Čo je nové v Enterprise a Openshift 4 AGENDA Red Hat | General Use

A few words on the announcement

Easy adoption and upgrades

Modern development platform

Simple system management

A secureplatform A FAMILIAREXPERIENCE Red Hat | General Use

What’s the same What’s different

Enterprise OS on all footprints Simpler delivery structure

Development Process (Fedora) Predictable release cadence

10-year lifecycle for most content More life cycleoptions

Offerings andAdd-Ons More frequent applicationupdates

Managed by QUICK FACTS Red Hat | General Use

Name Details

Kernel version 4.18x

System compiler gcc 8.2, llvm 6.0

Hardware architecture Intel/AMD 64-bit, IBM Power LE, IBM z Systems, ARM 64-bit

Default file system XFS

Package management Yum4

Init system systemd v239 PERFORMANCE IMPROVEMENTS Red Hat | General Use

Range of improved performance with RHEL 8 (alpha) compared to RHEL7

10%✲

30%✲

45%✲

✲ General guidance. Varies greatly with workload and system tuning. SIMPLIFIED DELIVERY Red Hat | General Use

Reducing complexity is a key benefit to using 8 and that starts with being able to consume it easily

BASE OS APPLICATION STREAMS

1. Provides the foundation 1. Provides flexible lifecycle of our operatingsystem options 2. Completely self 2. Fully enterprise supported contained operating 3. Common Red Hat Enterprise = system Linux languages supported 3. Guaranteed 10 years of at launch enterprise support 4. Defaults to 10 yearsof enterprise support

Note: RHEL subscriptions also provide access to additional content for Developer use. More details available at the developer.redhat.com Appstreams = modules + profiles

$ module list $ yum module info postgresql Name Stream Profiles Summary (...) Name : postgresql postgresql 10 [d] client, PostgreSQL server and client module Stream : 10 [d][a] server [d] Version : 820190104140132 postgresql 9.6 client, PostgreSQL server and client module Context : 9edba152 server [d] Profiles : client, server [d] (...) Default profiles : server Repo : -internal-nightly Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled Summary : PostgreSQL server and client module Description : (...) (...)

Name : postgresql Stream : 9.6 $ yum module info --profile postgresql Version : 820190104140337 (...) Context : 9edba152 Name : postgresql:10:820190104140132:9edba152:x86_64 Profiles : client, server [d] client : postgresql Default profiles : server server : postgresql-server Repo : appstream-internal-nightly Summary : PostgreSQL server and client module Name : postgresql:9.6:820190104140337:9edba152:x86_64 Description : (...) client : postgresql (...) server : postgresql-server Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled, [a]ctive] $ yum module install postgresql:9.6/server Because no stream is specified, all streams are used for the listing. INFTables

Introducing NFTables

NFTables (replacing IPTables) is a new subsystem of the Linux kernel which provides filtering and classification of network packets, datagrams, or frames. This software provides a new in-kernel packet classification framework that is based on a network-specific Virtual Machine (VM) and a new nft userspace command line tool.

iptables-translate -A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT nft add rule ip filter INPUT tcp dport 22 ct state new counter accept ip6tables-translate -A FORWARD -i eth0 -o eth3 -p udp -m multiport --dports 111,222 -j ACCEPT nft add rule ip6 filter FORWARD iifname eth0 oifname eth3 meta l4proto udp udp dport { 111,222} counter accept Introducing eBPF - The Extended Berkeley Packet Filter

Technology Preview IWEB CONSOLE

Introducing Web Console IMAGEBUILDER

Introducing Image Builder IMAGEBUILDER Red Hat | General Use

Tooling to enable automated creation of customized Red Hat® Enterprise Linux® OS images

SATELLITE

IMAGE BUILDER

Red Hat content GUI CLI DVD installers Bare metal Virtual Custom Disk img

Third party FileSystem img RESTAPI Private cloud Public cloud Third party Virtual img

Cloud img Backend builders Content in Content out MODERN CONTAINER TOOLS Red Hat | General Use

Red Hat Enterprise Linux 8 brings container modernization

skopeo INTRODUCING: UNIVERSAL BASE IMAGE Red Hat | General Use Building on UBI is the first step

CONTAINER CONTAINER CONTAINER PARTNERCONNECT APP APP CERTIFIEDAPP

LANGUAGE RUNTIMES LANGUAGE RUNTIMES LANGUAGE RUNTIMES

RHEL BASE IMAGE RHEL BASE IMAGE RHEL BASE IMAGE

ANY CONTAINERPLATFORM RED HATPLATFORM RED HATPLATFORM

Not Supported Enterprise support when Certification provides the run on Red Hat highest level ofsupport platforms MIGRATING TO RED HAT ENTERPRISE LINUX 8 Red Hat | General Use

Best practices and tooling greatly improved to cover additional use cases

PRE-UPGRADE UPGRADE ROLLBACK

Doing a risk assessment Fully plugable and fully If anything goes wrong, before makingany changes is supported upgrade BOOM will let you rollback to critical tounderstanding what framework makes moving to the previous snapshot - this is is about tohappen new major releases ofRHEL not a downgrade but instead a easy full byte-level rollback Čo nového v ? Red Hat CoreOS

Adapting for the next wave of innovation in distributed systems

Combining the innovations of Container Linux and Atomic with the stability and ecosystem of RHEL Fully integrated and delivered via OpenShift.

