Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Ask the Product Manager Office Hours: Operators and Helm

Red Hat Livestreaming
April 19, 2021
Technology
0
150

Ask the Product Manager Office Hours: Operators and Helm

Join us for a little one-on-one time with a Red Hat Product Manager - each session will feature a Product Manager focused on a specific product or project. We’ll start with an overview & discussion of the topic, then have time for Q&A.

YouTube: https://youtu.be/YowBHOOZakk

Red Hat Livestreaming

April 19, 2021
Tweet

More Decks by Red Hat Livestreaming

See All by Red Hat Livestreaming
APAC Hybrid Cloud KOPI Hour (E8) - Securing The Software Supply Chain
redhatlivestreaming
0
21
APAC Hybrid Cloud KOPI Hour (E6) - AI
redhatlivestreaming
0
16
APAC Hybrid Cloud Kopi Hours (E7) - Automation!
redhatlivestreaming
0
14
Instant multi-cloud: The art of the possible
redhatlivestreaming
0
21
Ask an OpenShift Admin (Ep 107) Red Hat OpenShift Data Science
redhatlivestreaming
1
79
Ask an OpenShift Admin (Ep 103) OpenShift Multi-Arch Support
redhatlivestreaming
1
70
What's Next in OpenShift (Q2 CY2023)
redhatlivestreaming
0
3.9k
What's New in OpenShift 4.13
redhatlivestreaming
5
7.2k
Ask an OpenShift Admin episode 93: OpenShift Logging and Observability
redhatlivestreaming
0
270

Other Decks in Technology

See All in Technology
増え続ける公開アプリケーションへの悪意あるアクセス_多層防御を取り入れるSRE活動_.pdf
yoshiiryo1
0
200
フィンテック養成勉強会#33
finengine
0
160
2023-09-05_OCIJP_まれによくあるマルチクラウドでDB-AP分離構成のこと
hk_shino
2
220
組織・プロセス・技術 - フロントエンドの生産性向上への複眼的アプローチ / 20230921
bengo4com
3
1k
Advancing Equity and Inclusion for Deaf Students in Higher Education
3playmarketing
0
150
サーバーレスアーキテクチャを使って、小さく作って大きくする取り組み
daikimori
0
1k
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
6
4.2k
上流工程に挑戦!「俺の考えた最強サーバレス構成」が一瞬で敗北した件
kentosuzuki
2
130
Chat & Shop Like Never Before Unleash LINE SHOPPING API
linedevth
0
190
Digital Dining Journey with LINE at Bar B Q Plaza
linedevth
0
140
サーバーレス技術とDevSecOps: 安全かつ迅速なデプロイメントの新時代
gl_tsukasa
1
570
Google Cloud Updates 2023/08/16 - 2023/08/31
no24oka
1
110

Featured

See All Featured
From Idea to $5000 a Month in 5 Months
shpigford
376
45k
WebSockets: Embracing the real-time Web
robhawkes
58
6.5k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
18
6.2k
Building Adaptive Systems
keathley
29
1.6k
Web development in the modern age
philhawksworth
200
9.8k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
15
1.6k
Documentation Writing (for coders)
carmenintech
55
3.3k
The MySQL Ecosystem @ GitHub 2015
samlambert
240
11k
The Power of CSS Pseudo Elements
geoffreycrofte
56
4.6k
KATA
mclloyd
13
11k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
16
1.4k
No one is an island. Learnings from fostering a developers community.
thoeni
14
1.8k

Transcript

  1. CONFIDENTIAL designator
    OpenShift.tv Twitch Stream 04/19/2021
    Helm & Operators
    Daniel Messer
    OpenShift Product Mgr
    Stevan LeMeur
    OpenShift Product Mgr
    1

    View Slide

  2. CONFIDENTIAL designator
    2

    View Slide

  3. CONFIDENTIAL designator
    Helm on OpenShift
    3
    ● 2016 - Joined CNCF
    ● 2020 - Graduated status
    Active development community
    Top level CNCF Project
    ● 13,000+ contributors
    ● 1,700+ contributing companies
    ● 9,500+ code commits
    Project Overview
    ● https://helm.sh/
    ● https://github.com/helm/helm
    Package manager for Kubernetes applications
    define, install and update apps

