Domenico Pastore, Cloud Engineer - Par-Tec - Containers Landscape … · 28 openshift technical...

Post on 30-May-2020

2 views 0 download

Preview:

Click to see full reader
Report this document
SHARE

Transcript of Domenico Pastore, Cloud Engineer - Par-Tec - Containers Landscape … · 28 openshift technical...

CONTAINERS LANDSCAPE REVIEWDomenico Pastore, Cloud Engineer

CONTAINERS & CLOUD-NATIVE ROADSHOWMilano, 4 Aprile 2019 | Roma, 9 Aprile 2019

OPENSHIFT TECHNICAL OVERVIEW2

Self-Service

Multi-language

Automation

Collaboration

Multi-tenant

Standards-based

Web-scale

Open Source

Enterprise Grade

Secure

OPENSHIFT TECHNICAL OVERVIEW3

● Introductions● Linux Containers (review)● OpenShift Architecture● Container Native Storage / Gluster Architecture● Labs

Agenda

LINUX CONTAINERS

OPENSHIFT TECHNICAL OVERVIEW5

WHAT ARE CONTAINERS?It Depends Who You Ask

● Application processes on a shared kernel

● Simpler, lighter, and denser than VMs

● Portable across different environments

● Package apps with all dependencies

● Deploy to any environment in seconds

● Easily accessed and shared

INFRASTRUCTURE APPLICATIONS

OPENSHIFT TECHNICAL OVERVIEW6

VIRTUAL MACHINES AND CONTAINERS

VIRTUAL MACHINES CONTAINERS

virtual machines are isolatedapps are not

containers are isolatedso are the apps

VM

OS Dependencies

Kernel

Hypervisor

Hardware

App App App App

Hardware

Container Host (Kernel)

Container

App

OS deps

Container

App

OS deps

Container

App

OS deps

Container

App

OS deps

OPENSHIFT TECHNICAL OVERVIEW7

Container Host

Container

Application

OS dependencies

Virtual Machine

Application

OS dependencies

Operating System

VIRTUAL MACHINES AND CONTAINERS

VM IsolationComplete OSStatic ComputeStatic MemoryHigh Resource Usage

Container IsolationShared KernelBurstable ComputeBurstable MemoryLow Resource Usage

OPENSHIFT TECHNICAL OVERVIEW8

VIRTUAL MACHINES AND CONTAINERS

Container Host

Container

Application

OS dependencies

Dev

IT OpsInfrastructure

Virtual Machine

Application

OS dependencies

Operating System

IT Ops(and Dev, sort of)

Infrastructure

Clear ownership boundary between Dev

and IT Ops drives DevOps adoption and fosters

agility

Optimized for stability

Optimized for agility

OPENSHIFT TECHNICAL OVERVIEW9

Virtual machines are NOT portable across hypervisor and do NOT provide portable packaging for applications

APPLICATION PORTABILITY WITH VM

VM Type X

Application

OS dependencies

Operating System

BARE METAL PRIVATE CLOUD PUBLIC CLOUDVIRTUALIZATIONLAPTOP

Application

OS dependencies

Operating System

VM Type Y

Application

OS dependencies

Operating System

VM Type Z

Application

OS dependencies

Operating System

Guest VM

Application

OS dependencies

Operating System

OPENSHIFT TECHNICAL OVERVIEW10

APPLICATION PORTABILITY WITH CONTAINERS

LAPTOP

Container

Application

OS dependencies

Guest VM

RHEL

BARE METAL

Container

Application

OS dependencies

RHEL

VIRTUALIZATION

Container

Application

OS dependencies

Virtual Machine

RHEL

PRIVATE CLOUD

Container

Application

OS dependencies

Virtual Machine

RHEL

PUBLIC CLOUD

Container

Application

OS dependencies

Virtual Machine

RHEL

RHEL Containers + RHEL Host = Guaranteed PortabilityAcross Any Infrastructure

OPENSHIFT TECHNICAL OVERVIEW11

Base Image

Image Layer 1

Image Layer 2

Image Layer 3

Base RHEL

OS Update Layer

Java Runtime Layer

Application Layer

Container Image Layers Example Container Image

RAPID SECURITY PATCHING USINGCONTAINER IMAGE LAYERING

OPENSHIFT TECHNICAL OVERVIEW

A lightweight, OCI-compliant container runtime

12

Available in OpenShift Online (soon)Tech Preview in OCP 3.7, GA in OCP 3.8

Optimized for Kubernetes

Any OCI-compliant container from any

OCI registry(including docker)

