Skip to content

Instantly share code, notes, and snippets.

@ryanj

ryanj/SFK8s-K8s_Extensions_and_Upstream_Dev.html

Last active September 13, 2016 22:42
Show Gist options
  • Save ryanj/53602ec84fa210368240b49846683866 to your computer and use it in GitHub Desktop.
Save ryanj/53602ec84fa210368240b49846683866 to your computer and use it in GitHub Desktop.
Download ZIP
#SFK8s - K8s Extensions and Upstream Development from Red Hat by @ryanj http://bit.ly/sfk8s-openshift-extensions
Raw
SFK8s-K8s_Extensions_and_Upstream_Dev.html
<section data-transition="linear">
<section id='sfk8s'>
<h1>#SFK8s</h1>
<h2>K8s Extensions</h2>
<p>and</p>
<h2>Upstream Development</h2>
<p>from</p>
<h1>Red Hat</h1>
<p><a href='https://youtu.be/aHaVmMnPN5Y'>Wednesday, April 27, 2016</a></p>
<p><a href='http://bit.ly/sfk8s-openshift-extensions'>bit.ly/sfk8s-openshift-extensions</a></p>
</section>
<section id='by-ryanj' data-state="blackout">
<p>presented by</p>
<p><a href='http://ryanjarvinen.com/'>ryan jarvinen</a> / <a href='http://twitter.com/ryanj/'>@ryanj</a></p>
<p><a href="http://ryanjarvinen.com"><img src="http://ryanjarvinen.com/presentations/shared/img/moo_openshift_horizontal.png"/></a></p>
</section>
</section>
<section id='overview'>
<h2>Overview</h2>
<ol>
<li class='fragment'><a href='#/openshift-intro'>Introducing OpenShift</a></li>
<li class='fragment'><a href='#/build'>Build and deploy Docker images</a></li>
<li class='fragment'><a href='#/iterate'>Iterate on container-based solutions</a></li>
<li class='fragment'><a href='#/maintain'>Automated container lifecycle management</a></li>
<li class='fragment'><a href='#/compose'>Compose multi-service solutions with Templates</a></li>
</ol>
</section>
<section data-transition="linear">
<section id="openshift-intro" data-markdown>
Introducing&hellip;
# OpenShift
</section>
<section id='openshift-v3'>
<h2>OpenShift "V3"</h2>
<p class='fragment'>Our New Stack:</p>
<ul>
<li class='fragment'>Host OS: RHEL-7+ / CentOS-7+ / Fedora-latest / <a href="http://www.projectatomic.io/">Atomic</a>
<ul><li>Recent kernels, SELinux, systemd</li></ul>
</li>
<li class='fragment'>Container Runtime: <a href="https://hub.docker.com/">Docker</a></li>
<li class='fragment'>Container LifeCycle Management: <a href="http://kubernetes.io/">Kubernetes</a></li>
<li class='fragment'>Cluster State:
<ul>
<li><a href="https://github.com/coreos/etcd">Etcd</a> (platform)</li>
<li><a href="https://github.com/gluster/glusterfs">Gluster</a> &amp; <a href="https://github.com/ceph/ceph">Ceph</a> (application)</li>
</ul>
</li>
<li class='fragment'>Multi-tennancy and Developer Experience: <a href="http://openshift.org/">OpenShift</a></li>
</ul>
</section>
<section data-transition="linear" id='primitives'>
<h2>Extending Kubernetes</h2>
<p clas='fragment'>OpenShift extends the basic collection of K8s primitives to provide additional features related to developer interaction, multitennant security, and collaborative image maintenance</p>
</section>
<section id='first-time' data-markdown>
## New to K8s?
As a new user, [learning all the terminology within k8s can feel a bit like...](https://twitter.com/HackRead/status/672843608689627136)
</section>
<section data-transition="linear" id='terminology' data-markdown>
## Terminology
1. [node](#/node)
2. [image](#/img)
3. [container](#/container)
4. [volume](#/volume)
5. [pod](#/pod)
6. [replicationController (rc)](#/rc)
7. [deploymentConfig (dc)](#/dc)
8. [buildConfig (bc)](#/bc)
9. [service](#/svc)
10. [route](#/route)
</section>
<section data-transition="linear" id='node' data-markdown>
### Node
A [node](https://docs.openshift.org/latest/admin_guide/manage_nodes.html) is a host machine (physical or virtual) where workloads can be run. Node activity is managed via one or more Master instances.
