Enterprise Kubernetes: Openshift Container Platform

E3afc47cd48ab5a032c7e2078c0d3ce7?s=47 Aykut Bulgu
October 17, 2018

Enterprise Kubernetes: Openshift Container Platform

This is the presentation that I prepeared for Software Craftsmanship Turkey event in 2018. https://www.meetup.com/Software-Craftsmanship-Turkey/events/253854585/

E3afc47cd48ab5a032c7e2078c0d3ce7?s=128

Aykut Bulgu

October 17, 2018
Tweet

Transcript

  1. 2.

    @systemcraftsman Who am I ? Was a child in the

    end of 80’s and beginning of 90’s Married, has a daugther Tech lover Has been working for about 12 years in software/tech industry Fond of Software Craftsmanship Co-organiser of ScTurkey Community Works as a Red Hatter; a Middleware Consultant
  2. 6.

    @systemcraftsman #1 - Google - 41,649 #2 - Red Hat

    - 14,410 #6 - IBM - 1230 #9 - CoreOS - 964* #10 - Microsoft - 728 #13 - VMware - 433 #15 - Intel - 400 #23 - Cisco - 192 #26 - Pivotal - 141 #41 - Oracle - 36 #56 - Docker - 14 Amazon/AWS - ? * Most CoreOS commits were done using personal email addresses (Independent) http://stackalytics.com/?metric=commits&project_type=kubernetes-group&release=all Kubernetes Project Contributions
  3. 7.

    @systemcraftsman Red Hat Contributions to Kubernetes Operators Framework | ClusterRole

    Aggregation | RBAC Authorization | Stateful Sets | Init Containers | Rolling Update Status | Pod Security Policy Limits | Memory based Pod Eviction | Quota Controlled Services | 1,000+ Nodes | Dynamic PV Provisioning | Multiple Schedulers | SECCOMP | Audit | Job Scheduler | Access Review API | Whitelisting Sysctls | Secure Cluster Policy | Evict Pods Disk IO | Storage Classes | Azure Data Disk | etcdv3 | RBAC API | Auth to kubelet API | Pod-level cGroups QoS | Kublet Eviction Model | RBAC | Storage Class | CustomResourceDefinitions | API Aggregation | Encrypted secrets in etcd | Limit Node Access | HPA Status Conditions | Network Policy | CRI Validation Test Suite | Local Persistent Storage | Audit Logging |
  4. 8.

    @systemcraftsman A Brief History of Openshift Openshift v2 - Announced

    in 2013 Red Hat Contribution to K8s started in 2014 Openshift v3 dev. Preview is announced in 2016 Openshift v3.0 is announced in 2017 (end of v2)
  5. 9.

    9 How Do We Deliver OpenShift? CONTAINER PLATFORM DEDICATED ONLINE

    Integrate OSS projects Partner integration platform No-cost validations for innovation Community Distribution of Kubernetes 100+ Integrations Align time with OSS trunk
  6. 10.

    @systemcraftsman Security fixes 100s of defect and performance fixes 200+

    validated integrations Middleware integrations (container images, storage, networking, cloud services, etc) 9 year enterprise lifecycle management Certified Kubernetes Kubernetes Release OpenShift Release 1-3 months hardening Openshift Is Kubernetes For The Enterprise
  7. 11.

    @systemcraftsman ~250 Bugs Fixed ~190 Bugs Fixed ~30 Bugs Fixed

    Between K8s 1.* and Openshift 3.* Between Openshift 3.* and 3.*.33 Since 3.*.33 Openshift Is Kubernetes For The Enterprise
  8. 12.

    @systemcraftsman Requires a Linux operating system Requires a Container Runtime

    (CRI-O, Containerd, Docker, etc) Requires image registry Requires software defined networking Requires load‐balancer and routing Requires log management Requires container metrics and monitoring OpenShift includes all these components fully integrated and fully tested as part of the platform. Why Kubernetes Is Not Enough For The Enterprise
  9. 13.

