Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Ask the Product Manager Office Hours: Operators...

Ask the Product Manager Office Hours: Operators and Helm

Join us for a little one-on-one time with a Red Hat Product Manager - each session will feature a Product Manager focused on a specific product or project. We’ll start with an overview & discussion of the topic, then have time for Q&A.

YouTube: https://youtu.be/YowBHOOZakk

Red Hat Livestreaming

April 19, 2021
Tweet

More Decks by Red Hat Livestreaming

Other Decks in Technology

Transcript

  1. CONFIDENTIAL designator OpenShift.tv Twitch Stream 04/19/2021 Helm & Operators Daniel

    Messer OpenShift Product Mgr Stevan LeMeur OpenShift Product Mgr 1
  2. CONFIDENTIAL designator Helm on OpenShift 3 • 2016 - Joined

    CNCF • 2020 - Graduated status Active development community Top level CNCF Project • 13,000+ contributors • 1,700+ contributing companies • 9,500+ code commits Project Overview • https://helm.sh/ • https://github.com/helm/helm Package manager for Kubernetes applications define, install and update apps
  3. CONFIDENTIAL designator GENERAL DISTRIBUTION WHAT IS HELM? 4 a package

    consisting of related Kubernetes YAML files a place where Charts can be stored, shared and distributed a specific instance of a Chart deployed on Kubernetes Chart Repository Release
  4. CONFIDENTIAL designator GENERAL DISTRIBUTION How does Helm Work? 5 Releases

    (Kubernetes resources) Helm Chart (templates) Values (configs)
  5. CONFIDENTIAL designator GENERAL DISTRIBUTION OPENSHIFT NAMESPACE Image Repository Releases How

    does Helm Work? 6 Helm Chart (templates) Values (configs) Helm CLI OpenShift Console
  6. GENERAL DISTRIBUTION Helm & Operators 8 Phase I Phase II

    Phase III Phase IV Phase V Basic Install Automated application provisioning and configuration management Seamless Upgrades Patch and minor version upgrades supported Full Lifecycle App lifecycle, storage lifecycle (backup, failure recovery) Deep Insights Metrics, alerts, log processing and workload analysis Auto Pilot Horizontal/vertical scaling, auto config tuning, abnormal detection, scheduling tuning Operator Automated Day-2 Operations Helm Package and Basic Install
  7. CONFIDENTIAL designator Kubernetes Operators 9 Custom Resource Developer / OpenShift

    User Deployments StatefulSets Autoscalers Secrets ConfigMaps PersistentVolumes k8s API apiVersion: database.example.com/v2 kind: EnterpriseDatabase metadata: name: my-example-database spec: size: 5 version: 3.2.13 Custom Kubernetes Controller Watch Events Reconciliation + Custom Resource Definition Kubernetes Operator Built-in Kubernetes Resources
  8. CONFIDENTIAL designator Helm Charts & Kubernetes Operators Compared 10 What

    does the user get? Helm Kubernetes Operator A packaged, templated version of the application itself A piece of software that offers an application on-demand / as-a-service
  9. CONFIDENTIAL designator Helm Charts & Kubernetes Operators Compared 11 Where

    does it run? Helm Kubernetes Operator Invokes the Kubernetes API from outside the cluster Runs on the cluster with direct integration on the Kubernetes control plane, can also talk to external APIs (cloud services)
  10. CONFIDENTIAL designator Helm Charts & Kubernetes Operators Compared 12 When

    does it run? Helm Kubernetes Operator Invoked manually or via GitOps using helm tool outside of the cluster Runs constantly and can respond to cluster / app events, invoked via Kubernetes API calls (manually or programmatically/via GitOps) 1x
  11. CONFIDENTIAL designator Helm Charts & Kubernetes Operators Compared 14 What

