Book Image

OpenShift Multi-Cluster Management Handbook

By : Giovanni Fontana, Rafael Pecora
5 (1)
Book Image

OpenShift Multi-Cluster Management Handbook

5 (1)
By: Giovanni Fontana, Rafael Pecora

Overview of this book

For IT professionals working with Red Hat OpenShift Container Platform, the key to maximizing efficiency is understanding the powerful and resilient options to maintain the software development platform with minimal effort. OpenShift Multi-Cluster Management Handbook is a deep dive into the technology, containing knowledge essential for anyone who wants to work with OpenShift. This book starts by covering the architectural concepts and definitions necessary for deploying OpenShift clusters. It then takes you through designing Red Hat OpenShift for hybrid and multi-cloud infrastructure, showing you different approaches for multiple environments (from on-premises to cloud providers). As you advance, you’ll learn container security strategies to protect pipelines, data, and infrastructure on each layer. You’ll also discover tips for critical decision making once you understand the importance of designing a comprehensive project considering all aspects of an architecture that will allow the solution to scale as your application requires. By the end of this OpenShift book, you’ll know how to design a comprehensive Red Hat OpenShift cluster architecture, deploy it, and effectively manage your enterprise-grade clusters and other critical components using tools in OpenShift Plus.

Related Content you might be interested in

Current Title:

Small book image
OpenShift Multi-Cluster Management Handbook
Giovanni Fontana | Rafael Pecora
Nov, 2022 | 458 pages
Small book image
MLOps with Red Hat OpenShift
Faisal Masood | Ross Brigoli
Jan, 2024 | 238 pages
Small book image
Learn OpenShift
Aleksey Usov | Artemii Kropachev | Denis Zuev
Jul, 2018 | 504 pages
Small book image
Argo CD in Practice
Liviu Costea | Spiros Economakis
Nov, 2022 | 236 pages
Table of Contents (23 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Download the example code files
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1 – Design Architectures for Red Hat OpenShift
Part 1 – Design Architectures for Red Hat OpenShift
Free Chapter
2
Chapter 1: Hybrid Cloud Journey and Strategies
Chapter 1: Hybrid Cloud Journey and Strategies
Main challenges of the public cloud
Benefits of the public cloud
Is hybrid cloud the solution?
Containers and Kubernetes – part of the answer!
OpenShift – a complete option
Summary
Further reading
3
Chapter 2: Architecture Overview and Definitions
Chapter 2: Architecture Overview and Definitions
Technical requirements
Understanding the foundational concepts
OpenShift architectural concepts and best practices
Infrastructure/cloud provider
Network considerations
Other considerations
OpenShift architectural checklists
Summary
Further reading
4
Chapter 3: Multi-Tenant Considerations
Chapter 3: Multi-Tenant Considerations
What is multitenancy?
Handling multiple tenants
Summary
Further reading
5
Chapter 4: OpenShift Personas and Skillsets
Chapter 4: OpenShift Personas and Skillsets
Personas
The skills matrix
Summary
Further reading
6
Part 2 – Leverage Enterprise Products with Red Hat OpenShift
Part 2 – Leverage Enterprise Products with Red Hat OpenShift
7
Chapter 5: OpenShift Deployment
Chapter 5: OpenShift Deployment
Requirements
OpenShift installation prerequisites
Preparing for the installation
Installation
What's next?
FAQs
Summary
Further reading
8
Chapter 6: OpenShift Troubleshooting, Performance, and Best Practices
Chapter 6: OpenShift Troubleshooting, Performance, and Best Practices
Things that can crash a cluster
Troubleshooting reference guide – how to start
Understanding misleading error messages
Summary
Further reading
9
Chapter 7: OpenShift Network
Chapter 7: OpenShift Network
OpenShift networking
Network policies
What is an ingress controller?
Types of routes
Summary
Further reading
10
Chapter 8: OpenShift Security
Chapter 8: OpenShift Security
Container security
AuthN and AuthZ
Certificates in OpenShift
etcd encryption
Container isolation
Network isolation
Red Hat Container Catalog
Summary
Further reading
11
Part 3 – Multi-Cluster CI/CD on OpenShift Using GitOps
Part 3 – Multi-Cluster CI/CD on OpenShift Using GitOps
12
Chapter 9: OpenShift Pipelines – Tekton
Chapter 9: OpenShift Pipelines – Tekton
Technical requirements
What is OpenShift Pipelines?
Installing OpenShift Pipelines
Creating a Tekton pipeline from scratch
Using triggers with GitHub webhooks
Fixing the failed PipelineRun due to YAML issues
Summary
Further reading
13
Chapter 10: OpenShift GitOps – Argo CD
Chapter 10: OpenShift GitOps – Argo CD
What is GitOps?
What is Argo CD?
Application delivery model
Installing OpenShift GitOps
Configuring Argo CD against multiple clusters
Argo CD definitions and challenges
Argo CD main objects
Deploying an application using GitOps
Deploying to multiple clusters
Summary
Further reading
14
Chapter 11: OpenShift Multi-Cluster GitOps and Management
Chapter 11: OpenShift Multi-Cluster GitOps and Management
What is Red Hat ACM?
Red Hat ACM installation
Managing clusters using Red Hat ACM
Managing applications using Red Hat ACM
Governance using Red Hat ACM
Multi-cluster observability with Red Hat ACM
Summary
Further reading
15
Part 4 – A Taste of Multi-Cluster Implementation and Security Compliance
Part 4 – A Taste of Multi-Cluster Implementation and Security Compliance
16
Chapter 12: OpenShift Multi-Cluster Security
Chapter 12: OpenShift Multi-Cluster Security
What is Red Hat Advanced Cluster Security?
Red Hat Advanced Cluster Security installation
Adding secured clusters
Policies and violations
Vulnerability management
Risk profiling
Compliance
Configuration Management
Network segmentation
Summary
Further reading
17
Chapter 13: OpenShift Plus – a Multi-Cluster Enterprise Ready Solution
Chapter 13: OpenShift Plus – a Multi-Cluster Enterprise Ready Solution
Introducing Red Hat Quay
Deploying Red Hat Quay using the Quay Operator
Using Red Hat Quay
What is OpenShift Plus?
OpenShift Plus – a practical use case
Summary
Further reading
18
Chapter 14: Building a Cloud-Native Use Case on a Hybrid Cloud Environment
Chapter 14: Building a Cloud-Native Use Case on a Hybrid Cloud Environment
Use case description
Application build using OpenShift Pipelines and S2I
Application deployment using OpenShift Pipelines and GitOps
Adding security checks in the building and deployment process
Provisioning and managing multiple clusters
Deploying an application into multiple clusters
Summary
Further reading
19
Part 5 – Continuous Learning
Part 5 – Continuous Learning
20
Chapter 15: What’s Next
Chapter 15: What’s Next
Red Hat training
Online learning platforms
Free training and references
Summary
Final words
21
Index
Index
Why subscribe?
22
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Network isolation

Firewalls are well known and have been used for a long time in any kind of infrastructure. When it comes to OpenShift, we need to have in mind that we are now working with a software-defined platform and, as such, we have software features to implement some of the same concepts we have had for a long time in a data center—it is no different with a firewall. As we have seen in the previous chapter, Network Policies are nothing more than rules you define to allow or block network communication between pods and projects on OpenShift, similar to what a firewall provides in a physical network.

By default, all pods in a project are accessible from other pods and network endpoints from any project. To isolate pods and projects, you need to create network policies, such as the following:

kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
  name: deny-by-default
spec:
  podSelector: {}
  ingress: []

The previous network...

Previous Section
End of Section 7
Next Section