OpenShift Origin, profile picture
Uploaded byOpenShift Origin
PDF, PPTX4,131 views

Building Domain-specific PaaS with OpenShift Origin: The TRESOR Healthcare Project

The document outlines the development of a domain-specific Platform as a Service (PaaS) called Tresor, which uses OpenShift to provide a secure and flexible cloud environment for healthcare applications. It discusses the project's goals, customization options, and integration capabilities with other services, while highlighting importance of data security in the healthcare sector. The Tresor PaaS is seen as a certified solution for managing sensitive medical records, with plans for its implementation in hospitals by 2015.

Embed presentation

Download as PDF, PPTX
TRESOR Building a domain specific PaaS with OpenShift OpenShift Community Day Prague 22nd September 2013
About myself Alexander Grzesik Head of Development medisite Systemhaus Working 15 years in software development Java Software Architecture Medical Software alexander.grzesik@medisite.de 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Topics (1)TRESOR Project – the idea (2)Why OpenShift (3)TRESOR on OpenShift (4)Customizing OpenShift (5)Summary 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Chapter 1 TRESOR Project – the idea 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Cloud – the future ? By David Fletcher 22nd Sep 2013 Building a domain specific PaaS with OpenShift
The Cloud & Healthcare • Patient‘s medical record is especially sensitive data. Only people involved in patient care should have access to the information. • Doctor‘s liability: Control who can access „their“ data • Fast access to life-critical information • Medical record storage requirements (10-30 years) • Low affinity of medical persons to IT Objections to cloud usage in healthcare 22nd Sep 2013 Building a domain specific PaaS with OpenShift
TRESOR Partners 22nd Sep 2013 Building a domain specific PaaS with OpenShift
TRESOR Overview Trusted Ecosystem for Standardized and Open cloud-based Resources • Cloud Ecosystem for secure cloud services – Proxy for secure communication – Broker for procurement – Marketplace – PaaS Platform • Trusted Environment for handling sensitive data • Open Platform for developing and providing domain specific cloud applications 22nd Sep 2013 Building a domain specific PaaS with OpenShift
TRESOR Cloud Ecosystem TRESOR PaaS TRESOR User TRESOR Ecosystem TRESOR Service Provider IaaS-Provider TRESOR Proxy (Client) TRESOR Proxy (Client) IDM (i.e. Active Directory) Clients TRESOR Proxy (Client) Authentication Service use Authorization Marketplace TRESOR Proxy (Trusted 3rd Party) TRESOR Billing TRESOR Broker Service Profile Repository Client Profile Repository TRESOR Proxy (Service) Search, Maintain, Match Billing SLAMonitoring MMV PAI ... Service use Dynamic Services Manage 22nd Sep 2013 Building a domain specific PaaS with OpenShift
TRESOR Goals CloudFlexible SecureOpen Extensible OSGi based Use of Standards Development tools Data Security Encrypted Data Secure Communication Certified Scalable Reliable High Availability Powered by OpenShift Fast Time-to-Market No Vendor Lock-In Different usage scenarios 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Chapter 2 Why OpenShift ? 22nd Sep 2013 Building a domain specific PaaS with OpenShift
History of TRESOR • Project Idea in 2010 • Project announced on CeBit 2011 • Project Start 03/2012 • Rapid developments in PaaS technology • Make or Use ? • Evaluation of available PaaS technologies 22nd Sep 2013 Building a domain specific PaaS with OpenShift
PaaS Criteria • Supported Technologies • Open Source • Vendor • Community • Scaling • Extension • Infrastructure (IaaS) Support • Documentation 22nd Sep 2013 Building a domain specific PaaS with OpenShift
The candidates (2012) 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Why OpenShift • Supported Technologies • Fully Open Source • Extensibility and flexibility • IaaS support • Growing documentation • Great Community • Red Hat 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Starting Problems (2012) • Problems with installation • Constant Changes on OpenShift • No Stable Version of Open Source project • Documentation not up to date • No clear Roadmap • Some missing features 22nd Sep 2013 Building a domain specific PaaS with OpenShift
One year later • 2 Releases of OpenShift Origin • Regular builds • Roadmap & development process • Improved documentation • Community manager • New features – Cartridge v2 – PostgreSQL 9.2 – Web Console 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Open Points • Setup still complicated  Installation Scripts are in Progress • Better PaaS Monitoring  On Roadmap • Custom and Database Scaling  We are working on a solution • Documentation misses some details  Everybody can help 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Chapter 3 TRESOR on OpenShift 22nd Sep 2013 Building a domain specific PaaS with OpenShift
TRESOR PaaS at a glance Strong Encryption Powered by OpenShift Open Platform Polyglot Persistence Modular Architecture 6dfg4854 fgf72548 151fd545 5454sff5 44485ddf 151538fd 179hg45g 658g54d1 15414gfg 584551gh 11fghf15 154215jh 2152fgh5 14925fg1 15325sgd 78dfd15d 7654fghd 897fg21d 98dfgh2d 874dfg6d 3544sdfg Use of Standards 22nd Sep 2013 Building a domain specific PaaS with OpenShift
OpenShift Integration • OpenShift Origin provides runtime for application services • Provisioning and scaling • Development services (Git & Jenkins) • Use and extend PostgreSQL and MongoDB cartridges • Custom cartridges and plugins 22nd Sep 2013 Building a domain specific PaaS with OpenShift
TRESOR on OpenShift OSGi Application Server Encryption ServicesAuthorization Framework MongoDB HSM External IDM PostgreSQL User TRESOR Ecosystem 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Chapter 4 Customizing OpenShift 22nd Sep 2013 Building a domain specific PaaS with OpenShift
New Cartridges • Glassfish 4 – OSGi / JavaEE Application Server • Elastic Search – Search and Index Engine • OpenAM (openam.forgerock.org) – Authentication and Authorization Services • OSGi Bundle Repository – Central bundle provisioning 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Extending OpenShift – How to start • Use the VM Image to develop your cartridge – Make use of snapshots !! • Test scripts without OpenShift • Use DIY and CDK • Check the documentation and logs: /var/log/openshift • Be patient 22nd Sep 2013 Building a domain specific PaaS with OpenShift
