OpenShift Commons Briefing #12: OpenShift 3 Beta 3 Training Session with Erik Jacobs

all right then I would like to get started we have a really good session set up for us today that I’ve been looking forward to for a while it is with Eric Jacobs um our red hat openshift team and he is going to give us an update and an overview on getting started with open shiftry’s latest beta 3 release he’s one of our master trainer type person for open ship and and we’re really pleased to have him here today so Eric with that I’m going to let you take it away and get started here because we have a lot to cover today awesome Diane thanks so much for those who aren’t familiar with the beta program that we’ve been running for the version 3 release of openshift that’s coming up we have a number of customers that have been participating with us getting early access to the code as well as installing it working with it etc etc all of that material that shows people how to work with the beta is actually being developed in the open in public on github so might be hard to read here but if you go to github com / openshift / training you’ll find out more information you’ll see all the training material and currently we’re working with beta 3 that we’re going to look at the beta 3 sort of overview and what we’re going to do today is focus on the developer experience so I’ve already done the installation and configuration of the environment I’ll review really quickly how its configured and then we’re going to do or go through some examples of acting like a developer using open chef 3 we’re going to do some builds using pre-existing templates using public code repositories that are available and we’re going to build a docker file directly or a docker image directly from a docker file so firstly we’ll go over sort of the architecture and the environment so for those of you who aren’t familiar with beta 2 or side with open shift to openshift 3 has two main components we have masters which are the orchestrators and nodes which are where user applications where containers actually get run the beta environment is targeted ed with three systems free virtual machines in my case running on my laptop we have a master that also runs the node software so it’s it’s hosting applications as well as orchestrating and then we have two two more nodes again in sort of comparison to version to open ship version 2 with open shift three we wanted to still provide the capability to set up topology within your open shift environment to the word that i’m looking for to provide for high availability and distribution of applications and etc and we called those regions and zones in version 2 in version 3 for the beta we’re still talking about regions and zones but the scheduling part of open shift has been drastically approve improved and and we don’t enforce a topology on you anymore so region and zone is a construct you can choose to use or you can name it something completely different and this section of the training material and also the open shift three documentation talks very heavily about what the scheduler is and how it works and all those kinds of things but if we dive onto the command line really quick I will make my font a little bigger here Diane let me know if people are complaining about thises or speed so if I do osc get node I’m currently the root user and after the installation is completed the root user is set up as a master the root user on the master server is set up as a master administrator of open shift so when I asked for the list of nodes I see that we have three these are host names we’ve got the server that is called master where the orchestrator is running the 1 i’m logged into we’ve got node 1 and node to and from an architectural perspective we’ve defined an infrastructure region and then just one other region called primary and this primary region is where all of the applications are going to end up running again we’re going to do a separate session on administration and kind of setting all this stuff up for now it’s all set up for you to do a quick recap of sort of architectural II what openshift three looks like again masters are the orchestrators nodes are where applications are run the service layer will see a little bit of today is internal it’s meant for applications to talk to one another inside open shift

and the routing layer is how external traffic from consumers of the applications running on openshift its how their traffic gets into open shift and we’ll talk a little bit more about that as well so what we are going to do is log into the web console so the first thing we do is provide a username and a password currently the beta provides documentation on how to use HT password for user authentication and we’re going to be providing the same sort of apache backed authentication layer should you wish to use it or you can actually configure oh off directly so if you wanted your users to log in with their github credentials or their Facebook credentials or whatever their Gmail credentials we can do things like that as well but we can still plug into enterprise directories and authenticate through an Apache proxy as well projects so in open shift to developers essentially when they created an account they they only ever saw one place where they could put all their applications and and all their components in an open shift three we’ve sort of expanded that bucket so now a user can be a member of multiple projects multiple buckets where applications and their components male and so in this case this user Joe has been assigned to this demo project and Joe is the administrator of the demo project he currently has complete rights so if Joe wanted to delete this project which would be sort of silly but he could