Red Hat Containers Roadmap

Red HatA panel of product directors

Joe FernandesSr. Director Product Mgmt, Red Hat

Rich SharplesSr. Director of Product Mgmt, Red Hat

Sayan SahaSr. Manager of Product Mgmt, Red Hat

Ben BreardSr. Technical Product Mgmt, Red Hat

Steve GordonPrincipal Product Manager - OpenStack, Red Hat

Xavier LecauchoisDirector Product Mgmt, Red Hat

The content set forth herein does not constitute

in any way a binding or legal agreement or

impose any legal obligation or duty on Red Hat.

This information is provided for discussion

purposes only and is subject to change for

any or no reason.

Disclaimer

RED HAT ENTERPRISE LINUX&

CONTAINERS

● Dual versions of Docker ○ docker & docker-latest

● Docker-1.10 & moving to 1.12 soon

● Multiprocess Containers● Runc as a lightweight container

runtime● System & Application Containers

Container Runtime & Security

● Atomic Scan with OpenSCAP will move to GA in 7.3.

● Pluggable backend also enables Black Duck scanning.

● Enterprise-wide container scanning with CloudForms 4.1+

● Image signing coming soon!

● Developer Mode - get started FAST○ Bypass cloud-init and go straight to the

Cockpit Web UI.● OStree package layering & admin-unlock● Multi-host Mgr- provides a RESTful API & CLI

for common cluster-wide actions:○ Rolling upgrades○ Rolling reboots

● Atomic command enhancements:○ top - top-like view for running

containers○ diff - file & rpm diffs between images○ migrate - Enables storage backend

migrations

RHEL Atomic Host - Streamlined for Containers

Goal: Make Linux discoverable and simple to administer

Description: A lightweight interface with added support for:

● OStree updates & roll backs● Performance profiles● SELinux troubleshooting● Expanded storage capabilities● Docker RestartPolicy ● Generate sosreports

Cockpit - A Modern Web UI for RHEL

OPENSHIFT&

KUBERNETES

Kubernetes Project

Kubernetes Features

● Core Concepts & Capabilities○ Pods, Services, Labels, Replication Controllers ○ Service Discovery, Self-Healing, Autoscaling, ...

● Kubernetes 1.2 (OpenShift 3.2 - available today)○ Dynamic application configuration○ Scalability enhancements○ New scheduling features

● Kubernetes 1.3 (OpenShift 3.3 - coming soon)○ Enhanced support for stateful services ○ Multi-cluster federation○ More performance & scaling enhancements

SERVICE CATALOG(LANGUAGE RUNTIMES, MIDDLEWARE, DATABASES, …)

SELF-SERVICE

APPLICATION LIFECYCLE MANAGEMENT(CI / CD)

BUILD AUTOMATION DEPLOYMENT AUTOMATION

CONTAINER CONTAINERCONTAINER CONTAINER CONTAINER

NETWORKING SECURITYSTORAGE REGISTRYLOGS &

METRICS

CONTAINER ORCHESTRATION & CLUSTER MANAGEMENT(KUBERNETES)

RED HAT ENTERPRISE LINUX

CONTAINER RUNTIME & PACKAGING(DOCKER)

ATOMIC HOST

INFRASTRUCTURE AUTOMATION & COCKPIT

OpenShift Container Platform

OpenShift - Build & Deployment Automation

Code

Deploy

Build

Can configure different deployment strategies like A/B, Rolling upgrade, Automated base updates, and more.

Can configure triggers for automated deployments, builds, and more.

Define and manage the whole application lifecycle

● Build/Deploy workflow from Dev to Production

● Integrated Jenkins 2 Pipeline extensibility

● Real time status and integrated metrics

CD Pipelines in OpenShift 3.3

Manage image content with new integrated registry capabilities

● Registry quota and access management

● Visualization of images and image layers

● Also available for standalone Registry deployments

Enterprise Registry in OpenShift 3.3

Red Hat JBoss Middleware

Traditional View of Middleware

● JBoss EAP

● JBoss Web Server

● JBoss Developer Studio

● Fuse

● A-MQ

● Data Virtualization

● BPM

● BRMS

● Red Hat Mobile

Application Container Services

Integration Services Business Process Services

MobileServices

JBoss Middleware Services on OpenShift

Core Services

Data Grid(Caching)

SSO(Identity Management)

Resilience ...

Microservices - A Definition

“... is an approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API. These services are built around business capabilities and independently deployable by fully automated deployment machinery. There is a bare minimum of centralized management of these services, which may be written in different programming languages and use different data storage technologies.”

- Martin Fowler

http://martinfowler.com/articles/microservices.html

Microservices scorecardService Isolation Linux Containers / Docker

✔

Lightweight Interconnect

Kubernetes: Services, Service Registry, HTTP, DNS✔

Polyglot Language Choice (Java, Ruby, Node.js, …)Middleware Choice (EAP, Fuse, BRMS, JDG, A-MQ, …) ✔

Automation Automated Build & Provisioning with OpenShift and source-to-image, CDK ✔

Centralized Management

OpenShift Administration Console● No pollution of application (not invasive)● Consolidated logging (EFK)● Drill-down into domain-specific management views

✔

CALL TO ACTION - we need your input !

● Without OpenShift, is container image support for JBoss EAP / JWS still important ?

