SlideShare una empresa de Scribd logo

Halifax DevOps - Meet-up - July.19 2017

Kyle Bassett
Kyle Bassett

Kyle Bassett's from @ Arctiq (www.arctiq.ca) Presentation from the Halifax DevOps Meet-up on July.19th - 2017. Linux Container Platform on Azure (Kubernetes, OpenShift, Ansible Automation) Pipeline Automation (From Code to Containers, Automated CI / CD on Azure

Tecnología
1 de 57
Descargar para leer sin conexión
Linux Container Platform on Azure (Kubernetes, OpenShift, Ansible Automation) Pipeline Automation (From Code to Containers, Automated CI / CD on Azure //Halifax DevOps Meetup Kyle Bassett - July 19, 2017 //thanks to
//today’s expedition //Introductions Who is Arctiq? Docker to Docker Inc to OCI to Kubernetes to OpenShift Ansible / Ansible Tower - What is it? What can it do? Why Azure, What services are we using?, Why? //Demo’s Azure Infrastructure Automation via Ansible Tower OpenShift Container Platform Build via Ansible A quick look into OpenShift Compute Platform Continuous Delivery and CI/CD Pipeline Automation //Social Stuff Open Discussion Beer !!!
//OpenShift Labs Links https://github.com/kylearctiq/devops_halifax https://github.com/minishift/minishift https://github.com/RedHatWorkshops https://github.com/RedHatWorkshops/openshiftv3-workshop https://github.com/RedHatWorkshops/openshiftv3-ops-workshop https://github.com/VeerMuchandi/openshift-local https://github.com/RedHatWorkshops/openshiftv3-advanced-workshop
//arctiq’s wheelhouse
//arctiq’s focus - mvp and business value Trending, Visibility, and Feedback Loops Security Hardening and Access Management Automation and Orchestration Standardization, Hardened Imaging, Centralized Management, and Audit Reporting DEVELOPERS Self-Service Managed Container Platform Fail-Fast + Fix-Fast Mindset Freedom to Focus on Development THE BUSINESS Time-to-Market Advantages Operational Efficiencies Quality Software Speed and Agility IT OPERATIONS Standardized Frameworks Automated Repeatable Tasks Simplified Infrastructure Improved Security
//docker 101 ● Docker is a software technology providing containers ● Promoted by the company Docker Inc. ● Docker provides an additional layer of abstraction and automation of operating-system-level virtualization on Linux and Windows. ● Docker uses the resource isolation features of the Linux kernel such as cgroups and kernel namespaces, and a union-capable file system such as OverlayFS and others ● This allows independent "containers" to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines.
//just docker
//docker vs docker inc ● Docker is an open source software platform to create, deploy and manage virtualized application containers on a common operating system (OS), with an ecosystem of allied tools. ● https://mobyproject.org/ ● Docker Inc. - the company that originally developed Docker, supports a commercial edition and is the principal sponsor of the open source tool.
//docker vs open container initiative Mission Statement ● The mission of the Open Container Initiative (OCI) is to promote a set of common, minimal, open standards and specifications around container technology Governing principles of the OCI? ● Technology leadership ● Influence through contribution ● Limited scope, limited politics ● Minimalist structure ● Representative leadership ● Adherence to anti-trust regulations Why? ● Not bound to higher level constructs such as a particular client or orchestration stack, ● Not tightly associated with any particular commercial vendor or project, and ● Portable across a wide variety of operating systems, hardware, CPU architectures, public clouds, etc.
//we need more Scheduling Decide where to deploy containers WE NEED MORE THAN JUST CONTAINERS Lifecycle and health Keep containers running despite failures Discovery Find other containers on the network Monitoring Visibility into running containers Security Control who can do what Scaling Scale containers up and down Persistence Survive data beyond container lifecycle Aggregation Compose apps from multiple containers
//www.linuxfoundation.org
//kuberneres 101 WHAT DO I GET WITH KUBERNETES? Kubernetes satisfies a number of common needs of applications, such as: ● co-locating helper processes, facilitating composite applications and preserving the one-application-per-container model ● mounting storage systems ● distributing secrets ● application health checking ● replicating application instances ● horizontal auto-scaling ● naming and discovery ● load balancing ● rolling updates ● resource monitoring ● log access and ingestion ● support for introspection and debugging ● identity and authorization
//The Illustrated Children’s Guide to Kubernetes https://youtu.be/4ht22ReBjno
//ok so what’s it do?
//environment(s)
//container(s)
//kubernetes
//labels(s)
//pod(s)
//replication controller(s)
//service(s)
//volumes(s)
//namespace(s)
//but operations needs tools OPERATIONAL & PLATFORM REQUIREMENTS NETWORKING IMAGE REGISTRY ENTERPRISE SUPPORT & INSURANCE APPLICATION SERVICES METRICS & LOGGING LIFE CYCLE MANAGEMENT SELF SERVICE & API’S
//and then there’s more and more... OK - WHAT ELSE? Routing & Load Balancing Multi-tenancy CI/CD Pipelines Role-based Authorization Capacity Management Chargeback Vulnerability Scanning Container Isolation Image Build Automation Quota Management Teams and Collaboration Infrastructure Visibility Training & Education
//openshift 101 SELF-SERVICE APP SERVICES APP LIFECYCLE MGMT METRICS AND LOGGING NETWORK Bring your own PaaS physical virtual private cloud any public cloud > = IDE Integration Enterprise Support
//High Availability - Scale-Out Architecture
//Namespaces Explained Namespaces - Project Isolation ● Kubernetes supports multiple virtual clusters backed by the same physical cluster. These virtual clusters are called namespaces. ● Namespaces are intended for use in environments with many users spread across multiple teams, or projects. For clusters with a few to tens of users, you should not need to create or think about namespaces at all. Start using namespaces when you need the features they provide. ● Namespaces provide a scope for names. Names of resources need to be unique within a namespace, but not across namespaces. ● Namespaces are a way to divide cluster resources between multiple uses (via resource quota).