</section>
<section data-transition="linear" id='img' data-markdown>
### [Image](https://docs.openshift.org/latest/architecture/core_concepts/containers_and_images.html#docker-images)
A packaged runtime or workload environment. A bootable linux container that runs wherever Docker is supported. See also, [`ImageStreams`](https://docs.openshift.org/latest/architecture/core_concepts/builds_and_image_streams.html#image-streams)
</section>
<section data-transition="linear" id='container' data-markdown>
### [Container](https://docs.openshift.org/latest/architecture/core_concepts/containers_and_images.html)
A running image with an allocation of system resources.
</section>
<section id='volume' data-markdown>
### Volumes
* https://docs.openshift.org/latest/dev_guide/volumes.html
* http://kubernetes.io/v1.1/docs/user-guide/volumes.html
* http://kubernetes.io/v1.1/docs/user-guide/persistent-volumes.html
</section>
<section data-transition="linear" id='pod' data-markdown>
### Pod
A group of one or more co-located containers. [Pods](https://docs.openshift.org/latest/architecture/core_concepts/pods_and_services.html) represent your minimum increment of scale.
</section>
<section data-transition="linear" id='rc' data-markdown>
### ReplicationController
An [`RC`](https://docs.openshift.org/latest/architecture/core_concepts/deployments.html) is created for every deployment, allowing you to easily scale your workloads by adjusting your desired number of pods
</section>
<section data-transition="linear" id='dc' data-markdown>
### DeploymentConfig
A [`DC`](https://docs.openshift.org/latest/architecture/core_concepts/deployments.html#deployments-and-deployment-configurations) helps you define how and when images are distributed to nodes (as pods, containers)
</section>
<section data-transition="linear" id='bc' data-markdown>
### BuildConfig
A [`BC`](https://docs.openshift.org/latest/architecture/core_concepts/builds_and_image_streams.html#builds) allows you build new images in a variety of ways
</section>
<section data-transition="linear" id='svc' data-markdown>
### [Service](https://docs.openshift.org/latest/architecture/core_concepts/pods_and_services.html#services)
A service (svc) is a software load-balancer that distributes inbound traffic to associated pods
</section>
<section data-transition="linear" id='route' data-markdown>
### [Route](https://docs.openshift.org/latest/architecture/core_concepts/routes.html)
A `service` will receive traffic based on the inbound `Host` header. Similar to how Apache VirtualHosts works.
</section>
<section id='models' data-markdown>
### Models
![Model Diagram](http://i.imgur.com/NELxtev.png)
</section>
<section id='feeling-overwhelmed' data-markdown>
## Confused Yet?
</section>
<section id='contributions' data-markdown>
### Contributions
![list](http://i.imgur.com/eQRyGRZ.png)
</section>
<section id='more-info' data-markdown>
### More Information
* OpenShift Sources: http://github.com/openshift/origin
* OpenShift Docs: https://docs.openshift.com/
* Kubernetes Docs: http://kubernetes.io/v1.1/
</section>
</section>
<section>
<section id="follow-along">
<h1>Follow Along</h1>
<p class='fragment'>If you don't have access to a hosted OpenShift environment, you can follow along using our all-in-one OpenShift virtual machine.</p>
</section>
<section id="openshift-vm-setup" data-markdown>
## OpenShift VM Setup
To try these examples in your own OpenShift Virtual Machine:
1. [Install the `oc` command-line tool](#/get-oc)
2. [Add `oc` to your `PATH`](#/install-oc)
3. [Log in during the Meetup, or Setup your Kubernetes / OpenShift environment using Vagrant and Virtualbox](#/setup-vm)
</section>
<section id="get-oc" data-markdown>
### Get the `oc` command-line tool
Download the correct binaries for your OS: https://github.com/openshift/origin/releases
</section>
<section id="install-oc" data-markdown>
### Add `oc` to your `PATH`
Extract the bundle and add `oc` to your `PATH`:
mkdir -p ~/bin
tar zxvf ~/Downloads/openshift-RELEASE-ARCH.tar.gz -C ~/bin --overwrite --strip-components=1
export PATH=$PATH:~/bin
</section>
<section id="vagrant-up" data-markdown>
### Vagrant Up
Set up your own K8s / OpenShift cluster in a VM!