New Cartridge – DIY • First getting it up as DIY • Glassfish already has a good quick start example: https://github.com/shekhargulati/glassfish4 -openshift-quickstart • Cons: – Needs to provide complete runtime – No Scaling – Only http port 22nd Sep 2013 Building a domain specific PaaS with OpenShift
DIY Cartridge Structure - example 22nd Sep 2013 Building a domain specific PaaS with OpenShift
DIY Scripts – Glassfish #!/bin/bash # The logic to start up your application should be put in this # script. The application will work only if it binds to # $OPENSHIFT_INTERNAL_IP:8080 echo 'Starting Glassfish DIY...' > $OPENSHIFT_DIY_LOG_DIR/server.log set -x cd $OPENSHIFT_REPO_DIR/diy/glassfish4/glassfish/domains/domain1/config/ mv domain.xml domain.xml_2 sed "s/$( grep serverName domain.xml_2 | cut -d" -f 2 )/${OPENSHIFT_DIY_IP}/g" domain.xml_2 > domain.xml chmod u+x $OPENSHIFT_REPO_DIR/diy/glassfish4/glassfish/bin/asadmin $OPENSHIFT_REPO_DIR/diy/glassfish4/glassfish/bin/asadmin start-domain &> $OPENSHIFT_DIY_LOG_DIR/server.log 22nd Sep 2013 Building a domain specific PaaS with OpenShift
DIY Glassfish config • Modify domain.xml: – Remove non http-port listeners – Replace all hostname references with OPENSHIFT_DIY_IP – Startup script will replace token OPENSHIFT_DIY_IP token in domain.xml 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Glassfish Custom Cartridge • Starting Point: Tomcat cartridge • Modify to: – Download and install Glassfish 4 – Setup Glassfish cartridge – Deployment and startup of custom domain – Graceful shutdown 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Glassfish Cartridge - Structure 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Glassfish Cartridge – Manifest.yml Name: glassfish Cartridge-Short-Name: GLASSFISH Cartridge-Vendor: medisite Cartridge-Version: 0.0.1 Display-Name: Glassfish 4 Description: "Glassfish 4 JavaEE and OSGi Server" Version: '4.0‚ Source-Url: git@git.medisite/tresor/openshift-glassfish-cartridge License: CDDL 1.1 Vendor: oracle Categories: - service - java - glassfish - glassfish4 - web_framework Website: http://glassfish.java.net/ 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Glassfish Cartridge - Endpoints Endpoints: - Private-IP-Name: IP Private-Port-Name: HTTP_PORT Private-Port: 8080 Public-Port-Name: HTTP_PROXY_PORT - Private-IP-Name: IP Private-Port-Name: ADMIN_PORT Private-Port: 4848 Public-Port-Name: ADMIN_PROXY_PORT 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Glassfish Cartridge - Setup #!/bin/bash SYSTEM_GLASSFISH_DIR=/var/lib/glassfish4 mkdir ${OPENSHIFT_GLASSFISH_DIR}/{config,run,logs,tmp} # Link the system Glassfish binaries to the cart Glassfish instance ln -s ${SYSTEM_GLASSFISH_DIR}/glassfish/bin/asadmin ${OPENSHIFT_GLASSFISH_DIR}/bin/asadmin ln -s ${SYSTEM_GLASSFISH_DIR}/glassfish/lib ${OPENSHIFT_GLASSFISH_DIR}/lib # Copy the default configurations to the Glassfish conf directory cp ${OPENSHIFT_GLASSFISH_DIR}/versions/4.0/config/* ${OPENSHIFT_GLASSFISH_DIR}/config • Handles setup of cartridge per application 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Glassfish Cartridge - Control GLASSFISH_PID_FILE="${OPENSHIFT_GLASSFISH_DIR}/run/glassfish.pid„ … function start_app() { # Check for running app … # remove old deployment and redeploy rm -r ${OPENSHIFT_GLASSFISH_DIR}/domain1 mkdir ${OPENSHIFT_GLASSFISH_DIR}/domain1 cp ${OPENSHIFT_REPO_DIR}/domain1/* ${OPENSHIFT_GLASSFISH_DIR}/domain1 cd ${OPENSHIFT_GLASSFISH_DIR}/domain1/config/ mv domain.xml domain.xml_2 sed "s/$( grep serverName domain.xml_2 | cut -d" -f 2 )/${OPENSHIFT_GLASSFISH_IP}/g" domain.xml_2 > domain.xml # Start domain ${OPENSHIFT_GLASSFISH_DIR}/bin/asadmin start-domain ${OPENSHIFT_GLASSFISH_DIR}/domain1 &>&2 … ps -ef | grep glassfish | grep -v grep | awk '{print $2}' > $GLASSFISH_PID_FILE • Control startup and shutdown 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Install Cartridge • Install Cartridge: oo-admin-cartridge -a install -s /usr/libexec/openshift/cartridges/v2/glassfish • Downloadable Cartridge: rhc create-app gfapp http://git.medisite/tresor/openshift-glassfish- cartridge/blob/master/metadata/manifest.yml • Clear Cache: # cd /var/www/openshift/broker # bundle exec rake tmp:clear 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Open Things • Scaling • Add database support • Integration with build server • Automatic deployment of OSGi Bundles • Documentation • Public availability 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Custom Scaling • Scaling not only via request count – Response times – Active Users • Service Specific Scaling – Some Services are more critical • Customer Specific Scaling Rules – Customer booking of scaling options 22nd Sep 2013 Building a domain specific PaaS with OpenShift
DB Replication and Scaling • MongoDB Shard Cluster on OpenShift • PostgreSQL Replication Set • Automatic setup during provisioning • Evaluate dynamic scaling options 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Other Extensions to OpenShift • Provisioning Interface • Usage Reporting • Application Monitoring • Encryption 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Chapter 5 Summary 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Final Target (2015) • TRESOR PaaS will be used in two hospitals • Hosted in a German Telekom datacenter • Certified according German data security regulations • Available as an OSGi based development platform for healthcare applications 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Summary • OpenShift allows building of custom PaaS implementations • Powerful extension mechanism via cartridges and plugins • Active community and good support • OpenShift will be one of the major players in PaaS area in the future • TRESOR extends OpenShift for domain specific usage 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Extending OpenShift useful links https://www.openshift.com/developers/downl oad-cartridges https://github.com/smarterclayton/openshift- cdk-cart https://www.openshift.com/blogs/new- openshift-cartridge-format-part-1 http://openshift.github.io/documentation/oo_ cartridge_developers_guide.html http://cloud-mechanic.blogspot.de 22nd Sep 2013 Building a domain specific PaaS with OpenShift
Questions ? 22nd Sep 2013 Building a domain specific PaaS with OpenShift

