Title slide with picture

Title slide with picture

Going from OpenShift PoC to Production Accelerate your path with HPE Red Hat Summit | May 2018 Presenters KA WAI LEUNG HPE Solutions Product Management MICHAEL MATTSSON HPE Nimble Storage Product Management 2 Agenda Bringing containers to productiondifferent adoption paths Impact on people, process, and governance Technology considerations (including data management and protection) HPE Pointnext Services for OpenShift Planning for success 3

OpenShift adoption options 4 Four options for container adoption 1 Deploy containerized commercial apps 2 Containerize monoliths 3 Containerize monolith; transform to microservices 4 Enable new microservices and apps Up in days, not months; verified and secure Migrate to hybrid cloud or bare metal; get better CAPEX/OPEX versus VM Look for shared services to transform agility, DevOps, distributed architecture

Greenfield cloud native or containers as a service (CaaS) 5 Moving from PoC to production Key considerations People and organization Dev and release process Governance Technology and platform Complete PoC Often a minimal viable product (MVP) Production 6 People, organization, governance 7 People and organization Traditional waterfall

development model Agile and DevOps model CAPEX vs OPEX model? Customer or BU Dev & QA 1-3 releases/year 4-12 month cycles IT Ops Integrated teams 4-12+ releases/year 1-3 month cycles 8 Dev/release process and governance Command and control

Integrated and empowered Request for change, change control board Change record as part of CI/CD pipeline Dev controls app stack Dev controls app image, Ops controls standardized base image via catalogs Waterfall model Continuous delivery model Ops owns security and monitoring Dev assumes more control on security and apps performance monitoring 9 Technology considerations 10

OpenShift in production High availability Lifecycle management Orchestration Monitoring The OpenShift production ecosystem Scaling Resource management Security Data protection and management 11 Technology considerations Security Securing the stack Safe images: Security for private

registry (scanning, access control) OpenSCAP scanning (integrate into CI/CD) Run-time protection and continuous monitoring Container images Harden OS (SELinux mandatory for OpenShift) Container registry Detailed audit trail for compliance, regulation, and forensics Leverage security context constraints (SCC) Safeguarding sensitive data Strong remediation and alerting Red Hat Linux Hardware firmware and BIOS Lack of education/training for those involved in software development

12 Technology considerations Monitoring Top five layers to monitor Application Host, container, and application monitoring Root cause analysis and remediation Data store for trending and archival analysis Canned metrics and dashboards Software as a service (SaaS) versus an on-premises monitoring approach Open source versus pay-for products Monitoring tools: CloudForms, SysDig, Datadog, CoScale, Prometheus/Grafana Services Kubernetes deployment

Kubernetes internals Host nodes (Source: SysDig) 13 Technology considerations Resource management Developers are not good at sizing estimates Tendency to overcommit resources Overprovision for safety Leads to inefficient CPU and memory usage Magnified exponentially with thousands of pods Analyser tools: cAdvisor, Prometheus/Grafana, Densify, Turbonomics 14 PoC to production configuration considerations PoC, Dev/QA, or SMB deployment Mid-range production configuration

Enterprise production starter configuration (bare metal) Deployment scenario All services, masters, workers on VM (with persistent storage supported), HA supported VM or bare metal workers with persistent storage All services, masters, workers on bare metal Total physical nodes 3 nodes 6+ nodes 8+ nodes Number of instances

All on VMs: 3 master 3 masters/etcd, infrastructure, HA proxy on VMs over 3 physical nodes 3 nodes3 master, 3 etcd 3 etcd 3 infrastructure 3+ physical nodes for N number workers on VMs or bare metal 2 high availability (HA) proxy 3+ nodesk8s workers on bare metal 3 workers Key SW OpenShift Red Hat Hyperconverged Infrastructure (RHHI)

2 nodesinfrastructure, HA load balancer, and HA registry management tools, such as Ansible Tower OpenShift, RHV + external storage array Or OpenShift, RHHI (for SW defined storage) OpenShift Monitoring, logging, billing apps Persistent storage plugin 15 Accelerate OpenShift adoption with HPE Reference architectures HPE OpenShift solutions (Services component, ecosystem, deployment guide, and automation) Deployment scale Consistent platform from DEV to OPs Development

