Skip to main content

OpenShift Basics and high level architecture


  • Minimum requirement to run any program/software/application we need an environment and this kind of environment is known as operating system(OS).
  • As I explained in last post there are total 4 techniques we have for OS provisioning, and containerization is the fastest approach. Just within few seconds we can not only launch a full flash OS but all we can access an application as well.
  • There are lots of container tools are available like Docker, Podman, CRI-O but these are depended on runc. RUNC is lowest level which directly run on top of kernel. Just to understand in simple language we can say tha runc is a server for container tools and container tools(Docker, Podman, CRI-O) are just client of it.
  • There are two type of docker tools we have - Daemon based and Daemon less, docker is daemon based and Podman and CRI-O are daemon less. That means in -
Docker - Talk with docker.service and this services talks with runc.
Podman/CRI-O - Directly talk with runc
  • That is the technical reason of competitively Podman & CRI-O are faster than docker.
  • Docker, Podman & CRI-O do there job very well but along with container we require few more things so that our environment can run soomthly and whenever there is any issue we come to know asap.
  • So to run an environment smoothly and easy to manage we need few more things like - Container management tool, Monitoring, Notifications, If there is any failure then Automatic Container launch, Auto scaling, Collect Metrics, Authentication & a beutiful web UI so that a user can interact with it.
  • In all these areas our container tools are not smart enough so that why we need some tools which provides all these services and that's how role of Kubernetes(K8s) from google, Swarm from Docker and Mesos Marathon comes into the picture. These tools have all the capabilities listed above.
  • If a tool provides all these services is also known as a Container Orchestration tool. So in our case we can say that K8s is a Container Orchestration Tool.
  • The OCI(Open Container Initiative) is a Linux Foundation project to design open standards for operating-system-level virtualization, most importantly Linux containers, and container tools should follow standards defined by OCI. CRI-O is the one who follow maximum standards defined by OCI.
  • If we setup an environment using all the things I've explained above we can achieve a perfect containerization solution, but it will be a complex environment and to manage this environment we need a experienced technical engineer who knows - Docker/Podman/CRI-O, YAML, Linux etc. and after all even though container tools are very fast, but our solution will be quite slower. Because whenever human interaction comes into the picture things get slow, human can't be as fast as computer.
  • So if we have one more abstraction layer on top of container management tools (K8s, Swarm or Mesos Marathon) K8s in our case and this abstraction layer manage K8s on behalf us known as container platform which is OpenShift(RHOCP - Red Hat OpenShift Container Platform) of us.
  • So how our environment look like now - 
Hardware(RAM/CPU) >> Kernel >> runc >>  CRI-O >> K8s >> OpenShift
  • Few things we can add here about K8s and runc
-K8s is a program through which we can create and manage containers.
-K8s is a Orchestration tool for containers.
-runc is not a services so we can't start/stop it while it is kind of driver, which can be loaded/unloaded.

Comments

Popular posts from this blog

error: db5 error(11) from dbenv->open: Resource temporarily unavailable

If rpm command is not working in your system and it is giving an error message( error: db5 error(11) from dbenv->open: Resource temporarily unavailable ). What is the root cause of this issue? How to fix this issue?   just a single command- [root@localhost rpm]# rpm --rebuilddb Detailed error message- [root@localhost rpm]# rpm -q firefox ^Cerror: db5 error(11) from dbenv->open: Resource temporarily unavailable error: cannot open Packages index using db5 - Resource temporarily unavailable (11) error: cannot open Packages database in /var/lib/rpm ^Cerror: db5 error(11) from dbenv->open: Resource temporarily unavailable error: cannot open Packages database in /var/lib/rpm package firefox is not installed [root@localhost rpm]# RPM manage a database in which it store all information related to packages installed in our system. /var/lib/rpm, this is directory where this information is available. [root@localhost rpm]# cd /var/lib/rpm ...

Failed to get D-Bus connection: Operation not permitted

" Failed to get D-Bus connection: Operation not permitted " - systemctl command is not working in Docker container. If systemctl command is not working in your container and giving subjected error message then simple solution of this error is, create container with -- privileged option and also provide init file full path  /usr/sbin/init [root@server109 ~]# docker container run -dit --privileged --name systemctl_not_working_centos1 centos:7 /usr/sbin/init For detailed explanation and understanding I am writing more about it, please have look below. If we have a daemon based program(httpd, sshd, jenkins, docker etc.) running inside a container and we would like to start/stop or check status of daemon inside docker then it becomes difficult for us to perform such operations , because by default systemctl and service  commands don't work inside docker. Normally we run below commands to check services status in Linux systems. [root@server109 ~]# systemctl status ...

AWS cloud automation using Terraform

In this post I'll create multiple resources in AWS cloud using Terraform . Terraform is an infrastructure as code( IAC ) software which can do lots of things but it is superb in cloud automation. To use Terraform we have write code in a high-level configuration language known as Hashicorp Configuration Language , optionally we can write code in JSON as well. I'll create below service using Terraform- 1. Create the key-pair and security group which allow inbound traffic on port 80 and 22 2. Launch EC2 instance. 3. To create EC2 instance use same key and security group which created in step 1 4. Launch Volume(EBS) and mount this volume into /var/www/html directory 5. Upload index.php file and an image on GitHub repository 6. Clone GitHub repository into /var/www/html 7. Create S3 bucket, copy images from GitHub repo into it and set permission to public readable 8 Create a CloudFront use S3 bucket(which contains images) and use the CloudFront URL to update code in /var/w...