More Related Content

PDF
PaaS Lessons: Cisco IT Deploys OpenShift to Meet Developer Demand
byCisco IT
 
PDF
Putting Drupal in the Cloud with Red Hat's OpenShift PaaS #DrupalCon/Prague
byOpenShift Origin
 
PDF
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
byOpenShift Origin
 
ODP
DevOps, PaaS and the Modern Enterprise CloudExpo Europe presentation by Diane...
byOpenShift Origin
 
ODP
Putting The PaaS in OpenStack with Diane Mueller @RedHat
byOpenShift Origin
 
ODP
Deploying & Scaling OpenShift on OpenStack using Heat - OpenStack Seattle Mee...
byDiane Mueller
 
PDF
OpenShift and next generation application development
bySyed Shaaf
 
PDF
OpenShift In a Nutshell - Episode 01 - Introduction
byBehnam Loghmani
 
PaaS Lessons: Cisco IT Deploys OpenShift to Meet Developer Demand
byCisco IT
 
Putting Drupal in the Cloud with Red Hat's OpenShift PaaS #DrupalCon/Prague
byOpenShift Origin
 
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
byOpenShift Origin
 
DevOps, PaaS and the Modern Enterprise CloudExpo Europe presentation by Diane...
byOpenShift Origin
 
Putting The PaaS in OpenStack with Diane Mueller @RedHat
byOpenShift Origin
 
Deploying & Scaling OpenShift on OpenStack using Heat - OpenStack Seattle Mee...
byDiane Mueller
 
OpenShift and next generation application development
bySyed Shaaf
 
OpenShift In a Nutshell - Episode 01 - Introduction
byBehnam Loghmani
 

What's hot

PDF
Kubernetes or OpenShift - choosing your container platform for Dev and Ops
byTomasz Cholewa
 
ODP
OpenShift PaaS Anywhere (Infrastructure.Next Ghent 2014-02-24) Diane Mueller
byOpenShift Origin
 
