那些年的 OpenShift 3.11 容器平台技術選型_20190122

Transcript

1. 那些年的 OpenShift 3.11 容器平台技術選型 Phil Huang 黃秉鈞 <[email protected]> SDN x

   Cloud Native Meetup #13, Taiwan, Jan. 22, 2019

2. 有獎徵題 Skopeo Ansible CRI-O Podman LFN

3. Phil Huang 黃秉鈞 • 健康 清新 小飛機 • 社群斜槓青年 ◦

   SDNDS-TW ◦ Cloud Native Taiwan User Group (CNTUG) • Information ◦ https://blog.pichuang.com.tw ◦ https://www.linkedin.com/in/phil-huang-09b09895/
4. None

5. Ref: http://l.cncf.io

6. 2019 容器名詞正名運動 • Docker Registry => Container Registry • Docker

   Images => Container Images • Docker Container => OCI Container ◦ The Open Container Initiative is an open governance structure for the express purpose of creating open industry standards around container formats and runtime. -- From Open Containers Intiative Official Website => 容器標準化 (Specification): Runtime / Image / ... Ref: https://www.facebook.com/groups/cloudnative.tw/permalink/475806496256024/ OCI: Open Container Initiative

7. 1. Compute Resource ◦ Multi-Cloud / Application Workload / Quota

   2. Network Resource ◦ Network Policy / CNI / Egress & Ingress Router / External & Internal DNS 3. Storage Resource ◦ Persistent Volume Types / CSI / Storage Class 4. Container Images Resource ◦ Images Lifecycle Management / RBAC / Audit What Kind of Resource Management You Should Care

8. What is OpenShift? Ref: https://www.craftofcoding.com/openshift-vs-kubernetes/

9. What is OKD? Ref: https://blog.openshift.com/okd310release/

10. OpenShift v3 Technical Stack Bare-Metal / Virtual / Private Cloud

    / Public Cloud Infrastrcture Red Hat Enterprise Linux Operating System Infrastructure Automation & Cockpit Ops Mgmt Storage / Network / Logs& Metics / Security / Images Registry Container Resource Kubernetes Orchestration Application Management (CI/CD) DevOps Tools Service Catalog Cluster Console Self-Service Build Automation / Deployment Automation DevOps Strategy

11. OpenShift v3 Architecture Ref: http://v1.uncontained.io/playbooks/installation/#cluster-design-architecture The 3 types of OpenShift

    roles 1. Master Nodes 2. Infrastrucure Nodes 3. Compute Nodes Additional services 1. External Load Balancer 2. Shared Storage 3. External Container Registry External Container Registry

12. How do I know OpenShift current configuration immediatly?

13. Infrastrcture as Code (IaC) • All configuration you need are

    in one ansible inventory file ◦ Add new nodes when the resource is not enough ◦ To be a baseline for day 2 maintenance plan to each site Ref: GitHub - openshift/openshift-ansible

14. Operating System & Services • Mostly packages and services are

    migrated from rpm to container already • Easy to do container platform update

15. How to manage your container images?

16. Container Registry - Quay Ref: https://blog.pichuang.com.tw/quay-enterprise-grade-images-registry/ 1. Pull / Push

    / Manage container registry 2. Security Scanner 3. Role-based access control

17. Network

18. Container Network Interface (CNI) • OpenShift SDN provide 3 CNI

    for configuring network by default 1. ovs-subnet 2. ovs-multitenant 3. ovs-networkpolicy Ref: https://docs.openshift.com/container-platform/3.11/architecture/networking/sdn.html

19. OpenShift Route v.s. K8S Ingress Ref: https://blog.openshift.com/kubernetes-ingress-vs-openshift-route/ Feature Ingress on

    k8s Route on OpenShift Standard Kubernetes object X External access to services X X Persistent (sticky) sessions X X Load-balancing strategies (e.g. round robin) X X Rate-limit and throttling X X IP whitelisting X X TLS edge termination for improved security X X TLS re-encryption for improved security X TLS passthrough for improved security X Multiple weighted backends (split traffic) X Generated pattern-based hostnames X Wildcard domains X

20. Do we still choose rsyslog for collecting logs purpose?

21. Container Logging Aggregation • Deploy log aggregation using EFK (Elaticsearch

    / Fluentd / Kibana) Ref: https://itnext.io/multiline-logs-in-openshift-efk-stack-7a7bda4ed055

22. How do I know container cluster have good performance and

    status?

23. Container Application Metrics Aggregation Ref: https://github.com/LutzLange/OpenShift-Labs/blob/master/OpenShift-Lab.adoc#cluster-metrics-introduction • For HPA and

    collect metrics per pod/project purpose HPA: Horizontal Pod Autoscaler

24. pod metrics Project overview

25. Container Cluster Metrics Monitoring Ref: https://docs.openshift.com/container-platform/3.11/install_config/prometheus_cluster_monitoring.html

26. Cluster Metrics - Prometheus Systems Monitoring and Alerting toolkit

27. Dashboard - Grafana The Open Platform for Analytics and Monitoring

28. Self-Services Container platform helps those who help themselves

29. Service Catalog Ref: https://www.redhat.com/en/about/videos/ama-openshift-service-catalog-brokers-and-user-experience

30. Cluster Console Ref: https://www.youtube.com/watch?v=-YlZDV5Iadc More Administrator-focused Experience based on OpenShift

    in CoreOS Tectonic

31. Operator Lifecycle Management (OLM) • A framework for extending Kubernetes

    objects (CRD) • Help you to install, update and manage lifecycle running across your clustes Let developer to implement operation tools on k8s CRD: Custom Resource Definition Ref: https://www.redhat.com/en/blog/introducing-operator-framework-building-apps-kubernetes

32. Ref: https://docs.openshift.com/container-platform/3.11/install_config/installing-operator-framework.html

33. Wanna Learn More?

34. How Do You Learn About Cloud Native Technologies? Top learning

    sources are 1. Documentation 2. Meetups and Local Events 3. Technical Podcasts Ref: https://www.cncf.io/blog/2018/08/29/cncf-survey-use-of-cloud-native-technologies-in-production-has-grown-over-200-percent/

35. Ref: https://www.facebook.com/RedHatTaiwan/

36. Ref: https://www.facebook.com/events/2143280755732051/ Storage Resource Management 2019/2/18 19:00

37. Q&A 請給我們回饋 下一次分享會更好 https://goo.gl/forms/UHCcOtHa0PXt3gvj1 啾咪 Ref: https://www.facebook.com/micomikicat/