RED HAT CONTAINER STRATEGY An introduction to Atomic Enterprise Platform and OpenShift 3 Gavin McDougall Senior Solution Architect
AGENDA Software disrupts business What are Containers? Misconceptions of Containers Challenges of Containers Open Hybrid Cloud Establishing Open Standards Client Case Studies Why Red Hat? Questions
SOFTWARE DISRUPTS BUSINESS Retail Finance Media? Transportation?
THE PROBLEM
APPLICATION DELIVERY VIA CONTAINERS
IT MUST EVOLVE TO STAY AHEAD OF THE DEMANDS
WHAT ARE CONTAINERS?
WHAT ARE CONTAINERS? Software packaging concept that typically includes an application and all of its runtime dependencies. Easy to deploy and portable across host systems Isolates applications on a host operating system In RHEL, this is done through: Control Groups (cgroups) kernel namespaces SELinux, svirt, iptables Docker
TRADITIONAL vs. VIRTUALISED vs. CONTAINERS
THE BENEFITS OF CONTAINERS MANY SEE CONTAINERS AS THE UTOPIA OF APPLICATION DELIVERY Containers potentially offer the ability to encapsulate a lot of manual processes and make it little or no touch. 54% - IT Operations Engineer, Financial Services 51% 38% FASTER APP DELIVERY OPERATIONAL EFFICIENCY Source: TechValidate survey of 79 IT professionals DEPLOYMENT FLEXIBILITY 30% LOWER DEPLOYMENT COSTS
ADVANCED INFRASTRUCTURE RUNS ON CONTAINERS Everything at Google, from Search to Gmail, is packaged and run in a Linux container. 1 - Eric Brewer, VP of Infrastructure, Google 1 Source: http://googlecloudplatform.blogspot.com/2014/06/an-update-on-container-support-on-google-cloud-platform.html
TOP 5 MISCONCEPTIONS ABOUT CONTAINERS 1 Containers are new. 2 Containers equal virtualisation. 3 Containers are universally portable. 4 Containers are secure by default. 5 Containers are not enterprise-ready.
CHALLENGES
CONTAINER ADOPTION CHALLENGES CONTAINERISING THE DATA-CENTRE REQUIRES PLANNING Organisations need a secure and reliable foundation on which they can run and orchestrate multi-container based applications at scale
THE NEED FOR A 'CHAIN OF TRUST' DOCKER HUB docker pull mongodb Who built this image? What s its purpose? Was it created to support a demo? Is it safe to consume? Who maintains it?
WHAT'S INSIDE THE CONTAINER MATTERS 36% of official images in Docker Hub contain high priority security vulnerabilities 100% 90% 80% 70% 60% 50% 28% 40% High vulnerabilities: ShellShock (bash), Heartbleed (OpenSSL), etc. Medium vulnerabilities: Poodle (OpenSSL), etc. Low vulnerabilities: gcc: array memory allocations could cause integer overflow 30% 20% 10% 36% Medium priority High priority 0% All Images (n=962) Source: Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities, Jayanth Gummaraju, Tarun Desikan, and Yoshio Turner, BanyanOps, May 2015 (http://www.banyanops.com/pdf/banyanops-analyzingdockerhub-whitepaper.pdf)
RED HAT CONTAINER CERTIFICATION UNTRUSTED RED HAT CERTIFIED Will what s inside the containers compromise your infrastructure? How and when will apps and libraries be updated? Will it work from host to host? Trusted source for the host and the containers Trusted content inside the container with security fixes available as part of an enterprise lifecycle Portability across hosts APP LIBS HOST OS HOST OS HW HW
SIMPLIFYING CONTAINER ADOPTION FOR PARTNERS
OPEN HYBRID CLOUD
RED HAT'S VISION: OPEN HYBRID CLOUD
CONTAINER-BASED APPLICATION DELIVERY SOLUTIONS A continuum of solutions to develop, run, and manage container-based applications Deployment platform for containers Platform for containers development and deployment Platform for traditional and cloud native applications in containers and VMs, on OpenStack infrastructure
RED HAT ATOMIC ENTERPRISE PLATFORM Run and orchestrate multi-container based applications at scale An integrated infrastructure container deployment platform powered by Red Hat Enterprise Linux that is designed to run, orchestrate, and scale container-based applications and services Provides foundation for production-scale container deployments, utilising same core enabling technologies as OpenShift v3, including Docker format Linux containers, Kubernetes orchestration, and RHEL7 Easily manage and scale applications and infrastructure through a managed cluster of container hosts Gain application resiliency and elasticity via orchestration and service aggregation
OPENSHIFT ENTERPRISE by Red Hat Integrated hybrid cloud application platform for application development and deployment An integrated hybrid cloud application platform for application development and deployment that facilitates DevOps workflows and needs Develop, build, and manage container based applications with application lifecycle management and a rich developer experience Easily turn source code into running applications with source-to-image capabilities
RED HAT ATOMIC ENTERPRISE PLATFORM AND OPENSHIFT 3 CONTAINER CONTAINER CONTAINER DEVOPS TOOL AND EXPERIENCE LANGUAGE RUNTIMES, MIDDLEWARE, DATABASES, AND OTHER SERVICES CONTAINER ORCHESTRATION AND MANAGEMENT CONTAINER API RHEL RHEL ATOMIC HOST PHYSICAL INFRASTRUCTURE
