 Good morning. Good afternoon. Good evening and welcome to a special edition of ask and open shift admin We are joined today by the one and only Peter Lauterbach and as always the great and You know, I can't say illustrious because that's Langdon's name, but the one and only Andrew Sullivan Andrew, what are we talking about today, man? You're special you get a special edition and everything. You know me and Chris. It's just me Yeah, so thank you Chris and welcome Peter. So this is the ask and open shift admin office hour And that's a mouthful. I'm gonna have to get used to that So this is one of the office hour series shows here on OpenShift TV that we stream out And the goal here is to give you our audience the ability to well ask us anything Right, whatever it is that's top of your mind whether or not it's related to the topic. We'll be discussing today is Welcome at any point in time and I'll try and and remember to remind you all of that periodically throughout the show So don't hesitate to ask us questions in the chat We'll keep an eye on those as we go through and be sure to answer those to the best of our ability or Dragon others kicking and screaming or not as needed to get those questions answered So today as Chris and I both said we are joined by Peter Lauterbach a product manager for Among other things OpenShift virtualization here in Red Hat So Peter if you don't mind giving or introducing yourself as in the famous words of Arnold Schwarzenegger I know who who are you and what do you do? Peter you're on mute. There you go I'm one of the product managers in the Cloud Platforms business unit. You're really quiet here. It's a good thing Everybody's not working from home with video conferencing. I'm super lucky that I actually Upgraded my Wi-Fi Here we go, let's try this is that better now. Oh, yeah. Yeah testing. There we go. Yeah, my microphone has a mind of its own, too Let's start over. Hi, this is Peter Lauterbach Excuse me. I'm one of the product managers in the Cloud Platforms business unit I focus on virtualization similar to Andrew My original product is Red Hat virtualization or Rev and for the past year and change I've been focused on OpenShift virtualization, which is KVM and OpenTrip Awesome. Yeah. Yeah, so as Peter said, you know, one of my responsibilities official responsibilities beyond just live streaming once a week is kind of OpenShift and virtualization And that includes among other things all of the virtualization platforms that OpenShift can run on right Most of you who have interacted with me know that I talk a lot about vSphere and Rev and all that other stuff But also that leads into OpenShift virtualization itself, which is the topic of today's show so in traditional Ask an OpenShift admin or OpenShift admin office hours fashion, I do have a couple of things that I want to cover beforehand So I guess what the press would call a retraction, etc I don't have any retractions this week Not to say I wasn't incorrect last week because that would be surprising if I got everything right Just nothing that anybody pointed out to me. So I do appreciate it When you all do highlight that Andrew, you were wrong here so that way I can correct myself So keep us honest by all means But that being said, there's a couple of things that have you know come up over the last week or so that I want to bring up that I want to talk about with you all or at least make sure that you're aware of So I have my handy-dandy sticky note here that I used to keep track of these things So let's see vSphere data store configurations so I helped a customer helped an account team because essentially what happened they deployed their vSphere cluster using I think it was UPI And more or less left the configuration at default nothing wrong with that Except that they were using the default thin storage class Which is pointed at the same data store that the virtual machines are deployed to and happily consuming storage right provisioning all of those VMDKs to act as PVC backing so on and so forth and the data store filled up So yeah, this this of course being bad You know, they are thin provisioned disks, which means that when that data store runs out of capacity Basically, everybody stops functioning at the same time, which is really bad So, you know who actually hates you know, who hates database or Storage filling up worse than virtual infrastructure admins database Yeah Don't like that. Mm-hmm. Not good for your database. No not at all JP data I see your question. I'll hit that in just a second So, yeah Filling up the data store is bad. You know, my first reaction was to chastise them for not having appropriate monitoring in place to catch and prevent such a scenario from happening Ultimately, the mitigation is to configure right add additional data stores to your vSphere configuration and somewhere in my links here. I thought I had the link that I'm looking for So, I will post this guy into the chat here. So it is supported to go in. You can modify the configuration You can add additional data store definitions inside of there and then just create additional storage classes to point at those It does become a bit of a management task greater for the application teams for the administrator to kind of keep up with what's going on there But this is the the perils of not having data store Or what are they storage clusters? The equivalent of a DRS cluster but for storage or for data stores in Available through either the CSI paradigm as far as I know or the entry storage provision for vSphere So, if anybody has any questions about that, just let me know You know, I sympathize. I understand that sometimes that can be difficult You know VMware, of course recommends using the CSI provisioner You know, that gives you a lot of visibility on the vSphere or excuse me the vCenter side as well. So that way you at least have two potential layers of Ability to see and get those alerts The other thing which has been a hot debate this morning, Chris, I don't know if you've seen in any of those chats Feed on the streaming rig It's weird Yeah, it's back now Continue. Sorry folks All right Thank you So the other thing that I wanted to bring up just a quick recap there was Resizing control plane nodes. So the docs and I'll paste the link here into the chat So the docs kind of very plainly states that you can't resize control plane nodes Essentially choose how big your cluster is going to be before you deploy it and then deploy it with control plane nodes of that size So can you resize them and the officially Documented slash supported way of doing this if you will as soon as I can find the right Window that I was looking for here to get my link Is to effectively remove the control plane nodes one at a time And then reprevision them and re add them to the cluster Now you may be thinking well, that's silly Why can't I just turn it off? Why can't you know and adjust the CPU and memory and then turn it back on? And the reason for that is it's not tested. So therefore, we don't know if there's any edge cases We don't know if there's something that could potentially break inside of there Whereas the whole remove and replace process is tested, right? That's kind of the core disaster recovery peace Okay, JP Dade So the video and bare metal installation creating an ISO to install the cluster Could you use the bare metal image creation to install 4.7 on vSphere? That creates static DHCP leases So you can use the bare metal ISO image And it's it's as far as I know you can Yeah, it was yeah, I don't it was only one ISO So you can use the ISO to deploy on to vSphere and that includes UPI right when you put the The infrastructure or the platform type as vSphere It'll automatically configure all of the appropriate things so you don't have to use the OVA though we do recommend it And then creating static DHCP leases I believe that would work If you can clarify What you mean by creating the static DHCP leases that would be helpful One thing to note I think you might be referring to what we talked about last week where if you set the DHCP lease to infinite will it automatically Reserve that So I believe that that only officially works with bare metal IPI I haven't tested it with a bare metal UPI installation or non integrated installation So yes, you could use the ISO you could do a platform equals none installation on top of vSphere But I don't know if it would work in that instance. So It might be worth trying the worst that happens is it's just a bare metal install That you can control that way. So I would I would check on that but I'll also check on that But I'll also say that doing it that way, which is effectively a bare metal UPI you're pre creating the VMs already You're I didn't you already know the IPI addresses So kind of a trade-off there. It may not be necessary Okay enough about about the past and Yeah, it's it's the future if the future is here was with that thing the future is here. It's just unevenly distributed So Peter what's uh, I know we had a pre meeting on this and there's a lot of stuff that we want to talk about I want to make sure we have time to cover that so Please Tell us about open shift virtualization. What what is open shift virtualization and why why do we why are we interested in? Why do we care? Why would you care? Why would somebody say hey? I think VMs in my Kubernetes cluster would be an awesome thing that kind of question. Yeah Okay, so interestingly enough This actually is the main issue is hey, I've got a traditional Setup virtualization set up. I've got lots of guys that are trained up on say vSphere or rev or even open stack And we've got an infrastructure that we're doing We've gone and deployed a cloud native infrastructure. Maybe it's in a public cloud Maybe we've got some stuff on prem. We're either doing our own thing. We're doing or we're doing open shift And right now those two worlds don't really talk to each other right and in fact the Virtual infrastructure admins are like yep, we provide VMs and don't care what our customers put into it and The developers are hey, we got open shift and I think they're in VMs, but I don't really know this kind of breaks the You know the sort of that SRE process right which is the guy that actually do the infrastructure and dev all work together right and that's a That's a future for a lot of people right there are there are some customers that we talk about like Lockheed that are sort of in that future today But for a lot of people it's how do I get there right now I've got these Go ahead. No, I was just gonna say that I've seen you do these overview presentations for open shift virtualization and you've got a great set of Charts and quotes that come from various analysts firms etc about you know how containers are what's in vogue now and we're seeing a lot of new applications being containerized but The vast majority of application logic and application data is still in virtual machines Right that gravitational mass and by the way it's not going away anytime soon right so so virtual machines very mature technology There's lots of reference architectures. There's lots of automation around that that help you create those things and keep it up and running and operational Which is fine right and like you said most people are running the business on it whether it's a Oracle SQL server something like that But the reality is is that the that you know that rate is flat there's not a lot of changes there in fact the hope a lot of people actually work in Oh, you know we sort of get you know bonus on our uptime right and we literally don't want anything to change here so this idea of Rapid deployment and rapid application development and sort of an agile methodology is kind of opposite Of what these guys are focused on Right, but like you said there's lots of valuable data bound up in enterprise databases and business logic that's in middleware right and and some of it's even on old Tell me what kind of language I can get away with on the call here on the stream here right but you know a crusty a crusty windows dotnet application that was written maybe a decade ago Yeah, I mean maybe the guy that actually wrote it is not only not working at this company, but he's actually retired because that's how old this thing is And and like nobody wants to touch you know they go oh we need to we need to go update this to you know to handle this functionality Because we got some sort of regulatory requirement everybody goes yet not it don't So and it's funny you mentioned we know windows applications and especially old windows applications because two weeks ago Christian Hernandez was on to talk about windows containers which really means adding windows nodes to your open shift cluster and server 2019 and all that other stuff and right essentially if I remember correctly open shift virtualization is like server 2012 R2 and newer virtual machines can be supported So it's one of those you know bring them as they are you know well again man I'm on quotes quotes run today where they bring you're sick you're you're tired you're You're hungry you're poor you're hungry you're like Yeah so basically the and let me just touch on this detail here right so The hypervisor technology that we're basing on basing this on is KVM right which runs across all the platforms right so rel rev open stack and now open shift Right and when we do there's actually a certification program that Microsoft has that says hey if you run this it's very similar to our rel certification right so the hardware certification actually includes the virtualization test Right so so literally any platform that can run rail can run rev right so that's that's how we get away with that right and that certification for Microsoft applies not only to the current operating system that you're testing like windows Windows server 2019 but it applies to all valid all valid supporting operating systems that Microsoft supports which takes you back to 2012 R2 There have been calls I've been on with customers who shall remain nameless probably for their own protection they say hey we got like windows server 2008 and you're kind of like okay and then windows server 2003 and it's like yeah no you got to do the old yell You got to do the old yeller and take that thing out to the back and you know get it getting on something slightly more modern that's not not such a security vulnerability I'm not going to comment on that so just to recap right from a developer from an application perspective right it's it's bringing existing applications, you know, within a reasonable lifespan forward into the current 90s paradigm so I'm going to put on my administrator cap for a moment. We're changing or moving from an old, you know, or traditional data center virtualization platform on to effectively Kubernetes. Right. So, what does that mean for me right should I should I be scared should I be alarmed should I should I freak out right what should I what do I right I got a whole bunch of stuff today in terms of security monitoring you know day to stuff operational things that keep us in the green, you know what what is on the other side right like I hear Kubernetes is cool but sort of whether the facilities over there that are in the platform. And let me back up a little bit right which is and I sort of skipped over this part right which is, you know this is part of a larger modernization effort at a company right no no cloud native developer goes. Oh man you know what this, you know 12 factor application needs is some virtual machines and I don't make it really cool. Right, it's more that, hey we got some valuable logic, bound up in these databases in this middleware and we need to bring it along. And then back to your question of security and operational stuff right there's already things in the Kubernetes and particularly our, our, our distribution of it right open shift in terms of security right I've got. I've got Arcos which is an immutable OS right so even if somebody actually gets on your node. They can't do anything right there's actually Linux which is baked in right our rel is Arcos you know you get all that all that protection along with that as well. Right and the other thing is that it now becomes a single platform right so my virtual machines are first class citizens in this new cloud native paradigm. Right so all the things that you can do with a pod and a container you essentially can do with a virtual machine right so it can practice it can connect to SDNs it can participate in service messages. It can be part of developer pipelines. It respects all of the resourcing you know and balancing that happens in Kubernetes which is fairly robust and getting more robust or as we do things like the de scheduler. So the nice thing is and that's the way we did it right it's Kubernetes first this isn't like hey let's replicate everything about what we have in the virtual environment. Not only the good stuff but also kind of the crafty weird stuff that we got and do that in Kubernetes right so if you think of a product like Rev. The vert platform right knows a lot about the storage and does a lot of the storage management and the network management right it's all kind of sort of that big ball of mud as they say right. Right and when we did Qvert and when we came up with Qvert and and open to virtualization we said look we're going to respect the Kubernetes architecture right so everything's got to be an API. And more importantly there's a very clear separation right so the virtualization piece is KVM right and and it does it has a lot of the capabilities that it has on the other platforms. But the storage interface and the network interface there's a beautiful bright line of API that any pod can talk to and our VMs use as well right so things like cloning and replication and network management. That's literally not the VMs problem but all of the features and functionality that you have of those capabilities can be for the most part can be used by a virtual machine. So I've got three questions for you so one is my question one comes from Twitter and one comes from chat so I'm I'm going to ask my question first. Okay. Or let me rephrase that I'm going to ask all three questions but I think the natural order is to answer mine first and then probably the one from Twitch which is Rapscallion Reeves which would a great word Rapscallion. And then the the other one from Twitter is from Sachin. So the second I disconnect so now we're back. Are you running that on Kubernetes you might need some you might need some open to virtualization there to help you out. And maybe I see we're back. All right so so my question first. Do we see any or do you expect there to be any contention between a traditional virtualization admin and the open shift admin who now has VMs running in their platform. So that's question number one. So question number two. So Rapscallion Reeves. So if OpenShift is running on VMs so in other words it's an OpenShift in overt or Rev deployment. Is there any visibility to the under cloud of the Kubbert VMs in other words if you create a VM and OpenShift will it see it in over slash Rev. So and then the third one from Twitter get out of here calendar notifications. Are there plans to have S2I support with virtual machines as well. S2I being source damage. Okay so let's I'll try and keep you reminded of those questions as we go through. Yeah I know I wrote I wrote them down here too right so that you're smarter than me. Yeah. Hell though. It's not true at all. In fact I usually find myself on a call with a customer if you're not there I'll go oh I'm a smart guy let me try to answer it and I'll get halfway through my sentence and I go man I wish Andrew was here because now I'm getting a deep deep. Water. Thank you. So the contention part is and I'm going to divert off technology for a minute right which is a lot of it has to do with how the organization is set up. Right so so if you go read the Google book right which I've got a copy of it here right we just said hey we want to do SRE right we just had that handy right like actually I keep starting it make it through it and I'm about a third of the way through but there's. It's great to leave your material off. But like once you get all the equations out of it you're good yeah. Well but there's a lot of concepts but yeah you got to you got to wade through a lot of stuff to get the nuggets. But my point is you know even in the conversations we have with customers and prospects today the organization is very disparate right or siloed right which is hey we're the VM team and we're and they're good at it right we're very good at VMs and. Yeah this cloud stuff is you know not really known to us and you know the the dev guys are actually off subscribing to the cloud without even the IT guys knowing about it right sort of that shadow IT or whatever they you know shadow development. But in reality Kubernetes and cloud native is the future right so some of these guys said look you know there's something cool happening over there let's go pay attention to it right so I think this is an opportunity for a VI admin to. Take a lot of the principles that they know today about. You know just good networking you know good practices in terms of networking and storage and you know data protection. And apply those the words are different when you get over to Kubernetes and some of the concepts are different. But they're still valid and valuable right so you can take it as an opportunity to go look. And I got to tell you actually when I again a slight diversion when I actually interviewed a red hat I didn't actually have a whole lot of cloud knowledge myself and they said oh you know. It's this product and I didn't know anything I went to Google it and I found many shift right and I downloaded many shift put it on my Linux workstation. And I was super surprised like how easy it was to get started right which is kind of like you know they say the first aid is free. So I was hooked at that point and so if you want to get into it and play with it. It's a good way to do it and then the comfort of having a virtual machine of oh I know how to create a virtual machine I have started up. And then the other thing is the web console right so most of the scary stuff you see around Kubernetes is all the there's this yaml there's this long text file that. It needs to have the right stuff in it well we actually have a GUI that my that mirrors all the functions that you essentially can do in the command line and on yaml right so you can actually get started with. The web console and this is the thing I find very useful right is I go do things in the web console and I go and then there's a little tab that says click yaml and you go oh. I not based on what I clicked on and what I set in the in the in the UI I actually see how the yaml has changed and now I'm actually more comfortable with it. And now I think now I've got I've actually got a little github repo that has yaml in it and sometimes I go in and edit that stuff directly so it's actually made my made me it makes me look smarter but it also makes it easier to digest. It's funny you say that because I literally just had a conversation with somebody who is asking is there an API for the things the GUI is doing. I think it's the other way around the GUI is consuming all of those API so yes, yes there definitely is. Okay, so thank you. So I think probably yeah question to so can OpenShift virtualization see right is there visibility on to the under cloud for Kubevert VMs. And I think that this will tie in with we should probably talk a little bit about the technology like how it looks how it works type of thing and I think that might help answer this question. And I also, I know Chris just pointed out to me privately that Restream isn't moving comments from YouTube to Twitch so we both have Chris and I both had YouTube up as well so for anybody on YouTube. We are we are keeping up with what you're talking about over there. So I'm going to go ahead and share my screen. So let's see. Let's click this screen sharing music. Okay, work just first time look at that. Hey, I've done this once or twice. Yeah, set this up right the, you know, OpenShift virtualization is a feature of OpenShift right so this isn't about, hey, can I use VMs without caring about cloud native and OpenShift right so you got to be in the OpenShift, you know, ballpark to be caring about OpenShift virtualization right and running virtual machines in there. And we're currently targeting on-premise bare metal deployments right so that's that'll kind of I'll turn it over to you to kind of then talk about sort of what that that's about to look like. Yeah, I just wanted to do a quick kind of overview because I think it'll help answer some of these technical questions that I see coming up to just do this like scratching, you know, just scratch deep of OpenShift virtualization. Can you increase that size a little bit? Yeah, font size wise. Yeah, I sure can. So this is this is my lab cluster. You can see I'm running 4.7. I actually so OpenShift virtualization 2.6 got pushed by two weeks. So I'm running a nightly build in this instance, but 2.6 will be out shortly. So effectively, like everything else, it's deployed as an operator. Let me make sure we can see all of them right OpenShift virtualization gets deployed. When you do that it has, as Peter mentioned, right, there's a bunch of GUI tie-ins so on and so forth like you see this virtualization thing here. There's VMs down here, etc. And then both as an administrator where I can go to workloads and virtualization, I can see all of my virtual machines that are running inside of here, as well as a developer, I can flip over to here and I can do things like, well, I want to add, let's go to the right default, right, project. I want to add a virtual machine, right, and I can choose from, I can see and select from virtual machines that I want to publish. So here's a Fedora 33 templates. I want to create a virtual machine. Sure, amused herring seems like a good name for this one. Right, we'll click our button here. And just like that, we've got a virtual machine that is in the process of being provisioned. So, and by the way, the team that works on the UI here actually has a lot of background in products like Red Hat Virtualization or Rev. So we understand sort of what are the affordances and kind of what are the workflows people want to use and applying those same concepts to Kubernetes. Yeah. Yeah. And I think that's really important because it's a team that's not new to virtualization. So they understand how virtualization admins think. So if I click on my VM here, right, kind of all the expected things right here's my console so on and so forth. But Peter said, remember, it's Kubernetes native. So if I click up here in pods, you can see I've got like here's vert launcher for amused herring. So it's it's literally a pod that's running inside of my environments. Now to answer your question, Rapskallion Reeves. All of this is running on physical servers. It becomes a hypervisor. So you're deploying a virtual machine and if I were to go to the terminal over here real quick and do like a PS-A. Yes. One of these. You can see here we've got a QMU KVM process running inside of there. So we, I mean, technically you can do nested virtualization, but we don't support it. So really, it's not, it's not in the concept of I'm deploying a cluster, an OpenShift cluster two in your example, say Rev. And then I'm using OpenShift virtualization to then talk to Rev to deploy virtual machines, which is what machine API does. Rather, it's creating virtual machines and deploying them in pods inside of OpenShift. So OpenShift effectively replaces the functionality of Rev at that point. Am I saying that right, Peter? Yeah, that's correct. Okay. So I don't know. And let me jump back and forth between things here. I lost my chat window. So I can't see the other question that we got asked. Was S2I. Yeah. So I don't know about S2I. I'll have to default to you on that. That would be a question that if a customer asked me, I'd say, I don't know about Andrew knows, and you've kind of, you've kind of mack it as well. I'm not sure. Chris, help us out here. S2I for Vert, not sure. I think Christian was working on that. Was he not? Or was it Trafar? I forget. So, you know, pipelines, tecton, as far as I know, would work as expected. S2I, I don't know, because S2I is pretty heavily dependent on basically a podman build or docker build type of mechanism, and that wouldn't really work with a VM. So the answer I think is no, but I'm not like 70% sure of that. Like I would say I'm 50% sure because I would imagine there's a way to make that work, but it would involve like deep knowledge of all the parts and pieces involved, if that makes sense. Can I ask a different, can I ask a PM stupid question? Like the, and I get asked a lot of these regularly, like, Hey, what about this? You know, can I do this whiz bank technology thing? Let's back up a step. What's the actual goal that I don't remember? Was that Reps Gallium that asked that? That was Sachin. Okay. So, Sachin, maybe if you could say a little bit more about, Hey, here's, here's what I'm trying to accomplish. And, you know, this is the right technology or make there might actually be a different workflow to actually do what you want that's a little more not only Kubernetes native but you know works well with virtual machines. All right, so we've got a bunch of questions here to yeah just flew in. Yeah, so so first, JP Dade is physical to virtual conversion work with Openshift virtualization. Yes. So, so that the thing that the thing we've kind of skipped over here right we've been focused on Hey, I can go create VMs natively. But like I said, there's actually a whole set of legacy VMs you know the you know what is it the the 99% of the gravitational mass of IP stuff is in a virtual machine still. Right. And how do I get there. Right. So, in our traditional world, we actually have products like what's called infrastructure migration services, which would take virtual machines from say like a vSphere environment into a rev or open stack right so turn them into KVM VMs. That same technology is now being recrafted in a cloud native way right and done by the same team right so under the hood they're using. I believe they use v2v and I think there is a p let me double check but I believe there is a p2v option there as well, where you can point that at a physical box and say, go figure out what that things doing and pull it in. And like I said, this does two things it does an analytics where it's it actually can survey your entire inventory and say, I understand the different features that you have like maybe you're not doing anything special or weird or, you know, it's not a snowflake VM. And that's green right so you could literally just bring that in. And the nice thing is we have a warm migration from vSphere right which is the VM can actually continue to run over here we connect to the to the vSphere APIs, pull the data over and create the, you know, create the reflection in OpenShift. And as the VM continues run we continue to converge and pull data until it matches. And then at a point of your timing and mutual timing and convenience you can then power down this virtual machine and power it up inside of OpenShift. I saw literally this morning that the migration toolkit went into beta. Those guys are awesome. Yeah, it's actually based on the upstream conveyor but you know there's other complicate not complications but there's other factors that take into account like, what does my networking look like is that transparent can it will it automatically fail over when I move this service from one, one platform to another, which is fine. So the other thing that so when you say P to V though, the other thing that's super important to remember is, well two things right one is, is it a physical because I need raw horsepower like maybe it's an Oracle database or it's an SAP thing. And the real question is, is, should you be taking that into Kubernetes and putting it into a VM right because if the lat, you know, if you think about your resourcing if you've got a lot of little one you pizza boxes that that are doing your cloud on prem, and you drop a whopping, you know, SAP VM into that. Just because you can that may not make the most sense right if you're if it's doing something valuable for your business like you need to do that and connect into that thing. Maybe that makes sense but again you got to just because you can doesn't mean you should. Right. So the other thing that's important. Well, I don't want to cut you off. Yep. The other thing is, is that things that are bare metal tend to be actually really old to right so like when I said those Windows Server 2000. What was it Windows Server 2003. You know those are, I think they're processed, you know, control type of things or they're, you know, they're, they're lab machines on a on a manufacturing floor somewhere that haven't been up that was a 2003 who's president back then. Right. That was, that was several minutes. Yeah, that was several administrations ago. Right. So, and, you know, a lot's happened since then. And would it make sense to P to, you know, would you P to V a Windows Server 2003 are to, you know, outside of Kubernetes and put it somewhere. You really got to think about what your rationale and what your goals are when you do these things. So the, the five cent version is, yes, it's there, but you might want to consider why it's still still physical in 2021. Right. And then, and it's going to be the same tools that exist for other KBM. So we're at V to V, all that stuff. So next question, I would, I would imagine, and I'm sorry, just to beat on this a little bit, right. Remember, when you get over to your open shift world, right, you still have a whole security and compliance team, right. If you look at the, you know, what do we just, we just did the stack rocks acquisition and announcement, right. And ACM has a whole bunch of compliance stuff. If anybody had, like, regardless of whether that technology works, if anybody has a dream that a Windows, Windows Server 2003 VM inside of a Kubernetes cluster is going to pass any sort of security audit, you are, you're kidding yourself. All right. I'm sorry, I'll stop ranting now. All right. So, yes. Next question also from Sachin, is there a reference architecture for running NFV on OpenShift virtualization like is available for open stack today. As far as I know, no. I, from my understanding, so it's KVM underneath the covers, which means that from a workload capability standpoint, and I know having talked with engineers and Peter, et cetera, right. They really strive for performance equivalents, right. They don't want there to be any degradation of performance because it's a VM running an open shift. So technically possible to run those virtualized, you know, network functions, but we don't have a reference architecture or anything like that at this point. Let me see. Yeah, let me go find I, in one of the blogs I had, not that it was actually in the OpenShift 4.6. OpenShift virtualization blog that I did in 4.6. So it was what three months ago, probably let me see if I can dig it up. We did actually, we did that comparison of, you know, hey, let's run these virtual workloads of PostgreSQL server. And we actually had a couple of compute ones like Black Shoals, you know, financial calculation type stuff, run them on your traditional virtualization platform and then create that same workload on OpenShift and OpenShift virtualization. And we essentially got performance parity, right, because KVM is KVM, right. We've been doing this for, I think it's been in the kernel what, a decade now, right. So we know how to do virtualization, right. And the thing about OpenShift virtualization, we're sort of changing the management control plane, right, of how you actually do these things. But the actual core piece of it is very mature and stable technology. So yeah, we had this comparison that showed essentially it was in a couple of percentage points of each other. So I'm going to rapid fire and answer some questions since we've got like 10 of them. Go ahead and finish your thought. Well, on the NPV, the telco thing, right. So we are focused currently on sort of things like enterprise databases, you know, sort of your traditional IT workloads. We know telcos, especially for things on the edge, you know, want to get there. We're not quite there yet. So we're working, we get this question pretty regularly. We'd be interested in hearing about the use cases, but right now that kind of, you know, things that demand say a low latency or, you know, some sort of high performance out of the VM. We, that's kind of a, we're probably not there yet. So Chaitanya, I apologize. I am terrible at names, including, and especially my children's names. So apologies if I butcher anybody's name. I want to do a job in Kubernetes practicing basic concepts. So I answered that one. Yeah, I saw that there was some other chat about that off the top of my head. I would definitely recommend looking at many of the learning resources, which Red Hat has a whole bunch of them that are free right you don't have to pay for anything. My default answer is always learned.openshift.com. Yeah, great resource. Great resource to go and get started and get hands on, you know, with some guided scenarios and stuff like that. Conan, can OpenShift Virtualization orchestrate virtual machines for an OpenStack when OpenShift is hosted on OpenStack? So, no. I'm going to have to go watch Inception again. Yeah, so, so yet, yes, but no. So this is another one of those where it gets confusing. So OpenShift deployed using the IPI method to OpenStack is technically creating and destroying rate managing virtual machines for itself, right? Its own worker nodes using the OpenStack APIs, et cetera, machine API. If we're talking about OpenShift Virtualization, then no. However, there are some weird edge cases that may or may not be supported here. So for example, it is technically possible and fully supported to deploy OpenShifts to OpenStack that has a virtual control plane and physical worker nodes using Ironic. Now remember, physical servers is required for OpenShift Virtualization. So in that case, you could technically deploy OpenShift Virtualization inside of there. And it would function exactly as you would expect. I don't know whether or not that's supported. I would be very surprised if that's a tested scenario, but it should work. There you go. I'm going to assume Peter's typing so that he can look that up later. But yeah, so remember OpenShift Virtualization is hosting VMs inside of OpenShift, not OpenShift managing virtual machines and external hypervisors, which is a question that we get frequently. So like, do we want to talk about Nest advert and where we are along that journey? Yeah, so, and I see that there's a couple of questions around that. So OpenShift Virtualization today requires physical servers, on-premises physical servers. I'll go even further. So nested virtualization technically works. You all who are seeing my screen here, this is a nested lab. Technically works, not supported. Great for demos, stuff like that. Yeah, great for demos, maybe not great for production. It technically works to deploy and use the hyperscaler bare metal instances so like you can deploy to AWS I3. Technically works, not supported. Right. But that's actually a roadmap item for us, and we're being driven by demand, right? So the, again, the bulk of the stuff in public cloud is probably either AWS or Azure, and we're having conversations with those teams. But the thing that will actually move that along is customer demand, right? Because that's a, again, that's, sure you could do it, but is it, you know, is it an, is it actually an economic solution that'll work? That, you know, that's one of the things that PMs care about, like, can customers afford it? So Dan asked, is nested virtualization support on the roadmap? But pause before you answer that. Not looking for nested VMs, like what we were just talking about, but rather interested in use cases where virtual machines are able to launch other virtual machines. Oh, fancy. So I would, judging by, yeah, judging by your confused face, I would say no. Wait a minute. What's the actual use case, right? Yeah, run that back again, right? Like say that question again. So they're using virtualization to deploy other virtualization or using tecton. So I think this would be something like having effectively a virtual control plane with physical workers and doing it that way. Dan, please speak up and chat if we can. Yeah. Clarify. Also, anybody and everybody's welcome to reach out to me, Andrew dot Sullivan at Red Hat, if you want to ask other questions or clarify after the show ends in 11 minutes. Because I know we have a hard stuff today. Yes, I'm not even actually seeing all of the chat here. I'm on the Twitch channel, but yeah, the YouTube, it's on YouTube and the the the restream aggregations being poor today. Let's move on. I'll, I'll figure something out. Yeah, Conan nested virtualization would be interesting doing ephemeral things that require virtualization for cloud native CI powered by OpenShift pipelines. Yeah, again, nested in the sense of right deploying an OpenShift cluster that's virtual and then hosting VMs inside of their technically possible. It doesn't invalidate the support of your cluster. It just means that doing nested virtualization isn't supported. So sorry for stepping over you, Peter. No, no, that's fine. Well, the interesting part is once you come up with a technology people, right? OpenShift itself has a lot of future stuff that's going on. And, you know, since virtual machines are first class citizens, the very first question I get after the OpenShift guys announced something is, hey, does it work with OpenShift virtualization, right? So two examples are compact clusters, right, which is it's not it's not hyperconverged, but it's the, you know, the idea that I've got three nodes, the control plane nodes and customer workloads are kind of rotating all those schedule level masters or schedule level control plane nodes or what we call it something like that. Can you use VMs there? Absolutely, right? You install the operator, you create your VMs just like you would on any OpenShift cluster. The trick there is VMs tend to be more heavyweight in terms of resources of CPU and memory, and you just have to make sure that your three nodes are big enough to handle the control plane workload, you know, CD can be a little cranky sometimes, your actual cloud native workload, your container workloads and your virtual machines. The other use case is even farther future, right, and that's a shipping product today, right? The other far future is Edge, right, and sort of the single, you know, single node OpenShift. Could you use VMs there? Yeah, probably. But again, it's, you know, it's not going to run on a 16 megabyte, you know, arm chip somewhere, you're probably going to need something beefy that can run VMs in it. I do see Mark, Mark Schmidt is here. Hi, Mark. Yeah, it's saying that that Jeff Bezos, although Jeff Bezos is now in the process of stepping down, would love for there to be nested VMs and VMs and AWS because that sounds very expensive. And yeah, something that he would appreciate. So there's one other, do we want to talk about futures a little bit, too? Sure. Okay, so one of the other, the one of the other things people are asking about is sort of the idea of, hey, can I do OpenShift clusters inside of OpenShift, right, and the idea of multi tenant, right. So if I've got a large bare metal cluster that, you know, some of the server vendors are pushing the 4U box that's maxed out with memory and CPU and possibly storage. But then I actually, you know, everybody gets a cluster, kind of that Oprah thing, like, hey, Chris gets a cluster, Andrew gets a cluster, and you are actually the admin of that. So you can sort of do that today with a UPI and create VMs in the main OpenShift cluster and deploy virtual clusters inside of it. But it's not easy, right. So we're looking at technologies like HyperShift, right, which is, that's the act of taking a control plane node and running it actually in a container instead of needing a full node for it. And once we have that, that kind of technology is more mature, then it becomes much, much easier to deploy what's essentially multi tenant. You know, essentially what you've got over here in your traditional IT where I can do deployments and do tenancy and separate my end users and customers. You'll then be able to do that inside of Kubernetes and OpenShift. I did get a, sorry, completely off subject. Somebody asked why I use macOS instead of Linux. It's a really simple answer for me. Look at all this crap I have to attach to my machine. Honestly, it's, it's a silly, stupid first world problem, right? I have dual 4k monitors and the screen scaling in Fedora is all or nothing. Either it's at 100%. So the 4k is super tiny and I'm getting old. So my eyes aren't what they used to be. Or at 200%, it's the equivalent of 1080p, which looks nice and sharp on 4k, but is not the type of real estate that I want. Right. So macOS gives me the ability to do an equivalent of 1080p. So if I do a, you know, I can bring up this thing and show you that I have seen hits on this one, which is looks like 2560 by 1440. Right. Yeah. So that really, that's, that's the reason why. And if you notice here, I'll switch over here. Most of the things that I do are from this bastion house, which is actually a, it's a Linux. Actually, I think I said rel in the chat, but it might be CentOS stream. Did you upgrade it? It is. Changeover. Yeah. Cool. So yeah, I basically do all of my real work, you know, anything Linux or anything CentOS, anything open shift related from a Linux host. Anyways, I basically use this as a browser. Yeah. I have two Linux boxes that I use for things. One is actually a very robust server and the other is just, you know, like set up to be a desktop. And it used to run OBS for this channel, but we've found better ways to that in theory. So before we run out of time here, and I think you said we have a hard stop in about four minutes, 20 seconds. So say the folks on the stream here, thank you for your questions, by the way, that actually helped shape the conversation. Hey, I'm interested virtual machines in Kubernetes sounds interesting. How do I try it? Right. So if you already have an open shift subscription or you've got access to an open shift cluster, you can actually just install the open shift virtualization operator. You just go to the click on the little marketplace over there that was an operator hub. Download it. It's already included. The entitlements are already included. You can download it, install it and start creating VMs in your namespace in as little as 10 minutes. Yeah, it really is easy to get deployed and up and running. Yeah. And it's in the operator actually handles the upgrades as well. So when you go ahead and upgrade your open shift cluster, it will say, Oh, there's an opera. It actually doesn't automatically upgrade the the open to the CMV operator, but we say, Hey, there's an upgrade available. Do you want to upgrade it and click here and that'll happen. Yeah, it I really like the behavior of operators. Like, so for example, you see that this is 2.6.0 dash 637. This is the fourth or fifth nightly release it's updated to I think I started at like two or 630 something like that. And it just quietly in the background updates itself according to the nightlies, you know, without any issue. I haven't had to think about it. So it's really nice. And the very last thought, I think, well, it won't be the last one, but there'll be other ones. The last one for this particular stream is red hat is very strong in in the Qvert space. Right. So Qvert is our upstream. There was actually a summit about a month ago that talked about some very cool things in terms of handling resources. The other big one that we get asked about a lot is GPU enablement. Right. So I want to do either compute intensive stuff with AI ML with virtual machines, and then remote visualization. Right. So, so those two things are actually actively being developed in Cuba right now. They are not quite downstream in open shift virtualization, but we'll be doing some PCI path through coming up very shortly. Cool. Alright, so I know we've got a little over two minutes left. So I want to make sure that everybody has an opportunity to ask any last questions that they've got. You are also welcome to reach out to me at any time during the stream or not to ask questions on any topic. Andrew dot Sullivan at red hat.com or on Twitter at practical Andrew. Peter, I will leave it to you to how much of your contact information to disclose and whether or not you, you want to subject yourself to that. Yeah, no, that's fine. I'm actually on Twitter. I think it's PC a lot of PC lotter back is my handle. My red hat email is not as fancy as yours. It's just P a U T E R. After that.com. Didn't get the yeah I never got it. Ask me why you got to put in a help to get it man. Yeah, they'll they'll add I think two or three aliases. So, okay. Yeah, and I am at Chris short on Twitter and see short at redhead.com if you have any questions just like Andrew, I can get them routed in the right direction if I can't answer them at all. And so shy am she am. Can you list the applications that we can do with Kubernetes. So, no, but we can describe kind of a general category of applications. So what do I mean by that. So, Kubernetes is designed to schedule and control containers, and it doesn't really matter what's in those containers it could be a simple bash script that reaches out and pings your gateway to make sure that it's you still have connectivity or it could be anything up to an including like Microsoft SQL server. So, there's a huge broad range of applications out there that can all be hosted in Kubernetes, really the only prerequisite is it has to be in a container and no longer even a Linux container right with 4.7 we can now do windows containers as well. So yeah, we got a jump. Thanks everybody for joining today. Thank you, Peter for coming on talking with us about all things virtualization and Andrew. Great job as always. I'm sure there are questions we did not answer so please feel free to reach out to any of us and we can get them answered and coming up next in literally seconds, we will be talking about if I can find which sliver in my calendar this is. We have a fireside chat with my friends at Percona the database folks so please stick around for that. They're awesome. Yeah, they're great. And without further ado, stay safe out there everybody and see you soon.