OpenShiftPlatform-as-a-Service

Amir Zipory, RHCSASolutions Architectazipory@redhat.com

March 11, 2015

2

OpenShift Overview

Development Workflow

Application Scaling

Demo

AGENDA

4

Public / Hybrid / Private / Virtualization / Bare Metal

OPENSHIFT PAASYOUR CHOICE OF INFRASTRUCTURE

5

RHEL

Public / Hybrid / Private / Virtualization / Bare Metal

RHEL

RHEL

RHEL

• OpenShift is built on instances of Red Hat Enterprise Linux (RHEL)

• OpenShift can run anywhere RHEL can run

OPENSHIFT PAASRHEL IS THE FOUNDATION

6

OpenShift Broker– Management and Orchestration Engine

RHEL

Public / Hybrid / Private / Virtualization / Bare Metal

OpenShift Nodes – Application Hosting Infrastructure

Broker (RHEL)

Node (RHEL)

Node (RHEL)

An OpenShift Broker Manages Multiple OpenShift Nodes

OPENSHIFT PAASCOMPONENTS

7

Broker (RHEL)

RHEL

Red Hat Enterprise Linux

Node

Public / Hybrid / Private / Virtualization / Bare Metal

Node (RHEL)

Node (RHEL)

A Node is an Instance of RHEL

OPENSHIFT PAASCOMPONENTS

8

RHEL

Red Hat Enterprise Linux

GEAR

Node

Public / Hybrid / Private / Virtualization / Bare Metal

GEAR GEAR

MyApp

HerApp

HisApp

Broker (RHEL)

Node (RHEL)

Node (RHEL)

OpenShift user applications run in containers called Gears

OPENSHIFT PAASCOMPONENTS

9

RHEL

Red Hat Enterprise Linux

GEAR

Node

Public / Hybrid / Private / Virtualization / Bare Metal

CG

roup

s

CG

roups

MyApp

Broker (RHEL)

Node (RHEL)

Node (RHEL)

CGroups Resource Mgmt•Sets upper bounds•CPU•Memory•Disk

Gears use Linux CGroups for Resource Management

RHEL6 provides a new kernel feature: control groups. Cgroups allow you to allocate resources—such as CPU time, system memory, network bandwidth, or combinations of these resources—among processes running on a system.

OPENSHIFT PAASCOMPONENTS

10

Software packaging concept that typically includes an application and all of its runtime dependencies.

● Easy to deploy and portable across host systems

● Isolates applications on a host operating system. In RHEL, this is done through:

– Control Groups (cgroups)– kernel namespaces– SELinux, sVirt, iptables

OPENSHIFT PAASLINUX CONTAINERS

11

VIRTUALIZATION CONTAINERIZATION

HARDWARE

HOST OS

HYPERVISOR

GUESTOS

BINS/LIBS

APPA

GUESTOS

BINS/LIBS

APPB

GUESTOS

BINS/LIBS

APPA’

HARDWARE

HOST OS, SHARED SERVICES

BINS/LIBS

AP

P A

AP

P A

’

BINS/LIBS

AP

P B

AP

P B

’

VM

CO

NTA

INER

OPENSHIFT PAASVIRTUALIZATION & CONTAINERS

12

• Not either one or other

• Virtualization: Vertical Abstraction

• Containers: Horizontal Segmentation

• Horizontal Application Isolation

• Lightweight Delegation

• Application Virtualization

• Density

OPENSHIFT PAASVIRTUALIZATION & CONTAINERS

13

14

• Docker builds on Linux Containers, adds an API, an image format and a delivery and sharing model

• Docker provides aggregate packaging to bind application and its runtime dependencies for deployment into a Linux Container

OPENSHIFT PAASDOCKER

15

PHYSICALSERVER

27 HRS

CONTAINERINSTANCE

10 SECS

VIRTUALMACHINE

12 MINS

OPENSHIFT PAASVIRTUALIZATION & CONTAINERS

17

LIBS

APP HOST OS

SERVER

HOST OS

SERVER

CONTAINER

OPERATIONS FOCUS● HARDWARE● OPERATING SYSTEM● NETWORKING● MONITORING

DEVELOPMENT FOCUS● CODE● APPLICATIONS● LIBRARIES AND OTHER

DEPENDENCIES● DATA STORE

CONTAINER

LIBS

APP

OPENSHIFT PAASCONTAINERS ENABLE CONTINOUS DELIVERY

18

RHEL

Red Hat Enterprise Linux

SE

Linu

xSELinux

SE

Linux

GEAR

Node

Public / Hybrid / Private / Virtualization / Bare Metal

MyApp

Broker (RHEL)

Node (RHEL)

Node (RHEL)

SELinux Security•“Jail” around Gear•MAC instead of DAC•Process/memory protection•Pre-configured for you

Gears Use SELinux for Pre-Configured NSA-Grade Security

OPENSHIFT PAASSECURITY

19

RHEL

Red Hat Enterprise Linux

SE

Linux

GEAR

Node

Public / Hybrid / Private / Virtualization / Bare Metal

CG

roup

s

GEAR IDLED

MyApp

HerApp

Broker (RHEL)

Node (RHEL)

Node (RHEL)

