Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
RED HAT SUMMIT 2018 UPDATEOPENSHIFT / CONTAINER PLATFORM
Alfred BachPartner Enablement Manager [email protected]
FOR PARTNERS IN EMEA
F11413-201803
2
AGENDA
SALES UPDATE 15 MIN
OPENSHIFT TECHNICAL NEWS 40 MIN
OPENSTACK AND OPENSHIFT 15 MIN
YOU CAN FIND THE CONTENT:people.redhat.com/abach/UPDATE
PROPRIETARY, HOMEGROWN, ONE OWNER, SINGLE CLOUD,
LIMITED LANGUAGES OVERLY OPINIONATED
PLATFORMS HAVE ADOPTED CONTAINERS
STANDARDIZING ON KUBERNETES
Kubernetes Others(industry has moved on)
Cloud Foundry DiegoAWS BloxRancher CattleVMware AdmiralCoreOS FleetHashiCorp NomadDocker SwarmMesos
October 2017
...and many more!
COMPREHENSIVECLOUDCUSTOMERSCODE
Strong partnerships with cloud providers,
ISVs, CCSPs.
Extensive container catalog of certified
partner images.
Comprehensive portfolio of container products and
services, including developer tools, security, application
services, storage, and management.
Red Hat is the leading Kubernetes developer and contributor with Google.
We make container development easy, reliable,
and more secure.
Most reference customers running in production.
Years of experience running OpenShift Online and OpenShift Dedicated
services.
WHY OPENSHIFT IS THE BEST CHOICE FOR KUBERNETES — THE 4 Cs
RED HAT ENGINEERING LEADERSHIP
SUPPORTING KUBERNETES - AN INDUSTRY TIMELINE
1.0 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 …...
K8S 1.0
K8S 1.0
K8S 1.0
K8S 1.8
K8S 1.6
2015 2016 2017 2018
OPENSHIFT = ENTERPRISE KUBERNETES
EXISTING AUTOMATION
TOOLSETS
SCM(GIT)
CI/CD
SERVICE LAYER
ROUTING LAYER
PERSISTENTSTORAGE
CONTAINERREGISTRY
RHEL
NODE
c
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
RHEL
NODE
C
C
C C
C
C
C CC C
RED HATENTERPRISE LINUX
KUBERNETES MASTER
API/AUTHENTICATION
DATA STORE
SCHEDULER
HEALTH/SCALING
PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID
KUBERNETES SIGs - ENGINEERING LEADERSHIP
API MACHINERY
AZURE
DOCS
OPENSTACK
STORAGE
CONTAINERIDENTITY
AWS
BIGDATA
INSTRUMENTATION
PRODUCTMANAGEMENT
TESTING
KUBEADMADOPTION
APPS
CLI
MULTICLUSTER
RELEASE
UI
RESOURCEMANAGEMENT
ARCHITECTURE
CLUSTERLIFECYCLE
NETWORK
SCALABILITY
WINDOWS
AUTH
CLUSTER OPS
NODE
SCHEDULING
APP DEF
AUTOSCALING
CONTRIBUTOR EXPERIENCE
ON-PREM
SERVICECATALOG
CLUSTERAPI
15 of 33GROUPS RED HAT LEAD or CO-LEAD
KUBERNETES PROJECT CONTRIBUTIONSGoogle - 40,120Red Hat - 13,705 CoreOS - 958*IBM - 1151Intel - 370VMware - 380Microsoft - 626Amadeus - 133Cisco - 189Oracle - 32Pivotal - 136Docker - 14Amazon/AWS - ?