    @systemcraftsman Container Infrastructure and Management Kubernetes OKD* OpenShift Multi-host container

    scheduling ✔ ✔ ✔ Self-service provisioning ✔ ✔ ✔ Service discovery ✔ ✔ ✔ Enterprise Linux operating system ✔ Image registry ✔ ✔ Validated storage plugins ✔ ✔ Networking and validated networking plugins ✔ ✔ Log aggregation and monitoring ✔ ✔ Multi-tenancy ✔ ✔ Metering and chargeback ✔ * OKD is the open source project formerly known as OpenShift Origin
  10. 14.

    @systemcraftsman Developer Experience Kubernetes OKD* OpenShift Automated image builds No

    developer or application services ✔ ✔ CI/CD workflows and pipelines ✔ ✔ Certified application services ✔ Certified middleware ✔ Certified databases ✔ 200+ certified ISV solutions ✔ * OKD is the open source project formerly known as OpenShift Origin
  11. 15.

    @systemcraftsman Enterprise Support and Community Kubernetes OKD OpenShift Community forums

    and resources ✔ ✔ ✔ Zero downtime patching and upgrades ✔ Enterprise 24/7 support ✔ 9 year support lifecycle ✔ Security response team ✔ External review: 10 most important differences between OpenShift and Kubernetes
  12. 18.
  13. 20.

    @systemcraftsman Myth: Openshift Is Too Heavy | It’s a PaaS

    KUBERNETES RED HAT ENTERPRISE LINUX | RED HAT COREOS SDN NETWORKING STORAGE LOGGING MONITORING CI/CD PIPELINES SERVICE CATALOG CONTAINER REGISTRY SECURITY | AUTH OPS CONSOLE BARE METAL VIRTUAL PRIVATE PUBLIC SERVICE BROKERS | ANSIBLE | AWS | AZURE | GCP CLOUD-NATIVE AI / ML BIG DATA IOT SERVERLESS OPERATOR LIFECYCLE MANAGER | PLATFORM | APPLICATIONS RED HAT MIDDLEWARE SERVICES TRADITIONAL WINDOWS ISTIO - SERVICE MESH CONTAINERS AS A SERVICE (CaaS) PLATFORM AS A SERVICE (PaaS) [OPTIONAL TO USE]
  14. 22.

    @systemcraftsman Automated Operations Kubernetes Red Hat Enterprise Linux or Red

    Hat CoreOS Application Services CaaS PaaS Best IT Ops Experience Best Developer Experience Cluster Services Developer Services Middleware, Service Mesh, Functions, ISV Metrics, Chargeback, Registry, Logging Dev Tools, Automated Builds, CI/CD, IDE Openshift Container Platform
  15. 23.

    @systemcraftsman EXISTING AUTOMATION TOOLSETS SCM (GIT) CI/CD SERVICE LAYER ROUTING

    LAYER PERSISTENT STORAGE REGISTRY RHEL NODE c RHEL NODE RHEL NODE RHEL NODE RHEL NODE RHEL NODE C C C C C C C C C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING PHYSICAL VIRTUAL PRIVATE PUBLIC HYBRID Openshift Architecture
  16. 27.

    @systemcraftsman Proof-of-Concept Architecture Application Traffic Dev and Ops User INFRA

    MASTER NODE NODE An infrastructure node is a node that is dedicated to infrastructure pods such as router, image registry, metrics, and logs
  17. 29.

    @systemcraftsman Full High-Availability Architecture ENTERPRISE LOAD-BALANCER Application Traffic Dev and

    Ops User NODE MASTER MASTER INFRA MASTER INFRA NODE NODE NODE NODE NODE INFRA NODE
  18. 32.

    @systemcraftsman Auto-Healing Failed Pods RHEL NODE RHEL NODE c RHEL

    NODE RHEL NODE c RHEL NODE C C RHEL NODE C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C
  19. 33.

    @systemcraftsman RHEL NODE RHEL NODE c RHEL NODE RHEL NODE

    c RHEL NODE C C RHEL NODE C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C Auto-Healing Failed Pods
  20. 34.

    @systemcraftsman RHEL NODE RHEL NODE c RHEL NODE RHEL NODE

    c RHEL NODE C C RHEL NODE C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C Auto-Healing Failed Pods
  21. 35.

