Using OpenShift with AWS Services and Features
Mandus Momberg, AWS Partner Solutions Architect, presented mechanisms to integrate OpenShift with AWS native features. Many of these concepts are covered in the Red Hat reference architecture for deploying OpenShift Container Platform 3.5 on AWS.
To begin with, if you are running or considering RHEL on AWS, check out the Cloud Access Program. This allows you to convert standard RHEL subscription to cloud access licensing at a ratio of 1:2, 2 cloud VMs for every standard license.
A lot of work has been done over the years on extending Ansible with full AWS support. In fact, Red Hat IT internally uses Ansible for provisioning all AWS resources. When deploying OpenShift on AWS, the OpenShift installer actually makes use of this functionality, as well as the dynamic inventory features. These, of course, can be extended to meet whatever needs you might have.
One of the more exciting new features of OpenShift’s AWS integration is the Catalog of Services. OpenShift Catalog of Services provides a simple 1-click provisioning of AWS native services, which is built upon the AWS Open Service Broker API– a standardized API for integration with AWS. The catalog effectively allows your users a one-stop interface to deploy native services, such as RDS, along with your OpenShift-based application. Ansible scripts for deploying OpenShift with the AWS integration are located here.
Another recent addition to OpenShift is Atomic support. Atomic is a lightweight OS, based on RHEL core components, which can serve as the compute engine for OpenShift. It provides the underlying container technologies in an easy to manage package. AWS and Red Hat collaborate heavily on Atomic in order to optimize it for cloud workloads. While plain RHEL functions well in cloud environments, Atomic was purpose-built for running containers in the cloud– allowing you to squeak out those extra cpu cycles.
Finally, there are several endorsed architectural patterns for running OpenShift on AWS, using one of these validated patterns will make your life easier and more successful with your AWS OpenShift deployment.
These are really meant for “developer playgrounds”, combining a single OpenShift VM (all-in-one node) with a bastion host and a load balancer. The CDK is another mechanism for providing a similar developer environment.
Workload Specific VPC
For most applications, consider the preferred pattern of workload-specific VPCs, wherein you have a dedicated OpenShift cluster within a VPC for components of your site. For example, you might deploy these VPCs:
- payment processing
- user-facing services
- back-end data services
- common services
This is the approach recommended by Amazon AWS.
A highly available OpenShift AWS pattern involves setting up redundant OpenShift clusters, each within its own AWS Availability Zone. Your application runs in each AZ within a single VPC. Route53 is used for DNS-based traffic management, directing traffic to the appropriate AZ.
In short, there are many advantages for running OpenShift within a cloud environment and there are special hooks for the major cloud providers. Amazon AWS and Red Hat have worked well together over the years to refine OpenShift AWS integration, giving you the tools you need to be successful.