Source: Stackalytics (March, 2018)* Most CoreOS commits were done using personal email addresses (Independent)
CONTAINERS IN PRODUCTION ARE REAL ON RED HAT OPENSHIFT
F11413-201803
12
AGENDA
SALES UPDATE 15 MIN
OPENSHIFT TECHNICAL NEWS 40 MIN
OPENSTACK AND OPENSHIFT 15 MIN
Application Developer & Cluster Admin Console● Unified web console codebase● Address both dev and ops personas
Application Focused UX
14
Service Catalog & Brokers
OPENSHIFT SERVICE CATALOG
OpenShiftAutomationBroker
OpenShiftTemplateBroker
AWSServiceBroker
OtherServiceBrokers
ANSIBLE
OPENSHIFT
AMAZON WEB SERVICES
OTHER COMPATIBLE SERVICES
Ansible Playbook Bundles
OpenShiftTemplates
PublicCloudServices
OtherServices
Service Catalog & BrokersExpose and Provision Services
SERVICE BROKERS
Azure
Service Broker
New AWS Services coming:
Kinesis Data Streams
Key Management Service (KMS)
Lex
Polly
Rekognition
Translate (requires Preview registration)
SageMaker
Additional RDS engines:
Aurora, MariaDB, and PostgreSQL
AWSServiceBroker
AMAZON WEB SERVICES
Service Broker
Integrated Middleware Services
Mobile
RHOAR
FaaS
Fuse
RDG
Decision Manager
Operators
Why Operators?
$ oc new-app myapp 30 days later….
Developer
Platform Services Team
Trys to keep the application framework or runtime from exploding
Wouldn’t be great if….
The Platform
$ oc create -f myAppsTask.yaml
Developer
● re-index● backup● restore● defrag● recycle● ...any admin task
}Operator SDK
The Result
Your App
Is as automated as these apps but runs….
Management & Metering
Monitoring, Metrics
● 3.11: Prometheus “stack” GA with Target persona: OpenShift administrator
● Prometheus server, node_exporter, cAdvisor, Alertmanager, Operator
● Web Console and Grafana
● Out-of-box dashboards and alerts
● Announce deprecation of Hawkular
● Future:
● Target persona: OpenShift administrator, Application owner, Developer
● Multi-tenancy, Long term storage, Customizability
● Developer/Application Owner use case and Application Monitoring
Cluster Monitoring Dashboard
P-SAP
Performance Sensitive Applications (P-SAP)
Big Data
NFV
FSI
Animation
ISVsHPC
Machine Learning
GPU support in OpenShift
● Joint collaboration with strategic partners
for drivers, plugins and container images
● Device Manager GA
● Scheduler: Priority and preemption
● Seamless install experience of drivers,
plugins and dependencies
● Container images in RHCC/ISV Registry
● Certifications and support
RHEL Host
Device Manager plugin
Kublet Device Manager
Kubernetes Scheduler RHEL base image
+ Vendor libraries for GPUs +
Frameworks for AI/ML such as Tensorflow or
Pytorch
Device drivers for GPU
Storage
In-Tree FlexVolume External Provisioner
KubernetesAny Container Orchestrator
TodayTomorrow
Transitioning from Tech Preview to GA
● Local PersistentVolumes● Volume Snapshot and Restore● Resizing Volumes● Exposing storage metrics
Storage Projects
New Exciting Projects in 2018:● Alerts, SOPs and auto-heals● CephFS Provisioner ● Manilla Provisioner ● Storage UX enhancements
Container Native Storage (CNS)
CNS 3.10
June 2018
● Arbiter Volume Support● Stateless Heketi● Block Support for all workloads● Raw Block (Tech Preview)● Service Catalog S3 Support (Tech Preview)
CNS 3.11
Sep 2018
● Snapshot & Restore ● Stateful Set Support● Raw Block & Local PV● CSI Adapter● Geo Rep between 2 Clusters
CNS 3.12
Dec 2018
● Support 2 DC deploy with a tie breaker● Operator Support (Install, manage, expand, reduce)● Monitor CNS using OCP Prometheus● Manage CNS using OCP Web Console● Full Backup Solution Integration
CNS 3.13
Mar 2019
● Multi-Cloud Support (Async)● Multi-Cluster Support● Halo Support ( Async)● SLO Based Deploy, Manage, Migrate
Istio
Istio Service Mesh
Envoy
istio-ingress
Envoy
App A
Envoy
App B
Envoy
App C
istio-pilot istio-mixer istio-auth
HTTP Req/Resp
Kubernetes Pods
Istio Components Config to Envoy Access Control and Telemetry
33
Istio
● Intelligent Routing and Load
Balancing
● Resilience Across Languages
and Platforms
● Telemetry and Reporting
● Policy Enforcement
OCPGateway(for outbound/as a consumer API
control)
north
south
service billing
Gateway(for inbound API control)
service booking service invoicing
west east
Envoy proxy
Next Generation Microservices with RHOAR
Istio
Advanced Networking
