 Slowly because I know I'm speaking a foreign language for most of you I speak American and most of you speak some other foreign language I think it's called the Queen's English or something or New Zealandish and then I'm gonna start with a joke This kind of sets that this is gonna set the bar. It's gonna be downhill from here So if this joke is like killing you then you should set your expectations properly What's the most fearsome baked product? None of you have kids Attila the bun. I told you that's not that's gonna be the high point. So get ready That's me. This is all the places to find me Are this I this I have high hopes for this conference. How many of you are ingress players? That is the largest number. I've ever seen it a show. How many of you are green? You are no longer my friends. You're like all green. Can we work out a deal? We're like you guys I'll put blues, but don't shield them just so I can take them out I will both will work on leveling here. Okay, so that's all the other places You can find me if you want again that yellow URL is the URL to the talk So if you want to follow along on your own laptop, that's where you find it Or if you want to bookmark it because you're gonna do something else now and you come back to it later I'm gonna do a little bit of cloud education at the beginning The main thing though that I well I already put up the slide so I might as well talk to it So this is gonna be very quick for this part because I only have 20 minutes for some reason They want to keep me short not in just my height So infrastructure is a service so everybody know what that is who's the largest infrastructure as a service provider in the world? Thank you, are you work there? Reference fee no, so that's Amazon there right who and some others are sure you can think you guys know rack space here Does rack space even have a presence here? Right those are infrastructure as a service so change the landscape for all of us, right? Plot and mostly how many are assisted men's? How many of your developers? It's a good nice mix how many of you are both and don't like one of the other roles Yeah, I'm a developer mostly and I hate I consist when I can't sit I have assisted men Linux machines And it's always been torture for me just because I always feel like I'm Is fuck a word that you guys know in New Zealand or is that a cultural term? I don't feel like I fuck it up And so what ends up happening is I'm like oh, I just left php wide open my machine will be rooted So I like pass because it we'll get to that in a second So infrastructure service great in basically a couple minutes I get my machine up and running right no more procurement procedures No more racking and stacking you basically have a machine in a couple minutes, and then you can shut it off right away No fixed investment for those of you who support developers or our developers This is not a good solution for us though because we're either you're still having to help developers with all the nasty calls of like I need no JS installed and it has to be ready on Friday at 5 o'clock because I got this big project on the weekend Right or your developer and you still have to admit a Linux machine software as a service Okay, take off your corporate hats Although I imagine it to show us if you are not big enterprise people who's the largest software as a service provider? I promise not to bite you can yell out. It's the end of the day. Who said Google No Google is the biggest software. How many of you have a Gmail account? Yes, and so there's about six billion people in the world every one of them has four email accounts So that's about 24 billion software as a service users right there So Google is by far the largest software as a service provider pass is in the middle and it's really geared at Helping sys admins and developers get along right. It does a clear separation of concerns So the sys admins set up the pass and then the pass takes care of handling all the configuration and stuff So that developers can self administer they can spin up a node application with one slot with one command And I think that comes here right. Can you guys see that green on black? Kind of let me see if I can make it a bit bigger No at this point the browser says no so basically that's how I spin up a PHP application Right, it's one command and it spins up a patchy that belongs to the user It's all locked down inside containers and it's ready to go and I've got to get repo and I just get push The sys admin has to do nothing and the developer has their whole application development environment ready within a minute or two Right, so that's awesome, and then you just go in and then you just do to get commits And it does as a push and it does a deploy and then you're all it's like magic as a developer I never want to go back to setting up AMIs again That is misery to me right and so that's what pass brings and it's good for the sys admins, but that's a different talk Okay, I'm not going to actually demo it so open shift has been around and Cloud Foundry has been around about the same amount of time Who's the longest living pass provider out there right now? Heroku who said that nicely done Heroku is that you said it also you need to speak up sir Heroku is the longest what? There is a grain of truth in every stereotype So heroku has been around the longest, but it's basically a pretty new technology But we're already writing our new version and that's what I'm going to talk to you about today for open shift But it's not going to be like yeah, you totally have to use open shift I'm actually just going to be talking about the technology in it Why because this space has moved a lot in three years and Running one of the law second to heroku prior the largest paths out there. We've learned a lot about how to run paths We have a public hosted version More people are becoming Focused on paths and there's been a lot of movement in this area and finally we want to combine the best user experience with the Best underlying technologies that are coming out. So that's why we decided. Hey, just let we'll ignore Joel sploskey We're going to rewrote the whole thing again from scratch Right so to start this out. We need a good bottom layer and for that we're using atomic I'm imagining if this crowd I should get more than two hands up for how many have heard of red hat of the atomic project Okay, still not enough mark make a note to Joe that he needs to do more work about raising awareness So a project atomic is basically a stripped down and optimized for deployment into the cloud It's basically what we do is if you want to say it simply you take rel and you strip everything out except for The core pieces that come with like the kernel system D journal D the logging facilities Basically all the core pieces of Linux and you strip everything else out Right and then everything else is coming as a container and that's what this is about Right it's stripping down the OS to its core pieces and then everything else is going to come as a container It also has some other fun stuff Well OS tree for the file system and what this allow I don't do I talk about it? No, so I'm going to talk about it all here Basically, it's you can set up the entire update on the server and then pull it down and update the machine So it's almost like git for your entire system updates Right and that you can do with project atomic as well And it's got the same kernel though as rel or fedora well fedora is a little bit ahead But you can run atomic on it as well, right and why does kernel matter for I'm assuming everybody in here sort of Docker Is that right? Yeah in this audience, I'm assuming almost as everybody tried Docker Yeah, no, but I'm not yeah call out in front of all your like other Linux enthusiasts that you know nothing about Docker I won't do that to you. It's got the same. It's got a great kernel, right? So it's the same kernel that we support with well, so check out project atomic then on top of that We're putting Docker and I when I say Docker here. I should actually say containers in general, but at this point I mean rockets only where's the rocket guy He's here in the audience there is rockets like only a month and a half old right at most how long is the announcement? Six six weeks month and a half. Yes. Okay, so it's only like a month and a half old So it can be any container but right now the clear leader in the container system is Docker So we're gonna talk about Docker for today. Does everybody know can I go through this fast? Okay, so this is important. Well, I'll just go to this post well now listen Everybody knows this though like with linking containers that you get one. I'll just go to the last slide because it says it, right? So what's the pros of Docker or containers? You get extreme application portability, right? All that we need is we need a machine that has a kernel on it and we can take this machine and move it around It's very easy to create and work with derivative images and it's fast boots, right? Because we were very low resource consumption the cons is it's a host-centric solution Docker by itself is You can't talk to other machines through Docker by itself right containers on separate machines can't talk to each other But out of the box There's no higher-level provisioning and there's no developer workflow So that for me when I've about I don't know eight months ago when they started everybody like the buzz really started building for Docker I was like, I'll give this a try because everyone in our team was like oh Docker's the new wave And it basically I left very disappointed Because I've used a pass before so what Docker feels like to me is like AMIs on your local machine Which is great again, but it doesn't give you all the things that you want as a developer Assistant men's you guys probably love it right where you've okay wait Conference talk etiquette. I'm from New York originally in case you can't tell and guys is a gender Yeah, right behind the key and that's what I'm talking about. Yeah Colonel of truth, man, so Now I forgot where I was going oh Guys is a gender neutral term for New Yorkers and East Coasters in the United States Guys women say guys to other women guys just means folks. Okay, so please don't take that person Has nothing to do with any of the substance of the talk, but has everything to do with how people might interpret it So Kubernetes so I saw how many hands went up unless everybody who's never heard of Kubernetes left There are very few people in this room who've actually heard of or used Kubernetes. Is that correct? Yeah That's because it takes a while to get from Mountain View down here Is that like when it goes across the ocean takes a little a till of the bun So Kubernetes terminology Kubernetes has a node Right and in it's a Docker host running the whole coob it runs all the service a node is kind of like the machine running all the stuff On there you have pods and that's one or more linked containers Right in Kubernetes speak and then you can put pods together to form a service And I'll get to that in a little bit and then the collect collect so a Kubernetes node is also used to be called a minion They I think they've now set it on calling it a node a Kubernetes node. It used to be called a minion And a cluster is a collection of one or more Kubernetes nodes Okay, and I take questions during the talk although who's in charge of time is you you are now? It's just you how are we doing? Okay good So please ask questions during because if you don't get this part it's kind of hard to understand the rest Oh, by the way a little self-promotion and actually more promotion for Katie Katie now are giving this talk in a 45 minute version with much more in-depth and much better Delivered because Katie's way better than I am on Thursday Okay, so if you want to come learn more in-depth or see it again or really just want to hear more atrocious jokes Come to the Thursday session So any questions on this? I'll repeat the question event you so we don't have to run around with the mic. I feel bad for your legs already You're good a Cooblet it's coming. Thank you for that softball So there's the node demon right? So this is the demon that runs on the node and that's the cooblet, right? And its primary responsibility is pod metadata and management Right it maintains a record of the pod state So when you have that pod a pod can have one or more containers inside of it And the basic the idea of the cooblet is it says this pod is supposed to have these containers running in it And what state is it in it basically tracks pods and it takes Instructions from the the cluster master Right, so the master will say things to the cooblet do this make the state look like this Did I go too fast? Yes So the other thing that's on nodes is the Kubernetes demon or Kubernetes proxy And what this allows you to do through the props Kubernetes has this concept of labels and Based on labels you can say it like in this example We have P1 app one and P2 app one those are both examples of pods that are app one named app one and what the serve the proxy does is it says any request that comes into any of the coo the Any of the minions the Kubernetes? What do they call it again? I'm used to minions The Kubernetes knows any thank you for people who have memory better than this 45 year old Anything that comes into any of the nodes will know where to get routed Right, so the request can come into any node and the proxy will say oh you're talking about P app one I have two versions of it, and I'll send it to one of those Okay, and it maps a common port to on every node to the relevant across the entire cluster It can just so for reference purposes it can forward both HTTP and UDP Right, this is not open shift that we had before a lot of the passes before we're mostly just HTTP Right, and this is actually expanding it more The cluster management. This is the control plane Right, and what this does is there's a new Kubernetes API, which is the rest framework There is a scheduler so that its own one job is to choose minions for pods There's the control manager, so this is the monitoring service for deployed pods So we've got a pod deployed it's supposed to be in the state It's going to keep saying is it in the right is it the right configuration? Is it up is it running and Then there's the kube config it's a CLI for working with a kubernetes cluster right and that comes from the cluster manager And so part of this cluster manager when you're maintaining a cluster is you've got a change exchange information And I this is a fun graphic so I can I can say anything I want at this point because no one's really paying attention They're all watching the little dots go by this is the part where you open your wallets ten minutes. Thanks So we use eccd right or kubernetes uses eccd to exchange all the messages and to make sure everybody's in a consistent state I'm not going into raft consensus out based algorithms And then there's a replication manager Right and the replication manager you tell it what it needs and then it goes and builds it out Right. I need five engine X pods Out it goes and does that for you Okay It's decoupled from the proxying And then the kubernetes API or that's just an API to talk into kubernetes. Those are the terms I talked about before So that's kubernetes in a nutshell So kubernetes basically is a level on we so we have the atomic OS Then on top of that we put containers in our case right now It's docker, but it could be rocket or it could be any other container service OpenShift had its own containers when we first came out because we actually did everybody know that docker used to be a pass Does it know see so there's some little cocktail You guys are on good cocktail trivia for tonight and tomorrow night Oh, did you know that docker actually used to be a pass provider and they did one of the best pivots on the market They took their container technology and open sourced it and made it docker Right and so we we do containers now. It's just not standardized the way they do it So what openshift brings on top of it now? Oh And so kubernetes manages all those different containers like kubernetes You can think of as a management layer what openshift So what is it why do we need open shift right? We've got kubernetes and we've got docker So why does red hat think they need to bring anything else? We didn't and what is different between this one the last one is in our last version We built the whole thing It was all open source then there's contributors from all over but in this one We're like you know docker is better than what we can do by ourselves and kubernetes is better than what we can do By ourselves so we'll take those two great pieces and we'll bring our expertise and layer it on top And so what does it bring to the party it builds in a built-in software to find network You can plug in your own if you want but for ease of use we actually do a software to find network and The reason we use a software to find network And I'll talk about it a little bit is basically for keeping apps separate and routing between applications Which is a higher level than even pods and services a well-defined workflow from code to deployed application None of these actually show that like I wrote some code now. What do I do? Right kubernetes doesn't solve that problem it manages all your pods and your containers and does all that stuff But as a developer it's not that exciting to me and so we bring that last mile and then a much friendlier interface So this is the open the other pieces we bring to the party for building the pass So the networking layer we're using open v-switch again So I'm gonna say this now For me open shift feels like Linux and What do I mean by that it mean that it's not like red hat doesn't own the kernel It's not like we say yeah the kernels all ours and we're only gonna do what we want to do in the kernel And then the rest of the distribution is all ours We're not writing that up We take the the pieces and bring them together and then we add pieces where we need and we contribute to the pieces We think are important so of the top five contributors to kubernetes two of them are red hat employees on the open shift team Right, it's not that we're saying we're gonna build this all we're actually actively involved with the community And so like even here we're using open v-switch rather than writing our own software to find network layer How we doing five? Okay, it handles IP routing at the application layer. So pods and services those are one thing But then you have an output and a complete application Which may be made up of several different services and you need some way to network in between them right in terms in terms of isolation and discoverability and Then it provides load balancing So we we put h a proxy in its own pod for your application and then that h a proxy pod We'll then do the load balancing to all the other applications as well Right, so there's a built-in load balancer and you can actually run these pods multiple pods So you actually have high availability h a proxy in there as well So what does an application look like that the big white box is an application and you can see here It's got multiple pods and on top of that you put multiple services And then you have replication controllers so you replicate different parts of it differently If you think of it in terms of how many of you have heard of or worked with microservices Okay, that's not going to be a good analogy then It's it's basically like a top-load. How many of you have done so a service oriented arc What? Yeah none So the idea with an application is it may be made up of many different services Right with multiple teams working on different parts of the service is an application A lot of us think of an application is just one thing like one team works on it And they deliver this application in this kind of art what we've found is a lot of people are moving away from that monolithic application Right and so what they're doing is they're building multiple services and then tying all those services as part of one larger application And there may be one or two different web interfaces to that same Application the term has taken on new meanings and lots of companies Right and then there's so this is what an application does and OpenShift manages all those pieces of the application And it provides the ability to insert things like environment variables Like suppose all the pieces of your application need to know your github key or all the pieces of your application need to know some password or database credentials Right that could actually be managed by OpenShift itself as well Build options so we give a couple different build options at this time one is a Docker builder Right and the idea with that is you pull a Docker image and you merge the code Source the images you take a Docker image on your machine and you take source and you run this and it goes And you have a nice thing that you can just deploy Right, so those are two different ways to take code and build a Docker image that you can then deploy And then there's build config also which is a URL for code plus a build type from above and Then some web hooks to how I'm going to go get that code Right so you can say here's the URL in this github repo Here's the the build type from above go do it And so what we're trying to get to in the thing itself is a whole application lifecycle rather than just a build Right so you can actually specify this kind of stuff You can specify this though in the source code on a CI system or in an image repository So the entire product lifecycle is repeatable fault tolerant automated But the other thing that's well, I don't have a slide on this either the other thing that we're allowing is a change in either the Docker images or in the source code can trigger a whole entire build Right. It's not just oh, I changed my source. I need to rebuild. Oh, I've updated all my Docker image I've updated this Docker image and I've added some new stuff That will also trigger a new build of the whole process, right? So they're each independent and composable systems. How we doing? All right, so are you guys going to be nice? No, no questions What I'll give that at the end. Is it okay? What we make easier configurations builds deployments Teams and management. We also bring our concepts of teams and managements, right? Kubernetes has no idea that about or this is the pieces you add on top to build a whole platform as a service Right. So we have a project controls access We have projects have hardened soft limits all the stuff that we add on top to make it more a big product So that's the end the takeaway messages for you should have been one Passes how many of you have used a path or a platform as a service? Okay for everybody who has not raised their hand When you think of red hat, do you think of nimble little agile startups using our products? Or do you think of like glue like? Titanic size icebergs or the Titanic itself or like an aircraft carrier moving at very slow speeds and very hard to turn Startups, right? That's what you usually think of so if you think of our customer base We actually have quite a few of our customers coming to us asking for open shift like our salespeople are in shock sometimes because they'll the Customers will be bringing open shift up to them And I of course think it's just such a phenomenal product that nobody can live without it But I think the real thing is that a lot of companies have come to understand that platform as a service makes a lot of sense for them So if you haven't used it yet Even if you're and you think you're never gonna use it Instead of spending some time watching what's a big show in New Zealand that everybody likes to watch down to nabby Are you guys since you guys have the Queen on your currency? You must all watch down to nabby, right? No, and the Australians you don't get out you don't get a free pass on that one either I'm sure you still have the Queen is what what? Flight oh, I love flight of the concourse. You don't have to keep watching that. This is not worth it But I do think you should try playing with the past right as a submit you should try playing with it as a developer You should try playing with it And the other thing is that this is not one of those situations where we think we know the one best way We're actually leveraging the community again and working with the community and this is the same kind of story again So I'm excited. I think you should learn more about Docker But almost all of you probably have but you should learn more about kubernetes. You should also open shift. It's rapidly evolving It's all in github origin open shift dot github.com org org dot org and There's Trello cars and all sorts of fun stuff and you wanted the slide There's the URL So I think we have time for like one question One okay, let me see if this is a question. I like what's your question? Oh, see this is gonna be a low-level question I'm not gonna like this. Okay. Go ahead. Okay kubernetes proxy HA proxy software defend the software defined network open the switch and actually it's CD more or less related All these tools kind of solving same problem. Do you see overlap here? No, so they actually attack different levels of the problem which it the overall problem is how do you network when you have a really? Like it used to be easy when we just had a war file a Application server and you just run that on a machine. Everything happens above it. No, he's not calling something out So basically these actually handle different networking problems So the the kubernetes proxy handles connections between pods and services, right? What HA proxy is doing in this case is if you have multiple sets of you if you want high availability in your application as a whole and There's multiple services and inside of that HA proxies handling it at the application level. It's a level above, right? So they're each they they do the same kind of thing, but at different levels in the architecture With different software. Yes, because they have different so HA proxies mostly a HTTP load balancer kubernetes the kubernetes proxy is mostly for dealing with pods and services So it's much more specialized about dealing with something different. All right, and last question Yeah, rather than throw this at the actual more formal one. What part do you currently dislike the most about open shift? The crappy people in the audience that ask questions like that What part do I just like that dumb lot do job interview question? What part do you what's your one flaw? The part I don't know how hard my team works That's the part I don't like because I don't get as many vacations. Is that an appropriate answer the part? I don't like the current version of the new version Okay, so with the current version I'm gonna do the current version because that's the one I spend most of my time on this is still not finally baked What I don't like with the current version is there's not a good local desktop Just to open shift workflow Right, it's in the current version and that's why what I'm loving about the new version that Docker brings with us in The current version I have to stand up like if I was gonna do J boss development I'd have to stand up a J boss server or I was gonna do a PHP I have to stand up an HTTP server make sure I have mod PHP in there We'll do all that stuff on my local machine and that configuration would still be different than what it would look like The actual real configuration would look different and I'd have to use to environmental variables differently and all that stuff So it's not like a clean like work on my local machine develop develop develop and push and sometimes I don't want to push to the server every time I do a development So the nice part here with the newer version is that it's going to be work with your Docker image locally Take that exact same Docker image and push it up to the server and you're good to go All right, right. So the answer is the local to server deployment Cool. All right. Thanks everybody. Thank you Steve. Thank you