Defining:

Applications

for

K8s and OpenShift

SIG-Apps

bit.ly/sig-apps-openshift

What do you mean by "Application"?

the term "Application" can be a difficult thing to define

Define: "Application"

Equation: App = OCI/SRE

  1. raw K8s API Objects
  2. Configuration
  3. Images
  4. pipeline Stage
  5. system Resources
  6. human Effort
Introducing… # OpenShift

OpenShift "V3"

Our New Stack:

  • Host OS: RHEL-7+ / CentOS-7+ / Fedora-latest / Atomic
    • Recent kernels, SELinux, systemd
  • Container Runtime: Docker
  • Container LifeCycle Management: Kubernetes
  • Cluster State:
  • Multi-tennancy and Developer Experience: OpenShift

Extending Kubernetes

OpenShift extends the basic collection of K8s primitives to provide additional features related to developer interaction, multitennant security, and collaborative image maintenance

## Objects Kubernetes Primitives: 1. [node](#/node) 2. [image](#/img) 3. [container](#/container) 4. [volume](#/volume) 5. [pod](#/pod) 6. [replicationController (rc)](#/rc) 7. [deploymentConfig (dc)](#/dc) 8. [buildConfig (bc)](#/bc) 9. [service](#/svc) 10. [route](#/route)
### Node A [node](https://docs.openshift.org/latest/admin_guide/manage_nodes.html) is a host machine (physical or virtual) where workloads can be run. Node activity is managed via one or more Master instances.
### [Image](https://docs.openshift.org/latest/architecture/core_concepts/containers_and_images.html#docker-images) A packaged runtime or workload environment. A bootable linux container that runs wherever Docker is supported. See also, [`ImageStreams`](https://docs.openshift.org/latest/architecture/core_concepts/builds_and_image_streams.html#image-streams)
### [Container](https://docs.openshift.org/latest/architecture/core_concepts/containers_and_images.html) A running image with an allocation of system resources.
### Volumes * https://docs.openshift.org/latest/dev_guide/volumes.html * http://kubernetes.io/v1.1/docs/user-guide/volumes.html * http://kubernetes.io/v1.1/docs/user-guide/persistent-volumes.html
### Pod A group of one or more co-located containers. [Pods](https://docs.openshift.org/latest/architecture/core_concepts/pods_and_services.html) represent your minimum increment of scale.
### ReplicationController An [`RC`](https://docs.openshift.org/latest/architecture/core_concepts/deployments.html) is created for every deployment, allowing you to easily scale your workloads by adjusting your desired number of pods
### DeploymentConfig A [`DC`](https://docs.openshift.org/latest/architecture/core_concepts/deployments.html#deployments-and-deployment-configurations) helps you define how and when images are distributed to nodes (as pods, containers)
### BuildConfig A [`BC`](https://docs.openshift.org/latest/architecture/core_concepts/builds_and_image_streams.html#builds) allows you build new images in a variety of ways
### [Service](https://docs.openshift.org/latest/architecture/core_concepts/pods_and_services.html#services) A service (svc) is a software load-balancer that distributes inbound traffic to associated pods
### [Route](https://docs.openshift.org/latest/architecture/core_concepts/routes.html) A `service` will receive traffic based on the inbound `Host` header. Similar to how Apache VirtualHosts works.
### Models ![Model Diagram](http://i.imgur.com/tHcpDud.png)
### More Information * OpenShift Sources: http://github.com/openshift/origin * OpenShift Docs: https://docs.openshift.com/ * Kubernetes Docs: http://kubernetes.io/docs/

Templates

Quickly compose multi-service solutions

https://github.com/kubernetes/kubernetes/issues/11492

oc new-app examples

Deploy an image from DockerHub:

oc new-app kubernetes/guestbook -o json

Build from a local source folder, or from a Dockerfile:

oc new-app . -o yaml

Add source layers to an operationally-maintained base:

oc new-app openshift/nodejs~https://github.com/ryanj/pillar-base -o json

Run with -o to view the generated object list, then try piping the resulting object list to "oc create -f -"

OpenShift Templates

Templates contain a list of objects which document your application composition

Templates also include support for basic parameter injection, but may need to be customized per deployment pipeline stage

Template Processing

Convert a parameterized template to a primitive object list:

oc process -f template.json -p KEY=VALUE

Submit a processed template (or any list of k8s object primitives) to the k8s API with "oc create":

oc process -f template.yaml -p KEY=VALUE | oc create -f -

Templates as Installers

Install a template into the current project, making it easier to reuse:

oc create -f template.json

Create an application from an installed template, from a file, or from a url:

oc new-app -f template.json

Multi-Service App Example

Nodejs and MongoDB multi-service application example:

oc new-app -f https://raw.githubusercontent.com/ryanj/restify-mongodb-parks/master/restify-mongodb-parks-template.json

github.com/ryanj/restify-mongodb-parks

Image

definition

Source

to

Image

Combines source repos and operationally-maintained builder images to produce application images