and in some cases Joe may be actually given administrative rights to create projects as well and if we go into this demo project right now it’s empty there’s there’s nothing in it so thumb administrator has created a project for Joe given him access to it and it’s up to Joe now to fill it with stuff so the first thing we’re going to do is look at an example that is sort of a single complete example of an application that’s going to run with a service that’s defined so that the application can be found and then as well as a route so that external traffic can get into it me look at this one yes okay so one thing to note right now in the current status of the beta we are still a little JSON heavy we’re going to see that you can do a lot of things without using JSON but in the case of this example well we also support yamo but anyway this particular example is an example that we’ve created for the purposes of this training do create something very simple out of the box to really verify that all the components of your environment are working and if we sort of dig around in here one of the important things is we see this pod template so pods we go back to this diagram here pods are where applications essentially run in most cases in openshift a pod will have a single container a single docker image that’s running inside of it but in some cases it may make more sense to have multiple docker images if they’re very closely coupled components right parts course there’s much Teresa could you bump up the fonts a little bit that’s a little small for us there you go and a question can you a gif from anybody hear me I have a question so requests of speaking of pods how any PS does this concept diverge from the coubertin it is vanilla our upstream communities concept of replicated pods and services and so on so from an open shift perspective at this level it’s basically the same basically the same concept as opposed and do so in other words the same concept so in other words opposite has the same concept of replicate ports and services as well yes and we’re going to see all that yep good thank you yeah so in the case of this particular pod that we’ve defined the image is open shift hello open shift what is that well if you go to docker hub into open shifts area on docker hub you’ll find this hello open shift image and this is our basic hello world example it just returns hello open shift when you access it the other thing that we define and what we’re going to see more of this in the UI as well but i’m just showing the json quickly as an example the next thing is a service and we see a selector for the service we talked earlier on

this other diagram about how internally applications communicate using the service layer the service layer is also leveraged and we’ll see the routing layer to the service layer is used to provide a single entry point to access all of the pods as they’re scaled out so you’ll start out with one you may need to scale up to support more traffic maybe to 10 to 15 whatever hundreds thousands and the service layer is how openshift keeps track of all of those and it does this using selectors this name eval you selector name hello open shift matches the name of the pot or i should say the name of the image in the pod template and then lastly the important component here is a route that we define this hello open shift cloud apps example calm and we will get our application and then Diane the know if this is big enough so i’m logged in or I’m about to log in as the joe user I’m going to copy and paste something real fast that’s too small yeah yeah this one this one you all don’t have to see I’m just that’s my notes so we provide a command on the command line called OSC log in and just like I logged in with my credentials via the web UI this is using the same API and ultimately it’s calling in to the HT password back end I’ve provided the certificate authority file everything is secured via ssl and i’ve also told the login command where to talk which server to talk to and the reason that’s important yes i’m running this command on the actual master i’m running it on the same system where the api is but because of the way we’ve configured openshift the ssl certificate is only valid for the correct domain so if I had done localhost it would sort of get angry because the ssl certificate wouldn’t match it would complain Joe only has access to one project demo so the login tool conveniently just dumped me into that project and we’ll see how we switch the command line between the different projects in a minute just like how in the web UI the project looked open or empty i should say if i do osc status operate in my current project which is demo and it says hey you got nothing empty um so we’re going to pull down some of these resources that we’re going to use get boom alright so i have this test complete file that’s the one that we just looked at so from the command line i can just tell it hey go ahead and consume this file right create all of the resources that are defined in it soon as i do this we’re going to see a bunch of stuff come back so these are all the resources that were created based on what was defined inside of that template and now if i switch back to the web UI of open shift this may just be painful oh it gets bigger hey that’s great so we see here now a graphical representation of what’s going on in this project right i created a bunch of resources and at the overview level openshift tells me hey look you ended up with a single pod that’s running it’s based on this image it’s internally it’s talking to these ports looks like there’s a bug there that needs to be fixed and it’s got the pod itself has an IP address we’re going to talk more on the administration call about networking and some of the other things but suffice it to say that that IP address is on a software-defined Network so that that all the pods get connected to so that they can communicate with wasn’t with one another this is an internal IP that’s not exposed anywhere outside of the open shift environment there’s a service IP and there should be a port but for some reason it’s not listed there’s a service IP and a port that tell or I should say that all the other applications running inside of the open environment may want to talk to so if this hello openshift was some micro service that maybe gave me you know happy little horoscopes that other people wanted to consume I might tell people hey the horoscope microservice lives here right if i browse some of the resources that