● Is Kubernetes important to you for JBoss EAP or other M/W products ?

● For your containerized applications, is HTTP Load Balancing important ?

● For your containerized applications, is Clustering / HA important ?

● For your containerized applications is EAP Domain Management important ?

STORAGE

Persistent Storage for Containers● Containers need persistent storage● They need to store state, data and configuration● Container storage must be easy to deploy, agile & flexible

● iSCSI● NFS● Amazon EBS● Google Persistent Disk● GlusterFS● Ceph RBD● OpenStack Cinder● Fibre Channel

Supported Storage Back-ends for OpenShift

Cinder

NFSiSCSI

Fiber Channel

pDisk EBS

OPENSTACK

OpenShift on OpenStack

Architectural tenets:

● Technical independence● Avoiding redundancy● Contextual awareness● Simplified management

?

OpenShift on OpenStack - Current

● Networking via Neutron networks.

● Load Balancing via Neutron LBaaS V1

● Block Storage via Cinder volumes.

● Compute via Nova virtual machines.

● Orchestration via Heat templates.

● Reference architecture to be published “real soon now”

OpenShift on OpenStack - Future

● Load Balancing via Octavia (LBaaS V2)

● DNS via Designate● File Storage via Manila● Re-validate architecture on

bare-metal using Ironic

What about deployment of OpenStack?

Toward an unified and common orchestration tool for your platform, Kubernetes.

● OpenStack is just another application on your container stack● OpenStack Kolla Provides production-ready containers to operate

OpenStack● Orchestration using Ansible or Kubernetes (kolla-kubernetes

project)● Tech preview of containerized compute nodes in Red Hat

OpenStack Platform 8: http://red.ht/27hrUdn

Red Hat ManagementManaging Containers

Digital Transformation

DEVNew ways of developing

and delivering applications

INFRASTRUCTURENew cloud-based infrastructure and ways to serve applications

APPLICATIONSNew architectures

and ways to integrate

RED HAT MANAGEMENT

OPSMore agile process to support both IT and the business

SATELLITEBUILD A TRUSTED & SECURE RED HAT ENVIRONMENT

Manage the Red Hat Lifecycle

Provision & Configure at Scale

Standardize Your Environment

CLOUDFORMSDELIVER SERVICES ACROSS YOUR HYBRID CLOUD

Hybrid Cloud Management

Self-Service Provisioning

Policy-driven Compliance

ANSIBLEAUTOMATE YOUR IT PROCESSES & DEPLOYMENTS

Simple & powerful language

No agents to install

Scale with Ansible Tower

INSIGHTSPREVENT CRITICAL ISSUES BEFORE THEY OCCUR

Continuous Insights

Verified Knowledge

Proactive Resolution

RED

HA

T M

AN

AG

EMEN

T

Container JourneySCALE

CO

MP

LEX

ITY

Dev team.How can we move faster?

Dev meets Ops.

How do we run at scale?

DevOps.Can we turn it

into a platform?

Production Ops.How do we

manage at scale?

One developer.How do I docker?

InsightsSatellite

OpenShiftAnsible Atomic Host

CloudForms

Managing Containers Today

● Support - OpenShift and Atomic Host as container providers● Dedicated dashboard - Topology mapping for containers, nodes, pods and registries● Configuration management - Drift analysis of container image packages● Performance monitoring - CPU & memory utilization

4.0

RED HAT CLOUDFORMS

● Introspection - Agent-less container content analysis for security and compliance assessment● Policy automation - Kubernetes events in policy definition● Performance monitoring - Networking & storage utilization● Chargeback

● Container Deployment - Integrate container deployment in lifecycle workflow

● Lifecycle management - Atomic Host: provision, patch and update, retire

6.1

RED HAT SATELLITE

4.1

6.2

Managing Containers Today

RED HAT INSIGHTS

● Visibility into image configuration - Identify risks inside a container before it is deployed● Optimization of Container Infrastructure - Operational analysis & remediation guidance for

underlying container platform

ANSIBLE

2.1● Service Design - Multi-container service definition through Ansible playbooks● Security - Configure SELinux to secure docker containers and storage space

Today

Managing Containers - Short Term Additions

● Container registry role - Enterprise-approved registry for content governance● ProdOps meet DevOps - Satellite + Openshift to coordinate multiple teams for application

lifecycle at scale

6.3RED HAT

SATELLITE

● Openshift management - Deployment and lifecycle management of OpenShift infrastructure● Application instantiation - Openshift Template integration4.2

RED HAT CLOUDFORMS

ANSIBLE

Next ● Ansible Container - Build Docker images and orchestrate containers with playbooks● OpenShift and Kubernetes modules - Manage OpenShift and Kubernetes

RED HAT INSIGHTS

● Application topology awareness - Automatically identify related containers and analyze compound risks to the overall application

● Security policy analysis - Assign containers specific risk policies (SANs, CIS,....) and receive tailored alerts

Next

POWER UP and PARTY DOWN with Red Hat Mobile, Middleware

and OpenShift.

Wednesday evening 9PM – 12AM

Pick up your invitation for the party that beats all parties at:

Mobile, Middleware or OpenShift demo pods in the Red Hat Booth,

Partner Pavilion

Divider Slide

Divider Slides