OPENSHIFT PAASGEARS

Idle Gears can be “de-hydrated”by the Openshift Broker

20

RHEL

Red Hat Enterprise Linux

Node

Public / Hybrid / Private / Virtualization / Bare Metal

Broker (RHEL)

Node (RHEL)

Node (RHEL)

OpenShift Multi-tenancy provides density, efficiency, and security

OPENSHIFT PAASMULTITENANCY

21

Public PaaSService

On-premise or Private PaaSSoftware

Open Source PaaSProject

OPENSHIFT PAASPAAS STRATEGY

22

DevelopmentWorkflow

23

Developer IDEIntegrations

Web BrowserConsole

Command LineTooling

REST APIs

OPENSHIFT PAASCHOOSE THE WAY YOU WORK

24

RHEL

Red Hat Enterprise Linux

Node

Public / Hybrid / Private / Virtualization / Bare Metal

DEVELOPER

Broker (RHEL)

Node (RHEL)

Node (RHEL)

A developer creates a new application OpenShift creates a GEAR

OPENSHIFT PAASDEVELOPMENT WORKFLOW

25

RHEL

Red Hat Enterprise Linux

Node

Public / Hybrid / Private / Virtualization / Bare Metal

MY GEAR

DEVELOPER

cronlogssshd

Broker (RHEL)

Node (RHEL)

Node (RHEL)

REST

Web ConsoleEclipse IDECmd Line

Gears Created via Web, CLI, EclipseRESTful call to Broker

OPENSHIFT PAASDEVELOPMENT WORKFLOW

26

OPENSHIFT PAASDEVELOPMENT WORKFLOW

27

RHEL

Red Hat Enterprise Linux

Node

Public / Hybrid / Private / Virtualization / Bare Metal

JBoss

DEVELOPER

MY GEAR

cronlogssshd

Broker (RHEL)

Node (RHEL)

Node (RHEL)

REST

Web ConsoleEclipse IDECmd Line

Cartridges are how OpenShift installs Languages & Middleware

OPENSHIFT PAASCARTRIDGES

28

There are two types of cartridges:● Web cartridges – Perl/PHP/JBoss EAP/Tomcat etc’● Add-on cartridges – Mysql/MongoDB etc’

https://www.openshift.com/developers/technologies

All Openshift applications must have a web cartridge. They handle web requests

OPENSHIFT PAASCARTRIDGE TYPES

29

OPENSHIFT PAASCARTRIDGE TYPES

30

OPENSHIFT PAASCARTRIDGE TYPES

31

RHEL

Red Hat Enterprise Linux

Node

Public / Hybrid / Private / Virtualization / Bare Metal

JBossCode

GITRepo

DEVELOPER

GIT/SSH

MySQL

MY GEAR

cronlogssshd

Broker (RHEL)

Node (RHEL)

Node (RHEL)

REST

Web ConsoleEclipse IDECmd Line

Developer pushes application code via GIT source code management system

OPENSHIFT PAASCODE, UPDATE & PUSH

32

OPENSHIFT PAASDEVELOPMENT WORKFLOW

33

RHEL

Red Hat Enterprise Linux

Node

Public / Hybrid / Private / Virtualization / Bare Metal

JBossCode

GitRepo

DEVELOPER

GIT/SSH

cron

jenkins

logssshd

MySQL

Jenkins

MY GEAR

Broker (RHEL)

Node (RHEL)

Node (RHEL)

REST

Web ConsoleEclipse IDECmd Line

Maven

OPENSHIFT PAASBUILD & TEST WITH MAVEN & JENKINS

34

JENKINSCONTINOUS INTEGRATION

35

Real-world App Dev – PaaS across the life-cycle

Nodes

Dev

Dev QA Release Mgmt/Ops

Nodes

QA

Nodes

Production

Git GitGit Git

Git

OPENSHIFT PAASMULTIPLE ENV, SINGLE/MULTIPLE PLATFORMS

36

Application Scaling

37

✔ Openshift monitors resource requirements of a scalable application and automatically allocates resources accordingly

✔ When an application is scaled, a second cartridge, calledHAProxy, is added to the application (default gear)

✔ If an application's ratio of total number of gears to HAProxy gears is ever greater than two, the routing function of the HAProxy cartridge is disabled to the web cartridges collocated on their gear.

OPENSHIFT PAASAPPLICATION SCALING

38

RHEL

Red Hat Enterprise Linux

Node

PRODUCTION INFRASTRUCTURE/CLOUD

MANY USERS

MySQL

MY AUTO-SCALED APP

JBosscronlogssshd

JBosscronlogssshd

JBosscronlogssshd

HA-Proxy

HTTP/S

Broker (RHEL)

Node (RHEL)

Node (RHEL)

OPENSHIFT PAASAPPLICATION SCALING

39

The same great experience as today!

Users can leverage the broad Docker ecosystemhttps://marketplace.openshift.com

Deploy and manage complex, n-tier, composite apps.

Easier for Ops Teams to manage.

Your trusted Datacenter OS.

OPENSHIFT V3 – HIGH LEVEL

40

OPENSHIFT REVIEWS

42

Thank You!What’s Next?

Amir Ziporyazipory@redhat.com

43

44