OpenShift Technical Overview & Key Features

Presented by John Walter

 Attendee Information

Open and hide your control panel with orange arrow

Join audio
• Mic and Speakers to use VoIP
• Telephone and dial in using the info provided

Note: Today’s webinar is being recorded.

© Global Knowledge Training LLC. All rights reserved. Page 2

 Kubernetes 101
An introduction to containers,
Kubernetes, and OpenShift

John Walter, Solutions Architect

3
 AGENDA

● What is a container?
○ Virtual Machines vs. Containers
○ Linux and container infrastructure
● What is Kubernetes?
○ Container orchestration
○ A platform for OpenShift
● What is OpenShift?
○ Enterprise Kubernetes platform
● Red Hat Training
○ DO180 - Introduction to containers, Kubernetes, and OpenShift
● Q&A
4
 What is a container?

5
 NEW PATTERNS FOR DEVELOPMENT

CI/CD
Waterfall

Web APIs Speed

services

Agility

Container
Data
Micro-
Center
services Control
Monolith

Server Hybrid
/VM Cloud
OUTCOMES
 AGILE INTEGRATION
Modern architectures and app development
Traditional integration incompatible with
requires more agile integration
Cloud development

IoT
ESB

Centralize ⧫ Leverage ⧫ Simplify

Distributed Integration ⧫ Scalability ⧫ Reusability
Internal teams ⧫ Maximize use of resources
Agile Teams ⧫ Distributed App Dev

USE INTEGRATION WHERE NEEDED, RATHER THAN CENTRALIZING

 WHAT ARE CONTAINERS?
It Depends Who You Ask

INFRASTRUCTURE APPLICATIONS

● Application processes on a shared kernel ● Package apps with all dependencies

● Simpler, lighter, and denser than VMs ● Deploy to any environment in seconds
● Portable across different environments ● Easily accessed and shared
VIRTUAL MACHINES AND CONTAINERS

VIRTUAL MACHINES CONTAINERS

VM Container Container Container Container

App App App App

App App App App

OS Dependencies OS deps OS deps OS deps OS deps

Kernel Container Host (Kernel)

Hypervisor Hypervisor

Hardware Hardware

VM isolates the hardware Container isolates the process

VIRTUAL MACHINES AND CONTAINERS
Virtual Machine Container

Application Application

OS dependencies OS dependencies

Operating System
Container Host

VM Isolation Container Isolation

Complete OS Shared Kernel
Static Compute Burstable Compute
Static Memory Burstable Memory
High Resource Usage Low Resource Usage
 VIRTUAL MACHINES AND CONTAINERS

Virtual Machine Container

Application Application
Clear ownership boundary Dev
IT Ops OS dependencies between Dev and IT Ops OS dependencies
(and Dev, sort of)
drives DevOps adoption
Operating System and fosters agility Container Host
IT Ops
Infrastructure Infrastructure

Optimized for stability

Optimized for agility
 APPLICATION PORTABILITY WITH VM

Virtual machines are NOT portable across hypervisor and

do NOT provide portable packaging for applications

Guest VM VM Type X VM Type Y VM Type Z

Application Application Application Application

Application
OS dependencies OS dependencies OS dependencies OS dependencies
OS dependencies

Operating System Operating System Operating System Operating System

Operating System

LAPTOP BARE METAL VIRTUALIZATION PRIVATE CLOUD PUBLIC CLOUD

APPLICATION PORTABILITY WITH CONTAINERS

RHEL Containers + RHEL Host = Guaranteed Portability

Across Any Infrastructure

Container Container Container Container Container

Application Application Application Application Application

OS dependencies OS dependencies OS dependencies OS dependencies OS dependencies

RHEL RHEL RHEL RHEL

RHEL
Guest VM Virtual Machine Virtual Machine Virtual Machine

LAPTOP BARE METAL VIRTUALIZATION PRIVATE CLOUD PUBLIC CLOUD

 LINUX AND CONTAINER INFRASTRUCTURE
CONTAINER CONTAINER CONTAINER

APP APP APP CONTAINERS ARE LINUX

LINUX O/S LINUX O/S LINUX O/S
DEPENDENCY DEPENDENCY DEPENDENCY
Red Hat
LINUX CONTAINER HOST (KERNEL)
Enterprise Linux
is a leader in paid
70%
CY2016 paid
Linux Linux share

Linux OS host Linux is in

1 spans every every single 2
container container
 CONTAINERS IN A NUTSHELL
● Application portability across hybrid cloud environments

● Allow developers to focus on their application vs. underlying infrastructure

● Deployed for shorter periods of time than VMs

● Removing complexity through minimalism

● Presents new challenges for Operations teams

15
 What is Kubernetes?

16
 HOW DO I MANAGE THESE CONTAINERS?
● How do I manage configuration, service
discovery, and resource scaling?

● Where do I configure my cluster?

● How do I update my applications?

● How do I update the underlying cluster?

● How can I simplify my complex applications?

