Managing and OpenShift with ManageIQ

Alissa Bonas, Dublin 2015 The stages of containers world Containerizing an app

Alissa Bonas @ Cloud Open Dublin 2015 Run a container

Alissa Bonas @ Cloud Open Dublin 2015 Run multiple containers

Alissa Bonas @ Cloud Open Dublin 2015 Run multiple containers

● Orchestrate containers

● Run many containers on multiple hosts

● Manage a containers based environment

Alissa Bonas @ Cloud Open Dublin 2015 Today we’ll focus on

Kubernetes OpenShift ManageIQ

Alissa Bonas @ Cloud Open Dublin 2015 Kubernetes

● Deployment, scaling and orchestration of containers across clusters of hosts.

Developed ● 1.0 release - July 2015 in Go

Alissa Bonas @ Cloud Open Dublin 2015 Kubernetes concepts

● Node - a machine that containers run on

● Pod - a group of containers

● Replication controller - ensures there are always X replicas of pods

Alissa Bonas @ Cloud Open Dublin 2015 Kubernetes concepts

● Service - a base load balancer that provides traffic to pods

● Namespace - partitioning resources created by users into logical groups

Alissa Bonas @ Cloud Open Dublin 2015 OpenShift

● Platform as a service for building and running applications - for developers

Developed ● Built on top of Kubernetes in Go

● 3.0 release - June 2015

Alissa Bonas @ Cloud Open Dublin 2015 OpenShift concepts

● Provides additional capabilities ○ application lifecycle ○ routing - extends service ○ projects - extension of namespaces

Build Deploy Run

Alissa Bonas @ Cloud Open Dublin 2015 Insight and control

● How many containers exist in my environment?

● Does a specific node have enough resources?

● How many distinct images are used?

● Which registries are used?

Alissa Bonas @ Cloud Open Dublin 2015 ManageIQ

● A cloud management platform ○ supports multiple virtualization providers a ● Insight and control project ○ inventory overview and events ○ smart state analysis ○ workflow/orchestration

Alissa Bonas @ Cloud Open Dublin 2015 New in upstream ManageIQ

● Providers for container management

● Supported providers ○ Kubernetes ○ OpenShift

Alissa Bonas @ Cloud Open Dublin 2015 Container management providers

Alissa Bonas @ Cloud Open Dublin 2015 Working together

Kubernetes / Openshift

Node A ManageIQ

REST Master

Node B

Alissa Bonas @ Cloud Open Dublin 2015 Inventory

● Entities

● Relationships

● Additional information

Alissa Bonas @ Cloud Open Dublin 2015 Creating more insights

● Modelling additional entities as first class citizens

● Deducing relationships

Alissa Bonas @ Cloud Open Dublin 2015 Kubernetes provider summary

Alissa Bonas @ Cloud Open Dublin 2015 Kubernetes provider relationships

Alissa Bonas @ Cloud Open Dublin 2015 OpenShift provider summary OpenShift provider relationships

Alissa Bonas @ Cloud Open Dublin 2015 Nodes

● OS and Software versions

● How many entities are on a node

● Capacity and utilization

● Which infrastructure is it running on

Alissa Bonas @ Cloud Open Dublin 2015 Node summary page

Alissa Bonas @ Cloud Open Dublin 2015 What do we know about nodes?

Capacity

Docker and Kubernetes info

OS info

Alissa Bonas @ Cloud Open Dublin 2015 What do we know about nodes?

Alissa Bonas @ Cloud Open Dublin 2015 Cross providers insight

● Connect all layers of infrastructure, cloud and containers

● Currently supports cross linking with ○ OpenStack ○ oVirt / RHEV ○ VMware vCenter

Alissa Bonas @ Cloud Open Dublin 2015 Cross linking demystified

Nodes Pods Containers

Virtual Hosts Machines

Alissa Bonas @ Cloud Open Dublin 2015 Cross linking zoom out

Routes Services Images

Nodes Pods Containers

Storage Virtual Hosts Machines Network

Alissa Bonas @ Cloud Open Dublin 2015 Cross provider example - Node

Alissa Bonas @ Cloud Open Dublin 2015 Cross provider - VM side

Alissa Bonas @ Cloud Open Dublin 2015 Nodes capacity and utilization Alissa Bonas @ Cloud Open Dublin 2015 Alissa Bonas @ Cloud Open Dublin 2015 Resource quotas and limit ranges

● Limit the number of pods, containers, etc. ○ tracked per a project/namespace scope

● Limit CPU and memory ○ tracked per pod, container

Alissa Bonas @ Cloud Open Dublin 2015 Container

● Traceability - node, container id, image

Alissa Bonas @ Cloud Open Dublin 2015 Image from a known registry

Alissa Bonas @ Cloud Open Dublin 2015 Image from an unknown source

Alissa Bonas @ Cloud Open Dublin 2015 Registries Pods

● Which containers are part of it

● Which services work with it

● Which node does it run on

● Is it controlled by a replicator?

Alissa Bonas @ Cloud Open Dublin 2015 Pod

Alissa Bonas @ Cloud Open Dublin 2015 Replicators

Searches for pods with this label

Alissa Bonas @ Cloud Open Dublin 2015 Services

● A portal IP and source/target port pairs

● Redirects traffic to relevant pods based on a labels selector

Alissa Bonas @ Cloud Open Dublin 2015 Service example

Alissa Bonas @ Cloud Open Dublin 2015 OpenShift Routes

● Exposes a service by giving it an externally reachable hostname

● Can be fine tuned by /path

● Can be also secured

Alissa Bonas @ Cloud Open Dublin 2015 Events / Timeline

● Node ○ ready / not ready / rebooted

● Pod ○ scheduled

● More to come...

Alissa Bonas @ Cloud Open Dublin 2015 Tagging

● Leveraging ManageIQ tags

Alissa Bonas @ Cloud Open Dublin 2015 Topology view

● “A picture is worth a thousand words”

● Includes cross provider relationships

● Status color indication

Alissa Bonas @ Cloud Open Dublin 2015 Topology live demo

Alissa Bonas @ Cloud Open Dublin 2015 A glimpse into the future Dashboard - providers overview Dashboard - a single provider view Dashboard of a project

Alissa Bonas @ Cloud Open Dublin 2015 Smart State Analysis

● Inspect the packages included in an image

● Combined with vulnerabilities db, generate alerts for important security issues on running containers

Alissa Bonas @ Cloud Open Dublin 2015 Analysis of an image

Alissa Bonas @ Cloud Open Dublin 2015 An image after analysis ManageIQ community

● http://talk.manageiq.org

● https://github.com/ManageIQ/manageiq ○ Follow label #providers/containers

● #manageiq IRC on freenode

Alissa Bonas @ Cloud Open Dublin 2015 Projects info

● http://www.openshift.org/

● http://kubernetes.io/

● http://manageiq.org/

Alissa Bonas @ Cloud Open Dublin 2015 Icons Credits

● The Go gopher - Renee French ● Diamond by MarkieAnn Packer, the Noun Project ● Rails by Luis Martins, the Noun Project ● Light Bulb by artworkbean, the Noun Project ● Sherlock by James Keuning, the Noun Project ● Twitter by Lubos Volkov, the Noun Project ● Link by Vitor Fernandes, the Noun Project

Thank you!

@mikeyteva