MySQL
Volume

17. Kubernetes Cluster
MySQL
DB
MySQL
Service
Service Definition:
• Load-Balanced Virtual-IP (layer 4)
• Abstraction layer for your App
• Enables Service Discovery
• DNS
• ENV
Examples:
• frontend
• database
• api
172.16.0.1:3386
PHP
10.1.0.1:3306
10.2.0.1:3306
db.project.cluster.local
Visitor
<?php
mysql_connect(getenv(“db_host”))
mysql_connect(“db:3306”)
?>

18. Pod
Service
Pod
Pod
Labels & Selectors
- apiVersion: v1
kind: Service
metadata:
labels:
app: MyApp
role: BE
phase: DEV
name: MyApp
spec:
ports:
- name: 80-tcp
port: 80
protocol: TCP
targetPort: 8080
selector:
app: MyApp
role: BE
sessionAffinity: None
type: ClusterIP
Role: FE
Phase: Dev
Role: BE
Phase: DEV
Role: BE
Phase: TST
Role: BEthink SQL ‘select ... where ...’
- apiVersion: v1
kind: Pod
metadata:
labels:
app: MyApp
role: BE
phase: DEV
name: MyApp
apiVersion: v1
kind: Endpoints
metadata:
name: my-oracle
subsets:
addresses:
- ip: 192.168.1.82
- ip: 192.168.1.83

19. MySQL
Service
MySQL
Ingress / Router
• Router Definition:
• Layer 7 Load-Balancer /
Reverse Proxy
• SSL/TLS Termination
• Name based Virtual Hosting
• Context Path based Routing
• Customizable (image)
• HA-Proxy
• F5 Big-IP
Examples:
• https://www.mysite.nl/myapp1/
• http://www.mysite.nl/myapp2
172.16.0.1:3386
PHP
10.1.0.1:3306
10.2.0.1:3306
db.project.cluster.local
Visitor
Router https://mysite.nl/service1/apiVersion:
extensions/v1beta1
kind: Ingress
metadata:
name: mysite
spec:
rules:
- host: www.mysite.nl
http:
paths:
- path: /foo
backend:
serviceName: s1
servicePort: 80
- path: /bar
backend:
serviceName: s2
servicePort: 80

20. Kubernetes Cluster
Master
Node
Storage
Pod
Volume
Node
Service
Pod
Pod
Kubernetes
Hosting Architecture
etcd
SkyDNS
Replication
Controller
APIDev/Ops
Ingress
Policies
Registry
Image
VisitorLogging
ELK

21. OpenShift Cluster
Master
Node
Storage
Pod
Volume
Node
Service
Pod
Pod
OpenShift
PaaS Architecture
etcd
SkyDNS
Replication
Controller
APIDev/Ops
Router
Deploy
Build
Policies
config
Registry
Image
VisitorLogging
EFK
• Added “Build”
• Added “Deployment”
• s/ELK/EFK/g
• s/Ingress/Router/g
• Added Policies + tools
• Added WebConsole
• Added Projects
• OpenShift-SDN isolation
Web
Console

22. Demo
• docker run openshift/origin
• Image Layers

23. Setup
yum install docker-engine
docker run openshift/origin

24. Setup
yum install docker-engine
docker run openshift/origin
curl –s https://get.helm.sh | bash
helm update
yum install docker-engine
docker run -d --name "ose" --privileged --net=host --pid=host
-v /:/rootfs:ro
-v /var/run:/var/run:rw
-v /sys:/sys:ro
-v /var/lib/docker:/var/lib/docker:rw
-v /var/lib/origin/openshift.local.volumes:/var/lib/origin/openshift.local.volumes:z
-v /var/lib/origin/openshift.local.config:/var/lib/origin/openshift.local.config:z
-v /var/lib/origin/openshift.local.etcd:/var/lib/origin/openshift.local.etcd:z
openshift3/ose start
--master="https://${OSE_MASTER_IP}:8443"
--etcd-dir="/var/lib/origin/openshift.local.etcd"
--hostname=`hostname`
--cors-allowed-origins=.*

25. Image Layers
redhat/jboss-eap-64
sterburg/jboss-oracle
sterburg/jboss-flyway add
/jboss/modules/oracle
add /usr/local/flywaysterburg/myapp
add
/jboss/deployments/
myapp.war

26. • JBoss EAP
• JBoss Web Server /
Tomcat
• JBoss Developer Studio
• Fuse
• A-MQ
• Data Virtualization
• Business Process
Management *
• Business Rules
Management System
• Red Hat Mobile /
FeedHenry *
Application
Container Services
Integration
Services
Business
Process Services
Mobile
Services
* Coming Soon
Our JBoss Middleware xPaas Service Catalog

27. RED HAT OPENSHIFT ENTERPRISE
CloudForms Management

28. RED HAT OPENSHIFT ENTERPRISE
RED HAT CLOUD SUITE FOR APPLICATIONS
Cloud Management – Alternative Virtualization – OpenStack – Containers – Development

29. RED HAT OPENSHIFT ENTERPRISE
Questions?
plus.google.com/+RedHat
nl.linkedin.com/in/samuelterburg
youtube.com/user/RedHatVideos
facebook.com/redhatinc
twitter.com/SamuelTerburg
github.com/sterburg/