17
 KUBERNETES IN A NUTSHELL
● Application portability across hybrid cloud environments

● Allow developers to focus on their application vs. underlying infrastructure

● Deployed for shorter periods of time than VMs

● Removing complexity through minimalism

● Presents new challenges for Operations teams

18
 KUBERNETES AS CONTAINER ORCHESTRATION

● Schedulers and scheduling

● Service discovery and load balancing

● Resource management

19
 THE BENEFITS OF KUBERNETES

● Scalability

● Portability

● Consistent deployments

● Separated and automated operations

and development

20
 BASIC KUBERNETES ARCHITECTURE

21
 Storage RBAC
Deployment Topologies
Operating Systems Containers

Scaling Alerting Telemetry

Log Aggregation
Metrics
High Availability WHY SO HARD?
Image Management
Security Self Healing
Patching
VMs Networking Monitoring App Servers
Routing Configuration Management
CONFIDENTIAL - FOR INTERNAL
USE ONLY
 Kubernetes done right is hard

INSTALL DEPLOY HARDEN OPERATE

● Templating ● Identity & security access ● Platform monitoring & alerts ● OS upgrade & patch
● Validation ● App monitoring & alerts ● Metering & chargeback ● Platform upgrade & patch
● OS setup ● Storage & persistence ● Platform security hardening ● Image upgrade & patch
● Egress, ingress, & integration ● Image hardening ● App upgrade & patch
● Host container images ● Security certifications ● Security patches
● Build/Deploy methodology ● Network policy ● Continuous security scanning

75%
of enterprise users identify
● Disaster recovery
● Resource segmentation
● Multi-environment rollout
● Enterprise container registry
● Cluster & app elasticity
● Monitor, alert, remediate
complexity of implementation and ● Log aggregation

operations as the top blocker to adoption

Source: The New Stack. The State of the Kubernetes Ecosystem, August 2017.
 What is OpenShift?

25
 Self-Service Standards-based

Multi-language Web-scale

Automation Open Source

Collaboration Enterprise Grade

Multi-tenant Secure
OPENSHIFT IS ENTERPRISE KUBERNETES
Red Hat makes building application with containers easy

Business 3rd party

Red Hat Application Automation
Integration Data Web & Mobile
frameworks
Services
CONTAINER CONTAINER CONTAINER CONTAINER CONTAINER

LIFECYCLE AUTOMATION CONTAINER MANAGEMENT

PaaS

SELF-SERVICE SERVICE CATALOG MONITORING CAPACITY MGMT PUBLIC REGISTRY

(RH Registry)
CI/CD
Red Hat OpenShift (Jenkins)
IMAGE BUILD POLICY MANAGEMENT SECURITY ANALYSIS
Container Platform OPS MANAGEMENT
CaaS

(incl. CloudForms) CONTAINER INFRASTRUCTURE SERVICES

ORCHESTRATION OPS AUTOMATION
CONTAINER ENGINE REGISTRY
(Kubernetes) (Ansible)
STORAGE NETWORKING
SECURITY
(Kubernetes) (Open vSwitch) STORAGE
(RH Storage)
Red Hat Enterprise ENTERPRISE-GRADE CONTAINER OS
IaaS

DEV TOOLS
Linux & Atomic Host ( Developer Studio,
PHYSICAL VIRTUAL PRIVATE CLOUD PUBLIC CLOUD Container Dev Kit)
OpenShift 4 - A smarter Kubernetes platform

Automated, full-stack installation from the

container host to application services
Seamless Kubernetes deployment to any
cloud or on-premises environment
Autoscaling of cloud resources
One-click updates for platform, services,
and applications
With OpenShift you can deliver all your
applications in a whole new way

Traditional apps Cloud-native apps AI/ML, Functions...

Container & DevOps Platform

Edge Datacenter Hybrid & Multi-Cloud

 Over the Air (OTA) Updates

● OpenShift retrieves the

list of available updates
● Admin selects the target
version
● OpenShift is updated
over the air
● Auto-update support
Comprehensive container security

CONTROL Container content CI/CD pipeline

Application
Container registry Deployment policies
security

Container platform Container host multi-tenancy

DEFEND
Network isolation Storage
Infrastructure
Audit & logging API management

EXTEND Security ecosystem

 A consistent container application platform
FROM YOUR DATACENTER TO THE CLOUD

Automated Secure by Network Over-the-air Monitoring Pluggable

Multi-tenant
operations default traffic control updates & chargeback architecture

Bare metal, VMware vSphere, Red Hat Virtualization, Red Hat OpenStack Platform,
Amazon Web Services, Microsoft Azure, Google
 Kubernetes adoption phases

1. Stateless apps 2. Stateful apps 3. Distributed systems

ReplicaSets StatefulSets Data rebalancing

Deployments Storage/CSI Autoscaling
Seamless upgrades
 Full-stack automated install
OPENSHIFT 3 & 4 OPENSHIFT 4 (only)

OPENSHIFT PLATFORM
OPENSHIFT PLATFORM

OPERATING SYSTEM

OPERATING SYSTEM

INFRASTRUCTURE
 Automated container operations
FULLY AUTOMATED DAY-1 AND DAY-2 OPERATIONS