PDF
OpenShift Meetup 8th july 2019 at ConSol - OpenShift v4
byRobert Bohne
 
PDF
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
byOpenbar
 
PPTX
FICO Open Shift presentation
byNicholas Gerasimatos
 
PDF
OpenShift 4 installation
byRobert Bohne
 
PDF
OpenStack Summit Tokyo 2015: Scale or Fail: Containers on OpenStack with Open...
byDiane Mueller
 
PDF
Red Hat OpenShift V3 Overview and Deep Dive
byGreg Hoelzer
 
PDF
Putting Private Clouds to Work with PaaS Interop Vegas 2013 presentation by D...
byDiane Mueller
 
PDF
LatinoWare 2013 An OpenSource Blueprint for Cloud presented by Diane Mueller,...
byOpenShift Origin
 
ODP
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
byOpenShift Origin
 
ODP
From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...
byOpenShift Origin
 
ODP
OpenShift Anywhere given at Infrastructure.Next Talk at #Scale12X
byOpenShift Origin
 
PDF
OpenShift As A DevOps Platform
byLalatendu Mohanty
 
PPTX
OpenShift: Devops Made Easy
byBent Terp
 
ODP
Openshift Container Platform
byDLT Solutions
 
PDF
How to Launch a Public PaaS with OpenSource: The GetUpCloud & OpenShift Orgin...
byOpenShift Origin
 
PDF
Social IRC bots in the Cloud with OpenShift - Mongo London presentation by Ma...
byOpenShift Origin
 
ODP
OpenShift Enterprise
byAli Sadeghi Ardestani
 
PDF
OpenShift pour le developpement cloud native - 20171214
byLaurent Broudoux
 
Kubernetes or OpenShift - choosing your container platform for Dev and Ops
byTomasz Cholewa
 
OpenShift PaaS Anywhere (Infrastructure.Next Ghent 2014-02-24) Diane Mueller
byOpenShift Origin
 
OpenShift Meetup 8th july 2019 at ConSol - OpenShift v4
byRobert Bohne
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
byOpenbar
 
FICO Open Shift presentation
byNicholas Gerasimatos
 
OpenShift 4 installation
byRobert Bohne
 
OpenStack Summit Tokyo 2015: Scale or Fail: Containers on OpenStack with Open...
byDiane Mueller
 
Red Hat OpenShift V3 Overview and Deep Dive
byGreg Hoelzer
 
Putting Private Clouds to Work with PaaS Interop Vegas 2013 presentation by D...
byDiane Mueller
 
LatinoWare 2013 An OpenSource Blueprint for Cloud presented by Diane Mueller,...
byOpenShift Origin
 
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
byOpenShift Origin
 
From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...
byOpenShift Origin
 
OpenShift Anywhere given at Infrastructure.Next Talk at #Scale12X
byOpenShift Origin
 
OpenShift As A DevOps Platform
byLalatendu Mohanty
 
OpenShift: Devops Made Easy
byBent Terp
 
Openshift Container Platform
byDLT Solutions
 
How to Launch a Public PaaS with OpenSource: The GetUpCloud & OpenShift Orgin...
byOpenShift Origin
 
Social IRC bots in the Cloud with OpenShift - Mongo London presentation by Ma...
byOpenShift Origin
 
OpenShift Enterprise
byAli Sadeghi Ardestani
 
OpenShift pour le developpement cloud native - 20171214
byLaurent Broudoux
 

Viewers also liked

PPTX
Final editorial fashion
byCharlene Deaver
 
PDF
Putting Private Clouds to Work with PaaS Interop 2013 Vegas Diane Mueller
byOpenShift Origin
 
PDF
Human Face of Cloud Computing Cyber Summit 2013 Diane Mueller Red Hat OpenShi...
byOpenShift Origin
 
PDF
Bringing Some Spatial Love to your Application with OpenShift - Mongo Berlin ...
byOpenShift Origin
 
ODP
Deploying & Scaling OpenShift on OpenStack using Heat - OpenStack Seattle Mee...
byOpenShift Origin
 
PDF
Persistent Storage with Containers with Kubernetes & OpenShift
byRed Hat Events
 
PDF
OpenShift v3 Technical Introduction
byEtsuji Nakai
 
PDF
Open shift and docker - october,2014
byHojoong Kim
 
PDF
OpenShift Overview
byroundman
 
PDF
How OpenShift SDN helps to automate
byIlkka Tengvall
 
PDF
Red Hat OpenShift on Bare Metal and Containerized Storage
byGreg Hoelzer
 
ODP
Build a PaaS with OpenShift Origin
bySteven Pousty
 
PDF
OpenShift v3 Technical Overview
byNakayama Kenjiro
 
PDF
OpenShift v3 Internal networking details
byEtsuji Nakai
 
PPTX
OpenShift Enterprise 3.1 vs kubernetes
bySamuel Terburg
 
Final editorial fashion
byCharlene Deaver
 
Putting Private Clouds to Work with PaaS Interop 2013 Vegas Diane Mueller
byOpenShift Origin
 