vagrant init thesteve0/openshift-origin && vagrant up --provider=virtualbox
(requires [vagrant](https://www.vagrantup.com) and [virtualbox](https://www.virtualbox.org/))
See [http://openshift.org/vm](openshift.org/vm) for advanced setup notes
**WARNING:** This is a *very large* download (2GB+)! ***DO NOT ATTEMPT TO PULL THIS VM OVER CONFERENCE WIFI***
</section>
<section id="openshift-vm-testing" data-markdown>
### Test your K8s / OpenShift VM
Any username or password should allow you to:
1. Connect on the CLI with:
oc login https://10.2.2.2:8443/
2. Connect to the VM web console at: https://10.2.2.2:8443/
</section>
</section>
<section>
<section id='build'>
<h1>Build</h1>
<p class='fragment'>Build and deploy Docker images</p>
</section>
<section id="build-strategies">
<h2 id="build-automation">Build Automation</h2>
<p>Available <a href="https://docs.openshift.org/latest/admin_guide/securing_builds.html">build strategies</a> include:</p>
<ol>
<li class='fragment'><a href="https://docs.openshift.org/latest/architecture/core_concepts/builds_and_image_streams.html#docker-build">DockerBuild</a></li>
<li class='fragment'><a href="https://docs.openshift.org/latest/architecture/core_concepts/builds_and_image_streams.html#custom-build">CustomBuild</a></li>
<li class='fragment'><a href="https://docs.openshift.org/latest/architecture/core_concepts/builds_and_image_streams.html#source-build">SourceBuild</a> using:
<ul>
<li>Docker <a href="https://docs.openshift.org/latest/creating_images/s2i.html#using-images-with-onbuild-instructions">ONBUILD</a></li>
<li><a href="https://docs.openshift.org/latest/creating_images/s2i.html#build-process">Source to Image</a></li>
</ul>
</li>
</ol>
<p class='fragment'>Or build externally and push the resulting images to your <a href="https://docs.openshift.org/latest/dev_guide/image_pull_secrets.html">integrated docker registry</a></p>
</section>
<section id='source-to-image-demo'>
<h2>Source</h2>
<p>to</p>
<h1>Image</h1>
<p class='fragment'>Combines source repos and operationally-maintained builder images to produce application images</p>
<p class='fragment'>Available as a standalone project, for use with Jenkins or other external builder processes: <a href="https://github.com/openshift/source-to-image">github.com/openshift/source-to-image</a></p>
</section>
<section id='add-to-project'>
<h2>Web Workflow: Create</h2>
<p class='fragment'>For this example, we will deploy a fork of the <code>pillar-base</code> repo by clicking on "Add to Project" in the web console. Then, select a nodejs base image, name your webservice, and enter it's github source url</p>
<p class='fragment'>Optionally, explore the "Advanced routing, build, and deployment options" before starting your build with the "Create" button</p>
<p class="fragment">Example repo source: <a href="http://github.com/ryanj/pillar-base/">github.com/ryanj/pillar-base</a></p>
</section>
<section id='get-pods'>
<h2>Container Status</h2>
<p class='fragment'>The web console uses a socket stream to report status changes as they occur throughout the cluster</p>
<div class='fragment'>
<p>After the build task has completed, find the <code>NAME</code> of the pod where your image has been deployed:</p>
<pre><code contenteditable>oc get pods</code></pre>
</div>
<div class='fragment'>
<p>As with the core APIs, the CLI output is consistently formatted, following established patterns:</p>
<pre><code contenteditable>kubectl get pods</code></pre>
</div>
</section>
</section>
<section data-transition="linear">
<section id="iterate">
<h1>Iterate</h1>
<p class='fragment'>Iterate on container-based solutions</p>
</section>
<section id='oc-rsync'>
<h3>Developing on Docker</h3>
<p class='fragment'>Make a minor edit to your local repo's <code>index.html</code> file,</p>
<div class='fragment'><p>then test your changes <i>before you commit</i> by synching content into your hosted container:</p>
<pre><code contenteditable>oc rsync --exclude='node_modules*' . PODNAME:</code></pre></div>
</section>
<section id="terminal" data-markdown>
## Terminal Access
* Available in the Web Console
* And on the CLI, with:
oc exec -it PODNAME -- bash
</section>
<section id='webhooks'>
<h2>WebHook Build Automation</h2>
<p class='fragment'>Set up a commit WebHook to automate image production</p>
<p class='fragment'>If you're running OpenShift locally in a VM, try using <a href="http://www.ultrahook.com/">ultrahook</a> to proxy webhook events to your laptop</p>
<br/>
<p class='fragment'>Learn how to set up a webhook to trigger a rebuild in a publicly-hosted OpenShift environment: <a href="https://youtu.be/yZmP-w9JFRA?t=5m48s">youtu.be/yZmP-w9JFRA?t=5m48s</a></p>
</section>
<section id='git-push-to-build-and-ship'>
<h2>ReBuild on Push</h2>
<p class='fragment'>Or, use GitHub's web-based editor to make a minor change</p>
<div class='fragment'><p>If you don't have a working webhook to automate the build process, it can also be started manually:</p>