    @systemcraftsman RHEL NODE RHEL NODE c RHEL NODE RHEL NODE

    c RHEL NODE C C RHEL NODE C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C Auto-Healing Failed Containers
  22. 36.

    @systemcraftsman RHEL NODE RHEL NODE c RHEL NODE RHEL NODE

    c RHEL NODE C C RHEL NODE C C RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C Auto-Healing Failed Containers
  23. 37.

    @systemcraftsman RHEL NODE RHEL NODE RHEL NODE RHEL NODE C

    C RHEL NODE C C c RED HAT ENTERPRISE LINUX MASTER API/AUTHENTICATION DATA STORE SCHEDULER HEALTH/SCALING C c Auto-Healing Failed Containers
  24. 38.
  25. 39.

    @systemcraftsman Built-in Service Discovery Internal Load-Balancing SERVICE app=payroll role=frontend POD

    app=payroll role=frontend POD app=payroll role=frontend Name: payroll-frontend IP: 172.10.1.23 Port: 8080 POD app=payroll role=backend version=1.0 version=1.0
  26. 40.

    @systemcraftsman SERVICE app=payroll role=frontend POD app=payroll role=frontend POD app=payroll role=frontend

    Name: payroll-frontend IP: 172.10.1.23 Port: 8080 POD app=payroll role=backend version=2.0 version=1.0 POD app=payroll role=frontend version=1.0 Built-in Service Discovery Internal Load-Balancing
  27. 42.

    @systemcraftsman ROUTING AND EXTERNAL LOAD-BALANCING Pluggable routing architecture HAProxy Router

    F5 Router Multiple-routers with traffic sharding Router supported protocols HTTP/HTTPS WebSockets TLS with SNI Non-standard ports via cloud load-balancers, external IP, and NodePort
  28. 43.

    @systemcraftsman ROUTE SPLIT TRAFFIC SERVICE A App A App A

    SERVICE B App B App B ROUTE 10% traffic 90% traffic Split Traffic Between Multiple Services For A/B Testing, Blue/Green and Canary Deployments
  29. 45.

    @systemcraftsman Central Log Management with EFK EFK stack to aggregate

    logs for hosts and applications Elasticsearch: a search and analytics engine to store logs Fluentd: gathers logs and sends to Elasticsearch. Kibana: A web UI for Elasticsearch.
  30. 46.

    @systemcraftsman APPLICATION LOGS OPERATION LOGS ELASTIC ELASTIC RHEL NODE POD

    POD POD POD FLUENTD RHEL NODE POD POD POD POD FLUENTD ELASTICSEARCH RHEL NODE POD POD POD POD FLUENTD USER ELASTIC ELASTIC KIBANA ELASTIC ELASTIC ELASTICSEARCH ELASTIC ELASTIC KIBANA ADMIN Central Log Management with EFK
  31. 47.

    @systemcraftsman CONTAINER METRICS RHEL NODE POD POD POD POD FLUENTD

    Container Metrics RHEL NODE POD POD POD POD FLUENTD HEAPSTER RHEL NODE POD POD POD POD CADVISOR HAWKULAR OPENSHIFT WEB CONSOLE ELASTIC ELASTIC CASSANDRA RED HAT CLOUDFORMS CUSTOM DASHBOARDS API USER
  32. 49.
  33. 50.

    @systemcraftsman NODE MASTER Secret Management Container Distributed Store Container Secure

    mechanism for holding sensitive data e.g. Passwords and credentials SSH Keys Certificates Secrets are made available as Environment variables Volume mounts Interaction with external systems
  34. 51.

    @systemcraftsman Certificate Management Check Expiry Redeploy Certs Certificates are used

    to provide secure connections to Master and nodes Router and registry Etcd Ansible playbooks to automate redeployment Redeploy all at once or specific components Certificate expiry report generator MASTER NODES ROUTER REGISTRY ETCD ✓ ✓ ✓ ✓ ✓ Ansible Playbook
  35. 53.