Human Face of Cloud Computing Cyber Summit 2013 Diane Mueller Red Hat OpenShi...
byOpenShift Origin
 
Bringing Some Spatial Love to your Application with OpenShift - Mongo Berlin ...
byOpenShift Origin
 
Deploying & Scaling OpenShift on OpenStack using Heat - OpenStack Seattle Mee...
byOpenShift Origin
 
Persistent Storage with Containers with Kubernetes & OpenShift
byRed Hat Events
 
OpenShift v3 Technical Introduction
byEtsuji Nakai
 
Open shift and docker - october,2014
byHojoong Kim
 
OpenShift Overview
byroundman
 
How OpenShift SDN helps to automate
byIlkka Tengvall
 
Red Hat OpenShift on Bare Metal and Containerized Storage
byGreg Hoelzer
 
Build a PaaS with OpenShift Origin
bySteven Pousty
 
OpenShift v3 Technical Overview
byNakayama Kenjiro
 
OpenShift v3 Internal networking details
byEtsuji Nakai
 
OpenShift Enterprise 3.1 vs kubernetes
bySamuel Terburg
 

Similar to Building Domain-specific PaaS with OpenShift Origin: The TRESOR Healthcare Project

PDF
Red Hat OpenShift Enterprise 2 Launch Webcast Slides Dec 3, 2013
byasheshbadani
 
ODP
Open shift 2.x and MongoDB
byplarsen67
 
PDF
Ose mod march11
byAmir Zipory
 
PPTX
Free Mongo on OpenShift
bySteven Pousty
 
PDF
Using OpenShift PaaS
byAnuchit Chalothorn
 
PDF
PaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of Choice
byIsaac Christoffersen
 
PDF
JBoss Architect Forum London - October 2013 - Platform as a What?
byJBossArchitectForum
 
ODP
Speed Up Development With OpenShift
byplarsen67
 
PDF
C&CNR2019 - Containers Landscape Review
byPar-Tec S.p.A.
 
PDF
Agile NCR 2013- Shekhar Gulati - Open shift platform-for-rapid-and-agile-deve...
byAgileNCR2013
 
PDF
Dark slides broadcasting reveal
byKrishna Raman
 
PPTX
Accelerating Application Delivery with OpenShift
byPOSSCON
 
PDF
Openshift Enterprise
byEdoardo Schepis
 
PDF
Openshift linuxday 2014
byMassimiliano Dessì
 
PDF
Javantura v4 - The power of cloud in professional services company - Ivan Krn...
byHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
PPTX
Chapter 06: Eclipse Vert.x - Reactive Microservices with OpenShift
byFirmansyah, SCJP, OCEWCD, OCEWSD, TOGAF, OCMJEA, CEH
 
PDF
Cloud Openshift paas
byAtlas Systems
 
ODP
Joomla in the cloud with Openshift
byEdoardo Schepis
 
PDF
Red hat's updates on the cloud & infrastructure strategy
byOrgad Kimchi
 
ODP
Openshift: Build, deploy & manage open, standard containers
byJonh Wendell
 
Red Hat OpenShift Enterprise 2 Launch Webcast Slides Dec 3, 2013
byasheshbadani
 
Open shift 2.x and MongoDB
byplarsen67
 
Ose mod march11
byAmir Zipory
 
Free Mongo on OpenShift
bySteven Pousty
 
Using OpenShift PaaS
byAnuchit Chalothorn
 
PaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of Choice
byIsaac Christoffersen
 
JBoss Architect Forum London - October 2013 - Platform as a What?
byJBossArchitectForum
 
Speed Up Development With OpenShift
byplarsen67
 
C&CNR2019 - Containers Landscape Review
byPar-Tec S.p.A.
 
Agile NCR 2013- Shekhar Gulati - Open shift platform-for-rapid-and-agile-deve...
byAgileNCR2013
 
Dark slides broadcasting reveal
byKrishna Raman
 
Accelerating Application Delivery with OpenShift
byPOSSCON
 
Openshift Enterprise
byEdoardo Schepis
 
Openshift linuxday 2014
byMassimiliano Dessì
 
Javantura v4 - The power of cloud in professional services company - Ivan Krn...
byHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
Chapter 06: Eclipse Vert.x - Reactive Microservices with OpenShift
byFirmansyah, SCJP, OCEWCD, OCEWSD, TOGAF, OCMJEA, CEH
 
Cloud Openshift paas
byAtlas Systems
 
Joomla in the cloud with Openshift
byEdoardo Schepis
 
Red hat's updates on the cloud & infrastructure strategy
byOrgad Kimchi
 
Openshift: Build, deploy & manage open, standard containers
byJonh Wendell
 

More from OpenShift Origin

ODP
5 ways to install @OpenShift in 5 minutes (Lightening Talk given at #DevConfC...
byOpenShift Origin
 
PDF
OpenShift PaaS Overviewi by Marek Jelen 03-2013 CodeMotion Roma
byOpenShift Origin
 
PDF
OpenShift Overview Presentation by Marek Jelen for Zurich Geeks Event
byOpenShift Origin
 
