Chapter 1. A Kubernetes Application Platform
OpenShift gives your applications distributed computing power without forcing you to become a distributed computing expert. Translated into jargon, that means OpenShift is a platform as a service (PaaS).
OpenShift includes tools for building applications from source in composable pipelines. It adds a browser-based graphical interface, the OpenShift Web Console, for deploying and managing workloads. You can point and click to set up network connections, monitoring and alerts, and rules for automatically scaling workloads. An OpenShift cluster applies software updates to itself and its nodes without cluster downtime.
OpenShift is a product from Red Hat. You can run it on your laptop, on a cluster of physical or virtual machines, on all the major cloud providers, and as a managed service. Like most software from Red Hat, OpenShift is developed as an open source project, the OpenShift Kubernetes Distribution (OKD). OpenShift is in turn built atop two open source keystones: application containers and the Kubernetes container orchestrator.
Linux Containers
Containers are an atomic unit of execution. Each running instance of a container is stamped from an Open Container Initiative (OCI) image that packages an application executable with all the pieces it needs to run. These dependencies can include shared libraries, auxiliary programs, language runtimes, and anything else the application requires. Such a self-contained parcel is easier to distribute among a team, in a continuous series of releases on a server, and to arbitrary nodes in a cluster.
Container images are stored in a repository often called a container registry. Linux kernel facilities isolate and mediate running containers. A running container has its own filesystem and a defined share of the resources of the node where it runs. This isolation allows an orchestrator to schedule containers on a node with sufficient resources without evaluating every other workload running there for potential conflicts in filenames, network port numbers, or other resources.
Kubernetes
OpenShift is a distribution of Kubernetes. Kubernetes is an open source project started at Google and developed by a group of companies and individuals since its release in 2014. This community has adopted formal governance through the Cloud Native Computing Foundation (CNCF). Red Hat has been a leading contributor to Kubernetes since the project began, and OpenShift is developed in collaboration with the Kubernetes community.
Kubernetes in OpenShift is like the Linux kernel in a Linux distribution. A Linux distribution combines the kernel with the more familiar programs you use directly. It also makes some basic choices about how you log in, where your files are stored, and what software is essential, letting you do useful work with the system without building it entirely from scratch.
Kubernetes defines a set of common resources and an API for manipulating them. Those resources describe the desired state and track the actual state of the cluster and the things running on it. Kubernetes tries to make the actual state of a resource match its desired state. It repeats this for the life of the cluster. This continuous cycle of watching and tending is called the reconcile loop.
Kubernetes alone isn’t enough to sustain software in production. There are many decisions to make and components to configure before you can do much with it. Imagine you have the source code for an application and the job of deploying it on a Kubernetes cluster. How will you compile the source code or pair it with its interpreter for packaging in a container image? Will your build process need other computing resources, such as a specialized build server? Once the image is constructed, where will it be stored so that your cluster can access it? A public container registry (and external dependency) like Docker Hub or Quay? Or will you need to run your own registry? Your program likely depends on other programs, like a database or application server. Where and how will those run? Can you run them on the cluster, or will you have to maintain another system? These are basic considerations. Addressing them yields a running pod and a new set of questions: How should your application connect with the outside world? How should the power to scale the application, or deploy new versions of it, be governed?
What OpenShift Adds
OpenShift builds atop its Kubernetes core to add features and the components that support them. Some of its original developers called Kubernetes “a platform for building platforms.” OpenShift took them up on it. It provides the automation and resilience of modern infrastructure while letting you stay focused on your application code (Figure 1-1).
This book focuses on the features you’ll use to run your applications. It is not an OpenShift system administration guide. The next section previews some of OpenShift’s developer features. You’ll use most of them in the following chapters.
Web Console
The OpenShift Web Console is a graphical view of the cluster and your applications. As the name suggests, it runs in a web browser. The Web Console lets you do everything necessary to deploy and run your software projects with graphical controls and forms for configuration, rather than sifting through so many lines and indentations of underlying YAML. The console depicts connections between services with a topological view of application components, and shows project, application, and container resource consumption with graphical gauges and charts (Figure 1-2).
Curated Software Catalogs: An OpenShift App Store
The Web Console also aggregates software catalogs, from application templates to Kubernetes Operators. The OperatorHub inside the Web Console, for example, is like an app store for Kubernetes applications. You can use it to find and deploy databases, message queues, and other middleware—the kinds of components nearly all applications rely on. Like apps on your mobile device, Operators keep their applications running and updated with the latest features and fixes.
CI/CD: Pipelines
OpenShift brings the continuous integration and continuous development (CI/CD) system into the cluster. OpenShift’s pipelines let you compose a process to build, test, package, and release your application. In this book, you’ll go from logging in to the OpenShift Web Console to having the platform automatically build and deploy your code when you commit changes to your source repository. Once you establish deployment settings and build triggers, OpenShift should fade into the background of daily application development.
Networking and Service Mesh
OpenShift can simplify or even automate much of the tedious work of connecting application components together and to the outside world of your users and customers.
OpenShift Routes configure an included Layer 7 reverse proxy for external HTTP connections to internal, load-balancing cluster Services. A Service is a stable endpoint representing the running pods of an application, since those may come and go with scaling, failover, or upgrades. A route specifies the external DNS hostnames for which it relays traffic and the Service to which that traffic should be directed.
OpenShift also has a bolt-on service mesh, Istio. A service mesh measures and controls how services connect with one another and the outside world. Istio detail is beyond the scope of this book, but once you’ve mastered deploying applications on OpenShift, you can learn more about service meshes and Istio in Introducing Istio Service Mesh for Microservices by Christian Posta and Burr Sutter (O’Reilly).
Integrated Prometheus Metrics, Monitoring, and Alerts
OpenShift constructs its features for monitoring cluster resources atop the open-source Prometheus project. The Web Console presents graphs showing CPU, memory, and network usage for the whole cluster, a project, a deployment, or all the way down to a running container. Figure 1-3 shows the CPU usage of a deployment.
OpenShift can gather application-specific metrics from programs that produce the standard Prometheus data format. Prometheus exporter libraries available for many languages equip an application to deliver statistics about its internal state in an interoperable way.
Summary
You’ve seen how OpenShift layers developer tools and application management atop Kubernetes to make it easier to deliver your software and keep it running. The next chapter introduces key concepts for building and deploying applications on OpenShift.
Get OpenShift for Developers, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.