Skip to main content

OpenShift Basics and high level architecture


  • Minimum requirement to run any program/software/application we need an environment and this kind of environment is known as operating system(OS).
  • As I explained in last post there are total 4 techniques we have for OS provisioning, and containerization is the fastest approach. Just within few seconds we can not only launch a full flash OS but all we can access an application as well.
  • There are lots of container tools are available like Docker, Podman, CRI-O but these are depended on runc. RUNC is lowest level which directly run on top of kernel. Just to understand in simple language we can say tha runc is a server for container tools and container tools(Docker, Podman, CRI-O) are just client of it.
  • There are two type of docker tools we have - Daemon based and Daemon less, docker is daemon based and Podman and CRI-O are daemon less. That means in -
Docker - Talk with docker.service and this services talks with runc.
Podman/CRI-O - Directly talk with runc
  • That is the technical reason of competitively Podman & CRI-O are faster than docker.
  • Docker, Podman & CRI-O do there job very well but along with container we require few more things so that our environment can run soomthly and whenever there is any issue we come to know asap.
  • So to run an environment smoothly and easy to manage we need few more things like - Container management tool, Monitoring, Notifications, If there is any failure then Automatic Container launch, Auto scaling, Collect Metrics, Authentication & a beutiful web UI so that a user can interact with it.
  • In all these areas our container tools are not smart enough so that why we need some tools which provides all these services and that's how role of Kubernetes(K8s) from google, Swarm from Docker and Mesos Marathon comes into the picture. These tools have all the capabilities listed above.
  • If a tool provides all these services is also known as a Container Orchestration tool. So in our case we can say that K8s is a Container Orchestration Tool.
  • The OCI(Open Container Initiative) is a Linux Foundation project to design open standards for operating-system-level virtualization, most importantly Linux containers, and container tools should follow standards defined by OCI. CRI-O is the one who follow maximum standards defined by OCI.
  • If we setup an environment using all the things I've explained above we can achieve a perfect containerization solution, but it will be a complex environment and to manage this environment we need a experienced technical engineer who knows - Docker/Podman/CRI-O, YAML, Linux etc. and after all even though container tools are very fast, but our solution will be quite slower. Because whenever human interaction comes into the picture things get slow, human can't be as fast as computer.
  • So if we have one more abstraction layer on top of container management tools (K8s, Swarm or Mesos Marathon) K8s in our case and this abstraction layer manage K8s on behalf us known as container platform which is OpenShift(RHOCP - Red Hat OpenShift Container Platform) of us.
  • So how our environment look like now - 
Hardware(RAM/CPU) >> Kernel >> runc >>  CRI-O >> K8s >> OpenShift
  • Few things we can add here about K8s and runc
-K8s is a program through which we can create and manage containers.
-K8s is a Orchestration tool for containers.
-runc is not a services so we can't start/stop it while it is kind of driver, which can be loaded/unloaded.
Labels:

Comments

Post a Comment

Please share your experience.....

Popular posts from this blog

error: db5 error(11) from dbenv->open: Resource temporarily unavailable

If rpm command is not working in your system and it is giving an error message( error: db5 error(11) from dbenv->open: Resource temporarily unavailable ). What is the root cause of this issue? How to fix this issue?   just a single command- [root@localhost rpm]# rpm --rebuilddb Detailed error message- [root@localhost rpm]# rpm -q firefox ^Cerror: db5 error(11) from dbenv->open: Resource temporarily unavailable error: cannot open Packages index using db5 - Resource temporarily unavailable (11) error: cannot open Packages database in /var/lib/rpm ^Cerror: db5 error(11) from dbenv->open: Resource temporarily unavailable error: cannot open Packages database in /var/lib/rpm package firefox is not installed [root@localhost rpm]# RPM manage a database in which it store all information related to packages installed in our system. /var/lib/rpm, this is directory where this information is available. [root@localhost rpm]# cd /var/lib/rpm ...
2 comments
Read more

Failed to get D-Bus connection: Operation not permitted

" Failed to get D-Bus connection: Operation not permitted " - systemctl command is not working in Docker container. If systemctl command is not working in your container and giving subjected error message then simple solution of this error is, create container with -- privileged option and also provide init file full path  /usr/sbin/init [root@server109 ~]# docker container run -dit --privileged --name systemctl_not_working_centos1 centos:7 /usr/sbin/init For detailed explanation and understanding I am writing more about it, please have look below. If we have a daemon based program(httpd, sshd, jenkins, docker etc.) running inside a container and we would like to start/stop or check status of daemon inside docker then it becomes difficult for us to perform such operations , because by default systemctl and service  commands don't work inside docker. Normally we run below commands to check services status in Linux systems. [root@server109 ~]# systemctl status ...
4 comments
Read more

How to check rpm integrity?

This post will help you to get answers of below questions- How to check rpm integrity? How to check rpm authenticity? How to check rpm digital signature? What is gpgcheck? Let's take an example of below rpm package and see, how to verify if it is a genuine package? [root@localhost tmp]# ls -l vsftpd-2.2.2-11.el6.x86_64.rpm -r--r--r--. 1 root root 154392 Jan 27 10:27 vsftpd-2.2.2-11.el6.x86_64.rpm [root@localhost tmp]# There are multiple way to verify. 1. Verify using rpm [root@localhost tmp]# rpm -q vsftpd package vsftpd is not installed [root@localhost tmp]# [root@localhost tmp]# rpm -K vsftpd-2.2.2-11.el6.x86_64.rpm vsftpd-2.2.2-11.el6.x86_64.rpm: RSA sha1 ((MD5) PGP) md5 NOT OK (MISSING KEYS: (MD5) PGP#fd431d51) [root@localhost tmp]# If you want to see more details then use below options [root@localhost tmp]# rpm -vvK vsftpd-2.2.2-11.el6.x86_64.rpm D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key D: couldn't find any keys in /var/...
Post a Comment
Read more