Imagine this scenario: Your cool microservice works fine from your local machine but fails when deployed into your Red Hat OpenShift cluster. You cannot see anything wrong with the code or anything wrong in your services, configuration maps, secrets, and other resources. But, you know something is not right. How do you look at things from the same perspective as your containerized application? How do you compare the runtime environment from your local application with the one from your container?
If you performed your due diligence, you wrote unit tests. There are no hard-coded configurations or hidden assumptions about the runtime environment. The cause should be related to the configuration your application receives inside OpenShift. Is it time to run your app under a step-by-step debugger or add tons of logging statements to your code?
We’ll show how two features of the OpenShift command-line client can help: the
oc run and
oc debug commands.
Continue reading “Troubleshooting Red Hat OpenShift applications with throwaway containers”
“Write once, run everywhere” is a slogan created by Sun Microsystems to illustrate the cross-platform benefits of Java. In the cloud-native world, this slogan is more accurate than ever, with virtualization and containers increasing the distance between code and hardware even further. But what does this shift mean for developers?
Developers need to take care of containerizing their application and also provide a set of manifests for Kubernetes (which now tends to be a synonym of cloud). In this article, we are going to focus on the latter and, more specifically, on how to use Dekorate to create and maintain these manifests with the minimum possible effort.
Continue reading “How to use Dekorate to create Kubernetes manifests”
One of the cool things about separating the container runtimes into different tools is that you can start to combine them to help secure one other.
Lots of people would like to build OCI/container images within a system like Kubernetes. Imagine you have a CI/CD system that is constantly building container images, a tool like Red Hat OpenShift/Kubernetes would be useful for distributing the load of builds. Until recently, most people were leaking the Docker socket into the container and then allowing the containers to do
docker build. As I pointed out years ago, this is one of the most dangerous things you can do. Giving people root access on the system or sudo without requiring a password is more secure than allowing access to the Docker socket.
Because of this, many people have been attempting to run Buildah within a container. We have been watching and answering questions on this for a while. We have built an example of what we think is the best way to run Buildah inside of a container and have made these container images public at quay.io/buildah.
Continue reading “Best practices for running Buildah in a container”
If you’re familiar with OpenShift Do (odo), a developer-focused command-line tool for Red Hat OpenShift, then you know that one of its primary goals is to make it easier to do fast, iterative development. Even experienced odo users, however, may not be familiar with odo’s interactive mode, which simplifies the process of creating components and services even further.
Continue reading “Introduction to odo interactive mode for OpenShift development”
Lots of organizations worldwide have the goal of an open hybrid cloud. The ability to build applications that work with multiple public cloud providers as well as on-premise virtualization services without vendor lock-in has many advantages:
- The ability to move workloads from one cloud provider to another.
- The freedom to move workloads in-house and off-premises as needed.
- The ability to coordinate tasks running in different clouds.
For a definition of open hybrid cloud, we turn to Red Hat’s Eric Schabell:
Hybrid cloud is a combination of one or more public and private clouds with at least a degree of workload portability, integration, orchestration, and unified management.
Continue reading “Red Hat technologies make open hybrid cloud a reality”
In this article, I demonstrate a systematic method to configure LDAP user and group synchronization in Red Hat OpenShift, as well as OpenShift role-based access control (RBAC) for these LDAP users and groups. Following these steps makes the management of your LDAP users and groups within OpenShift much easier. I achieve this goal by demonstrating:
- How to validate your
ldap parameters with
ldaptool prior to installing OpenShift.
- How to enable LDAP authentication in OpenShift for specific LDAP groups and organization units.
- The scripts and commands that let you synchronize members of your LDAP groups to OpenShift, which in turn lets you apply custom OpenShift RBAC rules on specific users or groups.
Continue reading “How to configure LDAP user authentication and RBAC in Red Hat OpenShift 3.11”
The Reactica roller coaster is the latest addition to Coderland, our fictitious amusement park for developers. It illustrates the power of reactive computing, an important architecture for working with groups of microservices that use asynchronous data to work with each other.
In this scenario, we need to build a web app to display the constantly updated wait time for the coaster.
Continue reading “Get started with reactive programming with creative Coderland tutorials”
This article explains how to configure a Python application running within an OpenShift pod to communicate with the Red Hat OpenShift cluster via
openshift-restclient-python, the OpenShift Python client.
Continue reading “Controlling Red Hat OpenShift from an OpenShift pod”
As part of the microservices adoption journey, there will come a time when an organization starts to implement more and more rules services as part of the total application solution landscape. There could be hundreds of rules services to be managed and deployed at one time, making the job of the application team more challenging and eventually causing delays to the entire production rollout.
Red Hat Decision Manager (RHDM) is a solution that enables developers and application teams to implement decision services or business rules for their application needs. I will be covering how we can fully utilize the capabilities brought by Red Hat Decision Manager and Red Hat OpenShift to enable a smooth CI/CD process, in order to have rapid decision services deployment. (This tutorial assumes you already have a good understanding of RHDM and OpenShift.)
Continue reading “Enabling CI/CD for Red Hat Decision Manager on OpenShift”
Red Hat developer Nikhil Thomas recently presented “How to Build Cloud-Native CI/CD Pipelines With Tekton on Kubernetes” at the KubeCon China 2019 co-located Continuous Delivery Summit.
Continue reading “How to build cloud-native CI/CD pipelines with Tekton on Kubernetes”