Red Hat OpenShift | Google Cloud — Reference Architecture
A customer recently asked me to provide a reference architecture for Red Hat OpenShift at a Public Cloud. I had chosen Google Cloud because of its GKE default auto scaling functionality that supports worker nodes elasticity. The below content may help to define a Red Hat OpenShift Architecture at any Public Cloud.
1 INTRODUCTION
This introduction should connect this document with Red Hat OpenShift, Google Cloud Platform (GCP) and DevOps, and briefly describe:
- Red Hat OpenShift Management Architecture
- Red Hat OpenShift DevOps Toolchain
- Red Hat OpenShift Deployment Architecture at GCP
2 RED HAT OPENSHIFT MANAGEMENT ARCHITECTURE
Red Hat OpenShift is a Hybrid Container platform for developing, orchestrating and hosting containerized Microservices applications with its foundation in Kubernetes (K8S). The K8S foundation enable OpenShift to integrate with the larger ecosystem of DevOps tools to have a DevOps pipeline.
Kubernetes is an open source container platform for automating deployment, scaling, scheduling and management of containerized applications.
2.1 THE CONTROL PLANE (MASTER NODES)
The control plane, which is composed of master machine nodes, manages the OpenShift platform operations. It manages worker nodes in the K8S cluster and schedule pods to run on worker nodes for workload sharing.
The following table highlight the subset or components of OpenShift Control Plane that are significant to form a Management Architecture.
2.2 WORKER NODES
A worker machine node provides the runtime environments for containers. Each worker node in a K8S cluster has the required services to be managed by the Masters.
Worker Nodes also have the required services to run pods, including the Docker service, a kubelet, and a service proxy.
The following table highlight the subset or components of OpenShift Worker Nodes that are significant to form an Application hosting environment.
2.3 INFRASTRUCTURE NODES
The OpenShift infrastructure node runs infrastructure-specific services such as the Container Registry and the HAProxy router. The Container Registry stores application images in the form of containers. The HAProxy router provides routing functions for OpenShift applications.
Additional core services such as logging, metrics, Git, artifactories and monitoring services can be deployed on OpenShift infrastructure nodes.
2.4 RED HAT AND KUBERNETES ECOSYSTEM
The OpenShift Architecture has pluggable feature to work with other Red Hat ecosystem tools such as ANSIBLE Automation, GlusterFS, Red Hat Quay etc. The foundation of OpenShift is Kubernetes, therefore customers can plug-in K8S ecosystem tools such as Jenkins, Git, Prometheus, ELK, Grafana, Skopeo into its Architecture and Operations.
It can utilize the Auto Scaling Group functionality of Google Cloud and Auto Scaling Functions of GKE (Google Kubernetes Engine) to have superior scheduling, DR services across Cloud availability zones.
3 HIGH LEVEL DEPLOYMENT VIEW
The OpenShift Platform can be deployed in the Public or Private Cloud. The diagram below provides a high-level representation of the OpenShift Management System’s infrastructure;
Add description
4 RED HAT OPENSHIFT DEVOPS TOOLCHAIN
DevOps toolchain is an integrated software development tool set that enable the DevOps teams to have continuous integration, continuous delivery and continuous deployment to speed to market their applications.
A typical DevOps toolchain combines the following:
- Plan and Requirements (JIRA)
- Source control systems (GitHub, Bitbucket)
- Build and Schedule (Jenkins)
- Static Code Analysis (SonarQube)
- Test (Junit, Selenium)
- Artifactories (Nexus, JFrog)
- Configuration tools (ANSIBLE, Chef, Puppet)
- Containers (Docker)
- Container Registries (Private, Public Docker Hub)
- Container Orchestration (Kubernetes, Docker Swarm)
- Search, Logging and Visualize (Elasticsearch, Logstash, Kibana, Splunk)
- Monitoring (Prometheus)
- Analytics (Grafana)
- Security (Vault, Secrets at K8S)
- Supporting tools (Skopeo, Helm Charts and other package managers)
- Dozen other tools (Apache Maven, ANT, Integration Plugins)
Kubernetes, the foundation of OpenShift support all the above tools in its ecosystem. The usability of OpenShift enable developers to integrate the above tools seamlessly to automate and organize the CI/CD/CD processes required to deliver their software deliverable.
The diagram below provides a physical representation of the Red hat OpenShift DevOps Toolchain System’s infrastructure;
Add description
5 RED HAT OPENSHIFT APPLICATION DEPLOYMENT ARCHITECTURE AT GCP
The Red Hat OpenShift utilizes the Google Compute Engine as its IaaS layer to function. The reference implementation architecture at GCP requires the following configuration items;
Google Compute Engine (IaaS)
- 1 Bastion Node
- x Master Nodes
- x Infrastructure Nodes
- x Worker Nodes
- A dedicated VPC Network.
- GCP load balancer for Master Nodes to balance API requests and the OpenShift administration web console.
- GCP load balancer for Applications to balance incoming connections to applications running in OpenShift.
- Dedicated storage for the OpenShift Container Registry.
- Dedicated storage for Container Images on all nodes.
- Dedicated storage for Pods local storage on all worker nodes.
- Dedicated storage for etcd data on all Master Nodes.
- Dynamic storage for applications.
- IP addresses and security groups for bastion, GCP Masters load balancer and GCP applications load balancer.
OpenShift PaaS
- OpenShift routers and registry running in the infrastructure nodes.
- OpenShift SDN for pod to pod communication.
NOTE: OpenShift requires GKE (Google Kubernetes Engine) functions to have Autoscaling. GlusterFS can be used to access PVC (Persistent Volume Claims) across all availability zones for stateful sets.
The diagram below provides a physical representation of the Red hat OpenShift Application Deployment System’s infrastructure;
Add description
6 Conclusion
Red Hat OpenShift provide an for building a production ready environment which simplifies the CI/CD/CD process, support easily configurable K8S and Red Hat ecosystem tools, and ensures stability by running applications in a highly available environment.
The diagrams and steps described in this reference architecture provide a high level overview and the blueprints required to create a minimum viable solution to build an OpenShift Cluster at Google Cloud.
Lawrence Manickam is the Founder of Kuberiter Inc, a Seattle based Start-up that provide Enterprise/SaaS DevOps Services (Kubernetes, Docker, Helm and Istio) for MultiCloud.
Please subscribe at www.kuberiter.com to try our DevOps SaaS Services.
