tut1131 best practices in deploying suse caas platform
play

TUT1131 - Best Practices in Deploying SUSE CaaS Platform Martin - PowerPoint PPT Presentation

Aug 19, 2023 •288 likes •762 views

TUT1131 - Best Practices in Deploying SUSE CaaS Platform Martin Weiss Juan Utande Herrera Senior Architect Infrastructure Solutions Senior Architect Infrastructure Solutions Martin.Weiss@SUSE.com Juan.Herrera@suse.com AGENDA AGEN What

  1. TUT1131 - Best Practices in Deploying SUSE CaaS Platform Martin Weiss Juan Utande Herrera Senior Architect Infrastructure Solutions Senior Architect Infrastructure Solutions Martin.Weiss@SUSE.com Juan.Herrera@suse.com

  2. AGENDA AGEN What What is is SUSE SUSE CaaS CaaS 4 Deployment B loyment Best P t Practices ctices 1 Platform tform 2 Requirements uirements 5 Testing ting 3 Planning and Sizi Plan and Sizing 6 Operations rations

  3. What is SUSE CaaS Plaform 3 3

  4. SUSE: Underpinning Digital Transformation Business-critical Machine Business High Performance Traditional IT Internet of Applications Learning Analytics Computing & Applications Things Application Delivery Container Management Platform as a Service SUSE CaaS Platform SUSE Cloud Application Platform Software-defined Infrastructure Services Private Cloud / IaaS SUSE OpenStack Cloud SUSE Global Infrastructure Services & Lifecycle Compute Storage Consulting Management Networking Services Virtual Machine SUSE Enterprise Public Cloud SDN and NFV Select Services & Container Storage SUSE Manager Premium Support SUSE Cloud Services Multimodal Operating System Service Provider SUSE Linux Enterprise Server Program Physical Infrastructure: Multi-platform Servers, Switches, Storage Open, Secure, Proven 4

  5. What is SUSE CaaS Platform 3? • Kubernetes • MicroOS with Transactional Updates • Simple deployment • SUSE supported • LDAP / Active Directory Integration • Caching Registry Integration • Air Gapped Implementation Support • Registry.suse.com • Helm • Docker or Cri-o (tech preview), Flannel • Multiple deployment methods

  6. Requirements 6

  7. General requirements Where to deploy What do I need Who can help me Support options • Deploy on physical • SUSE CaaS • Sales and Pre/Post • Included 24/7 Hardware or on your Platform Sales Consulting: priority support in Virtualization subscriptions case of issues - Help choosing the infrastructure • SLES for right Hardware • Consulting for • Ready to Run on infrastructure nodes maintenance and - Architect the Public and Private proactive support to solution Clouds scale, upgrade, - Initial review and fix implementation

  8. Use Case Specific Requirements Application Requirements Security Requirements Availability Requirements (Sizing) • Number of Pods • Images (source and size) • Single or multi data-center • Memory, CPU • Isolation • Distance / Latency • Storage requirements (file, • Integration into existing block, object, single or multi- Identity Sources writer, capacity, static or dynamic provisioning) • specific Hardware / CPU / GPU requirements • Network Entry points / Services / Bandwidth $$$ BUDGET $$$ Politics, Religion, Philosophy, Processes ;-)

  9. Planning and Sizing

  10. Planning and Sizing SUSE C SE CaaS P S Platform – CLUS USTER 1 R 1 Kuber ernet etes es Master Master Master + Admin Based Workers as VM or physical on number of pods Worker Worker Worker + Fault tolerance Based on LDAP, Salt, number of pods ETCD cluster and resource Velum, SQL requirements Disk Space for each Worker: Second cluster: • 50 GB for OS (BTRFS minimum for OS) • Fault • 100 GB for /var/lib/docker (BTRFS for Images tolerance and Containers) • Disaster • Space really depends on image sizes, versions recovery and changes

  11. Deployment Best Practices 1

  12. Deployment - Processes and People Prepare the Team (DevOps?) – Server – Storage – Network – Application – Security – User Other

  13. Deployment Stages 2 1 3 Base Infrastructur Infrastructur Software e e Installation Preparation Verification 4 5 SUSE Kubernetes CaaS Addons Platform Installation

  14. Deployment Review the Design Preparation of Time Synchronization • Depending on the requirements adjust • Have a fault tolerant time provider group before implementation Name Resolution Hardware Installation • Ensure that all addresses of the servers • Ensure that hardware installation and have different names cabling is correct • Add all addresses to DNS with forward and • Update Firmware reverse lookup • Adjust Firmware / BIOS settings • Ensure DNS is fault tolerant Disable everything not required ( i.e. serial • /etc/HOSTNAME must be the name in the ports, network boot, power saving ) public network Configure HW date/time • Define and create DNS Entries for internal and external Velum and API targets (Cname, VM Preparation Load Balancer, no round robin) • Use paravirtual SCSI