Why Open Virtual Network (OVN)● An implementation of virtual networking via Open vSwitch project● Community of developers● SDN portfolio consolidation / common network tech (RH-OCP, RH-OSP,
RHV)● Acceleration and enablement of customer-driven feature requirements:
○ Subnet-per-node → Network-per-namespace (egress IP per pod)
○ Distributed services load balancer○ Replaces current iptables LB
○ Multiple Networks○ Discontiguous IP address blocks○ IP address mobility in cluster○ BYO IP address management○ Heterogeneous clusters w/ Windows nodes
○ Isolation / Multi-tenancy○ DPDK support○ Kubernetes Network Policy support○ IPAM○ Encrypted tunnels (dev started)○ Initial QoS support○ Distributed Ingress and Egress firewall○ IPv6 / DHCPv6○ Capability to span on-prem & cloud nodes
OVN - Tentative Plan
OCP 3.7 OCP 3.9 OCP 3.10 OCP 3.12OCP 3.11 OCP 3.13
OCP
3.10
Tec
h Pr
evie
w for
clust
ers w
ith W
indo
wsO
CP 3.
11 Te
ch P
revie
w + G
A for c
lust
ers
with W
indo
ws (no
t def
ault
SDN)
OCP
3.12
GA (n
ot d
efau
lt SD
N)O
CP 3.
13 G
A (def
ault
SDN)
Scale & Performance testing
Migration design and testing
OpenShift installer
Manual install
Documentation
Improved OpenShift Integration with RH-OSPProject goal: Provide best practice out-of-the-box OCP+OSP integration
● Remove double-encapsulation issue● Direct use of rich shared services provided
by the underlying OSP cloud:○ LBaaS, FWaaS, DNSaaS, …○ Immediate compliance with Neutron plugins
● OSP’s tenant isolation becomes directly effective on OpenShift, as well
● Bare metal provisioning and management via Ironic
Enabling technology: Kuryr
Registry
41
New Container Image Enterprise Registry: Quay
● In addition to the existing OpenShift internal registry we now offer Red Hat Quay as an advanced enterprise registry offering incl.
○ Vulnerability Scanning (powered by Clair)continually scan your containers for vulnerabilities, giving you
complete visibility into known issues and how to fix them ○ Geographic Replication
Reliably store, build and deploy a single set of container images across multiple geographies
○ Build Image TriggersAs push actions happen in your code repo (GitHub, Bitbucket, GitLab and Git), Quay will automatically build a new version of your app
○ Image Rollback with Time MachineView history of images and quickly and easily switch image builds
Quay.ioHosted Container Registry
Quay EnterprisePrivate Container Registry
SUPPORT & MAINTENANCE
Container Image Registry Future Features● Red Hat Quay Enterprise Registry
○ OCI Distribution spec (Docker Registry Protocol v2-2)○ Quay operator for easy installation and upgrades○ Deeper integration OpenShift and Quay (data, events, operations, RBAC)○ Seamless consumption of Red Hat and Ecosystem containerized offerings○ App registry enhancements ○ Signing and Metadata Integration with OpenShift
● OpenShift internal registry
○ Metrics enhancements○ Docker v2 catalog API support
Security
AUTOMATED & INTEGRATED SECURITY
Container Content
Container Registry
CI/CD Pipeline
Deployment Policies
Security Ecosystem
CONTROLApplication
Security
DEFENDInfrastructure
EXTEND
Container Host Multi-tenancyContainer Platform
Network Isolation Storage
Audit & Logging API Management
AUTOMATED & INTEGRATED SECURITY
Container Content
Container Registry
CI/CD Pipeline
Deployment Policies
CONTROLApplication
Security
● Red Hat Quay now available from Red Hat with advanced Scanning and Signing features
● Pull Secret for authenticated registries when auth credentials are provided● Integration with external CA for Application certificates● Signing and policy management enhancements● 3rd party partner tooling integration enhancements
AUTOMATED & INTEGRATED SECURITY
DEFENDInfrastructure
Container Host Multi-tenancyContainer Platform
Network Isolation Storage
Audit & Logging API Management
● Platform Authentication○ Support external OAuth server○ Windows oc Kerberos support○ Github Enterprise auth provider○ Update generated certificates
during upgrade
● Container Host○ User namespace support○ Continued investment in CRI-O
● Audit & Logging○ Metrics and error handling
improvements● Security certifications and product
applicability guides
Sysdig
NGINX
AquaSecurity
JFrog, Inc.