    @systemcraftsman Persistent Storage NFS GlusterFS OpenStack Cinder Ceph RBD AWS

    EBS GCE Persistent Disk iSCSI Fiber Channel Azure Disk Azure File FlexVolume VMWare vSphere VMDK Container Storage Interface (CSI)** * Shipped and supported by NetApp via TSANet ** Tech Preview NetApp Trident* Persistent Volume (PV) is tied to a piece of network storage Provisioned by an administrator (static or dynamically) Allows admins to describe storage and users to request storage Assigned to pods based on the requested size, access mode, labels and type
  36. 54.

    @systemcraftsman PROJECT POOL OF PERSISTENT VOLUMES Persistent Storage NFSP V

    iSCSI PV NFSP V Admin User register PV create claim NFSP V GlusterFS PV Pod claim Pod claim Pod claim Ceph RBD PV
  37. 55.

    @systemcraftsman Dynamic Volume Provisioning Admin User define StorageClass create claim:

    Fastest Slow Azure-Disk Fast AWS-SSD Fastest NetApp-Flash NetApp Provisioner AWS Provisioner Pod claim PV OpenShift PV Controller provision Azure Provisioner bound
  38. 57.

    @systemcraftsman What Is A Service Broker? SERVICE CONSUMER SERVICE PROVIDER

    SERVICE CATALOG SERVICE BROKER Automated, Standard and Consistent
  39. 58.

    @systemcraftsman Why A Service Broker? SERVICE CONSUMER SERVICE PROVIDER ☑

    Open ticket ☑ Wait for allocation ☑ Receive credentials ☑ Add to app ☑ Deploy app Manual, Time-consuming and Inconsistent
  40. 59.
  41. 60.

    @systemcraftsman Openshift Service Catalog OPENSHIFT SERVICE CATALOG OpenShift Automation Broker

    OpenShift Template Broker AWS Service Broker Other Service Brokers ANSIBLE OPENSHIFT AWS OTHER COMPATIBLE SERVICES Ansible Playbook Bundles OpenShift Templates AWS Services Other Services
  42. 62.

    @systemcraftsman Kubernetes Operator Framework Operator Framework is an open source

    toolkit to manage application instances on Kubernetes in an effective, automated and scalable way. Installation Upgrade Backup Failure recovery Metrics & insights Tuning AUTOMATED LIFECYCLE MANAGEMENT
  43. 63.

    @systemcraftsman Operators codify operational knowledge and workflows to automate lifecycle

    management of containerized applications with Kubernetes SDK LIFECYCLE MANAGEMENT METERING Kubernetes Operator Framework
  44. 64.

    @systemcraftsman Why Operator Framework? DEVELOPER DEPLOY STATEFUL APP A WHILE

    LATER APP SERVICES OPERATIONS UPDATE PATCH BACKUP REBALANCE SCALE DEPLOY STATEFUL APP UPDATE PATCH BACKUP REBALANCE SCALE APP OPERATOR DEVELOPER
  45. 66.

    @systemcraftsman Operator Metering Based on Prometheus Reports namespace, pods and

    custom label query Easy to process by accounting or custom software
  46. 68.

    @systemcraftsman DEPLOY YOUR SOURCE CODE DEPLOY YOUR CONTAINER IMAGE DEPLOY

    YOUR APP BINARY Build and Deploy Container Images
  47. 69.

    @systemcraftsman Deploy Source Code With Source-to-Image (S2I) Git Repository BUILD

    APP (OpenShift) Developer code Source-to-Image (S2I) Builder Image Image Registry BUILD IMAGE (OpenShift) DEPLOY (OpenShift) deploy Application Container OpenShift Does User/Tool Does
  48. 70.

    @systemcraftsman Application Binary (e.g. WAR) BUILD APP (Build Infra) Existing

    Build Process build Source-to-Image (S2I) Builder Image Image Registry BUILD IMAGE (OpenShift) DEPLOY (OpenShift) deploy Application Container OpenShift Does User/Tool Does Deploy App Binary With Source-to-Image (S2I)
  49. 71.

    @systemcraftsman DEPLOY (OpenShift) Deploy Docker Image build Application Container deploy

    Application Image Image Registry BUILD IMAGE (Build Infra) Existing Image Build Process PUSH (Build Infra) OpenShift Does User/Tool Does
  50. 73.
  51. 74.
  52. 75.