PDF
LinuxCon 2013 Steven Dake on Using Heat for autoscaling OpenShift on Openstack
byOpenShift Origin
 
PDF
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
byOpenShift Origin
 
PDF
OpenShift Origin Community Day (Boston) Welcome & Resources by Diane Mueller
byOpenShift Origin
 
ODP
Welcome to the @OpenShift Origin Community by Diane Mueller @pythondj @redhat
byOpenShift Origin
 
ODP
OpenShift & SELinux with Dan Walsh @rhatdan
byOpenShift Origin
 
ODP
OpenShift Origin Internals
byOpenShift Origin
 
ODP
DevOps @ OpenShift Online
byOpenShift Origin
 
ODP
Introduction to OpenShift Origin- Private, Public and Community
byOpenShift Origin
 
5 ways to install @OpenShift in 5 minutes (Lightening Talk given at #DevConfC...
byOpenShift Origin
 
OpenShift PaaS Overviewi by Marek Jelen 03-2013 CodeMotion Roma
byOpenShift Origin
 
OpenShift Overview Presentation by Marek Jelen for Zurich Geeks Event
byOpenShift Origin
 
LinuxCon 2013 Steven Dake on Using Heat for autoscaling OpenShift on Openstack
byOpenShift Origin
 
OpenShift Origin Community Day (Boston) Extending OpenShift Origin: Build You...
byOpenShift Origin
 
OpenShift Origin Community Day (Boston) Welcome & Resources by Diane Mueller
byOpenShift Origin
 
Welcome to the @OpenShift Origin Community by Diane Mueller @pythondj @redhat
byOpenShift Origin
 
OpenShift & SELinux with Dan Walsh @rhatdan
byOpenShift Origin
 
OpenShift Origin Internals
byOpenShift Origin
 
DevOps @ OpenShift Online
byOpenShift Origin
 
Introduction to OpenShift Origin- Private, Public and Community
byOpenShift Origin
 

Recently uploaded

PDF
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PPTX
INSY_7213_Theme Sessions 47 & 48 Advanced databases.pptx
bystormzy56
 
PPTX
Code Like Bro -A guide for better Coding
byMadan Panthi
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
PDF
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PDF
A Simple Guide to Real Estate Tokenization on XRP Ledger.pdf
byemmajoh2025
 
PDF
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
PDF
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
PDF
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PDF
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
PDF
Afsar Ahmed - Digital Marketing Portfolio
byAfsar Ahmed
 
PDF
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
PDF
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
INSY_7213_Theme Sessions 47 & 48 Advanced databases.pptx
bystormzy56
 
Code Like Bro -A guide for better Coding
byMadan Panthi
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
A Simple Guide to Real Estate Tokenization on XRP Ledger.pdf
byemmajoh2025
 
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
Afsar Ahmed - Digital Marketing Portfolio
byAfsar Ahmed
 
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 

Building Domain-specific PaaS with OpenShift Origin: The TRESOR Healthcare Project