<pre><code contenteditable>oc start-build pillar-base</code></pre>
</div>
</section>
<section id='keys-and-configs' data-markdown>
## Configuration
[Environment Variables](https://docs.openshift.org/latest/dev_guide/environment_variables.html) are one way to add configuration settings to your images:
oc env dc/pillar-base KEY=VALUE
</section>
<section id='logging' data-markdown>
## Logs
Centralized logging and metrics are available via ELKstack w/ Hawkular
</section>
<section id="deployment-strategies">
<h2>Deployment Strategies</h2>
<p class="fragment">Red Hat's OpenShift team helped develop the new "deployments" feature in Kubernetes!</p>
<p class="fragment">Get more control of your container rollout and update processes by selecting appropriate <a href="https://docs.openshift.org/latest/dev_guide/deployments.html#strategies">deployment strategies</a> for your fleet of managed containers</p>
</section>
</section>
<section data-transition="linear">
<section id='maintain'>
<h1>Maintain</h1>
<p class='fragment'>Effortless container lifecycle management provided by Kubernetes</p>
</section>
<section id='replication-and-healing' data-markdown>
## Replication
and
## Healing
with
# K8s
</section>
<section id='scaling'>
<h2>Scaling</h2>
<p>Edit your <code>rc</code> or <code>dc</code> replica spec directly:</p>
<pre><code contenteditable>oc edit dc/pillar-base -o json</code></pre>
<div class='fragment'>
<p>Or, for a safer way to adjust your replica spec:</p>
<pre><code contenteditable>oc scale dc/pillar-base --replicas=3</code></pre>
</div>
</section>
<section id='recovery'>
<h2>Autorecovery</h2>
<div class='fragment'>
<p>Get your list of pods:</p>
<pre><code contenteditable>oc get pods</code></pre>
</div>
<div class='fragment'>
<p>Delete one or more:</p>
<pre><code contenteditable>oc delete pod PODNAME1 PODNAME2</code></pre>
</div>
<p class='fragment'>Kubernetes replication maintains your requested container availability levels</p>
</section>
</section>
<section data-transition="linear">
<section id="compose">
<h1>Compose</h1>
<p class='fragment'>Quickly compose multi-service solutions</p>
</section>
<section id='new-app'>
<h2 id="oc-new-app-examples">oc new-app examples</h2>
<div class='fragment'>
<p>Deploy an image from DockerHub:</p>
<pre><code contenteditable>oc new-app kubernetes/guestbook -o json</code></pre>
</div>
<div class='fragment'>
<p>Build from a local source folder, or from a Dockerfile:</p>
<pre><code contenteditable>oc new-app . -o yaml</code></pre>
</div>
<div class='fragment'>
<p>Add source layers to an operationally-maintained base:</p>
<pre><code contenteditable>oc new-app openshift/nodejs~https://github.com/ryanj/pillar-base -o json</code></pre>
</div>
<p class='fragment'>Run with <code>-o</code> to view the generated object list, then try piping the resulting object list to "<code>oc create -f -</code>"</p>
</section>
<section id='openshift-templates'>
<h2>OpenShift Templates</h2>
<p class='fragment'><a href="https://docs.openshift.org/latest/dev_guide/templates.html">Templates</a> contain a list of objects which document your application composition</p>
<p class='fragment'>Templates also include support for basic parameter injection, but may need to be customized per deployment pipeline stage</p>
</section>
<section id='template-parameters'>
<h3>Template Processing</h3>
<div class='fragment'>
<p>Convert a parameterized template to a primitive object list:</p>
<pre><code contenteditable>oc process -f template.json -p KEY=VALUE</code></pre>
</div>
<div class='fragment'>
<p>Submit a processed template (or any list of k8s object primitives) to the k8s API with "<code>oc create</code>":</p>
<pre><code contenteditable>oc process -f template.yaml -p KEY=VALUE | oc create -f -</code></pre>
</div>
</section>
<section id='installers'>
<h2>Templates as Installers</h2>
<div class='fragment'>
<p>Install a template into the current project, making it easier to reuse:</p>
<pre><code contenteditable>oc create -f template.json</code></pre>
</div>
<div class='fragment'>
<p>Create an application from an installed template, from a file, or from a url:</p>
<pre><code contenteditable>oc new-app -f template.json</code></pre>
</div>
</section>
<section id='composable-app-example'>
<h2>Multi-Service App Example</h2>
<p>Nodejs and MongoDB multi-service application example:</p>
<pre><code contenteditable>oc new-app -f https://raw.githubusercontent.com/ryanj/restify-mongodb-parks/master/restify-mongodb-parks-template.json</code></pre>
<p><a href="https://github.com/ryanj/restify-mongodb-parks/blob/master/restify-mongodb-parks-template.json">github.com/ryanj/restify-mongodb-parks</a></p>
</section>
<section id='templating-options' data-markdown>
## Templating Options
* compose (and kompose)
* helm / deploymentManager
Template output should be able to resolve down to a standard list of k8s object primitives