Improve Security and Performance at scale

OPENSHIFT ARCHITECTURE

OPENSHIFT TECHNICAL OVERVIEW14

YOUR CHOICE OF INFRASTRUCTURE

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

OPENSHIFT TECHNICAL OVERVIEW

NODES RHEL INSTANCES WHERE APPS RUN

15

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

OPENSHIFT TECHNICAL OVERVIEW

RHEL

NODE

c

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

C

C

C C

C

C

C CC C

APPS RUN IN CONTAINERS

16

Container Image

Container

Pod

OPENSHIFT TECHNICAL OVERVIEW17

PODS ARE THE UNIT OF ORCHESTRATION

RHEL

NODE

c

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

C

C

C C

C

C

C CC C

OPENSHIFT TECHNICAL OVERVIEW

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

18

MASTERS ARE THE CONTROL PLANE

RED HATENTERPRISE LINUX

MASTER

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

OPENSHIFT TECHNICAL OVERVIEW

RHEL

NODE

RHEL

NODE

RHEL

NODE

19

API AND AUTHENTICATION

RHEL

NODE

RHEL

NODE

RHEL

NODE

RED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

OPENSHIFT TECHNICAL OVERVIEW

RHEL

NODE

RHEL

NODE

RHEL

NODE

20

DESIRED AND CURRENT STATE

RHEL

NODE

RHEL

NODE

RHEL

NODE

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

RED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

OPENSHIFT TECHNICAL OVERVIEW21

INTEGRATED CONTAINER REGISTRY

RHEL

NODE

RHEL

NODE

RHEL

RHEL

NODE

RHEL

NODE

RHEL

RHEL

NODE

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

RED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

NODE

REGISTRY

RHEL

OPENSHIFT TECHNICAL OVERVIEW22

ORCHESTRATION AND SCHEDULING

RHEL

NODE

RHEL

NODE

RHEL

RHEL

NODE

RHEL

NODE

RHEL

RHEL

NODE

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

RED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

NODE

REGISTRY

RHEL

OPENSHIFT TECHNICAL OVERVIEW23

PLACEMENT BY POLICY

RHEL

NODE

RHEL

NODE

RHEL

NODE

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

RED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULERREGISTRY

RHEL

NODE

RHEL

NODE

C

C

RHEL

NODE

c

C

C

OPENSHIFT TECHNICAL OVERVIEW

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

RHEL

NODE

C

C

RHEL

NODE

c

C

C

24

AUTOSCALING PODS

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

RED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULERREGISTRY

HEALTH/SCALING

OPENSHIFT TECHNICAL OVERVIEW25

SERVICE DISCOVERY

SERVICE LAYER

REGISTRY

RHEL

NODE

C

C

RHEL

NODE

C C

RHEL

NODE

c

C

C

RHEL

NODE

C C

RHEL

NODE

C

RHEL

NODE

CRED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

OPENSHIFT TECHNICAL OVERVIEW26

PERSISTENT DATA IN CONTAINERS

SERVICE LAYER

PERSISTENTSTORAGE

REGISTRY

RHEL

NODE

C

C

RHEL

NODE

C C

RHEL

NODE

c

C

C

RHEL

NODE

C C

RHEL

NODE

C

RHEL

NODE

CRED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

OPENSHIFT TECHNICAL OVERVIEW27

ROUTING AND LOAD-BALANCING

SERVICE LAYER

ROUTING LAYER

PERSISTENTSTORAGE

REGISTRY

RHEL

NODE

C

C

RHEL

NODE

C C

RHEL

NODE

c

C

C

RHEL

NODE

C C

RHEL

NODE

C

RHEL

NODE

CRED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

OPENSHIFT TECHNICAL OVERVIEW28

ACCESS VIA WEB, CLI, IDE AND API

EXISTING AUTOMATION

TOOLSETS

SCM(GIT)

CI/CD

SERVICE LAYER

ROUTING LAYER

PERSISTENTSTORAGE

REGISTRY

RHEL

NODE

C

C

RHEL

NODE

C C

RHEL

NODE

c

C

C

RHEL

NODE

C C

RHEL

NODE

C

RHEL

NODE

CRED HATENTERPRISE LINUX

MASTER

API/AUTHENTICATION

DATA STORE

SCHEDULER

HEALTH/SCALING

PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID

CONTAINER NATIVE STORAGE

OPENSHIFT TECHNICAL OVERVIEW30

OPENSHIFT PERSISTENT STORAGE FRAMEWORK

OPENSHIFT TECHNICAL OVERVIEW31

OPENSHIFT PERSISTENT STORAGE FRAMEWORK

“A request for storage”

