OpenShift Multi-Cluster Management Handbook: Go from architecture to pipelines using GitOps

by Giovanni Fontana, Marcos Amorim, Rafael Pecora

Length: 458 pages
Edition: 1
Language: English
Publisher: Packt Publishing
Publication Date: 2022-11-11
ISBN-10: 1803235284
ISBN-13: 9781803235288
Sales Rank: #508944 (See Top 100 Books)

Discover best practices for designing and scaling robust OpenShift clusters’ architecture for different workloads

Manage multiple clusters on-premise or in the cloud using multi-cluster management tools to keep them secure and compliant

Implement multi-cluster CI/CD on OpenShift using GitOps

Key Features

Discover best practices to design robust OpenShift architecture and scale them to different workloads
Understand the minimal collection of topics you should consider in your container security strategy
Implement multi-cluster CI/CD on OpenShift using GitOps

Book Description

For IT professionals working with Red Hat OpenShift Container Platform, the key to maximizing efficiency is understanding the powerful and resilient options to maintain the software development platform with minimal effort. OpenShift Multi-Cluster Management Handbook is a deep dive into the technology, containing knowledge essential for anyone who wants to work with OpenShift.

This book starts by covering the architectural concepts and definitions necessary for deploying OpenShift clusters. It then takes you through designing Red Hat OpenShift for hybrid and multi-cloud infrastructure, showing you different approaches for multiple environments (from on-premises to cloud providers). As you advance, you’ll learn container security strategies to protect pipelines, data, and infrastructure on each layer. You’ll also discover tips for critical decision making once you understand the importance of designing a comprehensive project considering all aspects of an architecture that will allow the solution to scale as your application requires.

By the end of this OpenShift book, you’ll know how to design a comprehensive Red Hat OpenShift cluster architecture, deploy it, and effectively manage your enterprise-grade clusters and other critical components using tools in OpenShift Plus.

What you will learn

Understand the important aspects of OpenShift cluster architecture
Design your infrastructure to run across hybrid clouds
Define the best strategy for multitenancy on OpenShift
Discover efficient troubleshooting strategies with OpenShift
Build and deploy your applications using OpenShift Pipelines (Tekton)
Work with ArgoCD to deploy your applications using GitOps practices
Monitor your clusters’ security using Red Hat Advanced Cluster Security

Who this book is for

This book is for a wide range of IT professionals using or looking to use OpenShift with a hybrid/multi-cloud approach. In this book, IT architects will find practical guidance on OpenShift clusters’ architecture, while Sysadmins, SREs, and IT operators will learn more about OpenShift deployment, troubleshooting, networking, security, and tools to manage multiple clusters from a single pane. For DevOps engineers, this book covers CI/CD strategies for multiple clusters using GitOps. Equipped with just basic knowledge of containerization and Kubernetes, you’re ready to get started.