    is the main objective? Helm Kubernetes Operator Quick deployment with customizations and basic updates Automating Day 1 and Day 2 operations / integration with external systems / event-based automation 1. Download 2. Customize 3. Deploy App 4. Reconfigure 5. Retire Self-Heal Auto-Tune Backup Restore Failover Failback Request App Request External Service Update Applications Reconfigure / Retire Applications Automate workflows React to cluster events
  12. CONFIDENTIAL designator Helm Charts & Kubernetes Operators Compared 15 What

    about permissions? Helm Kubernetes Operator Runs with the permissions of the app / users Runs with different permissions than those of the app and users RBAC inheritance RBAC inheritance RBAC inheritance
  13. CONFIDENTIAL designator Helm Charts & Kubernetes Operators Compared 16 How

    does it do its job? Helm Kubernetes Operator Relies on built-in Kubernetes functionality to manage app, can ship custom pre-/post- deployment/update hooks to perform basic lifecycle Contains app-specific logic to ensure consistency, ordering, integrity of application operations over extended period of time 1x 1. 1. 1. 1. 2. 3.
  14. CONFIDENTIAL designator Application Example: Quay Registry 18 How to deploy

    Quay Get Redis Get PostgreSQL Get Object Storage Run Quay Config Editor Download Config Bundle Run Quay Run Clair Run Mirroring Workers Admin 1. 2. 3.
  15. CONFIDENTIAL designator Application Example: Quay Registry 19 How to re-configure

    Quay Admin Run Quay Config Editor Update Secret Restart Quay pods Restart Clair pods Restart Mirror workers pods 1. 2. 3.
  16. CONFIDENTIAL designator Application Example: Quay Registry 20 How to update

    Quay Admin Scale up one Quay Pod w/ new image Scale down Quay to 0 Database migrations Scale-up Quay w/ newer images
  17. GENERAL DISTRIBUTION Application Packaging vs. User Experience 22 Application Lifecycle

    Management Application Packaging Complexity Better consumption experience Higher Package Maintainer Effort
  18. GENERAL DISTRIBUTION Your application packaging journey 23 Phase I Phase

    II Phase III Phase IV Phase V Basic Install Automated application provisioning and configuration management Seamless Upgrades Patch and minor version upgrades supported Full Lifecycle App lifecycle, storage lifecycle (backup, failure recovery) Deep Insights Metrics, alerts, log processing and workload analysis Auto Pilot Horizontal/vertical scaling, auto config tuning, abnormal detection, scheduling tuning Helm / Golang / Ansible Operator Automated App Day-2 Operations & Integrate external services Helm Chart Install & Basic Updates / Reconfigure Hybrid Operators are coming. Mix-and-match Helm Charts with Go Code and Ansible Playbooks in a single Operator project.
  19. GENERAL DISTRIBUTION Helm & Operators Capabilities 25 Helm Chart Operator

    Packaging ✓ ✓ App Installation ✓ ✓ App Update (kubernetes manifests) ✓ ✓ App Upgrade (data migration, sequencing, etc) - ✓ Backup & Recovery - ✓ Auto tuning / Self-Healing with Workload & Log Analysis - ✓ Integrate external cloud services / APIs - ✓ Event-based automation - ✓ Custom App Deployment Managed Service / Automation
  20. Helm Resources Helm Documentation https://helm.sh/docs/ Helm Project Repository https://github.com/helm/helm Slack

    https://slack.kubernetes.io/ (#helm) 27 Helm on OpenShift Interactive Lab https://learn.openshift.com/developing-on-openshift/helm/ Learn Helm https://www.packtpub.com/cloud-networking/learn-helm Learn JKube https:/www.eclipse.org/jkube/ Extend your knowledge of the Helm ecosystem
  21. Operator Resources Operator SDK Operator SDK Documentation Operator Framework Project

    https;//operatorframework.io Slack https://slack.kubernetes.io/ #kubernetes-operators #operator-sdk-dev #olm-dev 28 Helm on OpenShift Interactive Lab https://learn.openshift.com/operatorframework/ Learn the Operator Pattern https://developers.redhat.com/books/kubernetes-operators Learn how to create Kubernetes Operators