Provider: ABCCapacity: 10 GiBFeatures: XYZ

PersistentVolumeClaim

“submits”

OPENSHIFT TECHNICAL OVERVIEW32

OPENSHIFT PERSISTENT STORAGE FRAMEWORK

“A request for storage”

Provider: ABCCapacity: 10 GiBFeatures: XYZ

PersistentVolumeClaim

“A provider of storage”

Provider URL: …Credentials: …Options: ...

StorageClass

“sets up”

“submits” “submitted to”

OPENSHIFT TECHNICAL OVERVIEW33

OPENSHIFT PERSISTENT STORAGE FRAMEWORK

“A request for storage”

Provider: ABCCapacity: 10 GiBFeatures: XYZ

PersistentVolumeClaim

“A provider of storage”

Provider URL: …Credentials: …Options: ...

StorageClass

“sets up”

“submits” “submitted to”

Storage Backend

“instructs”

OPENSHIFT TECHNICAL OVERVIEW34

OPENSHIFT PERSISTENT STORAGE FRAMEWORK

“A request for storage”

Provider: ABCCapacity: 10 GiBFeatures: XYZ

PersistentVolumeClaim

“A provider of storage”

Provider URL: …Credentials: …Options: ...

StorageClass

“Provisioned Storage”

Name: …Size: …AccessMode: ...

PersistentVolume

“sets up”

“submits” “submitted to” “creates”

Storage Backend

“instructs” “provisions”

OPENSHIFT TECHNICAL OVERVIEW35

OPENSHIFT PERSISTENT STORAGE FRAMEWORK

“A request for storage”

Provider: ABCCapacity: 10 GiBFeatures: XYZ

PersistentVolumeClaim

“A provider of storage”

Provider URL: …Credentials: …Options: ...

StorageClass

“Provisioned Storage”

Name: …Size: …AccessMode: ...

PersistentVolume

APPLICATION POD(S)

“sets up”

“submits” “submitted to” “creates”

Storage Backend

“instructs” “provisions”

“mounted by”

“Bound to”

OPENSHIFT TECHNICAL OVERVIEW36

GLUSTERFS - DISTRIBUTED FILE STORAGE

Scale Out Performance, Capacity & Availability

Scal

e U

p C

apac

ity

RED HAT GLUSTER STORAGEFOR ON-PREMISE

SERVER(CPU/MEM)

SERVER(CPU/MEM)

SERVER(CPU/MEM)

Single, Global namespace

Deploys on Red Hat-supported servers and underlying storage: DAS, JBOD

Scale-out linearly

Replicate synchronously and asynchronous

OPENSHIFT TECHNICAL OVERVIEW37

FEDERATING LOCAL STORAGE

FILE 1 FILE 2

BRICK BRICK

CLIENT MOUNTserver1:/exp1 server2:/exp2

GLUSTERFS VOLUME

FILE 1 FILE 2

OPENSHIFT TECHNICAL OVERVIEW38

CONTAINER-NATIVE STORAGE ON OPENSHIFT

POD

CONTAINERIZEDRED HAT GLUSTER

STORAGE

RHEL HOST OS

RED HATGLUSTER POD

GLUSTER VOLUMES

PHYSICAL DISKHOST NETWORK

OPENSHIFT TECHNICAL OVERVIEW39

CONTAINER-NATIVE STORAGE ON OPENSHIFT

POD

RHGS POD

RHGS POD

RHGS POD

RHGS POD

INFRAPOD

INFRA

HEKETIRESTFUL GLUSTERFS

MANAGEMENT

RED HATHEKETI POD

REST API

GLUSTERFS PODS

OPENSHIFT TECHNICAL OVERVIEW40

CONTAINER NATIVE STORAGE ON OPENSHIFT

POD

RHGS POD

RHGS POD

RHGS POD

RHGS POD

INFRAPOD

INFRA

OPENSHIFT TECHNICAL OVERVIEW41

CONTAINER NATIVE STORAGE ON OPENSHIFT

POD

RHGS POD

RHGS POD

RHGS POD

RHGS POD

INFRAPOD

INFRAPERSISTENT

VOLUME CLAIM

1.)