Available as a standalone project, for use with Jenkins or other external builder processes: github.com/openshift/source-to-image

Web Workflow: Create

For this example, we will deploy a fork of the pillar-base repo by clicking on "Add to Project" in the web console. Then, select a nodejs base image, name your webservice, and enter it's github source url

Optionally, explore the "Advanced routing, build, and deployment options" before starting your build with the "Create" button

Example repo source: github.com/ryanj/pillar-base

Container Status

The web console uses a socket stream to report status changes as they occur throughout the cluster

After the build task has completed, find the NAME of the pod where your image has been deployed:

oc get pods

As with the core APIs, the CLI output is consistently formatted, following established patterns:

kubectl get pods
## Terminal Access * Available in the Web Console * And on the CLI, with: oc exec -it PODNAME -- bash
## Configuration [Environment Variables](https://docs.openshift.org/latest/dev_guide/environment_variables.html) are one way to add configuration settings to your images: oc env dc/pillar-base KEY=VALUE

Iterate

Iterate on container-based solutions

Developing on Docker

Make a minor edit to your local repo's index.html file,

then test your changes before you commit by synching content into your hosted container:

oc rsync --exclude='node_modules*' . PODNAME:

Make sure to use a valid PODNAME from:

oc get pods
## Rsync on Change Continually mirror contents from a local folder into a remote container using the `--watch` flag: oc rsync --watch FILEPATH PODNAME:

WebHook Build Automation

Set up a commit WebHook to automate image production

If you're running OpenShift locally in a VM, try using ultrahook to proxy webhook events to your laptop

ReBuild on Push

Or, use GitHub's web-based editor to make a minor change

If you don't have a working webhook to automate the build process, it can also be started manually:

oc start-build pillar-base

Deployment Strategies

Get more control of your container rollout and update processes by selecting appropriate deployment strategies for your fleet of managed containers

## Templating Take-Aways 1. alternatives exist (helm charts, kpm, jade, jinja2, etc) 2. the goal is to develop a process that resolves everything down to a list of native k8s objects as easily as possible for a given pipeline stage
## Latest Status * Proposal: https://github.com/kubernetes/kubernetes/blob/master/docs/proposals/templates.md * Issue: https://github.com/kubernetes/kubernetes/issues/23896
# OpenShift Online #### Next-Gen Developer Preview Multi-tennant Kubernetes as a public PaaS Request access at [openshift.com/devpreview](https://www.openshift.com/devpreview/)
## More ways to try OpenShift * OpenShift Origin CLI tools and upstream releases: https://github.com/openshift/origin/releases * All-in-One OpenShift / K8s cluster in a VM: http://openshift.org/vm * Build your own OpenShift cluster w/ Ansible: http://github.com/openshift/openshift-ansible * Containerized installer for OSE on AWS: [hub.docker.com/r/ryanj/ose-aws-deployer](https://hub.docker.com/r/ryanj/ose-aws-deployer/)
## OpenShift VM Setup To try these examples in your own OpenShift Virtual Machine: 1. [Install the `oc` command-line tool](#/get-oc) 2. [Add `oc` to your `PATH`](#/install-oc) 3. [Set up your Kubernetes / OpenShift environment using Vagrant and Virtualbox](#/setup-vm)
### Get the `oc` command-line tool Download the correct binaries for your OS: https://github.com/openshift/origin/releases
### Add `oc` to your `PATH` Extract the bundle and add `oc` to your `PATH`: mkdir -p ~/bin tar zxvf ~/Downloads/openshift-RELEASE-ARCH.tar.gz -C ~/bin --overwrite --strip-components=1 export PATH=$PATH:~/bin
### Vagrant Up Set up your own K8s / OpenShift cluster in a VM! vagrant init openshift/origin-all-in-one && vagrant up --provider=virtualbox (requires [vagrant](https://www.vagrantup.com) and [virtualbox](https://www.virtualbox.org/)) See [http://openshift.org/vm](openshift.org/vm) for advanced setup notes **WARNING:** This is a *very large* download (2GB+)! ***DO NOT ATTEMPT TO PULL THIS VM OVER THE CONFERENCE WIFI***
### Test your K8s / OpenShift VM 1. Connect on the CLI with: oc login https://10.2.2.2:8443/ 2. Connect to the VM web console at: https://10.2.2.2:8443/

Free O'Reilly EBooks

Courtesy of Red Hat:

  1. OpenShift for Developers
  2. Kubernetes: Scheduling the Future at Cloud Scale
  3. Docker Security: Using Containers Safely in Production
  4. Microservices vs. Service-Oriented Architecture

Get Involved!

Runs on Kubernetes Presented by: @ryanj