    View Slide

  4. CONFIDENTIAL designator
    GENERAL DISTRIBUTION
    WHAT IS HELM?
    4
    a package consisting of
    related Kubernetes
    YAML files
    a place where Charts
    can be stored, shared
    and distributed
    a specific instance of a
    Chart deployed on
    Kubernetes
    Chart Repository Release

    View Slide

  5. CONFIDENTIAL designator
    GENERAL DISTRIBUTION
    How does Helm Work?
    5
    Releases
    (Kubernetes resources)
    Helm Chart
    (templates)
    Values
    (configs)

    View Slide

  6. CONFIDENTIAL designator
    GENERAL DISTRIBUTION
    OPENSHIFT
    NAMESPACE
    Image
    Repository
    Releases
    How does Helm Work?
    6
    Helm Chart
    (templates)
    Values
    (configs)
    Helm CLI
    OpenShift
    Console

    View Slide

  7. CONFIDENTIAL designator
    7
    Helm Demo

    View Slide

  8. GENERAL DISTRIBUTION
    Helm & Operators
    8
    Phase I Phase II Phase III Phase IV Phase V
    Basic Install
    Automated application
    provisioning and configuration
    management
    Seamless Upgrades
    Patch and minor version
    upgrades supported
    Full Lifecycle
    App lifecycle, storage lifecycle
    (backup, failure recovery)
    Deep Insights
    Metrics, alerts, log processing
    and workload analysis
    Auto Pilot
    Horizontal/vertical scaling, auto
    config tuning, abnormal detection,
    scheduling tuning
    Operator
    Automated Day-2 Operations
    Helm
    Package and Basic Install

    View Slide

  9. CONFIDENTIAL designator
    Kubernetes Operators
    9
    Custom Resource
    Developer /
    OpenShift User
    Deployments
    StatefulSets
    Autoscalers
    Secrets
    ConfigMaps
    PersistentVolumes
    k8s API
    apiVersion:
    database.example.com/v2
    kind: EnterpriseDatabase
    metadata:
    name: my-example-database
    spec:
    size: 5
    version: 3.2.13
    Custom Kubernetes
    Controller
    Watch Events
    Reconciliation
    +
    Custom Resource Definition
    Kubernetes Operator
    Built-in Kubernetes
    Resources

    View Slide

  10. CONFIDENTIAL designator
    Helm Charts & Kubernetes Operators Compared
    10
    What does the user get?
    Helm Kubernetes Operator
    A packaged, templated version of the
    application itself
    A piece of software that offers an application
    on-demand / as-a-service

    View Slide

  11. CONFIDENTIAL designator
    Helm Charts & Kubernetes Operators Compared
    11
    Where does it run?
    Helm Kubernetes Operator
    Invokes the Kubernetes API from outside the
    cluster
    Runs on the cluster with direct integration on
    the Kubernetes control plane, can also talk to
    external APIs (cloud services)

    View Slide

  12. CONFIDENTIAL designator
    Helm Charts & Kubernetes Operators Compared
    12
    When does it run?
    Helm Kubernetes Operator
    Invoked manually or via GitOps using helm
    tool outside of the cluster
    Runs constantly and can respond to cluster /
    app events, invoked via Kubernetes API calls
    (manually or programmatically/via GitOps)
    1x

    View Slide

  13. CONFIDENTIAL designator
    13
    Namespace Configuration
    Operator

    View Slide

  14. CONFIDENTIAL designator
    Helm Charts & Kubernetes Operators Compared
    14
    What is the main objective?
    Helm Kubernetes Operator
    Quick deployment with customizations and basic
    updates
    Automating Day 1 and Day 2 operations /
    integration with external systems /
    event-based automation
    1. Download
    2. Customize
    3. Deploy App
    4. Reconfigure
    5. Retire
    Self-Heal Auto-Tune
    Backup Restore
    Failover Failback
    Request App
    Request External
    Service
    Update Applications
    Reconfigure / Retire
    Applications
    Automate workflows
    React to cluster events

    View Slide

  15. CONFIDENTIAL designator
    Helm Charts & Kubernetes Operators Compared
    15
    What about permissions?
    Helm Kubernetes Operator
    Runs with the permissions of the app / users Runs with different permissions than those of
    the app and users
    RBAC inheritance RBAC inheritance
    RBAC inheritance

    View Slide

  16. CONFIDENTIAL designator
    Helm Charts & Kubernetes Operators Compared
    16
    How does it do its job?
    Helm Kubernetes Operator
    Relies on built-in Kubernetes functionality to manage
    app, can ship custom pre-/post- deployment/update
    hooks to perform basic lifecycle
    Contains app-specific logic to ensure
    consistency, ordering, integrity of application
    operations over extended period of time
    1x 1.
    1.
    1.
    1.
    2.
    3.

