Book Image

OpenShift Multi-Cluster Management Handbook

By : Giovanni Fontana, Rafael Pecora
5 (1)
Book Image

OpenShift Multi-Cluster Management Handbook

5 (1)
By: Giovanni Fontana, Rafael Pecora

Overview of this book

For IT professionals working with Red Hat OpenShift Container Platform, the key to maximizing efficiency is understanding the powerful and resilient options to maintain the software development platform with minimal effort. OpenShift Multi-Cluster Management Handbook is a deep dive into the technology, containing knowledge essential for anyone who wants to work with OpenShift. This book starts by covering the architectural concepts and definitions necessary for deploying OpenShift clusters. It then takes you through designing Red Hat OpenShift for hybrid and multi-cloud infrastructure, showing you different approaches for multiple environments (from on-premises to cloud providers). As you advance, you’ll learn container security strategies to protect pipelines, data, and infrastructure on each layer. You’ll also discover tips for critical decision making once you understand the importance of designing a comprehensive project considering all aspects of an architecture that will allow the solution to scale as your application requires. By the end of this OpenShift book, you’ll know how to design a comprehensive Red Hat OpenShift cluster architecture, deploy it, and effectively manage your enterprise-grade clusters and other critical components using tools in OpenShift Plus.
Table of Contents (23 chapters)
Part 1 – Design Architectures for Red Hat OpenShift
Part 2 – Leverage Enterprise Products with Red Hat OpenShift
Part 3 – Multi-Cluster CI/CD on OpenShift Using GitOps
Part 4 – A Taste of Multi-Cluster Implementation and Security Compliance
Part 5 – Continuous Learning

Governance using Red Hat ACM

We have been discussing the challenges that large enterprises face in keeping different environments consistent a lot in this book. The ACM governance feature can play a crucial role in your strategy to maintain secure and consistent environments, no matter where they are running. The ACM governance feature allows you to define policies for a set of clusters and inform or enforce when clusters become non-compliant.

To define policies in ACM, you need to create three objects:

  • Policy: Define the policy and remediation action that will be performed (inform or enforce).
  • PlacementBinding: Bind a policy into a PlacementRule.
  • PlacementRule: Rules that define which clusters the policy will be applied to.

You can see an example of a policy to check etcd encryption in all managed clusters on our GitHub. The following diagram shows what the interaction between the ACM policy objects looks like:

Figure 11.39 –...