Servers: The Right Compute
cancel
Showing results for 
Search instead for 
Did you mean: 

Built-in data protection: Red Hat OpenShift Container Platform deployment with HPE Synergy

ServerExperts

Learn more about secure, automated, scalable Red Hat OpenShift Container Platform deployment with HPE HPE Synergy-containers-Red Hat-blog.jpgSynergy and built-in data protection. 

Are you considering deploying Red Hat OpenShift Container Platform and want a code-based deployment? Are you interested in enterprise grade persistent storage? Do you want to optimally deploy infrastructure and simplify infrastructure manageability? Do you want security that is integrated versus tacked on? Do you want well thought-out backup and recovery?

HPE is back again with a summer release of Red Hat OpenShift Container Platform on HPE Synergy with  HPE 3PAR Storage or HPE Nimble Storage.

Container technology is rapidly changing the way organizations develop, deploy and manage applications. Red Hat® OpenShift Container Platform provides organizations with a reliable platform for deploying and scaling container-based applications.

Challenges for mission-critical environments

When deploying infrastructure and applications in a mission-critical environment involving Red Hat OpenShift Container Platform, are may need to address these challenges:

  • Overprovisioned infrastructure and provisioning time: To meet long term needs, often the current infrastructure is overprovisioned, thus adding to both CapEx and OpEx costs.
  • Infrastructure management complexity: Management of infrastructure components frequently requires multiple tools which adds complexity.
  • Security: Enterprise IT shops must provide protection against threats and ensure compliance.
  • Backup and Recovery: With the move from ephemeral only containers to containerized applications with persistent data container data protection has become a must.

How HPE Reference Configurations for Red Hat OpenShift Container Platform on HPE Synergy tackles these challenges

HPE Reference Configurations for Red Hat OpenShift Container Platform on HPE Synergy address these challenges and provide solutions around infrastructure provisioning, manageability, scalability, security, and backup & recovery.

HPE Synergy Composable Infrastructure enables optimized infrastructure deployment and simplifies manageability using HPE OneView. Simplified installation is a result when used in conjunction with Red Hat Ansible Tower. This accelerates Red Hat OpenShift Container Platform deployment and simplifies updates. HPE 3PAR Storage or HPE Nimble Storage provide enterprise-grade persistent storage including data management, high availability and storage efficiency. The HPE solution recommends container platform security using Sysdig Secure and Sysdig Monitor. In addition, when using HPE 3PAR Storage, customers can leverage a business-driven container application data protection architecture provided by  HPE Recovery Manager Central  (RMC) and HPE StoreOnce.

HPE Synergy Composer and HPE Synergy Image Streamer are used to create deployment plans for rapid deployment of bare metal Red Hat OpenShift nodes. The fluid resource pools and software-defined intelligence of HPE Synergy allow administrators to rapidly compose any configuration required, reducing deployment time from days down to hours.