Signal Sciences
Cisco ContivAporeto big switch
Sonatype
f5
Black Duck
NeuVector
Treasure Data
Contrail
Tremolo
nuagenetworks
dynatraceAvi Networks
Thales e-Security
HashiCorp
Tigera
Portworx
Twistlock
Security EcosystemEXTEND
Federation
● Cluster Registry: API to query and retrieve information on clusters in the environment
● Ingress: Multi-cluster DNS automation via a CRD extension. Allows you to automate the global loadBalancing implementation on your IaaS layer per service
● Workload: Basically an extension that keeps the namespaces, configMap, replicaSets, secrets in sync for service deployments from tenants across multiple clusters.
● Policy: Ways to explain to the resource object how you want your service to be deployed
Federation V2
https://github.com/kubernetes/community/tree/master/sig-multicluster
items:- apiVersion: federation.k8s.io/v1alpha1 kind: FederatedReplicaSet metadata: name: test-replicaset namespace: test-namespace spec: clusternames: - us-est - us-west
Install & Upgrades
Installation Experiences
Opinionated “Best Practices” Single cluster provisioning
“Bring Your Own” RHELNode customization
Multi-Cluster Automation& Orchestration
Tectonic Integration
Operator owned self-hosted OpenShift components
● An Operator is a method of packaging, deploying and managing a Kubernetes application that encodes domain knowledge and extends the Kubernetes API through the CRD mechanism.
○ Doesn't just manage a single instance of the application, but rather multiple instances across the entire cluster
● “Automated operations” through self-hosting of the OpenShift control-plane components (run as native kubernetes objects rather than on-host assets) and managing their lifecycle through cluster operators○ All control-plane components can be run as pods○ All component dependencies can be sourced from cluster objects○ Cluster operators can automatically manage and upgrade OpenShift components
● Operators provide a clean delineation between installation and lifecycle management (upgrading) of components
Multi-Cluster Automation
Problem Statement:● No cluster management or multi-cluster concepts; everything is
performed as singleton● Difficult to manage more than a ‘handful’ of clusters
Goal:● Tool to Declare A Cluster
○ create a ‘cluster’ API object and get a working cluster
● Tool to Declare An Infrastructure Application Inside The Cluster● Tool becomes the “Central Source Of Truth”
○ It knows what the clusters are○ If you change the declaration the cluster changes○ If you change the cluster it puts it back
● Leverage and integrate with existing deployment tooling
Cluster Operator is NOT A:● new installer (will leverage pre-existing
provisioning mechanisms)● Intended for use outside of OpenShift
Cluster Operator is A:● declarative API to create clusters● declarative API to upgrade clusters● declarative API to configure clusters● central source of truth to build around● NOTHING ELSE
ClusterOperator
OpenShift Cluster
Source of Truth
Container Host & Runtimes
Red Hat CoreOS - The Container Host Evolved
Kernel SELinux
systemd sshd
Kubelet CRI-O docker
● Immutable foundation for OpenShift○ Aligned lifecycle○ Aligned release cadence
● Integrated container & OS stack ○ Aligned with the CRI & OCI
● One-touch provisioning○ Initially targeting cloud/virt○ Bare metal will follow
● Automated, cluster-aware updates○ A new, intelligent model controlled
by the cluster operator○ Considering OCI bundles for OS
updates
Preserve the best from both offerings● Container Linux
○ User experience○ Minimal compose○ Mission statement towards
containerizing all workloads● Atomic Host
○ Red Hat ecosystem
Project Charter and Goals:
● A lightweight, OCI-compliant container runtime designed for Kubernetes● Runs any OCI / Docker container from any OCI / Docker registry● Focus on stability and life cycle with the platform ● Improve container security & performance at scale
OpenShift Roadmap
● On track to become the default runtime for nodes● Adding user namespace support● Integrating libpod for better CLI integration with Podman● Continue to track and release with upstream Kubernetes
An OCI-compliant, daemon-less tool for building and modifying OCI / Docker images.
