 Good morning. Good afternoon. Good evening. Wherever you're healing from welcome to another red hat advanced cluster management office Our my name is Chris short. I'm host of red hat live streaming Title of today's show is proactive free fleet management with red hat advanced cluster management We're joined by our normal like massive group of red hatters Assembled by the one and only Scott Baron Scott. How are you today, sir? Hey, Chris? I'm great. Thanks for having us It sounded like you were saying proactive freak management and yes We need that in ACM land because we tend to take on a lot of things and I'm excited to talk with you today We're gonna hit on what ACM is doing in this space around Hug management fleet management. How do you get analytics from the cloud and enrich that space from your on-prem software? How do you start to bring all those goodies into one basket? So it is absolutely proactive fleet management Really freaks here. I am sporting the red hat neurodiversity t-shirt So I just want to do a big shout out to some D&I causes here at red hat and now I'm gonna turn it to right for his intro Hey folks, so my name is Roddy Wachal. I'm the product manager for insights for open ship We're gonna cover up in a bit what it is all about I'm based out of Bernouche Republic and I've been a threat for more than 15 years now And I have ready here with me to help out with what we're gonna be talking about Thanks Roddick, Randy George. I'm also in Austin, Texas with Scott and we're closely with bringing in The analytics that products teams been producing and I'm all excited when I love the analytics by love proactive management even better So I can't wait to get on with this and we can show you guys how to do that. So I'll turn it over to Zach will be one of the guys also have been implementing this and help show us a little demo Hey everyone Zach Lane, I'm based in Raleigh and I've been a UI developer for the Rackham product since it's inception back at IBM I'll turn it over to the other Zach Morning everyone. My name is Zach. I've been a software engineer at Red Hat for about a bit over two years now I'm located in Boston, Massachusetts Here and recently on the side have been pretty into golf. So I'm gonna turn into turn over to Jake Hey, I am Jacob. I'm a software developer at Red Hat and I've been there for about a year and a half now and I'm based out of Virginia And I'll be going into a bit of cluster discovery and automatic import That's it. So we did bring the usual dream team Chris. I can't do this alone. We've got I think we're over like a hundred engineers now that are working on this this multi-cluster challenge space and upstream projects Like open cluster management Submariner and some of that stuff will get you there But then you really need analytics and you need to start crunching through the data You need an experience that pulls together insights across the fleet And that's why we started the team up with Radek and what that team is doing in the customer insight space So I think Radek's going to kind of describe a little bit of that problem area and how we enrich The open shift user experience around those types of insights Sure. Thanks Scott. So, yeah, let me talk about insights for open shoots and I'll start with My personal experience from a couple minutes ago. So it's getting late here for me It's almost evening and I needed a break before this presentation. So I was working on my bike The shifting when my bike doesn't really work very well I love mountain biking. So I was like I should actually look at it And my bike is a set of different components both together Connected with cables connected with chain, right? all together somehow working and The shifting issue this can be one of the three things based on my experience and even based on my experience I actually knew that this is the single components It's my chain that needs a bit of a bit of a lube to there here and there to make sure the shifting actually works well This is my analogy to open shift cluster open shift Open shift for us as a bunch of living components that work together are connected together Are interacting all the time and every now and then they send us a signal A signal that something is not behaving as it expects as it's as it's expected something's going wrong There's an alert coming from an operator. There's some behavior issue that we need to act on Without having the experience of where to start triaging the issue You have to look at different places. You have to start digging into one component Another component trying to figure out what the hell is happening on my cluster and with insights We're trying to bring that experience of someone who's been running open shift for Almost a decade right now Who's been working on these components day by day and who's got like hundreds over hundreds of engineers On thousands of engineers actually sorry about it Working on open shift and different components and many people in support having that experience of supporting the open shift to the customers and people in SRE and others and others So we're trying to make sure that this experience is available to everyone And helps with troubleshooting problems that you might be having or it helps with preventing a lot of our problems You don't even know about So what my team is doing Is that we're looking at the analytical data at every open shift cluster is providing us by default When you install open shift for by default you send us telemetry data and as of open shift for the two We also have insights operator that is providing us some additional pieces of information that we look at We combine this information together and we come up with different things different findings based on that information Uh, we provide that to different teams. Our main thing is that we Look at these data from an engineering perspective first thing first We want to fix the problem the potential problem and the product So we're looking at fleet issues We're looking at a set of different conditions again And would it be close to our other some again behaviors log messages and whatnot We combine them together and we present them back to the engineering team We work with engineers on specific components and we tell them Hey, this this thing is actually not behaving as it should it's it's a performance issue It has an upgrade issues has some other sort of an issue And we need to look at how we can potentially fix the problem Well, not only we do that. We look at our internal knowledge base We work with the support team and the support team is able to tell us Hey, this this issue. We already know about it. Uh, some other poor customer actually shared with us a similar problem and we solved that problem for them And we know what's the what's the root cause we know how to fix this issue Or we can look at our internal knowledge base We can work with solution architects times basically whoever touch open shift is able to contribute back to us their own experience How to troubleshoot a specific problem and how to prevent this issue an ideal case So for our support engineers, we offer them a different set of tools that is allowing them to Look at the potential root cause of a problem Recently, we realized that for more than 80 percent of support cases that has been open against open shift for We already have a solution. We already know about the problem because someone else has already hit it And we can instantly provide an information back to the customer. So first we Prevent that issue with open chief engineers. We told them. Hey, this is spiking. This is somehow suspicious and we need to look at that And the second thing is that we work with support And we try to identify Solutions for problems that already exist or problems that might happen to the customer cluster And the last thing that we do is that we present back some information directly to our customers We tell them about hey, there's an already there's a potential issue on your cluster Again, we're trying to be proactive as much as possible. We're trying to prevent the issues here So we're basically telling customers if you continue on this path with this configuration with this setup Eventually you might have a problem. You might be having a degraded cluster performance You might be hitting this issue that you're not able to upgrade So here's a solution for you This is the inside's goal is to provide a specific solution specific steps how to prevent that issue from happening Enrotic, I think that's one of the keys you mentioned Different scenarios where we know about this problem and give you a fix of problem But I think one of the most important ones of value. I see is We've we found this problem We know what led to the problem We can tell you Here's how to prevent ever having that problem, right? And that I think that's because that's really what you want to do. You don't want yes problems are going to happen Yes, we got to fix them faster restore service But the most important if we could prevent the problem from happening altogether That's that's the ultimate goal, right and by having like you said thousands and thousands of Date clusters from thousands thousands of clusters and if somebody has a problem and you know how it got there You can prevent all these other folks and like configuration issues. It's not just a code problem It's not just a bug in the code a lot of the things that your insights does Analyzes configurations. We all know this one knob is on the other knob is off and one is turned high one's turned low Oh, that's not the best combo. You know that type of thing and that's where I think the real value of this comes and I think when I was you also have a team of data scientists and a huge data lake Uh, you know this but you don't want to remind but people that the scientists are always mining that data and Testing new algorithms to come up with additional data in addition to those other sources that you have, right? And one thing that we realized real quick when we tried to analyze this data So it's exactly like you said Randy The challenge always is when you put the data scientists on a huge set of data and you tell them go find a problem This is going to fail. What do we really need to do is to Feed it with our own experience. So again, that's why we engage internal teams support engineers and others to tell us Hey, I've seen this before. I know what is happening here Can we actually estimate or can we look at other clusters having similar issues similar symptoms similar conditions That are almost matching this one. And can we estimate that this is the same problem? So this is what we do a lot internally that we tailor these views on the data For specific teams specific use cases And we provide them this knowledge to be able to again solve some problems But mostly prevent problems plan feature prioritized features So a lot of the times not only we look at Is that going to prevent an issue? But again, it's a lot about your the behavior and your experience with open chief cluster Are we able to tweak certain things because we see that there's probably a performance bottleneck Or there's some mis-configuration that customers often hit. So can we improve our documentation? Can we improve the operator responsible for this? So this doesn't really happen Can we do some modern enhancement that again would prevent this issue in the in the product itself? And Roderick, we all know, you know, we find a problem we get told about a problem How to fix it is one of the Okay, now what do I do and I think this is another area where I think you guys You know your analytics like sell at right Open user with how to remediate, right? That's the thing that I love the most that we're able to tell customer exact steps We call them remediation steps How to resolve the problem or how to prevent the problem again from potentially happening And what you will see in the demo later will be this exact one line or two line commands Telling the user go run this as an OC admin go fix this configuration go fix this problem And again, you'll be back on track with a cluster as it should be and behaving as expected So that's the part I love like we're ACM and we're an on-prem operator. We deploy out of operator hub And even though I'm a software thing, I can still tap into your data scientists I can tap into all of the analytics of the fleet to enrich my experience down in my managed fleet with an ACM So that that's the real fun part about this journey is working with your team Roderick and bringing those two worlds together Did you have something you wanted to share like a picture or any kind of description on that or should we just jump into the demos? I think we should jump into the demos. Well, maybe I'll I'll do real quick share Yeah, that one slide of yeah, this this one slide But the thing is that we are not able to share all the insights All our internal know-how Because of customer data and whatnot But just to give you a sense of what our engineers are dealing with These are the type of reports that they are looking at they're looking at specific cluster And what potential conditions or potential what we call them symptoms and diagnosis that are hitting One thing that I would recommend Chris. You had to hear my colleagues I believe before summer Ivan NHS and Jan Zalani talking about The CCX effort that they are doing the CCX stands for connected customer experience So if you want to know more details about all these charts and all these diagrams and trends that we're looking at and How it impacts our upgrade path and the and the open shift how we feed that big data back to The Cincinnati service that basically tells users which versions they are safe to upgrade to you Or even more different playbooks and views on the data I recommend that talk from Ivan and Jan Zalani because they they went into much deeper details I'll find that real quick. You bring up a good point on the whole upgrade called tree, right? ACM has already pulled that knowledge in right? So when we're going to upgrade the fleets, we know what is the next safest Or you know Version that you could upgrade to right and we use those analytics to generate that upgrade path for the various fleets Right, so this what we're going to show today just additional analytics that we keep tapping into And to provide an eight to provide better fleet management, right? Oh So let's let's do that. Should we kick it over to zack lane? We got all the zacks on the call Let's do that. Yeah, we didn't hit our quest chris quota, but we definitely hit our three chris too. Yeah All right, zack, I think you're you're on the spot We're gonna show here is the ccx insights and I want you to douse on me with how you can enrich my Management experience at the hub with all of the data analysis that roddx team is doing Yeah, absolutely, and thank you I guess just to go into a bit of background on this bringing in what roddx just talked about We essentially out of the box now with rackham have a new service That runs in our back end that will keep essentially a list of all your managed clusters and with that list of clusters We query for the insights from roddx team Holding those in rackham so that we're able to easily Display those two users so that they can quickly identify clusters that have you know High severity issues and take the remediation steps that they need to to solve Let's see I'll share my screen real quick And while you're doing that zack, it's I know you're going to show the display That's much easier to demo. You also can get alerts for all of this, right? So it's not like you have to sit there at the console to get that as soon as the insights come in And which is very frequent checking You know a lot can be generated and sent to wherever you have your alerts integrated with Yeah, absolutely. I guess uh, I can talk about the alerts a little bit too So out of the box as randy was mentioning you can get alerted based on different rules that you have set up So for instance our out of the box alert, which is defined here in this Thanos ruler default rules config map A will alert based on critical critical insights So this is just the default one that comes out of the box with our observability feature And essentially will alert only on critical insights that come in from the ccx team Now along with that. This is just the default rule. So You can create a different config map that has different rules for say different severity insights or You know pretty much whatever you want Whether it be, you know amount of issues on a particular cluster, whatever it may be but you can create these different custom rules as well and then Additionally, if you were to want to be notified on like a slack channel for say Um, you can set that up as well so that when a certain severity insight comes in You get a pinged on slack and then can come into our rack of UI To further investigate the insight and take whatever necessary steps to remediate it Nice. So my entry point as an sre my mindset is slack Or maybe i'm using pager duty Those alerts would come to me and then now i've received the alert I'm ready to jump into the console and i'm ready to Understand more about it. Like i'm ready to solve it or remediate it or even understand what was the proactive thing You know that came to my attention So drive me through that story now like i'm i'm in the console and i'm ready to work on that remediation Yeah, absolutely. So for those not familiar, this is rackum our landing page or welcome page With a little bit of information on the different features that we support So once you come once you realize you have an insight that you want to take remediation on a quick way To sort of go through the flow at at least a fleet level as they come into the overview page So on the overview page we have As I said a fleet level statistics of certain health metrics Among the clusters that you have under management. So in this instance in this environment, we have two managed clusters A little bit of insights on them and for the insights we have this new card That shows the total amount of clusters that have issues on them Along with the sum of the different severity insights that each of the clusters has So it's a quick way to identify exactly how many clusters have issues and then further go along with that so if say a certain severity has issues it becomes a link and this Launches out to our search page and our search feature for those not aware essentially Allows users to search across every Cluster for any resource they want In this case, we have a predefined search for policy report resources, which is what we store the ccx data on but additionally with The search feature you search for resources. You can also see You know the yaml for a specific resource any related resources to a specific resource and so it sort of Makes troubleshooting certain issues a little easier. Yeah, so you're you're able to pull in the aggregate of information without me having to jump into each cluster context and go figure out what's happening on it so This is this is one spot to see it all and I'm seeing a couple of rules that are violated here So talk me through what these findings are Absolutely, so As you can see we have two different policy report resources One for each of the clusters that we have under management or local cluster being our help cluster and the mc rmg being a managed cluster Both of which have the same violation this prometheus db volume rule And along with that you can see that they're both a moderate severity And it's the same insight But with the search feature say we were to have a policy report with more than one Insight or one that you are specifically looking for each of the columns here in this table are searchable So for instance, you could search for rules and then whatever inside it is that you're specifically looking for And that will narrow down your results there Along with the categories as well described in the the FAR column and Nice, so take me through an example where now I have to go solve This thing looks like a prometheus issue. Yep Yeah, so we'll Following your example you got notified of a cluster having this problem or a potential problem You came in here. What's nice is you'll get to view across the whole fleet to say What other clusters are having that similar problem, right? So you're not just doing cluster by cluster resolution. You get a fleet view like you said, right? absolutely Yeah, and to go off on what scott was talking about to take further action will Take the managed cluster for an example Each of these names links out to that specific clusters details page So as you can see we're in that clusters page and its overview With you have a few different statistics On that cluster But by default navigating from the search page here We come in with this sidebar automatically popped out which has a table view of any insights that are uh associated with this cluster And so you have a similar demo or donut chart That we had on the overview page Which just gives a count of all the severities along with the table That lists each of the insights on this cluster So you can see the prometheus one where we had that rule id along with a short description of this insight in the category and we Pre-sort it based on the risk score of each of these varies What is the what is the total risk calculating like what is the definition there? I guess of risk? I would have to defer to radic on that one as that's something they come up with Okay So basically what we do Chris is that we look at each of the potential recommendations we call them recommendations here to customers and we run an assessment against our test set of clusters and basically try to figure out If you hit this issue What is going to be the level of impact on your cluster again? It's around degraded performance different behaviors Unability to upgrade and things like this If you look at these criticality levels each one of them I'm not sure Zach if we had that implemented already have pop-up describing the impact level What we tell customers is that those that are critically important We recommend solving them immediately Because again, these might in a very short time frame cause some potential harm on the cluster These there are moderately low. They still need some additional consideration on your on your level For the low ones for example, we'll tell customers this is probably wrong, but You might have a good reason for running this like that, right? So it's it's really how we estimate the impact Makes sense. Got it. Thanks so I guess along with what we were talking about Coming in here. We see the insight that we have for this cluster. So to take their mediation steps on it We have Another screen that provides further details into each of the different insights So you can see here the same description along with a little bit more information and A remediation text that describes at least in this instance a link out to The documents page on configuring persistent storage to solve this problem But in other instances it could be a longer set of steps that you would have to take to Remediate a certain insight Additionally, there's a reason text this insight specifically doesn't have one but we're to It just provides more reasoning as to why it's an issue and In why you need to solve it essentially Nice, so we have a couple of you know in this little demo environment We just have a couple of moderate ones to show but this gives you an example of where Prometheus I mean, this is kind of straightforward. You're telling me that something's misconfigured in the system I don't have a persistent storage, which means I'm going to lose all the metrics that I would probably want to see, you know, if I want to look at health trends or Look at what this cluster is doing over time Yeah, and and scott even you know developer setting this up. I remember first time I got this. I'm like Yeah, I knew this you didn't have to tell me but you don't think about it And you know the default setup in the cloud is to use some femoral storage for Prometheus and like I said If I would have ran into something I wanted to go look at the metrics And if I would have had to restart some of the positive Prometheus pods, I would have lost all of my data I would have been you know Tech right so Just this remind me. Hey by the way, here's the default set up if you restarting pods, you're gonna lose Oh, yeah, that's right. Reminds me to go set up, you know Persistent storage for Prometheus right versus waiting until I ran into the problem lost of data Then I get reminded the default was set up in femoral, right? You don't want to hit to that point. So a lot of these things are Very informative in the lower risk, but yet very useful, right? right Like like right excited There might be a reason why you want to run like this and that's okay. That's why this is a risk factor of two Uh, it doesn't mean you have to drop everything and do it But you know when that critical one comes in it probably means you want to pay attention to this today Like this is something you want to respond to Nice. So this is available in the current release version two dot three dot one Uh, we're going to continue to to be able, you know, use this type of feature use this type of information One of the things I noticed there is that Talk to me about the policy report and that seems to be something that we're using here that Maintains some of this information for us Yep, absolutely So in this two three to three one release, we're using the policy report from the SIG work group To store the different insight information And we have normalized it into their resource Using that so that in the future Which I think for two four, I believe correct me if i'm wrong We will also integrate the g rc policies into this policy report So we will have multiple sources of insights coming in That will Then be displayed for each cluster as you can see here So we sort of accumulate all the different insights from different sources so that you can get a more holistic view of the cluster health And you know remediation steps on them Nice, so that's an architectural decision. That's an upstream work group A special interest group that we're participating in to help enrich This type of experience across all of the pillars within aco And so policy report. Yeah, I do believe you're right. I think that's coming in two dot four with a notification story Around policy reports and the policy violations and how we can start triggering those off into third party And we have we have the trigger in two three. It's just um Like you said the policy reports a standard api that the sig work report on the policy sig work group divine I've implemented it will generate metrics alerts It would be g rc policies will be creating those but the one herit the alert team that's there now So that integration will be there do that already Nice Excellent Sorry, christ didn't mean to cut you off. No, you're fine Yeah, one other thing I wanted to come back to look at this even though it's an oversimplified demo one problem, you know And same problem on two clusters, right? Hopefully you don't have this issue But if you have multiple problems on this cluster as you see the table Sortable you can, you know, you'll know how many criticals you have We didn't talk about categories, but insights will also just like they tell you severity just like they tell you The risk of of not, you know, making this recommendation Um, they'll give they'll separate or categorize these issues as well And sometimes it could be one or two categories Um, and it's nice because you can you know, it's a security issue or If it's something that'll affect availability or something the effect may performance as roddick was saying those other things So you can also You know if you have a whole bunch that are same important to whatever you might want, you know Maybe security is more important than Configure health or something like that which it should be and so because um Though you can go prioritize if you would have those sort in the table and prioritize and resolve You're right Go ahead Yeah, just real quick on on top of that right now insights is very much looking at the core set of components and things that make up the cluster But the future is that we want to go beyond that We want to look at the workloads that are running on the cluster And look at things like kubernetes best practices for running specific workload in the cluster and to give resource optimization recommendations and Again looking at how your workload is actually impacting the cluster behavior. So that is the future of insights and it's still evolving a lot Yeah, you're speaking my language right? I want everybody to be talking about what really matters Is the workload? I want to be able to mute out all of this other Cluster stuff at some point. It should just be there and operational Um, but you hit on a point which is kind of that understanding of a blast radius Right if you're just talking to one cluster. Okay, cool. You you understand it. It's your bespoke, you know Cluster that you built but we're talking about hundreds and thousands of clusters I don't I don't want to have to be able to sit in front of a machine Uh in front of a dashboard and have to to cognate, you know, what's going on with this Is this prod or is this dev? I shouldn't have to be asking those questions You're helping me understand the blast radius and you're only waking me up when it's critical But I actually have to do my job. I love that I love enriching this experience for the sre's and the operators who have to work in, you know, day in day out Keeping the lights on So i'm gonna pivot off of this story a little bit in our little demo here. Thank you zack. That was wonderful Did I leave out any other parts that you wanted to cover? That was it for me. Okay fantastic. So what excites me about this is You're showing me insights on a handful of clusters, but I have more things to manage right I have A thousand of these things that I need to bring under management And another aspect that we're enriching in this space is how do you communicate? To the cloud or how do you communicate to a list of known clusters? To be able to start to ingest those and import those and take action on those from an acm management perspective And so here's another example where we're reaching out to the cloud And we're figuring out what do you have in the open shift domain of your, you know, your org? Your organization and how do you start to quickly import those and start to help me automate the management of that? So i'm going to kick it over to our disco team the discovery gentlemen I've got zack and jacob here and you guys have been working on this problem statement, which is Okay, yeah, it's it's excellent to be able to manage something one thing But I need to manage a hundred things. So how do I go from zero zero to a hundred? How do I do that quickly? Who's going to talk talk me through that story? I'll go ahead and take this one on scott. Uh, can you all see my screen real quick? Yes. Yeah. All right, great. Um I'm Dr Kale and I'll be demo demoing cluster discovery from console red hat com today And quickly as scott mentioned Discovery is a feature which allows the hub cluster to reach out to console the red hat com to determine If there are any discovered clusters in which red hat open shift cluster manager would know about Which are available to be imported into advanced cluster management here If there are any clusters which are discovered through open shift cluster manager We'll provide them with a simplified mechanism for cluster import and to showcase this i'll walk through this entire flow The first step I have is to set up a red hat open shift cluster manager credential that we could then use To create a discovery config for import So i'll go ahead and come to the credentials over here and click add credential I'm going to go ahead and create a credential of type red hat open shift cluster manager Wait, wait, wait, you're going you're going way too fast for me. I'm I'm slow on the update Can you go back to that credentials page because you're helping me understand something here that's really cool You're telling me that acm Is a multi cloud multi cluster You know management system because I can connect to any of my hyper scalers I can connect to my on-prem like data center credentials And I can also connect to automation and what we're calling other which is basically Ocm is the open shift cluster manager So I have the ability to make all these connections from acm and what you're What you're highlighting is a cloud service console that red hat calm, which is kind of an uber list of red hat Open shift clusters that have phone home or that have subscription right they're tied back into Into the red hat mothership. So you're able to illustrate on this screen exactly my point Which is we can talk across cloud local cloud whatever cloud you got and in this case You're going to be speaking specifically to console at red hat calm to get some information That's really cool. And you're doing that from a hub, which is I think might be deployed on amazon But let's just imagine this is a hub deployed anywhere Yeah, absolutely I'll be setting up my red hat open shift cluster manager credentials to talk directly to red hat open shift cluster manager in this case Now, maybe you guys picked that up on the first time through but I I love seeing I love seeing that story where we're able to just maneuver all these different credentials and connections here Yeah, and what you're saying scott is You know multiple people from an enterprise have deployed instances of open shift or whatever right on param in aws in azure wherever could um Now you've felt time to get them under management, right and we install We're at them Now quickly Zach's gonna show us I can gather and bring under management all of those previously deployed clusters, right no matter where they are All right, Zach sorry to throw you off your rails So now i'm gonna go ahead and enter the basic information for this credential I'm gonna go ahead and call it zk creds just so I know The name and i'm gonna put it in my name space my own personal name space here Um, and now i'm gonna go ahead and enter my open shift cluster manager api token Uh, this can be retrieved from console dot red hat com through our documentation as well Um, and now that i've got that i'm gonna go ahead and create it and just click add And then we could see here We have a tool tip that was saying that this credential was created successfully And we can see we have an additional action here to create cluster discovery when we're ready Well quickly i'm going to navigate back to our discovery clusters tab And then we can see over here. It says we currently don't have any discovered clusters But it will say that we have two credentials ready to begin configuring a discovery config Nice, so as you enter into the clusters management view, you're actually educating me About this space you're saying well, you've got the credentials ready to rock But you haven't actually done any of the the discovery part of it Exactly The credentials are set up But we still need to set up the actual discovery config resource which would then contain some filters What the user can configure So beginning to get into it you can see we have our our discovery setting here We're selecting the credential that we just created which is in our namespace And we have some filters on to use to discover clusters The first filter we have is a last active filter Which is exactly what it sounds like it will only retrieve clusters which are active In this case seven days When they were last active seven days ago anything greater will not show up And we can also filter by version in this case. And if you do not include a version In this drop down you're able to select multiple, but if you do not select a version all versions will be accepted by default So talk me through this. Why would I want that? I mean, what's the value in having these kind of filters? So there's a there's a few for the first one. You may only want to see OpenShift clusters across specific versions. You may only want to see four six clusters or four seven clusters potentially you might not want to see Or import all clusters depending on your certain use case And having a last active cluster is very helpful just knowing when that cluster has last phoned back home and reported data And if you see that a cluster wasn't active and hasn't phoned home in say seven days Maybe you know that that cluster isn't currently active or that it's not ready for prime time yet Gotcha So you're going to be some controls to allow me to roll out my management In terms of you know small groups or like I said, I want to get to a thousand quickly But maybe I want to roll it out in tens and twenties And see how how that works as I bring these under management and I progress through my data center Absolutely, and it would allow you to start to create a filter And then perhaps realize that that filter includes too much and you want to come back and scale it down Um, and I'll walk through that quickly too cool So I'll go ahead and create a discovered discovery config with a 30 day Last active filter and you can see it was created successfully and immediately it begins to reconcile And I've got 31 clusters here But that's a bit much because now I want to import a cluster And I just want to tune it down a bit more So I don't see everything for the last 30 days And then I'm able to come in here and just quickly put my filter. I want it only for the last two days Um, I can save that and I can see that this list quickly becomes trimmed down I've only seen the clusters which I've found home recently in that case Nice that that answers it perfectly. That's really cool. Thanks, man No problem So now that I've got my my credential setup and I've got my discovery config setup And you can see here that clusters are beginning beginning to be discovered These are clusters which are available to be imported directly into acm And I'll begin by starting to import one of these directly into acm So these clusters themselves come from a cluster pool and one of these this cluster here is one that I've Woken up from my personal cluster pool. Wait, wait, wait, pause cluster pool Waking it up. This is cool. So these are actually paused or I guess hibernated clusters that live in a pool So talk to me more about this because you know, not everybody that's listening understands how we're using a cluster pool in our development environments Perhaps this is a bit on our personal use case, but as developers and engineers here on acm we have cluster pools, which is a Basically exactly what it sounds like a pool of clusters, which are automatically provisioned And hibernated so they don't use up too many resources and one as an engineer. I decide that I want to use a cluster to then Import or develop upon or essentially to to check out I'm able to check it out from my cluster pool and it unhybernates And I'm then I'm able to deploy and use operations upon it So all the clusters would show up in my cluster pool would or that are in my cluster pool would be in this list Um, and then I'm able to select from them. So do you have that cluster pool set up on this cluster or is that somewhere else? This is the current cluster pool here Yeah, and if you clicked on the cluster pools tab, I wouldn't see it. You're just oh, yes. I'm sorry. Yeah Yeah, so these these are coming from outside of the hub and again This is the beauty of this these are clusters that exist Uh out in the ether so to speak But you're bringing them under management and you know that they come from a cluster pool just based on the name or some of the attributes for your Demo here. Got it. Yep Uh, so I've got this cluster here ready to be imported. So I'll go ahead and show how to do that So I'm going to click on this kebab menu over here and just click import cluster Uh, and the method I'm going to use to import it is by an automatic import by importing It's an automatic import and all you have to do is enter the kube config for the cluster So I'm going to go ahead and get the kube config quickly And while we're here. Yeah while we're here. I'm sorry. I just think this is so cool So I'm going to keep Disrupting you forgive me. You have labels on here I think labels are really awesome because labels allow me to start to define What this cluster is going to do and it's life now it already has a life. Okay, we're importing it But what I mean in terms of its new life under acm management could be as a development environment production environment It could be an hr system, you know the line of business. It might be serving Product security or you know certain features like support. So this helps me define What type of work to throw at that cluster or what type of config to Manage on that cluster. What kind of guard rails do I need for this particular system? I'm bringing in So as you're doing this Zach, you're actually bringing it in with Information and smarts that acm is going to respond to and as it comes under management and it takes its first breath of air on the The api it's going to say, hey, do I have work to do? Oh, I'm a production server that needs to run this The pacman application. Okay, go do that and go go perform its tasks But that's a really key part of this is being able to flesh out those labels and understand what this system is going to do for its life under acm Absolutely and To riff on that a little bit more if we had any cluster set set up on this cluster We would also be able to label it and install it or manage it as part of a cluster set as well Nice the cluster sets are what their way to define our back their way to define a grouping like a logical group a cluster set Is defined as a managed cluster set as a resource which allows the grouping of cluster resources Which enables role-based access control management across the resources in that group And I also see that's my gateway to how I would configure a summer inter network across those clusters as well All right, man. This is great. Sorry. I threw you off again. No problem So now that I've got my kube config entered here. I'm just going to go ahead and click import You can see the import saved and I'm brought to the managed cluster view here I'm going back to the managed cluster. It's going to say pending import while it begins to Chuck through the import process and it'll take about a few minutes for the import to succeed completely But in the meantime, I'm going to go ahead and hand it over to Jacob who's going to walk through setting up a discovery config on his account All right I'll take over screen share and share mine Can you see that all right? Yes Awesome. Uh, so yeah, I'm going to go through the similar discovery config setup process and kind of show What it looks like to have multiple discovery configs installed at once So if I check out credentials, you might have seen it earlier, but I already have my credentials Set up in its own namespace, but if I wanted to get that I would go over to console dot red hat dot com slash open ship slash token And from there I can get my api token, uh, so it's pretty quick and easy to get that But I already have it set up. So I'll go ahead and create a cluster discovery using that credential And uh, this credential has access to a number of clusters So I'm going to restrict it to just one day and I'll just go ahead and say 4.7 open ship versions so that could be 4.7 Open ship with any sort of z stream beyond that So I'll go ahead and create that And what I'll see is uh, it starts turning out number of clusters in that namespace And these discovery config objects operate as a one discovery config per namespace and that's kind of how we manage our back here so, um If I have some our back set up and have users that are restricted in the namespaces that they can see Then they'll only see those discovered clusters In those namespaces However, in my case I am a cluster admin So I can see all the clusters that I want um from the jdg namespace as well as the ck disco namespace Um, you have a bit of an uber privilege there Jake you mind uh, zoom it up just a little bit. I want to see all the little metadata details Not sure Yeah Yeah, um, yeah, and so there's a whole whole number of clusters that came from there all and they're the uh 4.7 or at least um that I discovered and it shows infrastructure provider and everything else um, and I can try to filter that further be a name and You'll see A lot of the devo one which kind of signals most of the clusters that we created in our um squads cluster pool um yeah, so so that's a way like filter the way that you start to Narrow in on like this cluster that you want to import right now instead of Yeah, the list of things are there other ways to filter or the other Things pretty much if I want to narrow in on a bare metal cluster or if I want an open shift seven You know four seven fourteen Yeah, pretty much any of these columns are customizable to um search through Uh, so like my infrastructure provider is going to be a whole lot of aws or um It's almost all aws. Um, because I'm filtering by the devo one um I clear that Yeah, vm v sphere Right at open stack and then even bare metal all the above essentially nice. I know I'm uh Being a dead horse, but just proving the point that we're we've got a wide view on this ability to discover and bring things under management And I don't care what infrastructure it is. We can take it take it home to acn All right, so you were looking for devo one when I took you off the rails Oh, yeah, I'm just uh showing the kind of clusters that I would be interested. Um, demoing the search feature And I can go ahead and configure my settings go back to jdg And from there just delete that and then within a few seconds it'll tear down just those clusters and only zaks clusters will remain Nice and you get to see zaks clusters because you're the uber admin. So those ones still remain from his grabber profile. Okay, got you All right It looks like the cluster we were importing has finished and That's f8k And so what happens is once it becomes a managed cluster then it's so longer eligible to be managed So it gets removed from the discovered clusters tab So in the discovered clusters, you only see those that are viable to be managed All right, that's the book of one. I wouldn't to show so yeah, this is cool So zaks set up that import. We saw it was saying pending import and now it's it's done its job and What we know is that on the back end it's actually deploying an agent cluster lit agent With a handful of add-ons and you can show me those in the add-ons tab And that's what gives me the ability to manage and control this This managed cluster from a cm and those are all reporting back as available So it can I can start doing things on it. Did we get lucky this one actually have It inside on it No, it says no potential issues. So that's great. There's no potential issues found that fourth box Over there is telling me that there's no insights From Roddick's team, which means he's already solved them all they already proactively took care of that goes for me They handle all the critical alerts and I didn't have to get out of bed to do that So thank you for the nice for the practice effort there But this is the same environment we demonstrated the the other two alerts that were firing I think those were considered moderate alerts before Awesome. Hey, great demos. Uh, Zach and Jacob. Thank you. Thanks to Zach Lane for your demo as well Um, did any questions pop up chris? I wasn't really paying attention. Uh, no, no questions popped up I dropped some links, but uh, nothing to be answered here All right, uh, are there any other questions on your mind chris or anything you want to throw at us any curve balls No, um I thought we had a question from Open shift admin hours, but I don't think so, but it might be cool to do an open shift admin hour with y'all So, yeah, we didn't really look at much code today or what the apis are doing, but I promise it's all there Yeah, no, it's it's definitely all there folks having kick the tires on this product a few times I know that they're doing a great job It's is an awesome thing to use and consume So I can only imagine what it's like to actually build it. So thank y'all for coming and showing it off Thank you chris. We also have fun on your show. I enjoy it as always I think we're back in another month. I think an outro will be here again Yes, sir should be uh Fifth I think if I'm doing my math correctly. So yeah something around there. There you go So for randy and rodick any closing comments anything you guys want to share I'm always looking for customer feedback. So please let us know what do you think about insights on the integration absolutely All right, thank you. Appreciate you take it easy everybody. Stay safe out there All right, thanks