//Eco-system of tooling example PHYSICAL SERVERS VIRTUAL SERVERS PRIVATE CLOUD PUBLIC CLOUD MANAGED SERVICE IDM Security Tools Developer ToolsInfrastructure Automation Bring your own PaaS Infrastructure Identity Ops Tooling
//ansible automation MODERNIZE DEVOPS MIGRATE Automate existing processes Manage legacy like DevOps Model everything Deploy continuously Define applications once Re-deploy anywhere
//ansible for everyone SIMPLE POWERFUL AGENTLESS App deployment Configuration management Workflow orchestration Orchestrate the app lifecycle Human readable automation No special coding skills needed Tasks executed in order Get productive quickly Agentless architecture Uses OpenSSH & WinRM No agents to exploit or update More efficient & more secure
//how ansible works ANSIBLE’S AUTOMATION ENGINE ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD CMDB USERS INVENTORY HOSTS NETWORKING PLUGINS API MODULES
//how ansible works ANSIBLE’S AUTOMATION ENGINE ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD USERS INVENTORY HOSTS NETWORKING PLUGINS API MODULES CMDB CLOUD: OpenStack, VMware, EC2, Rackspace, GCE, Azure, Spacewalk, Hanlon, Cobbler CUSTOM CMDB
//azure + ansible Requirements Authentication Variables ● Active Directory Username/Password ● Service Principal Credentials Using the Azure Resource Manager modules requires having Azure Python SDK installed on the host running Ansible. $ pip install "azure==2.0.0rc5" Specify in $HOME/.azure/credentials ● AZURE_CLIENT_ID ● AZURE_SECRET ● AZURE_SUBSCRIPTION_ID ● AZURE_TENANT
//azure modules ● azure - create or terminate vm in azure ● azure_rm_deployment - create or destroy ARM template deployments ● azure_rm_publicipaddress - Manage Azure Public IP Addresses ● azure_rm_publicipaddress_facts - Get public IP facts ● azure_rm_resourcegroup - Manage Azure resource groups ● azure_rm_storageaccount - Manage Azure storage accounts
//playbook example --- - name: azure automation hosts: all vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: Create storage account azure_rm_storageaccount: resource_group: testing name: testaccount001 Account_type: Standard_LRS
//ansible tower CONTROL SIMPLE POWERFUL AGENTLESS KNOWLEDGE DELEGATION TOWER EXPANDS AUTOMATION TO YOUR ENTERPRISE. AT ANSIBLE’S CORE IS AN OPEN-SOURCE AUTOMATION ENGINE. Scheduled and centralized jobs Visibility and compliance Role-based access and self-service Everyone speaks the same language Designed for Multi-tier deployments Predictable, reliable, and secure
//what is ansible tower? Ansible tower is an enterprise framework for controlling, securing and managing your Ansible automation – with a UI and RESTful API. • Role-based access control keeps environments secure, and teams efficient. • Non-privileged users can safely deploy entire applications with push-button deployment access. • All Ansible automations are centrally logged, ensuring complete auditability and compliance.
//automate everything USE CASES USERS ANSIBLE PYTHON CODEBASE OPEN SOURCE MODULE LIBRARY PLUGINS CLOUD AWS, GOOGLE CLOUD, AZURE … INFRASTRUCTURE LINUX, WINDOWS, UNIX … NETWORKS ARISTA, CISCO, JUNIPER … CONTAINERS DOCKER, LXC … SERVICES DATABASES, LOGGING, SOURCE CONTROL MANAGEMENT TRANSPORT SSH, WINRM, ETC. AUTOMATE YOUR ENTERPRISE ADMINS ANSIBLE CLI & CI SYSTEMS ANSIBLE PLAYBOOKS …. ANSIBLE TOWER SIMPLE USER INTERFACE TOWER API ROLE-BASED ACCESS CONTROL KNOWLEDGE & VISIBILITY SCHEDULED & CENTRALIZED JOBS CONFIGURATION MANAGEMENT APP DEPLOYMENT CONTINUOUS DELIVERY SECURITY & COMPLIANCE ORCHESTRATIONPROVISIONING
//Azure Infrastructure Demo
//so what are we building - architecture 101
//CI //CD (Continuous Integration, Continuous Deployment, Continuous Delivery) //Pipeline Delivery Automation
//why ? - simple goals - process automation
//the road to continuous delivery
//the need for an automation engine
//A Jenkins Workflow
//local machine development using CDK
//Registry Strategies - Environment Promotion Another Option
oc new-project dev --display-name="Tasks - Dev" oc new-project stage --display-name="Tasks - Stage" oc new-project cicd --display-name="CI/CD" oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n dev oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n stage oc process -f cicd-template.yaml | oc create -f - Example - https://github.com/daniyalj/openshift-cd-demo/blob/ocp-3.4/cicd-template.yaml
//continuous delivery workflow
//Continuous Delivery Workflow Demo
//continuous deployment workflow ● Each commit drives a build & deployment create a “baked” application container in the registry in the development project / environment (S2i example) ● Upon success the application container is pulled from the development project and deployed into the Testing / QA project / environment ● Think how we handle war’s and jar’s today, we manage the compiled artifact. The container image is the new artifact and we utilize the same governance processes that exist today. ● This workflow can extend to production by introduction of the required enterprise controls. ● The only way to get code into production is to start in Dev > QA > ...
//Continuous Deployment Pipelines Demo
http://dashai.org
//Join Arctiq’s Expedition We’re Hiring!!! http://www.arctiq.ca/careers
//OpenShift Labs Links https://github.com/kylearctiq/devops_halifax https://github.com/minishift/minishift https://github.com/RedHatWorkshops https://github.com/RedHatWorkshops/openshiftv3-workshop https://github.com/RedHatWorkshops/openshiftv3-ops-workshop https://github.com/VeerMuchandi/openshift-local https://github.com/RedHatWorkshops/openshiftv3-advanced-workshop
Kyle Bassett kyle.bassett@arctiq.ca @kylebassett //location ?