Accelerate developer productivity Production Simplify the IT experience Operations optimized 16 HPE Composable Systems: the ideal container platform Solution for enterprise scale container deployment Deploy containers at cloud-like speed Flex container resources up and down Improve application time to value Efficient resource allocation by business demands Centralize container life cycle management Advanced container data management

Data protection and storage efficiency for containers Reduce updates from hours to minutes HPE Synergy and 3PAR/Nimble 17 Data management and protection 18 Use cases for persistent storage with Red Hat OpenShift DevOps CI/CD pipelines Build Lift and shift Run Ship Jenkins, Microsoft VSTS, CircleCI Release more, faster, and better LAMP apps, ERP systems From VMs or bare-metal

IT operations CaaS Apps Atlassian Tools, ELK stack, LAMP apps Simplified securityeasy to manage Self-service for developers Secure and predictable ABC XYZ 19 Hardware versus software VFS SDS SDS SDS

VFS VFS VFS Kernel Kernel Kernel Kernel App App OpenShift OpenShift Capability External storage Software-defined storage Consistency model

Synchronous Eventually consistent/tunable Data services Snapshot, clone, async/sync replication Varies Performance Sized to workload Limited server bound Storage reduction Dedupe, compress, thin Requires multiple copies (replicas) Scale and grow As needed Need storage add compute

Efficiency Data processed externally Compromised app latency CAPEX/OPEX/TCO High / Low / Low Low to Extremely High / High / High Protocol FC / iSCSI / NFS Container only, block, object, NFS Security Granular encryption Varies Backup, recovery, archive Strong, built-in

Weak varies, high impact RTO Reliability, availability, serviceability Unmatched fully integrated Questionable Cloud native Storage-as-a-Service Self-hosted 20 Solution: HPE Persistent Storage platform for containers Speed up DevOps Lift and shift data with applications Simplify container operations

Container QoS, security IOPS, encryption HPE Cloud Volumes Self-service automation rich container platform integration Multicloud onramp for data using HPE Cloud Volumes Comprehensive REST APIs plug into Ansible, Puppet, Chef Onboard data easily by instantly converting legacy volumes to persistent volumes Container data protection: clean up and retention for snaps and clones Simple, fast, efficient: predictive flash for six-nines availability, support 21

HPE Persistent Storage platform for Red Hat OpenShift OpenShift Container Platform 3.5 to 3.9 OpenShift Origin FlexVolume plugin FlexVolume Driver Provisioner Open APIs + HPE Storage open-source software* Docker Volume API Plugin Unix Socket HPE Docker Volume plugins HPE Cloud Volumes 3PAR *https://github.com/hpe-storage/dory Nimble Storage Coming soon: HPE Cloud Volumes 22 HPE Nimble Kube Storage Controller overview

Features Parameters Lifecycle description: Description" Highly-available, "My volume scoping, user-defined destroyOnRm: "true" descriptions, control remove and detach behavior. --kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: my-storage-class provisioner: hpe.com/nimble parameters: description: "My Description" encryption: "true" limitIOPS: "1000" perfPolicy: "My Policy" protectionTemplate: "my-prot-1" Performance Controls perfPolicy: "SQL Server" Performance Polices

limitIOPS: "32000" QoS Limits IOPS and Throughput limitMBPS: "512" Volume Placement pool: Pools and "allflash" Folders folder: "My Tenant" Protection Templates Snapshot schedules and retention protectionTemplate: "local-cloud" Array-to-array and HPE Cloud Volumes Security encryption: Encrypt data at "true" rest Set mount point UNIX permissions fsOwner: "8192:500" fsMode: "0755" Provisioning

Specify thin or thick provisioning thick: "true" Up to 127TB Volumes default size 10GB sizeInGiB: "4000" Dedupe & Compression Variable block size --kind: PersistentVolumeClaim apiVersion: v1 metadata: name: my-pvc spec: accessModes: - ReadWriteOnce resources: requests: storage: 500Gi storageClassName: my-storage-class Legacy Docker dedupe: "true" Zero-Copy Clones Reuse data from production containers cloneOf: "MyDockerVol1"

snapshot: "MySnapshot" Volume Import createSnapshot: "true" Seamless data migration importVol: "MyNimbleVol1" Clone Nimble volume in a Docker Volume importVolAsClone: "MyNimbleVol1" snapshot: "MySnapshot" 23 HPE Pointnext Services for OpenShift 24 OpenShift container service considerations Container and cloud adoption is not trivial Dev Overall business objectives Build and test