OPENSHIFT TECHNICAL OVERVIEW42

CONTAINER NATIVE STORAGE ON OPENSHIFT

POD

RHGS POD

RHGS POD

RHGS POD

RHGS POD

INFRAPOD

INFRAPERSISTENT

VOLUME CLAIM2.)

1.)

OPENSHIFT TECHNICAL OVERVIEW43

CONTAINER NATIVE STORAGE ON OPENSHIFT

POD

RHGS POD

RHGS POD

RHGS POD

RHGS POD

INFRAPOD

INFRA

GLUSTER VOLUME

PERSISTENT VOLUME CLAIM

2.)

3.)

1.)

OPENSHIFT TECHNICAL OVERVIEW44

CONTAINER NATIVE STORAGE ON OPENSHIFT

POD

RHGS POD

RHGS POD

RHGS POD

RHGS POD

INFRAPOD

INFRA

GLUSTER VOLUME

PERSISTENT VOLUME CLAIM

PERSISTENT VOLUME

PERSISTENT VOLUME

4.)

2.)

3.)

4.)

1.)

OPENSHIFT TECHNICAL OVERVIEW45

CONTAINER NATIVE STORAGE ON OPENSHIFT

OPENSHIFT TECHNICAL OVERVIEW46

CONTAINER NATIVE STORAGE ON OPENSHIFT

AVAILABILITYZONE A

AVAILABILITYZONE B

AVAILABILITYZONE C

Node Node Node Node Node Node

Top related

International Dog Show Internationale Rassehunde– Ausstellung … · 2017. 11. 16. · Pastore Tedesco PC, Pastore Tedesco PL, Pastore Svizzero Bianco. Gianni FULGENZI Pastore Australiano
 Documents
OpenShift Dedicated 3 Getting Started - Red Hat Customer ... · OpenShift Dedicated 3 Getting Started Getting Started with OpenShift Dedicated 3 Last Updated: 2018-11-27. OpenShift
 Documents
Stefania Pastore
 Documents
Descrizione pastore tedesco
 Education
Usg Ginecologica Pastore
 Documents
SCHEDA D’ISCRIZIONE BULLETIN D’INSCRIPTION ENTRY … BL-PDweb7.pdf · Cane da Pastore Belga, Cane da Pastore Bergamasco, Cane da Pastore Catalano, Cane da Pastore di Beauce, Cane
 Documents
Evaluation of Existing GIS Hydrological Toolsets for ...€¦ · The Oregon LiDAR Hydrography Pilot Project Evaluation of Existing GIS Hydrological Toolsets for Modeling Stream Networks
 Documents
OpenShift Container Platform 3.10 アーキテクチャー...OpenShift Container Platform 3.10 アーキテクチャー
 Documents
Padre Alfonso Pastore
 Spiritual
OpenShift Workshop
 Technology
OpenShift 3 Technical Architecture - Huihoodocs.huihoo.com/openshift/OpenShift-3-Technical-Architecture.pdf · OpenShift is an app, ... internal vs external, fast vs slow Storage
 Documents
OpenShift Container Platform 4.5 OpenShift Virtualization3.2.1. Subscribing to the OpenShift Virtualization catalog 3.2.2. Deploying OpenShift Virtualization 3.3. INSTALLING OPENSHIFT
 Documents
Red Hat OpenShift - Microsoft · Red Hat OpenShift 3 Introduction to OpenShift OpenShift is a computer software product from Red Hat for container-based software deployment and management.
 Documents
DSP56300 Assembly Code Development Using the Motorola Toolsets · DSP56300 Assembly Code Development Using the Motorola Toolsets by Ralph Lansford ... linking process, ... connecting
 Documents
Presentación Openshift
 Documents
OpenShift Enterprise
 Software
INTRODUCTION TO OPENSHIFT - people.redhat.compeople.redhat.com/mlessard/mtl/presentations/jan2015/OpenShift... · INTRODUCTION TO OPENSHIFT ... 7. Install Operating System 8. Install
 Documents
OpenShift Overview
 Technology
Serena Pastore INAF (National Institute of Astrophysics) – Padova – ITALY pastore@pd.astro.it
 Documents
OpenShift Container Platform 3.11 アーキテクチャー · OpenShift Container Platform 3.11 アーキテクチャー OpenShift Container Platform 3.11 アーキテクチャー情報
 Documents

Copyright © 2022 FDOCUMENTS