Recomendados

Docker Containers for Continuous Delivery
Docker Containers for Continuous DeliveryDocker Containers for Continuous Delivery
Docker Containers for Continuous Delivery
Synerzip
 
Docker: Redistributing DevOps cards, on the way to PaaS
Docker: Redistributing DevOps cards, on the way to PaaSDocker: Redistributing DevOps cards, on the way to PaaS
Docker: Redistributing DevOps cards, on the way to PaaS
Adrien Blind
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
War of Openstack Private Cloud Distribution
War of Openstack Private Cloud DistributionWar of Openstack Private Cloud Distribution
War of Openstack Private Cloud Distribution
Yusuf Hadiwinata Sutandar
 
Dockercon Europe 2014 - Continuous Delivery leveraging on Docker CaaS
Dockercon Europe 2014 - Continuous Delivery leveraging on Docker CaaSDockercon Europe 2014 - Continuous Delivery leveraging on Docker CaaS
Dockercon Europe 2014 - Continuous Delivery leveraging on Docker CaaS
Adrien Blind
 
Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?
Adrien Blind
 
Docker meetup-20-apr-17-openshit
Docker meetup-20-apr-17-openshitDocker meetup-20-apr-17-openshit
Docker meetup-20-apr-17-openshit
Yusuf Hadiwinata Sutandar
 
Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13
Dan Wendlandt
 

Recomendados

Docker Containers for Continuous Delivery
Docker Containers for Continuous DeliveryDocker Containers for Continuous Delivery
Docker Containers for Continuous Delivery
Synerzip
 
Docker: Redistributing DevOps cards, on the way to PaaS
Docker: Redistributing DevOps cards, on the way to PaaSDocker: Redistributing DevOps cards, on the way to PaaS
Docker: Redistributing DevOps cards, on the way to PaaS
Adrien Blind
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on AzureDocker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
War of Openstack Private Cloud Distribution
War of Openstack Private Cloud DistributionWar of Openstack Private Cloud Distribution
War of Openstack Private Cloud Distribution
Yusuf Hadiwinata Sutandar
 
Dockercon Europe 2014 - Continuous Delivery leveraging on Docker CaaS
Dockercon Europe 2014 - Continuous Delivery leveraging on Docker CaaSDockercon Europe 2014 - Continuous Delivery leveraging on Docker CaaS
Dockercon Europe 2014 - Continuous Delivery leveraging on Docker CaaS
Adrien Blind
 
Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?Docker, cornerstone of an hybrid cloud?
Docker, cornerstone of an hybrid cloud?
Adrien Blind
 
Docker meetup-20-apr-17-openshit
Docker meetup-20-apr-17-openshitDocker meetup-20-apr-17-openshit
Docker meetup-20-apr-17-openshit
Yusuf Hadiwinata Sutandar
 
Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13
Dan Wendlandt
 
The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so... The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so...
Adrien Blind
 
Docker and Containers overview - Docker Workshop
Docker and Containers overview - Docker WorkshopDocker and Containers overview - Docker Workshop
Docker and Containers overview - Docker Workshop
Jonas Rosland
 
Docker Networking | Container Network Model (CNM) | Docker Tutorial For Begin...
Docker Networking | Container Network Model (CNM) | Docker Tutorial For Begin...Docker Networking | Container Network Model (CNM) | Docker Tutorial For Begin...
Docker Networking | Container Network Model (CNM) | Docker Tutorial For Begin...
Edureka!
 
NCA GTUG 2012 - Cloud is such stuff as dreams are made on
NCA GTUG 2012 - Cloud is such stuff as dreams are made onNCA GTUG 2012 - Cloud is such stuff as dreams are made on
NCA GTUG 2012 - Cloud is such stuff as dreams are made on
Patrick Chanezon
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
SlideTeam
 
OpenStack Cloud Tutorial | What is OpenStack | OpenStack Tutorial | OpenStack...
OpenStack Cloud Tutorial | What is OpenStack | OpenStack Tutorial | OpenStack...OpenStack Cloud Tutorial | What is OpenStack | OpenStack Tutorial | OpenStack...
OpenStack Cloud Tutorial | What is OpenStack | OpenStack Tutorial | OpenStack...
Edureka!
 
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
Yusuf Hadiwinata Sutandar
 
Journey to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftJourney to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshift
Yusuf Hadiwinata Sutandar
 
Comparing open source private cloud platforms
Comparing open source private cloud platformsComparing open source private cloud platforms
Comparing open source private cloud platforms
OSCON Byrum
 
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
Mario-Leander Reimer
 
(SCALE 12x) OpenStack vs. VMware - A System Administrator Perspective
(SCALE 12x) OpenStack vs. VMware - A System Administrator Perspective(SCALE 12x) OpenStack vs. VMware - A System Administrator Perspective
(SCALE 12x) OpenStack vs. VMware - A System Administrator Perspective
StackStorm
 
OpenStack for VMware Administrators
OpenStack for VMware AdministratorsOpenStack for VMware Administrators
OpenStack for VMware Administrators
Trevor Roberts Jr.
 
DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1
Docker, Inc.
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
dotCloud
 
Docker for any type of workload and any IT Infrastructure
Docker for any type of workload and any IT InfrastructureDocker for any type of workload and any IT Infrastructure
Docker for any type of workload and any IT Infrastructure
Docker, Inc.
 
Docker taylor swift and protection v06
Docker taylor swift and protection v06Docker taylor swift and protection v06
Docker taylor swift and protection v06
marketingunitrends
 
VMware@Night: Container & Virtualisierung
VMware@Night: Container & VirtualisierungVMware@Night: Container & Virtualisierung
VMware@Night: Container & Virtualisierung
Digicomp Academy AG
 
OpenStack + VMware at the Hong Kong OpenStack Summit
OpenStack + VMware at the Hong Kong OpenStack SummitOpenStack + VMware at the Hong Kong OpenStack Summit
OpenStack + VMware at the Hong Kong OpenStack Summit
Dan Wendlandt
 
Tech Talk #2: Docker - From $1 Billion Startup to the Future Industry Standard
Tech Talk #2: Docker - From $1 Billion Startup to the Future Industry StandardTech Talk #2: Docker - From $1 Billion Startup to the Future Industry Standard
Tech Talk #2: Docker - From $1 Billion Startup to the Future Industry Standard
Nexus FrontierTech
 
Containers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red HatContainers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red Hat
Amazon Web Services
 
Oscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby projectOscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby project
Patrick Chanezon
 

Más contenido relacionado

La actualidad más candente

The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so... The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so...
Adrien Blind
 
NCA GTUG 2012 - Cloud is such stuff as dreams are made on
NCA GTUG 2012 - Cloud is such stuff as dreams are made onNCA GTUG 2012 - Cloud is such stuff as dreams are made on
NCA GTUG 2012 - Cloud is such stuff as dreams are made on
Patrick Chanezon
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
SlideTeam
 
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
Mario-Leander Reimer
 
VMware@Night: Container & Virtualisierung
VMware@Night: Container & VirtualisierungVMware@Night: Container & Virtualisierung
VMware@Night: Container & Virtualisierung
Digicomp Academy AG
 

La actualidad más candente (20)

The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so... The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so...
 
Docker and Containers overview - Docker Workshop
Docker and Containers overview - Docker WorkshopDocker and Containers overview - Docker Workshop
Docker and Containers overview - Docker Workshop
 
Docker Networking | Container Network Model (CNM) | Docker Tutorial For Begin...
Docker Networking | Container Network Model (CNM) | Docker Tutorial For Begin...Docker Networking | Container Network Model (CNM) | Docker Tutorial For Begin...
Docker Networking | Container Network Model (CNM) | Docker Tutorial For Begin...
 
NCA GTUG 2012 - Cloud is such stuff as dreams are made on
NCA GTUG 2012 - Cloud is such stuff as dreams are made onNCA GTUG 2012 - Cloud is such stuff as dreams are made on
NCA GTUG 2012 - Cloud is such stuff as dreams are made on
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
 
OpenStack Cloud Tutorial | What is OpenStack | OpenStack Tutorial | OpenStack...
OpenStack Cloud Tutorial | What is OpenStack | OpenStack Tutorial | OpenStack...OpenStack Cloud Tutorial | What is OpenStack | OpenStack Tutorial | OpenStack...
OpenStack Cloud Tutorial | What is OpenStack | OpenStack Tutorial | OpenStack...
 
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
 
Journey to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftJourney to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshift
 
Comparing open source private cloud platforms
Comparing open source private cloud platformsComparing open source private cloud platforms
Comparing open source private cloud platforms
 
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
A Hitchhiker’s Guide to the Cloud Native Stack. #CDS17
 
(SCALE 12x) OpenStack vs. VMware - A System Administrator Perspective
(SCALE 12x) OpenStack vs. VMware - A System Administrator Perspective(SCALE 12x) OpenStack vs. VMware - A System Administrator Perspective
(SCALE 12x) OpenStack vs. VMware - A System Administrator Perspective
 
OpenStack for VMware Administrators
OpenStack for VMware AdministratorsOpenStack for VMware Administrators
OpenStack for VMware Administrators
 
DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
 
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
 
Docker for any type of workload and any IT Infrastructure
Docker for any type of workload and any IT InfrastructureDocker for any type of workload and any IT Infrastructure
Docker for any type of workload and any IT Infrastructure
 
Docker taylor swift and protection v06
Docker taylor swift and protection v06Docker taylor swift and protection v06
Docker taylor swift and protection v06
 
VMware@Night: Container & Virtualisierung
VMware@Night: Container & VirtualisierungVMware@Night: Container & Virtualisierung
VMware@Night: Container & Virtualisierung
 
OpenStack + VMware at the Hong Kong OpenStack Summit
OpenStack + VMware at the Hong Kong OpenStack SummitOpenStack + VMware at the Hong Kong OpenStack Summit
OpenStack + VMware at the Hong Kong OpenStack Summit
 
Tech Talk #2: Docker - From $1 Billion Startup to the Future Industry Standard
Tech Talk #2: Docker - From $1 Billion Startup to the Future Industry StandardTech Talk #2: Docker - From $1 Billion Startup to the Future Industry Standard
Tech Talk #2: Docker - From $1 Billion Startup to the Future Industry Standard
 

Similar a Halifax DevOps - Meet-up - July.19 2017

Containers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red HatContainers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red Hat
Amazon Web Services
 
Oscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby projectOscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby project
Patrick Chanezon
 
Red hat ansible automation technical deck
Red hat ansible automation technical deckRed hat ansible automation technical deck
Red hat ansible automation technical deck
Juraj Hantak
 
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
DevOps.com
 

Similar a Halifax DevOps - Meet-up - July.19 2017 (20)

Containers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red HatContainers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red Hat
 
Oscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby projectOscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby project
 
DevOps and BigData Analytics
DevOps and BigData Analytics DevOps and BigData Analytics
DevOps and BigData Analytics
 
The Future of Cloud Innovation, featuring Adrian Cockcroft
The Future of Cloud Innovation, featuring Adrian CockcroftThe Future of Cloud Innovation, featuring Adrian Cockcroft
The Future of Cloud Innovation, featuring Adrian Cockcroft
 
Yet Another Session about Docker and Containers​
Yet Another Session about Docker and Containers​Yet Another Session about Docker and Containers​
Yet Another Session about Docker and Containers​
 
HPC Cloud Burst Using Docker
HPC Cloud Burst Using DockerHPC Cloud Burst Using Docker
HPC Cloud Burst Using Docker
 
Red hat cloud platforms
Red hat cloud platformsRed hat cloud platforms
Red hat cloud platforms
 
Red hat ansible automation technical deck
Red hat ansible automation technical deckRed hat ansible automation technical deck
Red hat ansible automation technical deck
 
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
 
Continuously deploy a containerized app to “Azure App Service”
Continuously deploy a containerized app to “Azure App Service”Continuously deploy a containerized app to “Azure App Service”
Continuously deploy a containerized app to “Azure App Service”
 
Open hybrid cloud
Open hybrid cloudOpen hybrid cloud
Open hybrid cloud
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
04_Azure Kubernetes Service: Basic Practices for Developers_GAB2019
04_Azure Kubernetes Service: Basic Practices for Developers_GAB201904_Azure Kubernetes Service: Basic Practices for Developers_GAB2019
04_Azure Kubernetes Service: Basic Practices for Developers_GAB2019
 
Deploying OpenShift Container Platform on AWS by Red Hat
Deploying OpenShift Container Platform on AWS by Red HatDeploying OpenShift Container Platform on AWS by Red Hat
Deploying OpenShift Container Platform on AWS by Red Hat
 
OpenStack and CloudForms Do's and Dont's
OpenStack and CloudForms Do's and Dont'sOpenStack and CloudForms Do's and Dont's
OpenStack and CloudForms Do's and Dont's
 
Kubernetes101 - Pune Kubernetes Meetup 6
Kubernetes101 - Pune Kubernetes Meetup 6Kubernetes101 - Pune Kubernetes Meetup 6
Kubernetes101 - Pune Kubernetes Meetup 6
 
Serverless Pune Meetup 1
Serverless Pune Meetup 1Serverless Pune Meetup 1
Serverless Pune Meetup 1
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
 
Learn OpenStack from trystack.cn
Learn OpenStack from trystack.cnLearn OpenStack from trystack.cn
Learn OpenStack from trystack.cn
 
Cloud Native Dünyada CI/CD
Cloud Native Dünyada CI/CDCloud Native Dünyada CI/CD
Cloud Native Dünyada CI/CD
 

Último

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 

Último (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Halifax DevOps - Meet-up - July.19 2017

  • 1. Linux Container Platform on Azure (Kubernetes, OpenShift, Ansible Automation) Pipeline Automation (From Code to Containers, Automated CI / CD on Azure //Halifax DevOps Meetup Kyle Bassett - July 19, 2017 //thanks to
  • 2. //today’s expedition //Introductions Who is Arctiq? Docker to Docker Inc to OCI to Kubernetes to OpenShift Ansible / Ansible Tower - What is it? What can it do? Why Azure, What services are we using?, Why? //Demo’s Azure Infrastructure Automation via Ansible Tower OpenShift Container Platform Build via Ansible A quick look into OpenShift Compute Platform Continuous Delivery and CI/CD Pipeline Automation //Social Stuff Open Discussion Beer !!!
  • 5. //arctiq’s focus - mvp and business value Trending, Visibility, and Feedback Loops Security Hardening and Access Management Automation and Orchestration Standardization, Hardened Imaging, Centralized Management, and Audit Reporting DEVELOPERS Self-Service Managed Container Platform Fail-Fast + Fix-Fast Mindset Freedom to Focus on Development THE BUSINESS Time-to-Market Advantages Operational Efficiencies Quality Software Speed and Agility IT OPERATIONS Standardized Frameworks Automated Repeatable Tasks Simplified Infrastructure Improved Security
  • 6. //docker 101 ● Docker is a software technology providing containers ● Promoted by the company Docker Inc. ● Docker provides an additional layer of abstraction and automation of operating-system-level virtualization on Linux and Windows. ● Docker uses the resource isolation features of the Linux kernel such as cgroups and kernel namespaces, and a union-capable file system such as OverlayFS and others ● This allows independent "containers" to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines.
  • 8. //docker vs docker inc ● Docker is an open source software platform to create, deploy and manage virtualized application containers on a common operating system (OS), with an ecosystem of allied tools. ● https://mobyproject.org/ ● Docker Inc. - the company that originally developed Docker, supports a commercial edition and is the principal sponsor of the open source tool.
  • 9. //docker vs open container initiative Mission Statement ● The mission of the Open Container Initiative (OCI) is to promote a set of common, minimal, open standards and specifications around container technology Governing principles of the OCI? ● Technology leadership ● Influence through contribution ● Limited scope, limited politics ● Minimalist structure ● Representative leadership ● Adherence to anti-trust regulations Why? ● Not bound to higher level constructs such as a particular client or orchestration stack, ● Not tightly associated with any particular commercial vendor or project, and ● Portable across a wide variety of operating systems, hardware, CPU architectures, public clouds, etc.
  • 10. //we need more Scheduling Decide where to deploy containers WE NEED MORE THAN JUST CONTAINERS Lifecycle and health Keep containers running despite failures Discovery Find other containers on the network Monitoring Visibility into running containers Security Control who can do what Scaling Scale containers up and down Persistence Survive data beyond container lifecycle Aggregation Compose apps from multiple containers
  • 12. //kuberneres 101 WHAT DO I GET WITH KUBERNETES? Kubernetes satisfies a number of common needs of applications, such as: ● co-locating helper processes, facilitating composite applications and preserving the one-application-per-container model ● mounting storage systems ● distributing secrets ● application health checking ● replicating application instances ● horizontal auto-scaling ● naming and discovery ● load balancing ● rolling updates ● resource monitoring ● log access and ingestion ● support for introspection and debugging ● identity and authorization
  • 13. //The Illustrated Children’s Guide to Kubernetes https://youtu.be/4ht22ReBjno
  • 24. //but operations needs tools OPERATIONAL & PLATFORM REQUIREMENTS NETWORKING IMAGE REGISTRY ENTERPRISE SUPPORT & INSURANCE APPLICATION SERVICES METRICS & LOGGING LIFE CYCLE MANAGEMENT SELF SERVICE & API’S
  • 25. //and then there’s more and more... OK - WHAT ELSE? Routing & Load Balancing Multi-tenancy CI/CD Pipelines Role-based Authorization Capacity Management Chargeback Vulnerability Scanning Container Isolation Image Build Automation Quota Management Teams and Collaboration Infrastructure Visibility Training & Education
  • 26. //openshift 101 SELF-SERVICE APP SERVICES APP LIFECYCLE MGMT METRICS AND LOGGING NETWORK Bring your own PaaS physical virtual private cloud any public cloud > = IDE Integration Enterprise Support
  • 27. //High Availability - Scale-Out Architecture
  • 28. //Namespaces Explained Namespaces - Project Isolation ● Kubernetes supports multiple virtual clusters backed by the same physical cluster. These virtual clusters are called namespaces. ● Namespaces are intended for use in environments with many users spread across multiple teams, or projects. For clusters with a few to tens of users, you should not need to create or think about namespaces at all. Start using namespaces when you need the features they provide. ● Namespaces provide a scope for names. Names of resources need to be unique within a namespace, but not across namespaces. ● Namespaces are a way to divide cluster resources between multiple uses (via resource quota).
  • 29. //Eco-system of tooling example PHYSICAL SERVERS VIRTUAL SERVERS PRIVATE CLOUD PUBLIC CLOUD MANAGED SERVICE IDM Security Tools Developer ToolsInfrastructure Automation Bring your own PaaS Infrastructure Identity Ops Tooling
  • 30. //ansible automation MODERNIZE DEVOPS MIGRATE Automate existing processes Manage legacy like DevOps Model everything Deploy continuously Define applications once Re-deploy anywhere
  • 31. //ansible for everyone SIMPLE POWERFUL AGENTLESS App deployment Configuration management Workflow orchestration Orchestrate the app lifecycle Human readable automation No special coding skills needed Tasks executed in order Get productive quickly Agentless architecture Uses OpenSSH & WinRM No agents to exploit or update More efficient & more secure
  • 32. //how ansible works ANSIBLE’S AUTOMATION ENGINE ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD CMDB USERS INVENTORY HOSTS NETWORKING PLUGINS API MODULES
  • 33. //how ansible works ANSIBLE’S AUTOMATION ENGINE ANSIBLE PLAYBOOK PUBLIC / PRIVATE CLOUD USERS INVENTORY HOSTS NETWORKING PLUGINS API MODULES CMDB CLOUD: OpenStack, VMware, EC2, Rackspace, GCE, Azure, Spacewalk, Hanlon, Cobbler CUSTOM CMDB
  • 34. //azure + ansible Requirements Authentication Variables ● Active Directory Username/Password ● Service Principal Credentials Using the Azure Resource Manager modules requires having Azure Python SDK installed on the host running Ansible. $ pip install "azure==2.0.0rc5" Specify in $HOME/.azure/credentials ● AZURE_CLIENT_ID ● AZURE_SECRET ● AZURE_SUBSCRIPTION_ID ● AZURE_TENANT
  • 35. //azure modules ● azure - create or terminate vm in azure ● azure_rm_deployment - create or destroy ARM template deployments ● azure_rm_publicipaddress - Manage Azure Public IP Addresses ● azure_rm_publicipaddress_facts - Get public IP facts ● azure_rm_resourcegroup - Manage Azure resource groups ● azure_rm_storageaccount - Manage Azure storage accounts
  • 36. //playbook example --- - name: azure automation hosts: all vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: Create storage account azure_rm_storageaccount: resource_group: testing name: testaccount001 Account_type: Standard_LRS
  • 37. //ansible tower CONTROL SIMPLE POWERFUL AGENTLESS KNOWLEDGE DELEGATION TOWER EXPANDS AUTOMATION TO YOUR ENTERPRISE. AT ANSIBLE’S CORE IS AN OPEN-SOURCE AUTOMATION ENGINE. Scheduled and centralized jobs Visibility and compliance Role-based access and self-service Everyone speaks the same language Designed for Multi-tier deployments Predictable, reliable, and secure
  • 38. //what is ansible tower? Ansible tower is an enterprise framework for controlling, securing and managing your Ansible automation – with a UI and RESTful API. • Role-based access control keeps environments secure, and teams efficient. • Non-privileged users can safely deploy entire applications with push-button deployment access. • All Ansible automations are centrally logged, ensuring complete auditability and compliance.
  • 39. //automate everything USE CASES USERS ANSIBLE PYTHON CODEBASE OPEN SOURCE MODULE LIBRARY PLUGINS CLOUD AWS, GOOGLE CLOUD, AZURE … INFRASTRUCTURE LINUX, WINDOWS, UNIX … NETWORKS ARISTA, CISCO, JUNIPER … CONTAINERS DOCKER, LXC … SERVICES DATABASES, LOGGING, SOURCE CONTROL MANAGEMENT TRANSPORT SSH, WINRM, ETC. AUTOMATE YOUR ENTERPRISE ADMINS ANSIBLE CLI & CI SYSTEMS ANSIBLE PLAYBOOKS …. ANSIBLE TOWER SIMPLE USER INTERFACE TOWER API ROLE-BASED ACCESS CONTROL KNOWLEDGE & VISIBILITY SCHEDULED & CENTRALIZED JOBS CONFIGURATION MANAGEMENT APP DEPLOYMENT CONTINUOUS DELIVERY SECURITY & COMPLIANCE ORCHESTRATIONPROVISIONING
  • 41. //so what are we building - architecture 101
  • 42. //CI //CD (Continuous Integration, Continuous Deployment, Continuous Delivery) //Pipeline Delivery Automation
  • 43. //why ? - simple goals - process automation
  • 44. //the road to continuous delivery
  • 45. //the need for an automation engine
  • 48. //Registry Strategies - Environment Promotion Another Option
  • 49. oc new-project dev --display-name="Tasks - Dev" oc new-project stage --display-name="Tasks - Stage" oc new-project cicd --display-name="CI/CD" oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n dev oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n stage oc process -f cicd-template.yaml | oc create -f - Example - https://github.com/daniyalj/openshift-cd-demo/blob/ocp-3.4/cicd-template.yaml
  • 52. //continuous deployment workflow ● Each commit drives a build & deployment create a “baked” application container in the registry in the development project / environment (S2i example) ● Upon success the application container is pulled from the development project and deployed into the Testing / QA project / environment ● Think how we handle war’s and jar’s today, we manage the compiled artifact. The container image is the new artifact and we utilize the same governance processes that exist today. ● This workflow can extend to production by introduction of the required enterprise controls. ● The only way to get code into production is to start in Dev > QA > ...
  • 55. //Join Arctiq’s Expedition We’re Hiring!!! http://www.arctiq.ca/careers