  15. Deployment Deploy On-Premise Registry (docker-distribution-registry) • Implement Portus to Secure the On-Premise Registry • Create DNS entry for Registry • Create Namespaces and Users on Registry • Optional: Integrate Portus into existing LDAP or Active-Directory Put all required images into registry into the right namespace • Dashboard, Prometheus, Grafana, etc. Optional: Setup caching registries

  16. Deployment Prepare Load Balancer Endpoints for API and DEX • Port 6443 and 32000 Storage Network setup and connectivity Prepare on-premise helm chart repository Prepare docker host to pull from internet, scan images, push to on- premise registry Prepare GIT for storing all manifests / yaml files

  17. Deployment Software Staging AutoYaST • Subscription Management Toolkit, SUSE • Ensure that all servers are installed Manager, RMT (limited) 100% identical • Ensure staging of patches to guarantee • Consulting solution available (see same patch level on existing servers and https://github.com/Martin-Weiss/cif) newly installed servers Configuration Management General • Templates • Use BTRFS for the OS • Salt • Disable Firewall / AppArmor / IPv6

  18. Deployment ONLY USE STATIC IP Configs Verify Time Synchronization Verify Name Resolution Test all Network Connections • Bandwidth • Latency

  19. Deployment • Install all Servers (Admin, Master, Worker) via AutoYaST • Ensure that all the patches available are installed at this point in time • AutoYaST configures Salt to ensure all Master/Worker connect to Salt-Master on the Admin host • Access Velum web-interface and create admin user • Specify Internal Dashboard FQDN (CNAME) • Enable Tiller (for later Helm usage) • Configure the overlay network • Add the SSL certificate of the CA signing the registry and external LDAP certificates • Accept Nodes, Assign Roles • Specify External API FQDN (load balancer for API and DEX) • Specify External Velum FQDN (CNAME) • Run Bootstrap (and now have a cup of coffee ;-))

  20. Deployment Create required Namespaces Create required Users / Groups in LDAP or Connect to Active Directory Create Roles and Role-Assignments Deploy Basic Services • K8s Dashboard • Persistent Storage / Storage Classes • Ingress • Monitoring • Logging Deploy Application • Application based scripts • CI/CD • Helm

  21. Testing 2

  22. Testing - Preparation Create a test plan For every test describe • Starting point • Test details • Expected result When executing the test • Prepare and verify starting point • Execute test • Document the test execution • Document the test results • Compare test results with expectation • Repeat the test several times 2 2

  23. Testing - Fault Tolerance Ensure all fault tolerance tests are done with load on the system Network failure • Single / Multiple NIC • Single / Multiple Switches • Cluster / Public Network Node failure • Admin • Master • Worker

  24. Operations

  25. Life Cycle • New Patches • Create new Stage on Staging System • Assign new Stage to Admin and Nodes • Wait until next day or “transactional-update dup reboot” • Access Velum - reboot admin • Ensure NO Single Pod application runs in the cluster* • Access Velum - reboot all

  26. Monitoring and Logging • Old: cAdvisor, Heapster, InfluxDB, Grafana • New: cAdvisor with Prometheus and Grafana • Alertmanager • Logfile collection and cleanup • Disk space usage • Application Specific Monitoring?

  27. Backup and Recovery (1) Don ´ t do backup and recovery • • Everything that is deployed to the cluster must be 100% reproducible • Use a second cluster for disaster recovery and deploy the application twice • Have proper staging for the application • For persistent data - the application MUST support consistent backup and restore and this can not be done on the k8s side of things • Recommendation: use a GIT or similar source code management system • Disaster Recovery: delete the whole cluster, de-deploy and re-configure the cluster, re-deploy the application and restore the applications data via application functionality

  28. Backup and Recovery (2) • Backup ETCD • LDIF export of openLDAP • Snapshot of Admin VM • Power off everything and snapshot • Kubectl export • GIT / Helm / Yaml File backup and versioning • Backup of Persistent Volumes • Single object restore? • Create an alias for kubectl - -record 2

  29. Questions? 2

  30. Questions? Deployment B loyment Best t Requirements uirements Plan Planning and Sizi and Sizing Practices ctices Testing ting Operations rations

  32. Backup slides

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Enabling Business Agility with SUSE CaaS Platform BOV 1078 Rob Knight Jonas Forsberg

Enabling Business Agility with SUSE CaaS Platform BOV 1078 Rob Knight Jonas Forsberg

Enabling Business Agility with SUSE CaaS Platform BOV 1078 Rob Knight Jonas Forsberg rob.knight@suse.com Jonas.Forsberg@suse.com @rssfed23 Tech Trends CHANGING Business Outcomes Evolving Approaches 3 What are Containers? Making more

913 views • 23 slides
Lessons learned from deploying SUSE OpenStack Cloud and Enterprise Storage in the Public Cloud

Lessons learned from deploying SUSE OpenStack Cloud and Enterprise Storage in the Public Cloud

Lessons learned from deploying SUSE OpenStack Cloud and Enterprise Storage in the Public Cloud TUT1224 Thursday, April 04, 03:15 PM - 04:15 PM | Belmont 1 Friday, April 05, 10:15 AM - 11:15 AM | Belmont 2 Mike Friesenegger Solution Architect

683 views • 35 slides
DEVELOPING & DEPLOYING AUTONOMOUS DRIVING APPLICATIONS WITH THE NVIDIA DRIVE PX PLATFORM

DEVELOPING & DEPLOYING AUTONOMOUS DRIVING APPLICATIONS WITH THE NVIDIA DRIVE PX PLATFORM

DEVELOPING & DEPLOYING AUTONOMOUS DRIVING APPLICATIONS WITH THE NVIDIA DRIVE PX PLATFORM Shri Sundaram, Product Manager, DRIVE PX Platform DRIVE PX: AV Development Platform AV Developers: DRIVE PX as your tool AV HW/SW Ecosystem: DRIVE PX

569 views • 29 slides
Agenda What Is SUSE Enterprise Storage 5.5 Requirements Planning and Sizing

Agenda What Is SUSE Enterprise Storage 5.5 Requirements Planning and Sizing

Agenda What Is SUSE Enterprise Storage 5.5 Requirements Planning and Sizing Deployment Best Practices Testing What Is SUSE Enterprise Storage 5.5 What Is SUSE Enterprise Storage 5.5 Open Source General-Purpose Software-Defined

574 views • 26 slides
SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54 What are Containers? A package/image that can be deployed anywhere (thats running a Linux Kernel) Developers create a layered image of their

996 views • 53 slides
LibreOffice configuration management tools, approaches & best practices Thorsten Behrens -

LibreOffice configuration management tools, approaches & best practices Thorsten Behrens -

LibreOffice configuration management tools, approaches & best practices Thorsten Behrens - tbehrens@suse.com LibreOffice Hacker at SUSE What, Why, How Customize LibreOffice repeatably Makes your life easier, happier & more secure

823 views • 18 slides
An open, shared platform for developing, deploying, and accessing planetary-scale applications

An open, shared platform for developing, deploying, and accessing planetary-scale applications

An open, shared platform for developing, deploying, and accessing planetary-scale applications Timothy Roscoe Intel Research at Berkeley Thursday, July 01, 2004 APAN, Cairns, 1 July 2004 PlanetLab is Large collection of machines

533 views • 40 slides
Best Practices for Deploying OpenStack Trove: An Inside look at Database as a Service Architecture

Best Practices for Deploying OpenStack Trove: An Inside look at Database as a Service Architecture

Best Practices for Deploying OpenStack Trove: An Inside look at Database as a Service Architecture OpenStack Summit at Barcelona, October 2016 Who are we? Sriram Kalyanasundaram, Director Implementations Tesora Inc. OpenStack Summit

812 views • 23 slides
SUSE Manager 4 2019 Fall Expert Day North America Why Do I Need SUSE Manager? 11 118 118 8

SUSE Manager 4 2019 Fall Expert Day North America Why Do I Need SUSE Manager? 11 118 118 8

Expert Days Fall 2019 SUSE Manager 4 2019 Fall Expert Day North America Why Do I Need SUSE Manager? 11 118 118 8 SUSE Manager Manage 119 SUSE Manager HEALTH MONITORING Best-in-class open source infrastructure management solution

802 views • 24 slides
Simplifying Pillar Management with Forms and Formulas in SUSE Manager TUT1053 Raine Curtis

Simplifying Pillar Management with Forms and Formulas in SUSE Manager TUT1053 Raine Curtis

Simplifying Pillar Management with Forms and Formulas in SUSE Manager TUT1053 Raine Curtis Patrick Swartz N America Core Services Team Lead, Consultant Sales Engineer rcurtis@suse.com patrick.swartz@suse.com SUSE SUSE 1 Agenda The

634 views • 49 slides
One DCE/RPC server to serve them all Samuel Cabrero scabrero@suse.com SUSE DCE/RPC 2 DCE /

One DCE/RPC server to serve them all Samuel Cabrero scabrero@suse.com SUSE DCE/RPC 2 DCE /

One DCE/RPC server to serve them all Samuel Cabrero scabrero@suse.com SUSE DCE/RPC 2 DCE / RPC DCE Distributed Computing Environment Framework and toolkit to develop client/server applications Developed by the OSF (Open Software

