Book Image

Learn OpenShift

By : Denis Zuev, Artemii Kropachev, Aleksey Usov

Book Image

Learn OpenShift

By: Denis Zuev, Artemii Kropachev, Aleksey Usov

Overview of this book

Docker containers transform application delivery technologies to make them faster and more reproducible, and to reduce the amount of time wasted on configuration. Managing Docker containers in the multi-node or multi-datacenter environment is a big challenge, which is why container management platforms are required. OpenShift is a new generation of container management platforms built on top of both Docker and Kubernetes. It brings additional functionality to the table, something that is lacking in Kubernetes. This new functionality significantly helps software development teams to bring software development processes to a whole new level. In this book, we’ll start by explaining the container architecture, Docker, and CRI-O overviews. Then, we'll look at container orchestration and Kubernetes. We’ll cover OpenShift installation, and its basic and advanced components. Moving on, we’ll deep dive into concepts such as deploying application OpenShift. You’ll learn how to set up an end-to-end delivery pipeline while working with applications in OpenShift as a developer or DevOps. Finally, you’ll discover how to properly design OpenShift in production environments. This book gives you hands-on experience of designing, building, and operating OpenShift Origin 3.9, as well as building new applications or migrating existing applications to OpenShift.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Containers and Docker Overview

Containers and Docker Overview

Technical requirements

Containers overview

Docker container architecture

Understanding Docker images and layers

Docker registries

Docker Hub overview

Docker installation and configuration

Using the Docker command line

Managing images using Docker CLI

Managing containers using Docker CLI

Using environment variables

Using persistent storage

Creating a custom Docker image

Further reading

Kubernetes Overview

Kubernetes Overview

Technical requirements

Container management systems overview

Kubernetes versus Docker Swarm

Kubernetes key concepts

Kubernetes installation and configuration

Working with kubectl

Clearing the virtual environment

Kubernetes limitations

Further reading

CRI-O Overview

Technical requirements

Container Runtime and Container Runtime Interface

How CRI-O works with Kubernetes

Installing and working with CRI-O

Further reading

OpenShift Overview

OpenShift Overview

Cloud technology landscape and the role of PaaS

OpenShift as an extension of Kubernetes

Understanding OpenShift's business value

OpenShift flavors

OpenShift architecture

Further reading

Building an OpenShift Lab

Building an OpenShift Lab

Technical requirements

Why use a development environment?

Deployment variants

Working with oc cluster up

Working with Minishift

Working with Vagrant

Further reading

OpenShift Installation

OpenShift Installation

Technical requirements

Overview of OpenShift installation methods

Environment preparation

Advanced installation

Further reading

Managing Persistent Storage

Managing Persistent Storage

Technical requirements

Persistent versus ephemeral storage

The OpenShift persistent storage concept

Storage backends comparison

Storage infrastructure setup

Configuring Physical Volumes (PV)

Using persistent storage in pods

Further reading

Core OpenShift Concepts

Core OpenShift Concepts

Managing projects in OpenShift

Managing users in OpenShift

Creating new applications in OpenShift

Managing pods in OpenShift

Managing services in OpenShift

Managing routes in OpenShift

Further reading

Advanced OpenShift Concepts

Advanced OpenShift Concepts

Technical requirements

Tracking the version history of images using ImageStreams

Separating configuration from application code using ConfigMaps

Controlling resource consumption using ResourceQuotas

Controlling resource consumption using LimitRanges

Creating complex stacks of applications with templates

Autoscaling your application depending on CPU and RAM utilization

Further reading

Security in OpenShift

Security in OpenShift

Technical requirements

Authorization and role-based access control

Admission controllers

Security context constraints

Storing sensitive data in OpenShift

Further reading

Managing OpenShift Networking

Managing OpenShift Networking

Technical requirements

Network topology in OpenShift

Static IPs for external project traffic

Egress network policies

Further reading

Deploying Simple Applications in OpenShift

Deploying Simple Applications in OpenShift

Technical requirements

Manual application deployment

Using oc new-app

Advanced deployment

Further reading

Deploying Multi-Tier Applications Using Templates

Deploying Multi-Tier Applications Using Templates

Technical requirements

OpenShift template overview

Creating a custom template

Using templates to deploy a multi-tier application

Further reading

Building Application Images from Dockerfile

Building Application Images from Dockerfile

Technical requirements

Dockerfile development for OpenShift

Building an application from Dockerfile

Dockerfile build customization

Further reading

Building PHP Applications from Source Code

Building PHP Applications from Source Code

Technical requirements

Building a simple PHP application

Understanding the PHP build process

Further reading

Building a Multi-Tier Application from Source Code

Building a Multi-Tier Application from Source Code

Technical requirements

Building a multi-tier application

CI/CD Pipelines in OpenShift

CI/CD Pipelines in OpenShift

Technical requirements

CI/CD and CI/CD pipelines

Jenkins as CI/CD

Jenkins in OpenShift

Further reading

OpenShift HA Architecture Overview

OpenShift HA Architecture Overview

What is high availability?

HA in OpenShift

OpenShift backup and restore

Further reading

OpenShift HA Design for Single and Multiple DCs

OpenShift HA Design for Single and Multiple DCs

OpenShift single-DC HA design

OpenShift multi-DC HA design

Further reading

Network Design for OpenShift HA

Network Design for OpenShift HA

Common network topologies for OpenShift deployments

Commonly made mistakes while designing networks for OpenShift

General network requirements and design guidelines for OpenShift deployments

Further reading

What is New in OpenShift 3.9?

What is New in OpenShift 3.9?

Major changes in OpenShift 3.9

What to expect from the following OpenShift releases

Further reading

Assessments

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Dockerfile development for OpenShift

Early in this book, we explained how to containerize applications through Dockerfile development. This involved the docker build utility, which creates a ready-to-use container image by following Dockerfile instructions.

Generally speaking, OpenShift supports existing application Dockerfiles, but it has special default security-related requirements that require you to modify/adjust application Dockerfiles to be aligned with OpenShift security standards.

The default security policy runs any containers using a random User ID (UID) and ignores the USER Dockerfile instruction. The applications are always run under the root user group.

If the application needs read-write access, you need to configure RW access to the root group, which can usually be archived with the following Dockerfile snippet:

...
RUN chown -R 1001:0 /var/lib/myaplication /var...