    @systemcraftsman CI/CD with Builds and Deployments BUILDS Webhook triggers: build

    the app image whenever the code changes Image trigger: build the app image whenever the base language or app runtime changes Build hooks: test the app image before pushing it to an image registry DEPLOYMENTS
  53. 76.

    @systemcraftsman Openshift Loves CI/CD JENKINS-AS-A SERVICE ON OPENSHIFT HYBRID JENKINS

    INFRA WITH OPENSHIFT EXISTING CI/CD DEPLOY TO OPENSHIFT
  54. 77.

    @systemcraftsman JENKINS-AS-A-SERVICE ON OPENSHIFT Plugins Jobs Configuration Jenkins (S2I) Custom

    Jenkins Image Jenkins Image Certified Jenkins images with pre-configured plugins Provided out-of-the-box Follows Jenkins 1.x and 2.x LTS versions Jenkins S2I Builder for customizing the image Install Plugins Configure Jenkins Configure Build Jobs OpenShift plugins to integrate authentication with OpenShift and also CI/CD pipelines Dynamically deploys Jenkins slave containers
  55. 78.

    @systemcraftsman HYBRID JENKINS INFRA WITH OPENSHIFT OPENSHIFT APP APP run

    job JENKINS SLAVE Run Job JENKINS SLAVE Run Job build JENKINS MASTER deploy Scale existing Jenkins infrastructure by dynamically provisioning Jenkins slaves on OpenShift Use Kubernetes plug-in on existing Jenkin servers
  56. 79.

    @systemcraftsman EXISTING CI/CD DEPLOY TO OPENSHIFT OPENSHIFT APP EXISTING CI/CD

    INFRA Jenkins, Bamboo, TeamCity, etc APP build deploy S2I Build run job Existing CI/CD infrastructure outside OpenShift performs operations against OpenShift OpenShift Pipeline Jenkins Plugin for Jenkins OpenShift CLI for integrating other CI Engines with OpenShift Without disrupting existing processes, can be combined with previous alternative
  57. 80.

    @systemcraftsman OPENSHIFT PIPELINES apiVersion: v1 kind: BuildConfig metadata: name: app-pipeline

    spec: strategy: type: JenkinsPipeline jenkinsPipelineStrategy: jenkinsfile: |- node('maven') { stage('build app') { git url: 'https://git/app.git' sh "mvn package" } stage('build image') { sh "oc start-build app --from-file=target/app.jar } stage('deploy') { openshiftDeploy deploymentConfig: 'app' } } Provision a Jenkins slave for running Maven OpenShift Pipelines allow defining a CI/CD workflow via a Jenkins pipeline which can be started, monitored, and managed similar to other builds Dynamic provisioning of Jenkins slaves Auto-provisioning of Jenkins server OpenShift Pipeline strategies Embedded Jenkinsfile Jenkinsfile from a Git repository
  58. 82.

    @systemcraftsman Continuous Delivery Pipeline OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER DEVELOPER

    GIT SERVER ARTIFACT REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER NON-PROD PROD DEV
  59. 83.

    @systemcraftsman OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER DEVELOPER GIT SERVER ARTIFACT

    REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER PROMOTE TO TEST NON-PROD PROD DEV TEST Continuous Delivery Pipeline
  60. 84.

    @systemcraftsman OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER DEVELOPER GIT SERVER ARTIFACT

    REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER PROMOTE TO TEST PROMOTE TO UAT NON-PROD PROD DEV TEST UAT Continuous Delivery Pipeline
  61. 85.

    @systemcraftsman ServiceNow JIRA Service Desk Zendeks BMC Remedy OPENSHIFT IMAGE

    REGISTRY OPENSHIFT CLUSTER DEVELOPER GIT SERVER ARTIFACT REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER GO LIVE? PROMOTE TO TEST PROMOTE TO UAT RELEASE MANAGER NON-PROD PROD ☒ ☑ DEV TEST UAT Continuous Delivery Pipeline
  62. 86.

    @systemcraftsman OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER GIT SERVER ARTIFACT REPOSITORY

    OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER GO LIVE? PROMOTE TO TEST PROMOTE TO UAT PROMOTE TO PROD RELEASE MANAGER NON-PROD PROD DEV TEST UAT ☒ ☑ DEVELOPER Continuous Delivery Pipeline
  63. 88.