OpenShift Multi-Cluster Management Handbook
Foreword
Contributors
About the authors
About the reviewers
Preface
    Who this book is for
    What this book covers
    To get the most out of this book
    Download the color images
    Download the example code files
    Conventions used
    Get in touch
    Share Your Thoughts
    Download a free PDF copy of this book
Part 1 – Design Architectures for Red Hat OpenShift
Chapter 1: Hybrid Cloud Journey and Strategies
    Main challenges of the public cloud
    Benefits of the public cloud
    Is hybrid cloud the solution?
    Containers and Kubernetes – part of the answer!
    OpenShift – a complete option
        OpenShift offerings – multiple options to meet any needs
        OpenShift installation modes
        OpenShift multi-cluster tools – going above and beyond
    Summary
    Further reading
Chapter 2: Architecture Overview and Definitions
    Technical requirements
        Prerequisites
    Understanding the foundational concepts
        Master nodes
        Bootstrap node
        Workers
        Highly available cluster
    OpenShift architectural concepts and  best practices
        Installation mode
        Computing
        Aggregated logging
        Monitoring
        Storage
        Example
    Infrastructure/cloud provider
    Network considerations
        VPC/VNet
        DNS
        Load balancers
        DHCP/IPMI/PXE
        Internet access
    Other considerations
        SSL certificates
        IdPs
    OpenShift architectural checklists
    Summary
    Further reading
Chapter 3: Multi-Tenant Considerations
    What is multitenancy?
    Handling multiple tenants
        Multitenancy in OpenShift
        Multi-tenant strategies
        OpenShift multitenancy checklist
    Summary
    Further reading
Chapter 4: OpenShift Personas and Skillsets
    Personas
        A system/cloud/platform administrator
        IT architect
        Application developer
        The DevOps engineer/SRE
        The security engineers
    The skills matrix
        Architecture-, infrastructure-, and automation-related skills
        Development-, container-, and CI/CD-related skills
        OpenShift-related skills
    Summary
    Further reading
Part 2 – Leverage Enterprise Products with Red Hat OpenShift
Chapter 5: OpenShift Deployment
    Requirements
        OpenShift checklist opt-in
        Lab requisites
    OpenShift installation prerequisites
        UPI/agnostic installer
        IPI
    Preparing for the installation
        An SSH key pair
        Pull secret
        OpenShift installer binary
        OpenShift command-line tools
        Installation configuration file (install-config.yaml)
    Installation
        Phase 1 – Provisioning servers
        Phase 2 – Bootstrap and control plane
        Phase 3 – Check for certificates to sign – For UPI and agnostic installations only
        Phase 4 – Finishing the installation
    What's next?
    FAQs
    Summary
    Further reading
Chapter 6: OpenShift Troubleshooting, Performance, and Best Practices
    Things that can crash a cluster
        Operators
        etcd
        Authentication
    Troubleshooting reference guide – how to start
        Describing objects
        Events
        Pod logs
        Deployment logs
        Debugging pods
        Operator logs
        Other oc CLI commands and options
    Understanding misleading error messages
        ImagePullBackOff
        CrashLoopBackOff
        Init:0/1
    Summary
    Further reading
Chapter 7: OpenShift Network
    OpenShift networking
        How does traffic work on Open vSwitch?
        Network type – OpenShift SDN or OVN-Kubernetes
    Network policies
        North-south traffic
        East-west traffic
        Controlling network traffic
        Creating a network policy
    What is an ingress controller?
        How does an ingress operator work?
        Creating a new ingress controller
        Testing the new ingress
    Types of routes
        Passthrough routes
        Edge routes
        Reencrypted routes
    Summary
    Further reading
Chapter 8: OpenShift Security
    Container security
        Control
        Protect
        Detect and respond
    AuthN and AuthZ
        Authentication
        IdPs
        Authorization – RBAC
        Access-control troubleshooting
    Certificates in OpenShift
        Trusted CA
    etcd encryption
    Container isolation
        SCCs
    Network isolation
    Red Hat Container Catalog
        Red Hat UBI
        Limiting image registry sources
    Summary
    Further reading
Part 3 – Multi-Cluster CI/CD on OpenShift Using GitOps
Chapter 9: OpenShift Pipelines – Tekton
    Technical requirements
        Installing and using CRC
    What is OpenShift Pipelines?
        What is Tekton?
        Main benefits
        Tekton components
        Concepts
    Installing OpenShift Pipelines
        Prerequisites
        Installation
        Installing the tkn CLI
    Creating a Tekton pipeline from scratch
        Tasks
        TaskRun
        Pipelines
        PipelineRun
    Using triggers with GitHub webhooks
        TriggerBinding
        TriggerTemplate
        Trigger
        EventListener
        Creating a GitHub webhook
        Testing the Tekton trigger
    Fixing the failed PipelineRun due to YAML issues
    Summary
    Further reading
Chapter 10: OpenShift GitOps – Argo CD
    What is GitOps?
    What is Argo CD?
    Application delivery model
    Installing OpenShift GitOps
        Prerequisites
        Installation
        Installing the argocd CLI
    Configuring Argo CD against multiple clusters
    Argo CD definitions and challenges
        GitHub repository structure
        Templating Kubernetes manifests
        Managing secrets
    Argo CD main objects
        AppProject
        Applications
    Deploying an application using GitOps
        Building a new image version
        Deploying in development
        Promoting to QA
        Promoting to production
    Deploying to multiple clusters
    Summary
    Further reading
Chapter 11: OpenShift Multi-Cluster GitOps and Management
    What is Red Hat ACM?
    Red Hat ACM installation
        Prerequisites
        Installation
    Managing clusters using Red Hat ACM
        Cluster provisioning
    Managing applications using Red Hat ACM
        Application Subscription model
        OpenShift GitOps (Argo CD) and ApplicationSets
    Governance using Red Hat ACM
    Multi-cluster observability with Red Hat ACM
        Prerequisites
        Enabling the observability service
    Summary
    Further reading
Part 4 – A Taste of Multi-Cluster Implementation and Security Compliance
Chapter 12: OpenShift Multi-Cluster Security
    What is Red Hat Advanced Cluster Security?
    Red Hat Advanced Cluster Security installation
        Prerequisites
        Operator installation
        ACS Central installation
    Adding secured clusters
    Policies and violations
        Security policies
        Violations
    Vulnerability management
    Risk profiling
    Compliance
    Configuration Management
    Network segmentation
        Network flows
        Network Policy Simulator
    Summary
    Further reading
Chapter 13: OpenShift Plus – a Multi-Cluster Enterprise Ready Solution
    Introducing Red Hat Quay
    Deploying Red Hat Quay using the Quay Operator
        Prerequisites
        Operator installation
        Configuring Quay
    Using Red Hat Quay
        Running the tutorial
    What is OpenShift Plus?
        Value proposition: benefits
    OpenShift Plus – a practical use case
    Summary
    Further reading
Chapter 14: Building a Cloud-Native Use Case on a Hybrid Cloud Environment
    Use case description
    Application build using OpenShift Pipelines and S2I
        Configuring the image registry
        Linking image registry credentials
        Checking the image on Quay
    Application deployment using OpenShift Pipelines and GitOps
    Adding security checks in the building and deployment process
        Fixing security issues
    Provisioning and managing multiple clusters
        Provisioning new clusters
        Cluster governance
    Deploying an application into multiple clusters
    Summary
    Further reading
Part 5 – Continuous Learning
Chapter 15: What’s Next
    Red Hat training
        Training and certifications
    Online learning platforms
    Free training and references
        OpenShift Container Platform Demo and Workshop Guide
        OpenShift 4 101 Workshop
        Open Demos
        Red Hat Developer portal
        YouTube and Twitch
        Blogs
        Product documentation
    Summary
    Final words
Index
    Why subscribe?
Other Books You May Enjoy
    Packt is searching for authors like you
    Share Your Thoughts
    Download a free PDF copy of this book

Business Intelligence Tools Cloud Computing Enterprise Applications Groupware Internet Linux Linux & UNIX Administration Network Administration Networking & System Administration Telecommunications

Donate to keep this site alive

To access the Link, solve the captcha.

How to download source code?

1. Go to: https://github.com/PacktPublishing

2. In the Find a repository… box, search the book title: OpenShift Multi-Cluster Management Handbook: Go from architecture to pipelines using GitOps, sometime you may not get the results, please search the main title.