  • 1.
    TRESOR Building a domainspecific PaaS with OpenShift OpenShift Community Day Prague 22nd September 2013
  • 2.
    About myself Alexander Grzesik Head ofDevelopment medisite Systemhaus Working 15 years in software development Java Software Architecture Medical Software alexander.grzesik@medisite.de 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 3.
    Topics (1)TRESOR Project –the idea (2)Why OpenShift (3)TRESOR on OpenShift (4)Customizing OpenShift (5)Summary 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 4.
    Chapter 1 TRESOR Project– the idea 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 5.
    Cloud – thefuture ? By David Fletcher 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 6.
    The Cloud &Healthcare • Patient‘s medical record is especially sensitive data. Only people involved in patient care should have access to the information. • Doctor‘s liability: Control who can access „their“ data • Fast access to life-critical information • Medical record storage requirements (10-30 years) • Low affinity of medical persons to IT Objections to cloud usage in healthcare 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 7.
    TRESOR Partners 22nd Sep2013 Building a domain specific PaaS with OpenShift
  • 8.
    TRESOR Overview Trusted Ecosystemfor Standardized and Open cloud-based Resources • Cloud Ecosystem for secure cloud services – Proxy for secure communication – Broker for procurement – Marketplace – PaaS Platform • Trusted Environment for handling sensitive data • Open Platform for developing and providing domain specific cloud applications 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 9.
    TRESOR Cloud Ecosystem TRESORPaaS TRESOR User TRESOR Ecosystem TRESOR Service Provider IaaS-Provider TRESOR Proxy (Client) TRESOR Proxy (Client) IDM (i.e. Active Directory) Clients TRESOR Proxy (Client) Authentication Service use Authorization Marketplace TRESOR Proxy (Trusted 3rd Party) TRESOR Billing TRESOR Broker Service Profile Repository Client Profile Repository TRESOR Proxy (Service) Search, Maintain, Match Billing SLAMonitoring MMV PAI ... Service use Dynamic Services Manage 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 10.
    TRESOR Goals CloudFlexible SecureOpen Extensible OSGi based Useof Standards Development tools Data Security Encrypted Data Secure Communication Certified Scalable Reliable High Availability Powered by OpenShift Fast Time-to-Market No Vendor Lock-In Different usage scenarios 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 11.
    Chapter 2 Why OpenShift? 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 12.
    History of TRESOR •Project Idea in 2010 • Project announced on CeBit 2011 • Project Start 03/2012 • Rapid developments in PaaS technology • Make or Use ? • Evaluation of available PaaS technologies 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 13.
    PaaS Criteria • SupportedTechnologies • Open Source • Vendor • Community • Scaling • Extension • Infrastructure (IaaS) Support • Documentation 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 14.
    The candidates (2012) 22ndSep 2013 Building a domain specific PaaS with OpenShift
  • 15.
    Why OpenShift • SupportedTechnologies • Fully Open Source • Extensibility and flexibility • IaaS support • Growing documentation • Great Community • Red Hat 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 16.
    Starting Problems (2012) •Problems with installation • Constant Changes on OpenShift • No Stable Version of Open Source project • Documentation not up to date • No clear Roadmap • Some missing features 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 17.
    One year later •2 Releases of OpenShift Origin • Regular builds • Roadmap & development process • Improved documentation • Community manager • New features – Cartridge v2 – PostgreSQL 9.2 – Web Console 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 18.
    Open Points • Setupstill complicated  Installation Scripts are in Progress • Better PaaS Monitoring  On Roadmap • Custom and Database Scaling  We are working on a solution • Documentation misses some details  Everybody can help 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 19.
    Chapter 3 TRESOR onOpenShift 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 20.
    TRESOR PaaS ata glance Strong Encryption Powered by OpenShift Open Platform Polyglot Persistence Modular Architecture 6dfg4854 fgf72548 151fd545 5454sff5 44485ddf 151538fd 179hg45g 658g54d1 15414gfg 584551gh 11fghf15 154215jh 2152fgh5 14925fg1 15325sgd 78dfd15d 7654fghd 897fg21d 98dfgh2d 874dfg6d 3544sdfg Use of Standards 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 21.
    OpenShift Integration • OpenShiftOrigin provides runtime for application services • Provisioning and scaling • Development services (Git & Jenkins) • Use and extend PostgreSQL and MongoDB cartridges • Custom cartridges and plugins 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 22.
    TRESOR on OpenShift OSGiApplication Server Encryption ServicesAuthorization Framework MongoDB HSM External IDM PostgreSQL User TRESOR Ecosystem 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 23.
    Chapter 4 Customizing OpenShift 22ndSep 2013 Building a domain specific PaaS with OpenShift
  • 24.
    New Cartridges • Glassfish4 – OSGi / JavaEE Application Server • Elastic Search – Search and Index Engine • OpenAM (openam.forgerock.org) – Authentication and Authorization Services • OSGi Bundle Repository – Central bundle provisioning 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 25.
    Extending OpenShift –How to start • Use the VM Image to develop your cartridge – Make use of snapshots !! • Test scripts without OpenShift • Use DIY and CDK • Check the documentation and logs: /var/log/openshift • Be patient 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 26.
    New Cartridge –DIY • First getting it up as DIY • Glassfish already has a good quick start example: https://github.com/shekhargulati/glassfish4 -openshift-quickstart • Cons: – Needs to provide complete runtime – No Scaling – Only http port 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 27.