● Small footprint, derived fromRHEL ○ ~400 packages ○ Immutability (Read-only OS binaries in /usr) ○ One-touch provisioning with Ignition ● Fast provisioning: clusters deploy in minutes ● Simplified, cluster-centric updates and upgrades ● Managed and automated via operators Immutable Infrastructure

OPENSHIFT 4 OPENSHIFT 3 To simplify Day 2 operations, the cluster needs full control OPENSHIFT PLATFORM CONTROL PLANE over the nodes.

Immutability =repeatability Immutability =auditability

OPERATING SYSTEM Immutability ≠ static config Immutability ≠ static clusters New Installation Process

via -install $ ./openshift-install create cluster ? SSH Public Key /Users//.ssh/id_rsa.pub ● OpenShift 4 introduces a new CLI-based installer designed to ? Platform aws ? Region us-west-2 easily provision an OpenShift cluster on CoreOS immutable ? Base Domain openshift.com ? Cluster Name ocp infrastructure ? Pull Secret [? for help] ○ Control plane (Masters) must be deployed on RH CoreOS ************************************************************* INFO Creating cluster... nodes INFO Waiting up to 30m0s for the Kubernetes API... INFO API v1.11.0+c69f926354 up ○ Support for adding RHEL worker nodes coming in 4.1 INFO Waiting up to 30m0s for the bootstrap-complete event... INFO Destroying the bootstrap resources... ● Simplified cluster creation with an interactive guided workflow INFO Waiting up to 10m0s for the openshift-console route to be created... ○ Allows for customization at each step INFO Install complete! ○ https://github.com/openshift/installer/blob/master/docs/user/customization.md INFO Run 'export KUBECONFIG=/auth/kubeconfig' to manage the cluster with 'oc', ● Quickly download installer client (& token) from the OpenShift CLI. INFO The cluster is ready when 'oc login -u kubeadmin -p https://try.openshift.com and run from anywhere ' succeeds (wait a few minutes). INFO Access the OpenShift web-console here: ● Non-essential installation config options are now handled https://console-openshift-console.apps.ocp.openshift.com INFO Login to the console with user: kubeadmin, password: post-install via component operator CRD’s

● Used for new installations of OpenShift 4 only! Documentation: https://github.com/openshift/training/ ○ Does NOT support installing or upgrading of OCP 3.x clusters! Bootsrap a self-managed cluster

Completely re-written installer Single Go static binary install-config.yaml Provisions bootstrapping infra (via Terraform)

$ openshift-install --help Kubernetes manifests $ openshift-install create install-config $ openshift-install create manifests $ openshift-install create ignition-configs Ignition configs (bootstrap, master, $ openshift-install create cluster worker)

Cluster (terraform apply, kubeconfig)

10 Machine Sets and Machine Configs Over-the-Air-Updates

● OpenShift retrieves list of available updates

● Admin selects the target version

● OpenShift is updated over the air

● Auto-update support Operator Framework

AN INNOVATIVE, MORE EFFICIENT WAY TO MANAGE CONTAINERIZED APPLICATIONS AT SCALE AUTOMATED LIFECYCLE MANAGEMENT

Failure Metrics Installation Upgrade Backup recovery & insights Tuning

Operators codify operational knowledge and workflows to automate lifecycle management of containerized applications with Kubernetes Unified Hybrid Cloud

● cloud.redhat.com ● Multi-cluster management ○ New clusters on AWS, Azure, Google, vSphere, OpenStack, and bare metal ○ Register existing clusters ○ Including OpenShift Dedicated ● Management operations cloud.redhat.com ○ Install new clusters ○ View all registered clusters ○ Update clusters AWS Google Azure On-Prem OpenShift service mesh

Secure

Istio

Jaeger Prometheus

Observe Observe

Connect Control

Grafana OpenShift Serverless

Event fires Your code runs f( )

Function Event (µ)Service

function main() { return {payload: 'Hello world'}; } Cloud-native CI/CD with OpenShift Pipelines

● Based on Tekton Pipelines

● Runs serverless

● Containers as building blocks

● Deploy to multiple platforms

● Standard CommonResourceDefs

● Pipelines portable to any Kubernetes

● Available in OperatorHub CodeReady Workspaces

● Browser-based Web IDE + Dev Environment in pods ● Red Hat supported Eclipse Che ● Bundled with OCP/OSDSKU ● Available on OCP and OSD ● Enabled via an operator ● RHEL 8-based stacks (tools and runtimes)

https://www.youtube.com/watch?v=VwKEVeDy9TA Summary of major changes

Summary of MajorOpenShiftChanges3.X OpenShift 4.X based Install & Upgrade Openshift 4 installer Atomic Host/RHEL Base OS Red Hat CoreOS Cockpit and Standalone Atomic Registry Quay

Hawkular, Cassandra, Heapster Metrics / CFME Prometheus OpenShift Provider & Podified CFME oc adm diagnostics & registry Operator status & Registry Operator Docker podman, buildah, skopeo and CRI-O DNSmasq CoreDNS Final Notes

Try it Yourself

• RHEL 8 • https://developers.redhat.com/rhel8/ • 30 day eval

• Openshift 4 • https://cloud.redhat.com/openshift/install • https://www.openshift.com/trial/ Thanks

For more information please contact: M +421 911 696 671 [email protected]

Atos, the Atos logo, Atos Codex, Atos Consulting, Atos Worldgrid, Worldline, BlueKiwi, Bull, Canopy the Open Cloud Company, Unify, Yunano, Zero Email, Zero Email Certified and The Zero Email Company are registered trademarks of the Atos group. April 2016. © 2016 Atos. Confidential information owned by Atos, to be used by the recipient only. This document, or any part of it, may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos.