Multi-container Applications on OpenShift with Ansible Service Broker
1. ANSIBLE SERVICE BROKER
Deploying multi-container applications on OpenShift
Tommy Hughes Vinny Valdez
Scott Collier Kent Hua
AWS Loft Event
July 11, 2017
2. ENTER TO WIN!
1080p 3D GAMING PROJECTOR
Red Hat + AWS is a
winning combination!
You can win by
entering our raffle:
http://red.ht/AWSLoft
3. ● Sandboxed application processes on a
shared Linux OS kernel
● Simpler, lighter, and denser than virtual
machines
● Portable across different environments
● Package my application and all of its
dependencies
● Deploy to any environment in seconds and
enable CI/CD
● Easily access and share containerized
components
Sys-Admins / Ops Developers
It Depends on Who You Ask
What Are Containers?
4. DevOps With Containers Across the Hybrid Cloud?
Source
Repository
CI/CD
Engine
Dev Container
Physical
Virtual
Private cloud
Public cloud
6. Trusted Container OS
Trusted by Fortune Global
500 companies
Container Runtime & Packaging
(Docker)
Enterprise Container Host
Red Hat Enterprise LinuxAtomic Host
7. Container Runtime & Packaging
(Docker)
Enterprise Container Host
Red Hat Enterprise LinuxAtomic Host
Enterprise Kubernetes
CloudForms
Red Hat Storage
Infrastructure Automation & Mg
Networking Storage Registry
Logs &
Metrics
Security
Container Orchestration & Cluster Management
(kubernetes)
10. JBOSS EAP
JBOSS DATA GRID
JBOSS DATA
VIRTUALIZATION
JBOSS AM-Q
JBOSS BRMS
JBOSS BPM
JBOSS FUSE
RED HAT MOBILE
3 Scale
Container
Business
Automation
Container
Integration
Container
Data &
Storage
Container
Web &
Mobile
Traditional, Stateful, and Microservices-based Apps
OpenShift Application Lifecycle Management
(CI/CD)
Build Automation Deployment Automation
Service Catalog
(Language Runtimes, Middleware, Databases)
Self-Service
Infrastructure Automation & Cockpit
Networking Storage Registry
Logs &
Metrics
Security
Container Orchestration & Cluster Management
(kubernetes)
Container Runtime & Packaging
(Docker)
Enterprise Container Host
Red Hat Enterprise LinuxAtomic Host
11. Commons
Get Involved With Zero Commitment
Where users, partners, customers,
and contributors come together to
collaborate and work together on
OpenShift.
https://commons.openshift.org/
Quickly build, host, and scale
containerized applications in the
public cloud, operated and supported
by Red Hat.
Origin is the upstream community
project that powers OpenShift.
https://www.openshift.com/ https://openshift.org/
13. 13
● API working group formed in September 2016, officially announced December; successor to CF
Service Broker API
● API defines an HTTP interface between the services marketplace of a platform and service brokers
● Service Broker is the component of the service that implements the Service Broker API, for which a
platform's marketplace is a client
● Service brokers are responsible for advertising a catalog of service offerings and service plans to the
marketplace, and acting on requests from the marketplace for:
○ Provisioning, binding, unbinding, and deprovisioning
○ Provisioning reserves a resource (service instance)
○ Binding typically generates credentials necessary for accessing the resource or provides the service
instance with information for a configuration change
● Platform marketplace may expose services from one or many service brokers
● Individual service broker may support one or many platform marketplaces using different URL prefixes
and credentials
● Backed by numerous industry leaders including Fujitsu, Google, IBM, Pivotal, Red Hat, and SAP
Open Service Broker API
Overview
14. ANSIBLE SERVICE BROKER
Orchestrating OpenShift Services
● Define, extend, and deliver “simple” to “complex” multi-container OpenShift services
● Standardized approach to using Ansible to manage and provision applications
● Leverage existing investment in Ansible roles/playbooks
● Easy management of applications for “simple” cloud-native apps
Ansible Service Broker
● Embraces Service Catalog and Open Service
Broker API concepts
● Supports:
○ Traditional S2I deployments
○ Provisioning of pre-existing images
○ Orchestrating external services
○ Deploying multi-service solutions
Ansible Playbook Bundle
● Lightweight application definition (meta-container)
● Simple directory employing:
○ Named playbooks [provision, bind, …] to
perform Open Service Broker actions
○ Metadata containing a list of required /
optional parameters during deployment
○ Embedded Ansible runtime
15. ANSIBLE SERVICE BROKER - Architecture
Service
Consumer
Ansible
Service Broker
Red Hat
Container Catalog
Ansible
Playbook Bundle
Service Broker
Service Broker
Service Broker
Ansible
Playbook Bundle
OpenShift
Service
oc run $appname $method $vars
ansible-playbook $method.yaml $vars
• catalog
• provision
• deprovision
• bind
• unbind
OpenShift Mall /
Service Catalog
Example Ansible Playbook Bundles:
• ELK, Etherpad, Foreman, Galera
• ManageIQ, MongoDB, PostgreSQL
• Foreman, Pulp, Wordpress
• External MLAB MongoDB SaaS
• and more...
Supports
provisioning of
and binding to
both on-platform
and off-platform
(public cloud)
services!
16. ANSIBLE PLAYBOOK BUNDLE (APB)
Definition
● Simple directory with named “action”
playbooks and metadata.
● Metadata:
○ required/optional parameters
○ dependencies (provision vs bind)
● Leverages existing investment in Ansible
Roles / Playbooks.
● Developer Tooling to drive guided approach.
● Easily modified or extended.
17. ANSIBLE PLAYBOOK BUNDLE (APB)
A Closer Look
Steps to create an APB:
1. Create apb.yml
2. Create Ansible Playbooks
3. apb prepare
a. Creates Dockerfile with image labels
4. Build container
26. Run provision.yaml from postgres-demo-apb
Service
Consumer
Ansible
Service Broker
Red Hat
Container Catalog
postgres-demo-apb
postgres-demo-apb
oc run $appname $method $vars
ansible-playbook $method.yaml $vars
OpenShift Mall /
Service Catalog
27. Postgres is now running
Service
Consumer
Ansible
Service Broker
Red Hat
Container Catalog
postgres-demo-apb
postgres-demo-apb
oc run $appname $method $vars
ansible-playbook $method.yaml $vars
OpenShift Mall /
Service Catalog
Pod:
postgres-demo
28. Create WebApp
Service
Consumer
Ansible
Service Broker
Red Hat
Container Catalog
postgres-demo-apb
postgres-demo-apb
oc run $appname $method $vars
ansible-playbook $method.yaml $vars
OpenShift Mall /
Service Catalog
Pod:
postgres-demo
S2I Created
Python WebApp
29. Bind Postgres to WebApp
Service
Consumer
Ansible
Service Broker
Red Hat
Container Catalog
postgres-demo-apb
postgres-demo-apb
oc run $appname $method $vars
ansible-playbook provision.yaml $vars
OpenShift Mall /
Service Catalog
POD:
postgres-demo
S2I Created
Python WebApp
Bind connects the
WebApp to the
Database
30. What is Bind Doing?
Ansible
Service Broker
postgres-demo-apb
OpenShift Mall /
Service Catalog
Pod:
postgres-demo
S2I Created
Python WebApp
APB returns
credentials of
service to Broker
Service Catalog
injects credentials
into pod
Credentials
31. Bind WebApp to PostgreSQL
Binding connects
WebApp to
Database through a
Secret
34. 34
Ansible Service Broker
More Information
● Email: ansible-service-broker@redhat.com
● IRC (Freenode): #asbroker
● Trello: https://trello.com/b/50JhiC5v/ansible-service-broker
● Github:
○ https://github.com/fusor/ansible-service-broker
○ https://github.com/fusor/ansible-playbook-bundle
○ https://github.com/fusor/catasb
● Library of example APBs: https://github.com/fusor/apb-examples
○ ManageIQ, Etherpad, Wordpress, ELK Stack
● YouTube Channel: https://www.youtube.com/channel/UC04eOMIMiV06_RSZPb4OOBw
○ Using the Service Catalog to Bind a PostgreSQL APB to a Python Web App
■ https://www.youtube.com/watch?v=xmd52NhEjCk
○ Service Catalog deploying ManageIQ APB on to OpenShift
■ https://www.youtube.com/watch?v=J6rDssVEZuQ
● Docker hub published APBs
○ https://hub.docker.com/u/ansibleplaybookbundle/
36. ENTER TO WIN!
1080p 3D GAMING PROJECTOR
Red Hat + AWS is a
winning combination!
You can win by
entering our raffle:
http://red.ht/AWSLoft
37. LIKE WHAT YOU SEE TODAY?
QUALIFY FOR OUR P.O.C
We have funded a POC
Program for qualifying
OpenShift customers.
If you’re interested, chat
with us at the end of the
session today!