Skip to main content
Redhat Developers  Logo
  • Products

    Platforms

    • Red Hat Enterprise Linux
      Red Hat Enterprise Linux Icon
    • Red Hat AI
      Red Hat AI
    • Red Hat OpenShift
      Openshift icon
    • Red Hat Ansible Automation Platform
      Ansible icon
    • View All Red Hat Products

    Featured

    • Red Hat build of OpenJDK
    • Red Hat Developer Hub
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenShift Dev Spaces
    • Red Hat OpenShift Local
    • Red Hat Developer Sandbox

      Try Red Hat products and technologies without setup or configuration fees for 30 days with this shared Openshift and Kubernetes cluster.
    • Try at no cost
  • Technologies

    Featured

    • AI/ML
      AI/ML Icon
    • Linux
      Linux Icon
    • Kubernetes
      Cloud icon
    • Automation
      Automation Icon showing arrows moving in a circle around a gear
    • View All Technologies
    • Programming Languages & Frameworks

      • Java
      • Python
      • JavaScript
    • System Design & Architecture

      • Red Hat architecture and design patterns
      • Microservices
      • Event-Driven Architecture
      • Databases
    • Developer Productivity

      • Developer productivity
      • Developer Tools
      • GitOps
    • Automated Data Processing

      • AI/ML
      • Data Science
      • Apache Kafka on Kubernetes
    • Platform Engineering

      • DevOps
      • DevSecOps
      • Ansible automation for applications and services
    • Secure Development & Architectures

      • Security
      • Secure coding
  • Learn

    Featured

    • Kubernetes & Cloud Native
      Openshift icon
    • Linux
      Rhel icon
    • Automation
      Ansible cloud icon
    • AI/ML
      AI/ML Icon
    • View All Learning Resources

    E-Books

    • GitOps Cookbook
    • Podman in Action
    • Kubernetes Operators
    • The Path to GitOps
    • View All E-books

    Cheat Sheets

    • Linux Commands
    • Bash Commands
    • Git
    • systemd Commands
    • View All Cheat Sheets

    Documentation

    • Product Documentation
    • API Catalog
    • Legacy Documentation
  • Developer Sandbox

    Developer Sandbox

    • Access Red Hat’s products and technologies without setup or configuration, and start developing quicker than ever before with our new, no-cost sandbox environments.
    • Explore Developer Sandbox

    Featured Developer Sandbox activities

    • Get started with your Developer Sandbox
    • OpenShift virtualization and application modernization using the Developer Sandbox
    • Explore all Developer Sandbox activities

    Ready to start developing apps?

    • Try at no cost
  • Blog
  • Events
  • Videos

That app you love, part 10: Long live "that app you love"

October 27, 2016
N. Harrison Ripps
Related topics:
ContainersDeveloper ToolsKubernetesMicroservices
Related products:
Red Hat OpenShift Container Platform

Share:

    Welcome to the tenth and final installment of That App You Love, a blog series in which I show you how to you can make almost any app into a first-class cloud citizen. If you want to start from the beginning, jump back and check out Part 1: Making a Connection. You’ll need the docker service and the oc utility to follow along in this post; for instructions check out Part 5: Upping Our (Cloud) Game.

    Wow, we’ve come a long way! Back in Part 1, we were struck with this crazy idea - let’s take an app we love, containerize it, and then kick it up to the cloud in a way that is secure, robust, and stateful. Along the way, we explored:

    • The idea of a Config-and-Run container image
    • A mini-cloud that we can run on a single machine, with a single command
    • A cast of objects that turned our app into a fully-fledged cloud citizen

    And in this final installment, we’ll hit on a few last items that will really put that minty fresh scent on That App You Love.

    Taking a Pulse

    Kubernetes and OpenShift Container Platform can do basic pod health tracking by checking if the container within it is still running. However, we can improve the granularity of this health checking by adding a Readiness probe to check if the pod is ready for business, and a Liveness probe to check if the pod is still able to serve requests.

    1. If you are just tuning in, or don’t have your mini-cluster running, jump back and replay Part 9, and leave your cluster running when you are done. If you don’t want to go through all of that, make sure you’ve got the basic cloud setup from Part 5 and then here’s a three-command shortcut. Just be aware that this shortcut does not correctly mount persistent storage:
      wget https://raw.githubusercontent.com/nhr/znc-cluster-app/master/znc-template-with-pvc.yaml
      oc process -f znc-template-with-pvc.yaml | oc create -f -
      oc deploy dc/znc-cluster-app --latest
    2. We’ll use a super-simple set of Readiness and Liveness checks for znc-cluster-app; in fact, we’ll use the same test for both:
      oc set probe dc/znc-cluster-app --readiness --liveness -- pgrep znc

    The magic “test command” here is “pgrep znc”. This program  gets run inside the container to this basic effect: “if you find a process with this name in the executable, we’ve got a pulse”. Because we’re using a Config-and-Deploy inside of our container, this is pretty helpful in determining if the process we really care about is running, because the initial process in the container will be our config-and-run script rather than our actual app executable.