RED HAT CLOUD SUITE FOR APPLICATIONS Run, orchestrate, and manage multi-container based applications and scalable infrastructure at scale Containers Virtual Machines PaaS IaaS Hybrid Management Cloud Instances Solution providing both Infrastructure-asa-Service (IaaS) for massive scalability and Platform-as-a-Service (PaaS) for faster application delivery, combined with a unified management framework that supports hybrid deployment models Virtualization Red Hat Cloud Suite for Applications Seamlessly manage from infrastructure to applications Build scalable infrastructure based on OpenStack
CONTAINER-BASED APPLICATION DELIVERY SOLUTIONS MIDDLEWARE AND MOBILITY SERVICES Seamlessly manage from infrastructure to applications CERTIFIED APPLICATIONS VIA ISV ECOSYSTEM Build scalable infrastructure based on OpenStack Unified management from bare metal to containers Scalable infrastructure Hybrid deployment management Develop, build, and manage container-based applications Run and orchestrate multi-container based applications at scale Develop, build, and manage container-based applications Application lifecycle management Continuous integration Developer experience Source-to-image Run and orchestrate multi-container based applications at scale Run and orchestrate multi-container based applications at scale Managed cluster of container-optimized hosts Orchestration and service aggregation RED HAT ENTERPRISE LINUX, INCLUDING ATOMIC HOST CERTIFIED HARDWARE ECOSYSTEM
COMMUNITY POWERED INNOVATION
OPENSHIFT ONLINE
ESTABLISHING OPEN STANDARDS
CREATING DEFACTO STANDARDS Red Hat works with the open source community to drive standards for containerisation ISOLATION WITH LINUX CONTAINERS CONTAINER FORMAT WITH DOCKER ORCHESTRATION WITH KUBERNETES REGISTRY / CONTAINER DISCOVERY
OPEN CONTAINER INITIATIVE
CLOUD NATIVE COMPUTING FOUNDATION
CUSTOMER CASE STUDIES
OPENSHIFT ENTERPRISE Read more at: openshift.com/customers
CUSTOMER WINS Business Challenges Cisco IT organization has to support thousand of application developers Built out large virtualization farm to provide developer environments (over 15,000 JVMs deployed) Needed to improve developer productivity and expand access to new languages/frameworks Poor infrastructure utilisation and hard to manage Key Benefits Automated provisioning for developers via new Lightweight Application Environment (LAE) Able to offer standardized stacks for different languages including Java and Node.js Containers provide better infrastructure utilisation and easier to manage operationally Benefit from Red Hat s technical depth and world class support
CUSTOMER WINS Business Challenges Customers want more on-demand enterprise web & mobile apps Needed faster time to market for new CA SaaS offerings Wanted a common platform for multiple product teams to build apps on Key Benefits Enables product teams to more quickly build, deploy and update apps Able to experiment and take apps from concept to production faster Containers provide better utilisation of hardware and horizontal scaling
CUSTOMER WINS Business Challenges Company plays both in HR and Finance industries and is constantly challenged to innovate Technology has to be consistent with the continuous delivery process adopted Heterogeneous Environment - ability to run Weblogic and Spring applications Unattended automated release process - platform must also be able to recover to a known stable state Key Benefits Consistency between environments - code pushed to other environments react the same way Developer Path to Innovation - enabled developers to make changes, in a consistent manner. Empowered developers to do what they needed to do without requiring IT Ops engagement. Higher application density with the same hardware resources
CUSTOMER WINS Business Challenges Highly competitive retail online market Needed to increase performance and flexibility of the application architecture Hybrid Cloud Environment - infrastructure should run both on premises and on the cloud Key Benefits Monolithic to microservices - highly flexible microservices architecture for developers and operations Automated provisioning and management of the platform stack - needed to meet growing business demand for new application services Loosely coupled components enabled better utilization and management of assets.
CUSTOMER WINS Business Challenges Deliver safe, reliable, mission critical products to the market though a complex system of checks and balances. Foster innovation and entrepreneurial efforts from within a large 170,000 person company Be able to execute ideas with IT and supplier management in a scalable way Key Benefits Able to streamline modern web application creation and development. Extend the life of legacy software by either migrating them or incorporating them into a web application Reduce costs and increase ROA
WHY RED HAT?
TRANSFORMING APP DELIVERY CONTAINERS FOR THE ENTERPRISE CONTAINERS YOU CAN TRUST PROVEN CONTAINER PORTABILITY INTEGRATED APP DELIVERY PLATFORM
QUESTIONS?