have been created I can find a little bit more information about what’s man what’s going on in their builds we haven’t done any builds we’ll get to that deployments we’ll talk more about that as well right but there is a deployment that’s why there’s something running we can see the pods and we can see the service and we can also see the route because the route is associated with the service so if I click on this and open it in a new tab we will see a response right this is actually working the pod is running I’m coming from outside the open shift environment right I’m coming from on my laptop going into the open shift environment through the routing layer and then into the application instance right so on the command line if I for example we see that the external IP and port is mapped to an end point awesome what about scaling the web console doesn’t provide hold on one sec let’s see you get Marcy web console currently doesn’t provide a way to manual initiate scaling you have to actually talk and this answers the question from the gentleman earlier about replication controllers and replicas of management and scaling so I can talk directly or edit the configuration of the replication controller directly to control scale so for argument’s sake we’re going to say hey I don’t I don’t just want one I want three and as soon as I quit this if I asked for the list of pods I already have three it’s one them up that fast and if I go back to the web UI oh here we go overview we see that there are three pods associated with this service right now and if I ask the let’s get to describe the service I see all of my endpoints cool all right so we stood up a simple docker image sort of an arbitrary docker image that could have been anything could have been any image from any registry that was accessible by the system when we routed traffic question with regards to replication yes as far as I saw there you basically just have to do edit the JSON template to specify the number of replicas can you do the same year CLI command or you have to reality yes they’re supposed to be a scale command a scale CLI command that’s coming in from upstream right now it’s currently a cube command that’s in development that will become like a OSC you know I think it’s going to be like ose scale or something I don’t know but you’ll be able to just type a one word or one line command you won’t have to actually edit a file um in theory we actually already support a command line way to do it because there’s a syntax called I think patch nope patch yes patch syntax where I could have actually said osc update our see you know blah blah blah dash dash patch you know some JSON stuff so I could have done it as a one-liner right now but it’s it’s sort of still ugly they’re supposed to be a real command that’s going to do that soon of course it is subject to um what’s coming couldn’t is upstream that correct yeah yeah exactly good thanks um the one other thing we’ll talk about before we really get to interesting development stuff the routing layer right I gotta remember to wait two seconds so that screens refresh okay so routing layer I’m going to switch back to the root user now so I’m the master administrator of open shift and my

default project it is called default and what we’ve done is we’ve actually deployed two things registry in a router the router if we look here Oh schi proxy router so we’re still using H a proxy as the routing layer in open ship version 3 but the cool thing is that it’s actually a docker container docker image that’s being deployed on openshift itself so the routing layer is being run scaled and managed by openshift which is cool and the other thing is that because it’s now external to the nodes it’s not tightly coupled anymore with the applications themselves it’s infinitely more pluggable and it’s also much more sort of scalable configurable flexible etc etc the routing tier the H a proxy instance takes traffic that comes into it and directly proxies it to the pods it actually does not go through the service layer for performance reasons right it’s only one hop instead of two registry since as we’ll see in a minute openshift builds docker images for us today it needs some place to put them so that after it’s built them it can actually then deploy them and when it needs to scale out and deploy more of them so that every node can find them in pull pull them down so today we’re providing an instance of a docker registry for you to use as a company Red Hat has a number of sort of docker registry solutions that are coming the enterprise dr registry from Red Hat will be red hat satellite and i believe the 61 release is where they’re targeting providing a docker registry so you’ll be able to integrate with a number of different docker registries as a place to put those resulting built images and we’ll see how that works momentarily all right so now we’re going to try and do something interesting so we are going to move on to the first example of doing a build and I believe that is our Sinatra example so I’m a ruby guy I’ve I wouldn’t say i’m a developer if i’m actually a very awful developer but i know a little bit about Ruby so Sinatra is a super lightweight ruby application that basically just responds to HTTP requests if you want it to respond to get on / you have to tell it exactly what to do when that traffic comes in so we have an example that uses Sinatra so what we’re going to do is actually build that so i just created as the administrator i created a new project right for the sinatra application and as the user Joe if I go back to the homepage of the web console I see my application or my new project i should say i see this sinatra example so if i click into it again it’s an empty project from the command line got to remember to wait sorry as the Joe user the switch to using the Sinatra project and if I asked for status I see empty right cool now we could have JSON to make this stuff work or whatever but the nice thing is you know this codes already available on github github com open shift simple Sinatra so we have this Sinatra application which is very very very simple same thing all it does is respond to an HTTP GET request with hello Sinatra but this is just pure raw code right now right we don’t we don’t have an existing docker image for this so from the web console I’ve got this and please tell me if I’m moving too quickly on the screen there’s this create button so when we hit create we’re going to see a couple of interesting things one is at the top source repository to is at the bottom templates and instant apps will go to instant apps later URL for source repository all right well that’s this one nope that’s a command line command here we go URL for source repository hit next select a builder image so currently the web console doesn’t have the ability to auto detect the code that’s at the end of that URL you just provided right so for me I understand what that repository is I know it’s a ruby application I know maybe what version of Ruby it requires and all these builder

images that are available here these were defined by the administrator previously this is very similar to v2 and how you could install a certain set of cartridges and if you didn’t want people to use Python you wouldn’t install it and it wouldn’t be available demo same kind of concept in open shift three if the administrator doesn’t configure these builder images to be available they’re not then therefore you can’t really easily use that code unless you sort of built the whole docker image yourself so again this is a ruby 20 application so we’re going to select the Ruby to builder you know hey dummy are you sure this is what you want to do yes and then it asks me some more questions so name it sources the name from the name of the repository but that’s too many characters that we’re just going to call this Ruby example do you want to create a route sort of yes or no deployment configuration do you want to change any of these default or two settings the build configuration how do you want to do your build automatically build a new image when the code changes yes or no automatically build a new image when the Builder image changes this is an awesomely cool thing about openshift these two abilities why well think about from a security perspective as a developer when the underlying ruby library is found to be vulnerable and the patch comes out upstream wouldn’t it be great if as a developer I didn’t have to care about sort of what’s going on down there like oh there’s a new Ruby image that’s that’s been patched great let’s rebuild my application using that new ruby thing same similarly with the code hey we detected mr. developer mrs developer that your code has changed should we go ahead and rebuild your application with the new code yeah that’d be great and then right now here I can change the default scale but again we can’t we can’t change this after the fact yet and if I wanted to add more labels or other services or for other people to find my application or to somehow associate it with other things I can do that here note after creation these settings can only be modified through the OSC command all right let me hit create and what’s it going to do so it’s going to create all of those resources again that we had talked about earlier right so if we go back to browse we see that it’s created a service for us with a route we’ll talk about this ugly default route in a minute it’s created a build configuration and we also have some web hook URLs so this is where we can sort of do that auto auto bild if your code changes thing right you can integrate an external system so let’s say you’ve got already a Jenkins process at the end of that Jenkins automated test run you can tell Jenkins hey go ahead and and hit this URL on openshift with I think it’s a post or whatever so when you hit this URL open shift will say oh that means your code has changed I need to rebuild or I can do it manually from the command line that’s what we’re going to do and here we go so as Joe I’m going to start the build this is going to kick off a code build this process is called source to image STI right so our Ruby example 1 now we’re going to have to switch back to root here because we’re in the middle of two sort of security paradigms and even though Joe created the build he can’t actually see what’s going on so here are the build logs and this is probably going to go by way too fast but essentially what’s happening is open shift stands up an instance of the Builder image that Ruby 20 rel image it then pulls in the source code and performs whatever assemble steps are required for that Ruby image in the case of Ruby we’re going to bundle any rubygems and do some other stuff once we get done installing all that stuff inside this image this running container we shut down the container and then take that image that resulting image of the container and push it into a docker registry which happens to be the one that’s running on openshift so what happens at the end of this process when the docker image is finished being pushed we look at deployments we don’t see any deployment but when we created this application we configured automatically we configured openshift to deploy

a the image when it detects the image changed well so the image going from not existing to existing is also a type of change so as soon as this push is finished we’re going to see a deployment happen if we go back to the overview oh I missed I missed the bill that happened too fast it would have shown us a little sort of spinning arrow um when this was building oh sorry this is the Builder pod so that’s another thing that’s interesting remember since the build happens inside of a container it’s actually happening inside of its own pod and if I catch it fast enough see the STI builder pod where the build is happening and the reason that this is taking so long is because I’ve got a little tiny laptop it happens to have an SSD but there’s only so fast electrons can move so the push is just taking me a while because my laptop is busy doing other things um any questions so far while we watch paint dry on this process what what’s going on doing the build etcetera etc so there’s been a question there’s been a few questions about Jenkins and but whoever just spoke up just go ahead ask that question okay regarding the open dating images with changes can you explain it again I mean I as a pre shift administration I updated my builded images from I don’t know come on bug and we’ll there are applications on the infrastructure new be dated to yes automatically if you configure your applications to be rebuilt on image change for their upstream source images then yes so what I’ve just done here is I’ve asked openshift show me all of the image streams is image Street my ass and we have Ruby 20 well seven that comes from registry that access oh if I look in the guts of my new pussycat you see the get beer at FBC would be example so if i look at the triggers image strange trigger so we have an image strange image change trigger defined on the Builder image so image streams are resources that are monitored by openshift we have an image change trigger on this build configuration so when openshift detects a change in the image stream the Builder image and we have an application that’s monitoring for that change openshift knows hey oh the Builder image changed I automatically have to rebuild this particular application if nobody else was watching that builder image or if nobody had that change configured nope nothing would happen that make sense doesn’t matter what the register isse doesn’t matter is the docker hub or my private majesty nope so if you were using if in our previous example where we used that hello openshift application which was a image just coming directly from docker hub if somehow that was related to a build if that was a builder image or whatever and we had to find an image change against it as long as it was defined as an image stream as long as it existed in the image stream configuration from an administrative perspective um it would well I mean not only let me rephrase that as long as there was an image stream to find it doesn’t necessarily have to be defined by an administrator dojo himself could have created an image stream in his own names base to do that if he had the policy access to do so yeah a couple of new concepts a couple of key concepts there that Eric covered great one is on the on the deployment right when when he when he deployed the application he took Ruby code from github Sinatra code from github and combined it with a ruby base image then we put those together built a new image and deployed it to your application so now you have a running instance or maybe multiple instances if you deployed a cluster based on that built image then when he makes

modifications to that application or if you made modifications to the base image we would build a new image and then either deployed automatically or you deploy it manually write the what’swhat’s building is built its building in one pot but what’s running is you know is is separate right and so then when you deploy the updated instance if there’s a problem you can roll back to the previous version of the image and so forth so that’s that’s the flexibility it’s not building in the running instances it’s building in a separate image and then I think that the repository here it would what erykah’s mentioned we have a integrated docker repo that a docker repository that ships with the product but you will probably talk about on other briefings you could you could connect that to other enterprise registries right so we’re working on an integration with satellite for example where you could you could make that your internal private registry and then pull only certified images into openshift but if you want to let developers pull stuff in from the docker hub you could do that as well I think that’s that’s really something that we want to lead to the administrator to control okay thanks so the build is finished and we deployed our new built image so if we look at this line here that I’m highlighting right now this is actually the image from the internal registry and it’s tagged we generate sort of a uuuu ID like tag every time we do a build so ultimately what happened was we did a build the build finished we pushed the built image into the internal docker registry openshift detected a change in the image for this application is there when there wasn’t one and now there is one so it said aha I need to do a new deployment and it did that and then we got our image so if I so we have a service right so internally I can talk to the service so I can talk to it with curl get back hello Sinatra so the application is clearly working at this point right there’s a pod I went through the service I got a response from from the end pod route so right now when using the web console for creating new applications you get a default route but the router installation process isn’t very configurable quite yet it’s almost there and that default route domain is sort of this bizarro default dot local thing there’s also an internal dns server that’s running inside of openshift it’s called sky dns it’s a go lange project affiliated with Cooper Nettie’s and if I it also does some default II stuff so if i do a dig or yeah Ruby example I think this is right wiring local at okay one surgery that too nope I think I made a mistake nope well I promise you it’s there I just can never remember how to actually access it but anyway applications can also use these internal DNS names that are affiliated with services in order to reach their end points as well so this route that was configured this isn’t a very useful route dns doesn’t actually resolve it it doesn’t exist anywhere Stoke well Eric as you’re talking right now we can’t hear you this fit will be the bit that I edit the court I’m my back hello yes you’re all right sorry about that um so yeah so that default that local route DNS doesn’t work I can’t really access it because it’s not configured so we added a new route that’s a real route hello snot example.com we see a response are

you Eric oh I hear you are yeah it made a dial in that Diane yeah we all hear them though yeah I think Diane may have her speakers muted um anyway so if I go to services we have the route here why can’t service right I’ll mute myself and if I open it in the browser it works fine you’re gonna have to mute when your speakers okay so that’s sort of simple go ahead I have a question supposing you have an application that has a browser-based interface as part of it and you make a lot of changes on that something like a Jenkins image and you create some plugins and all that sort of stuff can you do an osc command to then they okay and I want to make a snapshot or do a darker commit on that image and use it from now on do you know what i mean so if the changes are all through the brow the web UI as opposed to code yeah so yes but not really so the thing about when what you’re talking about is Jenkins has persistent state that’s maintained in a database so the which are which are actually do and and I’m pretty at least I think that’s the case when you like add a plug-in to Jenkins you’re you’re you’re installing it in the database are you actually ending up with files in the file system okay got it no no that was a question that was a legitimate question because I don’t know oh I’m not sure either I think they’re probably depend on though yeah so in the case of stuff that goes in a database well I guess that it’s really more generic right whether it’s a database or not we in this example in this state of the beta persistent storage hasn’t been defined yet has been fleshed out the next beta drops going to have it but effectively if you had persistent storage for an application that was like files on a file system we would have had to define a storage volume that lived somewhere outside and you wouldn’t necessarily put the stuff in and then say hey give me a new image you know it just connect everybody for that persistent storage volume yeah makes sense yeah and in the K in some cases in the case of like static resources maybe images or whatnot you might want those to be part of the image so that they’re actually closer to the pod it’s just it’s going to depend and that’s it’s one of the painful things about being so flexible is that in some cases you have to make these interesting architectural decisions about where does this static thing need to go is it part of my image / application or is it like a data resource that wants to live on the on the storage volume yeah and in the case of Jenkins it might be an image thing in other words it might be this is my app this is my Jenkins for my app and these are the plugins are required so I want to I want to save that as part of my image it potentially right yeah absolutely that so yeah it’s going to depend on use case as well um wota we can talk about as an admin quick start okay so this is cool you know create a simple application whoop-dee-doo let’s do something more interesting so the the next thing we’re going to do is a quick start or a template if you think back when I hit that create button we had that instant app so I’ve created yet another project for mister joe if i go back to the web console now I see the QuickStart project by hit quick start nothing right got an empty project because that’s how they all start and now i’m going to create this quick start instant app versus template you know the terminology the naming might change but and joe fernandez will correct me if I’m wrong but essentially when we talk about an instant app what we mean is if you deploy this thing you’re getting a fully functional application that you can immediately start using as opposed to a template which might just be some bare bones deployment of a language or a framework or run time that you can then start adding your own code to an instant app is just a type of template so if I hit browse all we’re going to see the same guy listed there and the reason that he’s an instant app or shows up in the instant app area is because it is tagged with instant app when this template was added into openshift the tags are in the

JSON yadda yadda we’re going to provide a number of these templates to help people get started get up and running this quick start application is very simple it’s a ruby front end and a my sequel back end but we’re going to get two separate layers deployed we’re going to have a database layer that gets deployed and we’re going to have a front-end layer that gets deployed and they’re all going to get deployed at the same time and because of the way the template was made everything’s pre-wired so we don’t have to do anything there’s no wiring if we look at this parameters section we see a bunch of parameters user name password etc and we see this generated flag in the template these parameters are not only defined as being present but there’s a syntax that tells openshift how to generate these parameters so that you get you know a username with some level of complexity or whatever so really I don’t have to do anything at this point I can just go ahead and hit the create button and so very similar stuff is going to happen but slightly different so we get this database service deployed with pod that’s going to come up and we get a front end service deployed with a pod that’s going to come up because we already instantly started our build so as soon as we hit go on that template open shifts that cool I know what I need to do i’m going to start building this thing and we can see this little spinny guy says you know a sample build is running the my sequel container has already come up so if i go to the command line as Joe and I look at my services what oak wrong project haha oh cool I just showed you an example of permissions right used to be called integrated we change the name okay so ose get serviced all in 72 2 30 to five four three four yes curl is not a my sequel client I know but at least tell us whether my sequel is working or not alright so the back end got stood up the database got stood up we did a build the build is complete now we’re just waiting for the deployment to finish remember the bill remember the process STI we build the code from the builder image or we build a new image from the builder image and the code once that’s pushed there’s a deployment of that image that happens and then we get our new deployment of our front-end and then we have to get an IP for the pod once the pod comes up we have to update the service once the service is updated the route can get updated right so at this point if I go and look at my services I see the front end service with an IP and a port that’s missing for whatever reason and this route this route was part of the template so it came along for the ride at this time it’s not configurable but we’ll get there so if I open this in a new tab we should see the actual application running which is a functional key value store get type application though we can say open shift is awesome and we can store that value and then we can ask for open shift what’s the value of open shift and we find out that open shift is awesome um we’ve only got ten minutes left I can sort of kind of demonstrate a docker build but it’s going to look very very much the same but so if I just do a quick search here osc new app yes ok cool so this command here ose new app this is a command-line way to do basically the same thing that we did when we pointed the web console at some code and if i type this here at the command line is Joe and ask it to just output the a mole or the JSON it’ll just show me what it might do it’s not actually going to do anything yet and this particular repository is a docker file that has WordPress embedded with my sequel and where was the thing I wanted to show where’s the.oh strategy right who just lost it sorry we’re type docker boom so this this build strategy says docker doesn’t say STI and what that means is

new app looked at the code in the repo right new app is a command line tool it has more power more flexibility it looked at the repo and it said oh there’s a docker file here that means i need to do a docker built so what actually would happen in this case is that when this application was built openshift would detect the original source image which is a centos wordpress 7 latest and then it would use the dockerfile and do all the things that the docker file says to do inside of that Center 7 wordpress doc sorry that’s I made a mistake inside the where’s the image definition it’s actually just supposed to be the cintas 7 image I’m pointing at the wrong thing but anyway it would look at the center would start with the CentOS 7 image and then build in the rest of the docker file and then it would deploy the resulting image though I really didn’t leave a lot of time for questions I totally apologize but hopefully this was useful questions two questions so when you were describing the I saw I see that the the source was specified there and a lot of them are from github is it possible to have these sources behind a protected git repository through a ssh for your username password um so the off piece is sort of a question mark so we’ll talk about sort of goals here the goal is to provide hosted git repositories with open shift but if you have an existing internal get infrastructure with authentication and everything there should be a way to if it’s SSH keys to define your key so that that key makes it into the Builder image so that when it does the git clone against your defined source that it already has the ssh key to use and etc so i’m i’m pretty sure the answer your question is yes it’s just a matter of when will it 100% land I think we can get clone with ssh keys already using environment variables which is documented hold on I promise it’s coming proxy proxy boxxy boxxy boxxy where are you up a little anyway it’s in here I know there’s proxy stuff in here Rock City quickly they see boxes so the conceptually this is the same you can define stuff in the in the environment to tell your get and you can define variables for the pods and everything so effectively yeah you should be able to get cloned from internal via SSH key stuff that was very technical thank you they’re a bum a less technical question which is the work foot right now is a lot of command-line case on stuff like that how far you see the GA workflow being different from what we have here that would more resemble you know I got an open shift to workflow do you have a feel for that or are we not in a place where we really know what that and in goal workflow is going to look like yet so as far as open shift to work flow goes if we go back to the web console and Michael it’s good to hear from you when we do this create with these templates so for argument’s sake if you had a corporate standard default like Ruby git repository that you were going to base everything off of that individual users with fork what they could do is you know put in their source repository define a couple of parameters in the web UI for the username and password and then when they deploy the template for let’s say the database that they want to add to their application they would just edit the parameters and add some parameters and type in the username and the password and like the the database template that we’re shipping already accepts those things so in terms of a simple like two piece web app kind of thing we’re already very close to that ose to experience it you know is it going to be like a hundred percent automatic where I could just say boom plus at a database I don’t know where that’s going to land but at GA it will be very easy to pin up a front end spin up a database connect the two all from the web console yeah so what we know the web console here is or has the same concepts as the the v2 web console right you can you can create you can create from either an image or you can

create from a quick starter instant at pra so so there’ll be more instant app templates in v2 we had things like you know Drupal and WordPress and those types of quick start in synaptics there will have similar here the only difference here’s we’re asking you know the wizard is reverse rate we we’re asking you for your gift repository this is sort of the main differences in the initial release we don’t have git repositories hosted on openshift by default we’re using your an external git repo either either your own or or github or X external SCM and then on the command line the osc command line is modeled after the rh d command line from v2 right it’s just that you have a lot more flexibility in v3 so when eric is showing you the JSON he’s actually showing you what’s happening behind the scenes and there’s just a lot more flexibility there but you shouldn’t you should expect that you know more and more stuff like that scale command to come to get more and more abstracted so that if you don’t care to to see the JSON or go underneath the covers that you should just be able to do stuff just with Cynthia and as an example we you know you can plug in some of those parameters from the web UI you can also supply them at the console layer so here we’re processing a JSON file directly but if the database template already existed there’s a way to instantiate a template from the command line by just saying you know I don’t think it’s ose create but effectively it’s ose create you know instance of this template and then pass it you know with these parameters and then that would be sort of a JSON free example of instantiating thumb template and specifying the parameters all in one easy command line command right there was one older question John frisell asked about tar balls and if it be possible to do a build from afar ball rather than binary deployments yeah yeah so we I asked that question early on in the in the beta cycle and there there’s currently a card that identifies the need for that functionality it’s just not in there natively yet in terms of we were shipping it but the build process is customizable so if we go to open shift Ruby 20 sent us for example if you were building ruby stuff you can modify disassembled builder script to basically fetch the tar ball based on the location of it that you put in your environment variable as the quote/unquote source code it’s just that we’re not we’re not officially supporting it right yet in the current state of beta but we know we need to support other deployment mechanisms EG tar balls or just fetching jars and mores directly or you know downloading a whole folder things like that so you can customize it today and get it to work but in terms of out of the box if you just specify the zip file what it would it magically happen that the answer is no right now but it’s on the roadmap hopefully for GA we’re coming up on the end of our hour and I want to be respectful of Eric and everybody else’s time if you have any other questions you can always post them on the developer list at dev atlas openshift redhat com or ask them via the commons mailing list if you’re on that they’ll be doing that second session of this focused on the admin tasks and get Eric back here in a week or so depending on his schedule to do that but I really want to thank Eric and everybody else who’s on the line for taking time and Joe and everyone who’s been answering questions in the the thread there and the chat thread it’s been great to have you all and we hope you can get started or continue working on the beta with us and we look forward to the GAO is coming up soon thanks everybody for coming and very much Eric thanks for all your efforts in getting this ready for us today oh you’re very welcome take care