    DIY Cartridge Structure- example 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 28.
    DIY Scripts –Glassfish #!/bin/bash # The logic to start up your application should be put in this # script. The application will work only if it binds to # $OPENSHIFT_INTERNAL_IP:8080 echo 'Starting Glassfish DIY...' > $OPENSHIFT_DIY_LOG_DIR/server.log set -x cd $OPENSHIFT_REPO_DIR/diy/glassfish4/glassfish/domains/domain1/config/ mv domain.xml domain.xml_2 sed "s/$( grep serverName domain.xml_2 | cut -d" -f 2 )/${OPENSHIFT_DIY_IP}/g" domain.xml_2 > domain.xml chmod u+x $OPENSHIFT_REPO_DIR/diy/glassfish4/glassfish/bin/asadmin $OPENSHIFT_REPO_DIR/diy/glassfish4/glassfish/bin/asadmin start-domain &> $OPENSHIFT_DIY_LOG_DIR/server.log 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 29.
    DIY Glassfish config •Modify domain.xml: – Remove non http-port listeners – Replace all hostname references with OPENSHIFT_DIY_IP – Startup script will replace token OPENSHIFT_DIY_IP token in domain.xml 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 30.
    Glassfish Custom Cartridge •Starting Point: Tomcat cartridge • Modify to: – Download and install Glassfish 4 – Setup Glassfish cartridge – Deployment and startup of custom domain – Graceful shutdown 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 31.
    Glassfish Cartridge -Structure 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 32.
    Glassfish Cartridge –Manifest.yml Name: glassfish Cartridge-Short-Name: GLASSFISH Cartridge-Vendor: medisite Cartridge-Version: 0.0.1 Display-Name: Glassfish 4 Description: "Glassfish 4 JavaEE and OSGi Server" Version: '4.0‚ Source-Url: git@git.medisite/tresor/openshift-glassfish-cartridge License: CDDL 1.1 Vendor: oracle Categories: - service - java - glassfish - glassfish4 - web_framework Website: http://glassfish.java.net/ 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 33.
    Glassfish Cartridge -Endpoints Endpoints: - Private-IP-Name: IP Private-Port-Name: HTTP_PORT Private-Port: 8080 Public-Port-Name: HTTP_PROXY_PORT - Private-IP-Name: IP Private-Port-Name: ADMIN_PORT Private-Port: 4848 Public-Port-Name: ADMIN_PROXY_PORT 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 34.
    Glassfish Cartridge -Setup #!/bin/bash SYSTEM_GLASSFISH_DIR=/var/lib/glassfish4 mkdir ${OPENSHIFT_GLASSFISH_DIR}/{config,run,logs,tmp} # Link the system Glassfish binaries to the cart Glassfish instance ln -s ${SYSTEM_GLASSFISH_DIR}/glassfish/bin/asadmin ${OPENSHIFT_GLASSFISH_DIR}/bin/asadmin ln -s ${SYSTEM_GLASSFISH_DIR}/glassfish/lib ${OPENSHIFT_GLASSFISH_DIR}/lib # Copy the default configurations to the Glassfish conf directory cp ${OPENSHIFT_GLASSFISH_DIR}/versions/4.0/config/* ${OPENSHIFT_GLASSFISH_DIR}/config • Handles setup of cartridge per application 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 35.
    Glassfish Cartridge -Control GLASSFISH_PID_FILE="${OPENSHIFT_GLASSFISH_DIR}/run/glassfish.pid„ … function start_app() { # Check for running app … # remove old deployment and redeploy rm -r ${OPENSHIFT_GLASSFISH_DIR}/domain1 mkdir ${OPENSHIFT_GLASSFISH_DIR}/domain1 cp ${OPENSHIFT_REPO_DIR}/domain1/* ${OPENSHIFT_GLASSFISH_DIR}/domain1 cd ${OPENSHIFT_GLASSFISH_DIR}/domain1/config/ mv domain.xml domain.xml_2 sed "s/$( grep serverName domain.xml_2 | cut -d" -f 2 )/${OPENSHIFT_GLASSFISH_IP}/g" domain.xml_2 > domain.xml # Start domain ${OPENSHIFT_GLASSFISH_DIR}/bin/asadmin start-domain ${OPENSHIFT_GLASSFISH_DIR}/domain1 &>&2 … ps -ef | grep glassfish | grep -v grep | awk '{print $2}' > $GLASSFISH_PID_FILE • Control startup and shutdown 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 36.
    Install Cartridge • InstallCartridge: oo-admin-cartridge -a install -s /usr/libexec/openshift/cartridges/v2/glassfish • Downloadable Cartridge: rhc create-app gfapp http://git.medisite/tresor/openshift-glassfish- cartridge/blob/master/metadata/manifest.yml • Clear Cache: # cd /var/www/openshift/broker # bundle exec rake tmp:clear 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 37.
    Open Things • Scaling •Add database support • Integration with build server • Automatic deployment of OSGi Bundles • Documentation • Public availability 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 38.
    Custom Scaling • Scalingnot only via request count – Response times – Active Users • Service Specific Scaling – Some Services are more critical • Customer Specific Scaling Rules – Customer booking of scaling options 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 39.
    DB Replication andScaling • MongoDB Shard Cluster on OpenShift • PostgreSQL Replication Set • Automatic setup during provisioning • Evaluate dynamic scaling options 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 40.
    Other Extensions toOpenShift • Provisioning Interface • Usage Reporting • Application Monitoring • Encryption 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 41.
    Chapter 5 Summary 22nd Sep2013 Building a domain specific PaaS with OpenShift
  • 42.
    Final Target (2015) •TRESOR PaaS will be used in two hospitals • Hosted in a German Telekom datacenter • Certified according German data security regulations • Available as an OSGi based development platform for healthcare applications 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 43.
    Summary • OpenShift allowsbuilding of custom PaaS implementations • Powerful extension mechanism via cartridges and plugins • Active community and good support • OpenShift will be one of the major players in PaaS area in the future • TRESOR extends OpenShift for domain specific usage 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 44.
    Extending OpenShift usefullinks https://www.openshift.com/developers/downl oad-cartridges https://github.com/smarterclayton/openshift- cdk-cart https://www.openshift.com/blogs/new- openshift-cartridge-format-part-1 http://openshift.github.io/documentation/oo_ cartridge_developers_guide.html http://cloud-mechanic.blogspot.de 22nd Sep 2013 Building a domain specific PaaS with OpenShift
  • 45.
    Questions ? 22nd Sep2013 Building a domain specific PaaS with OpenShift