Package and archive Release and deploy Determine application migration strategy Review networking, security, and storage requirements Define system architecture Define and implement PoC How best to containerize app Discovery Continuous integration and deployment pipeline Design Deployment Pilot 25 Announcing HPE cloud native container service for OpenShift Review application requirements

23 day workshop to gather requirements and define integrations Create design Deploy container platform environment Pilot containerized applications Move to production Discovery Design Deployment Test and evaluate Pilot or trial workload Production 26 Plan for success 27 Move from PoC to productionKey success factors

Implement best practices and address issues/learnings from PoC (people, process, technology) Have a complete OpenShift container ecosystem in place: HA, security, monitoring, data management, etc. Determine CAPEX vs OPEX; plan whether to do it yourself or partner Accelerate this path with HPE + Red Hat 28 Resources and key contacts Reference configuration Reference configuration for Red Hat OpenShift Container Platform on HPE Synergy Composable Infrastructure Red Hat OpenShift Container Platform datasheet HPE contacts redhat.com/en/resources/openshift-container-pl atform-datasheet Ka Wai Leung

Containers Solutions Product Management [email protected] GitHub repositories Gary Lee Harris Pointnext Container Consulting [email protected] hpe.com/V2/GetDocument.aspx?docname=a00 038916enw Video: hpedemoportal.ext.hpe.com/search/Automated deployment of Red Hat OpenShift on HPE Syn ergy HPE platform hpe.com/info/composableprogram github.com/RHsyseng/ocp-on-synergy github.com/HewlettPackard/image-streamer-ref erence-architectures/ tree/master/RC-RHEL-OpenShift Michael Mattsson HPE Storage Tech Marketing [email protected] Bob Zepf

HPE Strategic Alliances [email protected] hpe.com/us/en/storage/containers.html 29 Thank you 30

Recently Viewed Presentations

  • Tobacco and HIV - Michigan

    Tobacco and HIV - Michigan

    Tobacco Dependence IS a Chronic Disease. Similar to diabetes, heart failure, hypertension, hyperlipidemia . Expectation for remission and relapse
  • 投影片 1 - fhl.net

    投影片 1 - fhl.net

    Kū-iok Sat-bó-jíⁿ Kì (I) Tē 13 chiuⁿ 舊約 《撒母耳記上》 第十三章 Pa-khek-lé Siu-tèng-pán Sèng-keng 巴克禮修訂版聖經
  • Course Introduction

    Course Introduction

    Jiannan @ SFU. Reduce (k, v_list) Map (k, v) SELECT. Reduce(v) FROM. Table. GROUP BY . k. MapReduce: A Major Step Backwards. 1. MapReduce is a step backwards in database access . 2. MapReduce is a poor implementation . 3....
  • Chapter 11 Creating User Interfaces

    Chapter 11 Creating User Interfaces

    You can use the play/pause button to play or pause the video and use the rewind button to restart the video, and use the slider to control the volume of the audio. MediaDemo Run * Case Study: National Flags and...
  • Greening Your Lab Responsible Conduct of Research Duke

    Greening Your Lab Responsible Conduct of Research Duke

    Convener, Green Labs at Duke. Green Labs at Duke is a group of faculty, staff and students dedicated to promoting sustainable practices in Duke University's research and teaching laboratories. Overview: ... PowerPoint Presentation Last modified by:
  • IUCN's species work: Commission and Programme

    IUCN's species work: Commission and Programme

    The Species Survival Commission (or SSC) is made up of thousands of volunteer experts and specialists located all over the world, that are organized into taxonomically- or regionally-based Specialist Groups.


    The TP mutant adopts negative values for the wobble angle, whereas the AP wobble angle oscillates between positive and negative values, tending to populate more frequently positive regions of the angle. This means that the presence of T at i-1...
  • The Source of Lake Wobegon

    The Source of Lake Wobegon

    The Source of Lake Wobegon By Richard P. Phelps (c)2007-2012, Richard P. Phelps