    View Slide

  17. CONFIDENTIAL designator
    17
    A production example

    View Slide

  18. CONFIDENTIAL designator
    Application Example: Quay Registry
    18
    How to deploy Quay
    Get Redis Get PostgreSQL Get Object Storage
    Run Quay Config Editor
    Download Config Bundle
    Run Quay
    Run Clair
    Run Mirroring Workers
    Admin
    1.
    2.
    3.

    View Slide

  19. CONFIDENTIAL designator
    Application Example: Quay Registry
    19
    How to re-configure Quay
    Admin Run Quay Config Editor Update Secret
    Restart Quay pods
    Restart Clair pods
    Restart Mirror workers pods
    1.
    2.
    3.

    View Slide

  20. CONFIDENTIAL designator
    Application Example: Quay Registry
    20
    How to update Quay
    Admin Scale up one Quay Pod
    w/ new image
    Scale down Quay to 0 Database migrations Scale-up Quay w/
    newer images

    View Slide

  21. CONFIDENTIAL designator
    21
    Quay Operator

    View Slide

  22. GENERAL DISTRIBUTION
    Application Packaging vs. User Experience
    22
    Application Lifecycle
    Management
    Application Packaging
    Complexity
    Better consumption experience
    Higher Package Maintainer Effort

    View Slide

  23. GENERAL DISTRIBUTION
    Your application packaging journey
    23
    Phase I Phase II Phase III Phase IV Phase V
    Basic Install
    Automated application
    provisioning and configuration
    management
    Seamless Upgrades
    Patch and minor version
    upgrades supported
    Full Lifecycle
    App lifecycle, storage lifecycle
    (backup, failure recovery)
    Deep Insights
    Metrics, alerts, log processing
    and workload analysis
    Auto Pilot
    Horizontal/vertical scaling, auto
    config tuning, abnormal detection,
    scheduling tuning
    Helm / Golang / Ansible Operator
    Automated App Day-2 Operations & Integrate external services
    Helm Chart
    Install & Basic Updates / Reconfigure
    Hybrid Operators are coming. Mix-and-match Helm Charts with
    Go Code and Ansible Playbooks in a single Operator project.

    View Slide

  24. CONFIDENTIAL designator
    24

    View Slide

  25. GENERAL DISTRIBUTION
    Helm & Operators Capabilities
    25
    Helm Chart Operator
    Packaging ✓ ✓
    App Installation ✓ ✓
    App Update (kubernetes manifests) ✓ ✓
    App Upgrade (data migration, sequencing, etc) - ✓
    Backup & Recovery - ✓
    Auto tuning / Self-Healing with Workload & Log Analysis - ✓
    Integrate external cloud services / APIs - ✓
    Event-based automation - ✓
    Custom App Deployment Managed Service /
    Automation

    View Slide

  26. CONFIDENTIAL designator
    26
    Learn More

    View Slide

  27. Helm Resources
    Helm Documentation
    https://helm.sh/docs/
    Helm Project Repository
    https://github.com/helm/helm
    Slack
    https://slack.kubernetes.io/ (#helm)
    27
    Helm on OpenShift
    Interactive Lab
    https://learn.openshift.com/developing-on-openshift/helm/
    Learn Helm
    https://www.packtpub.com/cloud-networking/learn-helm
    Learn JKube
    https:/www.eclipse.org/jkube/
    Extend your knowledge of the Helm ecosystem

    View Slide

  28. Operator Resources
    Operator SDK
    Operator SDK Documentation
    Operator Framework Project
    https;//operatorframework.io
    Slack
    https://slack.kubernetes.io/
    #kubernetes-operators
    #operator-sdk-dev
    #olm-dev
    28
    Helm on OpenShift
    Interactive Lab
    https://learn.openshift.com/operatorframework/
    Learn the Operator Pattern
    https://developers.redhat.com/books/kubernetes-operators
    Learn how to create Kubernetes Operators

    View Slide