    Also note that as with our environment variables and PVC’s, we’re applying these probe rules to our Deployment object (dc/znc-cluster-app), so that they get set up in every Pod that gets spun up on our behalf.

    A Few More Comments on Security

    The sample app that I chose for this series is not a highly sensitive piece of software, but we made two basic improvements to it. In Part 4 we made a container that does not run as root, and in Part 8 we made a template that randomly generates a different starting password for each deployment. If we wanted to get more sophisticated, we could make two bigger improvements:

    Secrets

    A Secret is an object in OpenShift that references a sensitive piece of data, like a password. To populate the object, the system can look at a filesystem, or pull an image, or clone a repository to read the sensitive data. Then, to apply the secret, the Secret object is bound to a Pod at runtime (similar to a Persistent Volume Claim) and then the running pod has access to the sensitive information. If you are interested, you can read more about secrets in the docs.

    A Trusted SSL Certificate Chain

    Our sample app generates a self-signed .pem file. Conveniently, this .pem file is stored in the configuration directories that we learned how to expose using persistent storage in Part 9. This gives us a few avenues to choose from for providing our own, trusted certificate chain. As with the password, we could use a Secret object to inject a known-good .pem file into our app pods; alternately we could just replace the generated .pem file in our persistent storage with the trusted one.

    A Final Accounting

    If you you’d like to continue to experiment with the templates and container image that I’ve created, all of the source code for these items lives on GitHub. You will also find a “complete” template there, along with information on how to deploy that complete template onto a running OpenShift Container Platform starting from scratch.

    As I said in the beginning, of course, this series wasn’t just about ZNC - many applications can be prepared for the cloud following similar patterns, very likely including That App You Love. And to take it one step further, if it works for That App You Love, the same strategies will also set you in the right direction for That App You Wrote.

    ...But that’s another series of articles entirely!

    Thanks for reading!

    Title Date
    That app you love, part 1: Making a connection 2016/09/27
    That app you love, part 2: Immutable but flexible – What settings matter? 2016/09/29
    That app you love, part 3: Every setting in its place 2016/10/04
    That app you love, part 4: Designing a config-and-run container 2016/10/06
    That app you love, part 5: Upping our (cloud) game 2016/10/11
    That app you love, part 6: Container, meet cloud 2016/10/13
    That app you love, part 7: Wired for sound 2016/10/18
    That app you love, part 8: A blueprint for “that app you love” 2016/10/20
    That app you love, part 9: Storage and statefulness 2016/10/25
    That app you love, part 10: Long live “that app you love” 2016/10/27

     

     

    About the Author

    Hi there! My name is N. Harrison Ripps, and I am an engineer and people manager on the Containers team at Red Hat. Together with the greater open source community, our team has taken the combination of the docker container format and Google’s Kubernetes orchestration system, and then extended this framework with a number of administrator- and developer-friendly features that we call the OpenShift Container Platform.

    Last updated: March 17, 2023

    Recent Posts

    • Profiling vLLM Inference Server with GPU acceleration on RHEL

    • Network performance in distributed training: Maximizing GPU utilization on OpenShift

    • Clang bytecode interpreter update

    • How Red Hat has redefined continuous performance testing

    • Simplify OpenShift installation in air-gapped environments

    Red Hat Developers logo LinkedIn YouTube Twitter Facebook

    Platforms

    • Red Hat AI
    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    • See all products

    Build

    • Developer Sandbox
    • Developer Tools
    • Interactive Tutorials
    • API Catalog

    Quicklinks

    • Learning Resources
    • E-books
    • Cheat Sheets
    • Blog
    • Events
    • Newsletter

    Communicate

    • About us
    • Contact sales
    • Find a partner
    • Report a website issue
    • Site Status Dashboard
    • Report a security problem

    RED HAT DEVELOPER

    Build here. Go anywhere.

    We serve the builders. The problem solvers who create careers with code.

    Join us if you’re a developer, software engineer, web designer, front-end designer, UX designer, computer scientist, architect, tester, product manager, project manager or team lead.

    Sign me up

    Red Hat legal and privacy links

    • About Red Hat
    • Jobs
    • Events
    • Locations
    • Contact Red Hat
    • Red Hat Blog
    • Inclusion at Red Hat
    • Cool Stuff Store
    • Red Hat Summit
    © 2025 Red Hat

    Red Hat legal and privacy links

    • Privacy statement
    • Terms of use
    • All policies and guidelines
    • Digital accessibility

    Report a website issue