● Enables fine-grain control over the commands and content of each image layer● Utilities from the container host can optionally be leveraged as part of the build● Build instructions can be passed as a Dockerfile● Shares the underlying image and storage components with CRI-O
Roadmap :
● GA support with RHEL 7.5 ● User namespace enablement● Working towards unprivileged, non-root container builds● Future integrations with OpenShift (image-builder), ansible-container, and OSBS
A daemon-less CLI/API that provides a familiar experience for debugging and controlling OCI containers and pods
● Frontend tool for libpod● Provides a “docker-compatible” syntax
○ Solves administrative gaps with the Kubernetes CRI ● Remote API via Varlink
Roadmap:
● Tech preview planned for 7.5.1● Finalize “pod” design & implementation● Enhanced User namespace isolation● Cockpit and Atomic CLI integration● Full support planned for RHEL/OCP later this year
Podman
Container-native Virtualization
CONFIDENTIAL - UNDER EMBARGO UNTIL RED HAT SUMMIT, MAY 8-10, 2018
THE STORY SO FAR...
● I need a place to install, run, and manage Kubernetes clusters.
● I need a way to provide strict isolation of application containers.
...FOR VIRTUALIZATION IN A CONTAINERIZED WORLD
CONFIDENTIAL - UNDER EMBARGO UNTIL RED HAT SUMMIT, MAY 8-10, 2018
61 CONFIDENTIAL - UNDER EMBARGO UNTIL RED HAT SUMMIT, MAY 8-10, 2018
CONTAINER INFRASTRUCTURE AND ORCHESTRATION
VIRTUALIZED WORKLOADS
We don’t want to maintain multiple complex infrastructure to run containers and virtual machines.
WHAT ABOUT EXISTING WORKLOADS?
Container Application and Kubernetes orchestration as provided by OpenShift are becoming the standard for new applications.
Virtualized Workloads are not going anywhere fast!
CONVERGED INFRASTRUCTURE
62 CONFIDENTIAL - UNDER EMBARGO UNTIL RED HAT SUMMIT, MAY 8-10, 2018
INTRODUCING CONTAINER-NATIVE VIRTUALIZATION
Technology enabling OpenShift Container Platform as a unified platform for building, modifying, and deploying applications residing in both containers and virtual machines in a
common, shared environment.
Bring virtual machines into OpenShift developer workflows.
Technology Preview available as a feature of an upcoming Red Hat Cloud Suite release.
