Red Hat OpenShift Container Platform

Pod Lifecycle Event Generator: Understanding the “PLEG is not healthy” issue in Kubernetes

Pod Lifecycle Event Generator: Understanding the “PLEG is not healthy” issue in Kubernetes

In this article, I’ll explore the “PLEG is not healthy” issue in Kubernetes, which sometimes leads to a “NodeNotReady” status. When understanding how the Pod Lifecycle Event Generator (PLEG) works, it is helpful to also understand troubleshooting around this issue.

What is PLEG?

The PLEG module in kubelet (Kubernetes) adjusts the container runtime state with each matched pod-level event and keeps the pod cache up to date by applying changes.

Continue reading “Pod Lifecycle Event Generator: Understanding the “PLEG is not healthy” issue in Kubernetes”

Share
How to customize the Red Hat OpenShift 3.11 SDN

How to customize the Red Hat OpenShift 3.11 SDN

In this article, I’ll highlight a practical case for customizing the Red Hat OpenShift software-defined network (SDN). To achieve this, I will identify the OpenShift-Ansible inventory parameters that configure different aspects of the OpenShift SDN, specifically the cluster, portal, and docker networks.

Why customize the SDN?

An important question I am often asked is: Why do you need to customize the SDN? Isn’t it completely internal? Users generally assume there is no need to customize the SDN because OpenShift’s SDN has no impact on networks outside the OpenShift cluster; therefore, IP conflicts should not be a concern. However, this is not always the case.

Continue reading “How to customize the Red Hat OpenShift 3.11 SDN”

Share
Verifying signatures of Red Hat container images

Verifying signatures of Red Hat container images

Security-conscious organizations are accustomed to using digital signatures to validate application content from the Internet. A common example is RPM package signing. Red Hat Enterprise Linux (RHEL) validates signatures of RPM packages by default.

In the container world, a similar paradigm should be adhered to. In fact, all container images from Red Hat have been digitally signed and have been for several years. Many users are not aware of this because early container tooling was not designed to support digital signatures.

In this article, I’ll demonstrate how to configure a container engine to validate signatures of container images from the Red Hat registries for increased security of your containerized applications.

Continue reading “Verifying signatures of Red Hat container images”

Share
Microbenchmarks for AI applications using Red Hat OpenShift on PSI in project Thoth

Microbenchmarks for AI applications using Red Hat OpenShift on PSI in project Thoth

Project Thoth is an artificial intelligence (AI) R&D Red Hat research project as part of the Office of the CTO and the AI Center of Excellence (CoE). This project aims to build a knowledge graph and a recommendation system for application stacks based on the collected knowledge, such as machine learning (ML) applications that rely on popular open source ML frameworks and libraries (TensorFlow, PyTorch, MXNet, etc.). In this article, we examine the potential of project Thoth’s infrastructure running in Red Hat Openshift and explore how it can collect performance observations.

Several types of observations are gathered from various domains (like build time, run time and performance, and application binary interfaces (ABI)). These observations are collected through the Thoth system and enrich the knowledge graph automatically. The knowledge graph is then used to learn from the observations. Project Thoth architecture requires multi-namespace deployment in an OpenShift environment, which is run on PnT DevOps Shared Infrastructure (PSI), a shared multi-tenant OpenShift cluster.

Continue reading “Microbenchmarks for AI applications using Red Hat OpenShift on PSI in project Thoth”

Share
CI/CD for .NET Core container applications on Red Hat OpenShift

CI/CD for .NET Core container applications on Red Hat OpenShift

Many people have done continuous integration and continuous delivery (CI/CD) for .NET Core, but they still may wonder how to implement this process in Red Hat OpenShift Container Platform (OCP). The information is out there, but it has not been structurally documented. In this article, we’ll walk through the process.

Continue reading “CI/CD for .NET Core container applications on Red Hat OpenShift”

Share
How to configure Red Hat OpenShift 4 to use Auth0

How to configure Red Hat OpenShift 4 to use Auth0

My colleague and I recently had to stand up a Red Hat OpenShift 4 cluster for a customer to determine how difficult it would be for them to port their application. Although they could have achieved a similar outcome with CodeReady Containers, their local development machines did not have enough resources (8GB RAM minimum, which is one problem of developing on tablets).

To reduce the overhead of adding and removing users from the project during the trial, we decided to skip over the simple HTPasswd provider and use the OAuth provider backed by Auth0. We also wanted to publish our guide to make it easier for others to adopt a similar deployment.

Continue reading “How to configure Red Hat OpenShift 4 to use Auth0”

Share
Write a simple Kubernetes Operator in Java using the Fabric8 Kubernetes Client

Write a simple Kubernetes Operator in Java using the Fabric8 Kubernetes Client

Kubernetes is becoming much more than just a platform for running container workloads. Its API can be extended with application-specific Custom Resource Definitions(CRDs), and you can implement your own logic adapting your applications dynamically to changes in the cluster. In this article, we’ll be writing a simple Kubernetes Operator in Java using the Fabric8 Kubernetes Client

Continue reading “Write a simple Kubernetes Operator in Java using the Fabric8 Kubernetes Client”

Share
Using Red Hat OpenShift image streams with Kubernetes deployments

Using Red Hat OpenShift image streams with Kubernetes deployments

This article demonstrates an application update scenario which leverages Red Hat OpenShift image streams together with standard Kubernetes native resources. It also shows how image streams automatically redeploy application pods after an update to their container image.

Best of all, Kubernetes resources enhanced with OpenShift image streams are still compatible with standard Kubernetes clusters. This fact enables the use of the same resource definitions to support multiple Kubernetes distributions, and at the same time take advantage of features unique to OpenShift.

At the end of this article, we present a few considerations around using image IDs and image name tags to manage your ability to roll back to previous versions of an application.

Continue reading “Using Red Hat OpenShift image streams with Kubernetes deployments”

Share
Understanding Red Hat OpenShift’s Application Monitoring Operator

Understanding Red Hat OpenShift’s Application Monitoring Operator

Monitoring systems are usually composed of three layers: a database layer that hosts metrics data, a layer to display the stored metric data graphically in dashboards, and an alerting layer to send out notifications via methods such as email, on-call notification systems, and chat platforms. This article presents an overview of the components used in Red Hat OpenShift‘s Application Monitoring Operator, how to install them using the Operator, and an example of the Operator in action.

Continue reading “Understanding Red Hat OpenShift’s Application Monitoring Operator”

Share