</section>
</section>
<section data-transition="linear">
<section id='going-beyond' data-markdown>
## Beyond the limits...
Interested in building your own Extensions to Kubernetes?
Check out last week's K8s weekly community meeting recording for [Brendan Burns presentation on Third Party Resources in 1.3](https://www.youtube.com/watch?v=8VOvWH_zo0w)
https://www.youtube.com/watch?v=8VOvWH_zo0w
</section>
<section id="tradeoffs" data-markdown>
## Pros and Cons
1. Everything in Etcd
2. Additional (non-standard?) K8s primitives
3. Non-Root users and processes don't get Root privs
4. Not tied to any particular IaaS
5. GH webhooks are great, but collaboration with external image registries requires some extra effort
</section>
</section>
<section data-transition="linear">
<section data-transition="concave" id="follow-up" data-markdown>
## Follow-up Questions?
Answers / Links to follow-up content:
* Database examples:
* [MongoDB Replicas](https://github.com/openshift/mongodb/tree/master/2.4/examples/replica)
* [PostgreSQL HA and autoscaling demo](https://blog.openshift.com/autoscaling-postgresql-containers-openshift-openshift-commons-briefing-36/)
* Networking:
* [SSL / TLS](https://www.youtube.com/watch?v=rpT5qwcL3bE)
* [SDN and networking info](https://www.youtube.com/watch?v=HMiuJdY3Hbg)
* Container Validation: [OpenSCAP](http://open-scap.org)
* Build and Release Automation:
* [Maintaining your own Base / Builder images](https://blog.openshift.com/create-s2i-builder-image/)
* [Jenkins integration](https://blog.openshift.com/continuous-delivery-on-openshift/)
</section>
</section>
<section data-transition="linear">
<section data-transition="concave" id="try-openshift" data-markdown>
## Try OpenShift
* OpenShift Origin upstream releases: https://github.com/openshift/origin/releases
* All-in-One OpenShift / K8s cluster in a VM: http://openshift.org/vm
* Build your own OpenShift cluster w/ Ansible: http://github.com/openshift/openshift-ansible
* Run [OpenShift Enterprise](https://enterprise.openshift.com/trial.html) w/ Red Hat support
* Sign up for [OpenShift Dedicated](https://www.openshift.com/dedicated/) w/ Red Hat ops
* OpenShift Online "V3 developer preview" *coming soon&hellip;*
</section>
</section>
<section id="docs-training-and-more-resources">
<h2>Docs, Training, and More</h2>
<ul>
<li><strong><a href="https://www.openshift.com/openshift-gcp/">New K8s Workshop Series from Red Hat and Google!</a></strong></li>
<li><em>Free O'Reilly EBooks</em>: <ul>
<li><a href="https://www.openshift.com/promotions/kubernetes.html">Kubernetes: Scheduling the Future at Cloud Scale</a></li>
<li><a href="https://www.openshift.com/promotions/docker-security.html">Docker Security: Using Containers Safely in Production</a></li>
<li><a href="https://www.openshift.com/promotions/microservices.html">Microservices vs. Service-Oriented Architecture</a></li>
</ul>
</li>
<li><a href="https://docs.openshift.com/">OpenShift Documentation</a> (<a href="https://docs.openshift.org/latest/welcome/index.html">Origin docs</a>)</li>
<li><a href="http://commons.openshift.org">Openshift Commons</a> and <a href="http://commons.openshift.org/briefings.html">Commons Briefings</a></li>
<li>Red Hat Training courses: DO280, DO290</li>
<li>Demos from ContainerCamp: <a href="https://youtu.be/yZmP-w9JFRA">youtu.be/yZmP-w9JFRA</a></li>
</ul>
<p class='fragment'>These slides: <a href="http://bit.ly/sfk8s-openshift-extensions">bit.ly/sfk8s-openshift-extensions</a></p>
</section>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment