1. RED HAT CONTAINER
STRATEGY
An introduction to
Atomic Enterprise Platform and
OpenShift 3
Gavin McDougall
Senior Solution Architect
2. AGENDA
● Software disrupts business
● What are Containers?
● Misconceptions of Containers
● Challenges of Containers
● Open Hybrid Cloud
● Establishing Open Standards
● Client Case Studies
● Why Red Hat ?
● Questions
8. WHAT ARE CONTAINERS ?
Software packaging concept that typically includes an application and all of its
runtime dependencies.
●Easy to deploy and portable across host systems
●Isolates applications on a host operating system
●In RHEL, this is done through:
● Control Groups (cgroups)
● kernel namespaces
● SELinux, sVirt, iptables
● Docker
10. THE BENEFITS OF CONTAINERS
54%
FASTER APP
DELIVERY
51%
OPERATIONAL
EFFICIENCY
38%
DEPLOYMENT
FLEXIBILITY
30%
LOWER
DEPLOYMENT
COSTS
Source: TechValidate survey of 79 IT professionals
Containers potentially offer the ability to encapsulate a lot
of manual processes and make it little or no touch.
- IT Operations Engineer, Financial Services
MANY SEE CONTAINERS AS THE UTOPIA OF APPLICATION DELIVERY
11. ADVANCED INFRASTRUCTURE
RUNS ON CONTAINERS
“Everything at Google, from Search
to Gmail, is packaged and run in a
Linux container.”1
- Eric Brewer, VP of Infrastructure,
Google
1
Source: http://googlecloudplatform.blogspot.com/2014/06/an-update-on-container-support-on-google-cloud-platform.html
12. TOP 5 MISCONCEPTIONS ABOUT
CONTAINERS
Containers are new.
Containers equal virtualisation.
Containers are universally portable.
Containers are secure by default.
Containers are not enterprise-ready.
1
2
3
4
5
14. CONTAINER ADOPTION CHALLENGES
CONTAINERISING THE DATA-CENTRE REQUIRES PLANNING
Organisations need a secure and reliable foundation on which they can
run and orchestrate multi-container based applications at scale
15. THE NEED FOR A 'CHAIN OF TRUST'
● Who built this image?
● What’s its purpose?
Was it created to
support a demo?
● Is it safe to consume?
● Who maintains it?
DOCKER HUB
docker pull mongodb
16. WHAT'S INSIDE THE CONTAINER
MATTERS
36% of official images in Docker Hub contain high priority
security vulnerabilities
● High vulnerabilities: ShellShock
(bash), Heartbleed (OpenSSL), etc.
● Medium vulnerabilities: Poodle
(OpenSSL), etc.
● Low vulnerabilities: gcc: array
memory allocations could cause
integer overflow
All Images (n=962)
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
36%
28%
Medium priority
High priority
Source: Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities, Jayanth Gummaraju, Tarun Desikan,
and Yoshio Turner, BanyanOps, May 2015 (http://www.banyanops.com/pdf/BanyanOps-AnalyzingDockerHub-WhitePaper.pdf)
17. RED HAT CONTAINER CERTIFICATION
HOST OS
HW
HOST OS
HW
UNTRUSTED
● Will what’s inside the containers
compromise your infrastructure?
● How and when will apps and libraries be
updated?
● Will it work from host to host?
RED HAT CERTIFIED
● Trusted source for the host and the
containers
● Trusted content inside the container with
security fixes available as part of an
enterprise lifecycle
● Portability across hosts
LIBS
APP
21. CONTAINER-BASED APPLICATION DELIVERY
SOLUTIONS
Deployment platform for containers Platform for containers
development and deployment
Platform for traditional and cloud native
applications in containers and VMs, on
OpenStack infrastructure
A continuum of solutions to develop, run, and manage container-based
applications
22. RED HAT ATOMIC ENTERPRISE
PLATFORM
Run and orchestrate multi-container based applications at scale
●
An integrated infrastructure container
deployment platform powered by Red Hat
Enterprise Linux that is designed to run,
orchestrate, and scale container-based
applications and services
●
Provides foundation for production-scale
container deployments, utilising same core
enabling technologies as OpenShift v3,
including Docker format Linux containers,
Kubernetes orchestration, and RHEL7
●
Easily manage and scale applications and
infrastructure through a managed cluster of
container hosts
●
Gain application resiliency and elasticity via
orchestration and service aggregation
23. OPENSHIFT ENTERPRISE
by Red Hat
An integrated hybrid cloud
application platform for application
development and deployment that
facilitates DevOps workflows and
needs
● Develop, build, and manage
container based applications
with application lifecycle
management and a rich
developer experience
● Easily turn source code into
running applications with
source-to-image capabilities
Integrated hybrid cloud application platform for application development and
deployment
24. CONTAINER API
RHEL RHEL ATOMIC HOST
CONTAINER ORCHESTRATION AND
MANAGEMENT
CONTAINER CONTAINER CONTAINER
PHYSICAL INFRASTRUCTURE
LANGUAGE RUNTIMES, MIDDLEWARE,
DATABASES, AND OTHER SERVICES
DEVOPS TOOL AND EXPERIENCE
RED HAT ATOMIC
ENTERPRISE PLATFORM
AND OPENSHIFT 3
25. RED HAT CLOUD SUITE FOR
APPLICATIONS
Virtualization
IaaS
HybridManagement
PaaS
Containers
Cloud Instances
Virtual Machines
Red Hat Cloud Suite for Applications
Run, orchestrate, and manage multi-container based applications
and scalable infrastructure at scale
Solution providing both Infrastructure-as-
a-Service (IaaS) for massive scalability and
Platform-as-a-Service (PaaS) for faster
application delivery, combined with a
unified management framework that
supports hybrid deployment models
● Seamlessly manage from
infrastructure to applications
● Build scalable infrastructure based on
OpenStack
26. CONTAINER-BASED APPLICATION
DELIVERY SOLUTIONS
CERTIFIED HARDWARE ECOSYSTEM
MIDDLEWARE AND MOBILITY SERVICES
CERTIFIEDAPPLICATIONSVIAISVECOSYSTEM
RED HAT ENTERPRISE LINUX, INCLUDING ATOMIC HOST
✔ Application lifecycle management
✔ Continuous integration
✔ Developer experience
✔ Source-to-image
✔ Unified management from bare metal to containers
✔ Scalable infrastructure
✔ Hybrid deployment management
✔ Managed cluster of container-optimized hosts
✔ Orchestration and service aggregation
Seamlessly manage from infrastructure to applications
Build scalable infrastructure based on OpenStack
Develop, build, and manage container-based
applications
Run and orchestrate multi-container based applications
at scale
Develop, build, and manage container-based
applications
Run and orchestrate multi-container based applications
at scale
Run and orchestrate multi-container based applications
at scale
30. CREATING DEFACTO STANDARDS
Red Hat works with the open source community to
drive standards for containerisation
REGISTRY / CONTAINER
DISCOVERY
CONTAINER FORMAT WITH
DOCKER
ISOLATION WITH
LINUX CONTAINERS
ORCHESTRATION WITH
KUBERNETES
35. CUSTOMER WINS
Business Challenges
Key Benefits
● Cisco IT organization has to support thousand of application
developers
● Built out large virtualization farm to provide developer
environments (over 15,000 JVMs deployed)
● Needed to improve developer productivity and expand access
to new languages/frameworks
● Poor infrastructure utilisation and hard to manage
● Automated provisioning for developers via new Lightweight
Application Environment (LAE)
● Able to offer standardized stacks for different languages
including Java and Node.js
● Containers provide better infrastructure utilisation and easier
to manage operationally
● Benefit from Red Hat’s technical depth and world class
support
36. CUSTOMER WINS
Business Challenges
● Customers want more on-demand enterprise web & mobile
apps
● Needed faster time to market for new CA SaaS offerings
● Wanted a common platform for multiple product teams to
build apps on
Key Benefits
● Enables product teams to more quickly build, deploy and
update apps
● Able to experiment and take apps from concept to
production faster
● Containers provide better utilisation of hardware and
horizontal scaling
37. CUSTOMER WINS
Business Challenges
Key Benefits
● Company plays both in HR and Finance industries
and is constantly challenged to innovate
● Technology has to be consistent with the continuous
delivery process adopted
● Heterogeneous Environment - ability to run Weblogic
and Spring applications
● Unattended automated release process - platform
must also be able to recover to a known stable state
● Consistency between environments - code pushed to
other environments react the same way
● Developer Path to Innovation - enabled developers to
make changes, in a consistent manner.
● Empowered developers to do what they needed to do
without requiring IT Ops engagement.
● Higher application density with the same hardware
resources
38. CUSTOMER WINS
Business Challenges
Key Benefits
● Highly competitive retail online market
● Needed to increase performance and flexibility of the
application architecture
● Hybrid Cloud Environment - infrastructure should run
both on premises and on the cloud
● Monolithic to microservices - highly flexible
microservices architecture for developers and
operations
● Automated provisioning and management of the
platform stack - needed to meet growing business
demand for new application services
● Loosely coupled components enabled better
utilization and management of assets.
39. CUSTOMER WINS
Business Challenges
Key Benefits
● Deliver safe, reliable, mission critical products to the
market though a complex system of checks and
balances.
● Foster innovation and entrepreneurial efforts from
within a large 170,000 person company
● Be able to execute ideas with IT and supplier
management in a scalable way
● Able to streamline modern web application creation
and development.
● Extend the life of legacy software by either migrating
them or incorporating them into a web application
● Reduce costs and increase ROA