    @systemcraftsman CrunchyData GitLab Iron.io Couchbase Sonatype EnterpriseDB NuoDB Fujitsu and

    many more ...and virtually any docker image out there! True Polyglot Platform PHP Python Java NodeJS Perl Ruby .NET Core Apache HTTP Server MySQL Redis nginx Tomcat Varnish JBoss EAP JBoss A-MQ JBoss Fuse JBoss BRMS JBoss BPMS JBoss Data Grid JBoss Data Virt RH Mobile RH SSO 3SCALE API mgmt JBoss Web Server Spring Boot Wildfly Swarm Vert.x PostgreSQL MongoDB Phusion Passenger Third-party Language Runtimes Third-party Databases Third-party App Runtimes Third-party Middleware Third-party Middleware LANGUAGES DATABASES WEB SERVERS MIDDLEWARE
  64. 89.

    OPENSHIFT TECHNICAL OVERVIEW 89 Modern, Cloud-Native Application Runtimes and an

    Opinionated Developer Experience OPENSHIFT SUPPORTED RUNTIMES Eclipse Vert.x WildFly Swarm Node.js LAUNCH Spring Boot JBoss EAP
  65. 91.

    @systemcraftsman The Need For a Service Mesh SERVICE MESH SOLVES

    THE CHALLENGES OF: • Ensuring reliability • Troubleshooting • Performance • Security • Dynamic topology USE CASE: Difficulty identifying root cause of performance issues DISTRIBUTED TRACING provides service dependency analysis for different microservices and tracking for requests traced through multiple microservices. It also identifies performance bottlenecks and calls out particular requests, identifying the cause to the latency of a request or the service that created an error.
  66. 92.

    @systemcraftsman Microservices Without Istio Container JVM service A discovery load-balancer

    resiliency metrics tracing app logic JVM service B discovery load-balancer resiliency metrics tracing app logic Container JVM service C discovery load-balancer resiliency metrics tracing app logic
  67. 93.

    @systemcraftsman Microservices With Istio Container JVM service C app logic

    Pod Sidecar Container Envoy Container JVM service A app logic Pod Sidecar Container Envoy Container JVM service B app logic Pod Sidecar Container Envoy
  68. 94.

    @systemcraftsman Openshift Service Mesh Istio - Jaeger discovery resiliency metrics

    tracing OpenShift App Container Pod Sidecar Container Envoy Pod Sidecar Container Envoy App Container Sidecar Container Envoy App Container load-balancer
  69. 95.

    @systemcraftsman Openshift Service Mesh Making service-to-service communication safe, performant, and

    reliable OBSERVABILITY POLICY ENFORCEMENT SERVICE IDENTITY & SECURITY TRAFFIC MANAGEMENT DIST. TRANSACTION MONITORING SERVICE DEPENDENCY ANALYSIS ROOT CAUSE ANALYSIS DISTRIBUTED CONTEXT PROPAGATION PERFORMANCE / LATENCY OPTIMIZATION ISTIO JAEGER DISTRIBUTED TRACING CONFIGURATION VALIDATION METRICS COLLECTION AND GRAPHS SERVICE GRAPH REPRESENTATION SERVICE DISCOVERY & HEALTH COMPUTATION KIALI
  70. 96.

    @systemcraftsman Release Details • Supported distribution of Istio, Jaeger, Kiali,

    Prometheus, and Grafana • Upstream project called Maistra • Integrated with Red Hat OpenShift Application Runtimes (RHOAR) • OpenShift Service Mesh comes included with any OCP subscription September • Istio and Jaeger • Istio Operator for install/uninstall • Installation docs TP 1 October • Kiali added TP 2 • Full support on OpenShift 4.0 • Istio Operator for updates GA Q1 CY19 TP releases every few weeks TP N TP 4 TP 3 OPENSHIFT SERVICE MESH
  71. 97.
  72. 98.

    @systemcraftsman learn.openshift.com Interactive Learning Scenarios provide you with a pre-configured

    OpenShift instance, accessible from your browser without any downloads or configuration.
  73. 101.