Windows Containers
Windows ContainersNetwork Control Plane (OVN)
Cluster CIDR
(Virtual) Service CIDR
Linux Master
API Server
Linux Worker
kubelet
Win WorkerCNICNI
kubelet
ovn-northd
Linux Worker
kubelet
CNIovnkube
Scheduler
Ctrl Mgrovn-contr
oller
ovnkube
ovn-controller
ovnkube
ovn-controller
Windows Worker
kubelet
Host Networking Service
ovn
vSwitch
Pods
Cluster CIDR
ovnkube
ovn-controller
● SMB and iSCSI Storage● OVN CloudBase Addon Required to connect to OCP
OVN● Windows 1709 or 1803 plus Origin 3.10 for Dev
Preview starting in late May● OCP 3.11 with Windows 2018 LTS is a possible GA
target from a tech point of view, but we need to complete the tech preview to see how far off we are
● Designed for lift and shift or whole application deployment (not S2I code iteration)
Q2 CY2018
Q3 CY2018
OpenShift Container Platform 3.10 (June)● Kubernetes 1.10 and CRI-O option● Smart Pruning● Istio (Dev Preview)● oc client for developers● Golden Image Tooling and TLS bootstrapping● Windows Server Containers (Dev Preview))● Prometheus Metrics and Alerts (Tech Preview)● S3 Svc Broker
OpenShift Online & Dedicated● Dedicated self-service: RBAC, templates, LB, egress● Dedicated encrypted storage, multi-AZ, Azure beta
OpenShift Roadmap
Q4 CY2018
Q1 CY2019
OpenShift Container Platform 3.11 (Sept)● Kubernetes 1.11 and CRI-O default● Infra monitoring ,alerting with SRE intelligence, Node Problem Detector● Etcd, Prometheus, and Vault Operators - Tech preview● Operator Certification Program and JBoss Fuse Operator● Autoscaler for AWS and P-SAP features● Metering and Chargeback (Tech Preview)● HPA Custom Metric● Tech preview of ALM● New web console for developers and cluster admins● Ansible Galaxy ASB support● CNV (Tech Preview)● OVN (Tech Preview for Windows)● FIPS and other Security PAGs
OpenShift Online & Dedicated● OpenShift Online automated updates for OS● Chargeback for OpenShift Online Starter
OpenShift Container Platform 3.12 (Dec/Jan)● Kubernetes 1.12 and CRI-O default● Converged Platform● Full Stack Automated Installer
○ AWS, RHEL, Azure, OSP● Over the Air Updates● RHCC integrated experience● Windows Containers GA● Easy/Trackable Evaluations● Red Hat CoreOS Container Linux with Ignition Automations● Cluster Registry● HPA metrics from Prometheus
OpenShift Online & Dedicated● Cluster Operator driven installs● Self-Service Dedicated User Experience
OpenShift Container Platform 3.13 (March)● Kubernetes 1.13 and CRI-O default● Full Stack Automation
○ GCP, VMware● Istio GA● Mobile 5.x● Serverless (Tech Preview)● RHCC for non-container content● Integrated Quay (Tech Preview)● Idling Controller● Federated Ingress and Workload Policy● OVN GA● Che (Tech Preview)
OpenShift Online & Dedicated● OpenShift.io on Dedicated (Tech Preview)
F11413-201803
66
AGENDA
SALES UPDATE 15 MIN
OPENSHIFT TECHNICAL NEWS 40 MIN
OPENSTACK AND OPENSHIFT 15 MIN
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY67
PART#1RUNNING OPENSTACK SERVICES IN CONTAINERS
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY68
WHY TO PUT OPENSTACK SERVICES INTO CONTAINERS?
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY
?69
Challenges
How to manage version conflicts and
scalability?
VERSIONCONFLICTS
How to upgrade in the least impactful
manner?
LIFECYCLE MANAGEMENT
How to recover after some incident
happened?
BACKUP & RECOVERY
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY70
HARDWARE
OPERATING SYSTEM
LIBRARIES A LIBRARIES B
BA
HARDWARE
OPERATING SYSTEM
LIBRARIES A LIBRARIES B
BA
Containers for applications
Traditional Containers
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY71
NOVA CEILOMETERNOVA
HARDWARE
OPERATING SYSTEM
LIBRARIES A LIBRARIES B
HARDWARE
OPERATING SYSTEM
LIBRARIES A LIBRARIES B
CEILOMETER
Containers for OpenStack servicesCan you spot the difference?
Traditional Containers
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY72
Isolate services as independent apps
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY
Restore only impacted containers
or rollback to previous version.
73
Benefits
Each service has its own dependency
stack. More flexible architecture.