  • The HPE solution deploys Red Hat OpenShift 3.11 as a combination of virtual and physical resources. Red Hat OpenShift worker nodes are deployed on bare metal on six (6) HPE Synergy 480 Gen10 Compute Modules running Red Hat Enterprise Linux version 7.6. The operating system for the Red Hat OpenShift worker nodes is booted from HPE Image Streamer and post-installation configuration steps are performed, in part, using Ansible playbooks.
  • The OpenShift master, etcd, and infrastructure nodes are deployed as virtual machines running on three (3) HPE Synergy 480 Gen10 Compute Modules running Red Hat Virtualization Host 4.2 (RHVH), and managed by Red Hat Virtualization Manager (RHV-M). Red Hat Enterprise Virtualization (RHV) is the hypervisor used in RHVH hosts installed via Kickstart files over PXE. Post-installation configuration steps are performed, in part, using Ansible playbooks. Customers can also use VMware vSphere v6.7 as Hypervisor and virtualization management layer. Load balancing options can be deployed as a virtual machine or as physical appliances.
  • Customers can choose from either fibre channel attached HPE 3PAR Storage or iSCSI based HPE Nimble Storage to provide highly available resources for persistent data, the container registry and management virtual machines.
  • By utilizing HPE Synergy, the non-storage networks within the solution are able to traverse the Synergy infrastructure in an east-west fashion across high speed, low latency links both within and between HPE Virtual Connect Modules. In particular, communication between the core OpenShift management pieces remains within the HPE Synergy Frames.
  • For security and monitoring of containers in OpenShift the lightweight Sysdig Agent is installed on the nodes within the OpenShift Cluster. These agents run as a daemon to enable Sysdig Monitor and Sysdig Secure functionality. Sysdig Monitor provides deep, process-level visibility into dynamic, distributed production environments. Sysdig Secure provides image scanning, run-time protection, and forensics to identify vulnerabilities, block threats, enforce compliance, and audit activity across an OpenShift Cluster. The implementation in this solution uses the Software as a Service (SaaS) version of Sysdig. The playbooks deploy Sysdig Agent software on every OpenShift node and captured data is relayed back to your Sysdig SaaS Cloud portal. The deployment provides access to a 90 day try-and-buy, fully featured version of the Sysdig software. Customers can also use kube-bench to check if Kubernetes is deployed securely.
  • When using HPE 3PAR Storage, persistent volumes within OpenShift are protected using HPE Recovery Manager Central (RMC). HPE RMC initiates a crash consistent snapshot at the volume level and, using the RMC express protect feature, moves the snapshot to an HPE StoreOnce Catalyst store. In this scenario no external data mover is involved. Either HPE StoreOnce or HPE RMC acts as the data mover. This helps reduce the cost and complexity of the solution. HPE 3PAR StoreServ Storage also supports replication of the volume to a remote array which reduces the Recovery Point Objective/Recovery Time Objective (RPO/RTO). RPO/RTO can be further reduced with peer persistent (active/active) replication.

The HPE Converged Architecture 750 (CA750) serves as the reference platform for the solution. Customers can also choose to customize their OpenShift configuration based on their workload needs leveraging parts of the CA750 design. The CA750 approach provides pre-integrated, modular, scalable converged systems that reduce deployment risk.

The reference configurations in conjunction with deployment guides provide instructions for creating golden images for Red Hat OpenShift Container Platform deployment, operating system build plan, and operating system deployment plan. These utilize the plan scripts for using Image Streamer to deploy Red Hat Open Shift 3.11. These reference configurations show how to deploy Red Hat OpenShift at scale using HPE’s solution processes and automation.

Connect to more information

HPE Reference Configurations for Red Hat OpenShift Container Platform on HPE Synergy with HPE 3PAR Storage or HPE Nimble Storage addresses key requirements of infrastructure provisioning, manageability, scalability, security, and data protection.

You can refer to the Reference Configurations here: www.hpe.com/info/ra.

You can access the deployment guides and accompanying Ansible deployment scripts here for HPE 3PAR Storage: https://github.com/HewlettPackard/hpe-solutions-openshift/tree/master/synergy/scalable/3par

 And here for HPE Nimble Storage: https://github.com/hewlettpackard/hpe-solutions-openshift/tree/master/synergy/scalable/nimble

Please contact your HPE representative for further details

Mandar Chitale - HPE Solution Engineering Team.jpgMeet Server Experts blogger Mandar Chitale, HPE Solution Engineering Team. Mandar has two decades of experience in the IT industry. Currently, he is a Program Manager with the HPE Solution Engineering Team which is focused on creating Solution Reference Architectures for enterprise use cases based on the traditional and emerging digital technology scape.


Server Experts
Hewlett Packard Enterprise

linkedin.com/showcase/hpe-servers-and-systems/
hpe.com/servers

0 Kudos
About the Author

ServerExperts

Our team of Hewlett Packard Enterprise server experts helps you to dive deep into relevant infrastructure topics.