INSTALL DEPLOY HARDEN OPERATE

AUTOMATED OPERATIONS
Infra provisioning Full-stack deployment Secure defaults Multicluster aware

Embedded OS On-premises and cloud Network isolation Monitoring and alerts

Unified experience Audit and logs Full-stack patch & upgrade

Signing and policies Zero-downtime upgrades

Vulnerability scanning
 OperatorHub and certified Operators

● OperatorHub.io launched by Red Hat, AWS,

Microsoft and Google
● OpenShift Operator Certification
● OperatorHub integrated into OpenShift 4

COMMUNITY OPERATORS

OPENSHIFT CERTIFIED OPERATORS

Full control for administrators
 Self-service for developers

apiVersion: mongodb.com/v1
kind: MongoDbReplicaSet
metadata:
name: example
namespace: production
spec:
members: 3
version: 4.0.2
persistent: false
project: example
credentials: my-secret

38
 Training at Red Hat

39
 DO180 Red Hat OpenShift I: Containers & Kubernetes

Administrator Track Developer Track

Red Hat OpenShift Administration II: Operating a Red Hat OpenShift Development II: Containerizing
DO280 DO288
Production Kubernetes Cluster Applications
Red Hat Certified Specialist in OpenShift Application
EX280 Red Hat Certified Specialist in OpenShift Administration EX288
Development
Red Hat Cloud-native Microservices Development with
DO322 Red Hat OpenShift Installation Lab DO378
Quarkus
Red Hat OpenShift Administration III: Scaling Building Resilient Microservices with Istio and Red Hat
DO380 DO328
Kubernetes Deployments in the Enterprise Service Mesh
Camel Integration and Development with Red Hat Fuse
AD421
DevSecOps Track on OpenShift

DO425 Red Hat Security: Securing Containers and OpenShift

Red Hat Certified Specialist in Security: Containers and

EX425
OpenShift Container Platform

Suggested
Pre-Req Overview Required Course Complementary
Exam
 Introduction to containers, Kubernetes, and OpenShift (DO180)
Learn to build and manage containers for deployment on a Kubernetes and Red Hat OpenShift cluster
Introduction to Containers, Kubernetes, and Red Hat OpenShift (DO180) helps you build core knowledge in
managing containers through hands-on experience with containers, Kubernetes, and the Red Hat® OpenShift®
Container Platform. These skills are needed for multiple roles, including developers, administrators, and site
reliability engineers.

Topics covered include understanding container and OpenShift architecture, creating containerized services,
and deploying applications on Kubernetes and Red Hat OpenShift.

Audience:
● Developers who wish to containerize software applications
● Administrators who are new to container technology and container orchestration
● Architects who are considering using container technologies in software architectures
● Site reliability engineers who are considering using Kubernetes and Red Hat OpenShift

Prerequisites: Be able to use a Linux terminal session, issue operating system commands, and be familiar with
shell scripting. Experience with web application architectures and their corresponding technologies is
recommended, but not required.
41
 WAYS TO TRAIN

Onsite Training Classroom Training Virtual Training Online Learning

Private On-site training and Training and test in a professional Live instructor-led online training 90 days of access to course
exams delivered at your location classroom environment led by with the same high-quality, content and up to 80 hours of
or at one of our training centers Red Hat Certified Instructors hands-on labs you'd find in our hands on labs – all available
classrooms online, at your pace, and your
schedule.

42
 RED HAT LEARNING SUBSCRIPTION PREMIUM CONFIDENTIAL designator

Red Hat Learning Subscription Evolution

Introducing a Premium subscription tier

+ =
STANDARD MODULARIZED VIRTUAL PREMIUM
TRAINING

43
V0000000
Red Hat Training and Certification
Red Hat Certification: Ways to test

Red Hat classroom exams Red Hat individual exams

Classroom exams are scheduled exams that Individual exams are exams for which examinees
are publicly available and delivered in an IT choose the date, time and place. Two different
classroom, typically to multiple examinees and options exist, though not necessarily for all
monitored by an in-person proctor. exams:

Red Hat testing center exams

Testing center exams are delivered in
locations with a specially-configured exam
Red Hat onsite exams system and for which candidates are
Onsite exams are classroom exams delivered observed by a remote proctor.
privately to an organization at its location or a
location of its choosing. NEW: Red Hat remote exams
Remote exams are delivered online at your
home, office or other location of your
choice and observed by a remote proctor.
 Questions

© Global Knowledge Training LLC. All rights reserved. Page 45

 Have questions? Ask us anytime.

Twitter: @GlobalKnowledge

Facebook: @GKTraining

Instagram: @globalknowledgeinc

LinkedIn: Global Knowledge Training

© Global Knowledge Training LLC. All rights reserved. Page 46

 Learning More

For additional on-demand and live webinars, white papers, courses,

special offers and more, visit us at…

GlobalKnowledge.com

© Global Knowledge Training LLC. All rights reserved. Page 47