DEPENDENCYCONFLICTS
Enablement to update/upgrade
services independently.
LIFECYCLE MANAGEMENT
BACKUP & RECOVERY
✔ ✔ ✔
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY74
RED HAT OPENSTACK PLATFORM IN CONTAINERSROADMAP
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY75
RHEL, OCI compliant containers, Kolla img, Heat, Puppet, TripleO
Transitional release, providing time to partners for adoption
Dual Mode: All services deployed in containers except Neutron, Cinder, Manila
RHEL, RPM, Heat, Puppet, TripleO
Service definitions and configurations are decomposed, or separated, from overall logic into standalone templates to support independent deployment and lifecycle management of any service.
Containers w/ OCI Compliant Framework
✖
✖
Traditional RPM based
Director - Containerization of OpenStack Services(Containers)
Maturity legend:
- good- strong
Containers w/ Kubernetes
12Pike
BEYOND13Queens
Transition Period
RHEL, OCI compliant containers, Kolla img, Heat, Puppet, TripleO
Full transition of OpenStack services to containers including all partner plugins completed.
RHEL still allows to run legacy RPM services alongside containers.
OpenShift Container Platform (enterprise ready Kubernetes distribution), Ansible, TripleO
TripleO integration withAnsible and Kubernetesto deploy and managecontainers.
This deployment method will not be supported via Director after indicted milestone
✖
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY76
PART#2OPENSHIFT ON TOP OF OPENSTACK
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY77
Consumption of resourcesProvides the container
platform layer
Exposition of resourcesProvides the infrastructure layer
OpenShift and OpenStackAutomation at multiple layers
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY78
Red Hat OpenStack Platform:● Automated provisioning of bare metal
and virtual machines, storage and network
● Rinse and repeat, automated● Scales very well
Exposition of resources
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY79
Red Hat OpenShift Container Platform:● Processes are distributed in cluster● Self service portal● Define and share applications
Consumption of resources
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY80
DATACENTRE
WORKLOADDRIVEN
PROGRAMMATIC SCALE-OUT
FULLYMANAGED
ACROSS INFRASTRUCTURE
DEEPLYINTEGRATED
SOLIDFOUNDATION
Why OpenShift on OpenStack?Open, scalable, managed, workloads.
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY81
OPENSHIFT ON OPENSTACKROADMAP
RED HAT OPENSTACK PLATFORM & CONTAINERS - INTERNAL USE ONLY82
13 - LL (QUEENS)(Spring 2018)
- openshift-ansible driven provisioning
- Container Networking Interface for Neutron (“Kuryr”)
- Octavia load balancing
14 (ROCKY)(Autumn 2018)
- Deployment on bare metal
- Storage integration
- DNS integration (TP)
BEYOND
- Manila file share integration
- OpenStack deployment in containers via Kubernetes (OpenShift)
- Autoscaling
OpenShift on OpenStack roadmap
F11413-201803
83
AGENDA
SALES UPDATE 15 MIN
OPENSHIFT TECHNICAL NEWS 40 MIN
OPENSTACK AND OPENSHIFT 15 MIN
F11413-201803
84
MORE INFOSUPCOMING FREE ARCHITECTURE WORKSHOPS
CLOUD INFRASTRUCTURE ARCHITECTUREMADRID 26.06 -28-06; AMSTERDAM 6.11 - 8.11
OPENSHIFT ARCHITECTUREAMSTERDAM 12.06 - 14.06; PARIS 24.07. - 26.07; BERLIN 16.10. - 18.10;
MADRID 04.12. -06.12
UPCOMING WEBINARS
CLOUD INFRASSTRUCTURE UPDATE 8th JUNE 2018
WHAT'S NEW IN OPENSHIFT 3.10 Mid of JULY 2018
REGISTER TODAY:
https://www.redhat-partner.com/trainings
plus.google.com/+RedHat
linkedin.com/company/red-hat
youtube.com/user/RedHatVideos
facebook.com/redhatinc
twitter.com/RedHat
THANK YOU