710 views • 36 slides
SUSE Nils Brauckmann President and General Manager SUSE at a Glance 0m 50s We adapt. You

SUSE Nils Brauckmann President and General Manager SUSE at a Glance 0m 50s We adapt. You

SUSE Nils Brauckmann President and General Manager SUSE at a Glance 0m 50s We adapt. You succeed. 2 Where SUSE Leads 4m 20s We adapt. You succeed. 3 SUSE Strategy 6m 23s We adapt. You succeed. 4 Open Source Business Model Its

496 views • 13 slides
Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes

Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes

Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes Ceph Storage Operation NVRAMOS 2019 10/28/2019 Cloud Service Model On Premises IaaS CaaS PaaS SaaS Applications Applications

660 views • 36 slides
3. 10 Best Practices for Data Migration 4. Frequently Asked Questions Cut through the platform

3. 10 Best Practices for Data Migration 4. Frequently Asked Questions Cut through the platform

1. Platform Overview 2. Upgrading The Customer Experience 3. 10 Best Practices for Data Migration 4. Frequently Asked Questions Cut through the platform Marketing rhetoric. Make a list of your required features & functionality.

753 views • 46 slides
SMB debugging tools the art of hair pulling Aurlien Aptel <aaptel@suse.com> SUSE Who am

SMB debugging tools the art of hair pulling Aurlien Aptel <aaptel@suse.com> SUSE Who am

SMB debugging tools the art of hair pulling Aurlien Aptel <aaptel@suse.com> SUSE Who am I? Aurlien Aptel Work in SUSE, Samba Team Focus on SMB kernel client aka cifs.ko Cifs-utils, Wireshark, Pike, ... 2 What

575 views • 28 slides
SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right?

SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right?

SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right? Maybe you use AWS or Azure? Allowing pay-as-you-go model for IT infrastructure and toward dynamic software-defined service delivery.

168 views • 16 slides
Headquarters U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e Air Force

Headquarters U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e Air Force

Headquarters U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e Air Force Progress in Implementing Standard Desktop Configurations Information Security and Advisory Board June 7th , 2007 Ken Heitkamp Associate

384 views • 16 slides
Learning Covariant Feature Detectors Karel Lenc and Andrea Vedaldi University of Oxford GMDL

Learning Covariant Feature Detectors Karel Lenc and Andrea Vedaldi University of Oxford GMDL

Learning Covariant Feature Detectors Karel Lenc and Andrea Vedaldi University of Oxford GMDL Workshop, ECCV 2016 Local Feature Detection for Image Matching 2 (x) (x) x x ... ... The challenges of learning feature detectors

528 views • 39 slides
Backscatter Patch Test inter-comparison of systems using shared reference areas for testing,

Backscatter Patch Test inter-comparison of systems using shared reference areas for testing,

Backscatter Patch Test inter-comparison of systems using shared reference areas for testing, calibration, and quality assessment M. Roche, T. P. Le Bas, X. Lurton, K. Degrendele, L. De Mol, V. Van Lancker, M. Baeye, J. De Bisschop, C.

443 views • 22 slides
Advances in Automated Program Repair and a Call to Arms Westley Weimer University of Virginia

Advances in Automated Program Repair and a Call to Arms Westley Weimer University of Virginia

Advances in Automated Program Repair and a Call to Arms Westley Weimer University of Virginia Andreas Zeller, SSBSE Keynote 2011 Westley Weimer 2 For The Next Hour Automated Program Repair Historical Context Mistakes

1.16k views • 87 slides
SEGMENTATION OF MEDICAL VOLUMES USING CONVOLUTIONAL NEURAL NETWORKS MEDICAL IMAGE SEGMENTATION

SEGMENTATION OF MEDICAL VOLUMES USING CONVOLUTIONAL NEURAL NETWORKS MEDICAL IMAGE SEGMENTATION

FAUSTO MILLETARI SEGMENTATION OF MEDICAL VOLUMES USING CONVOLUTIONAL NEURAL NETWORKS MEDICAL IMAGE SEGMENTATION Computer assisted diagnosis Computer assisted intervention Treatment Planning Enhanced visualisation MEDICAL IMAGING

414 views • 22 slides
Selective Patella Resurfacing and Total Knee Arthroplasty Jay R Lieberman MD Professor and

Selective Patella Resurfacing and Total Knee Arthroplasty Jay R Lieberman MD Professor and

Selective Patella Resurfacing and Total Knee Arthroplasty Jay R Lieberman MD Professor and Chairman Department of Orthopaedic surgery Keck School of Medicine of USC Disclosures Consultant DePuy Inc Royalties (Knee) Research

918 views • 32 slides
Total Knee Replacement DR. (PROF.) ANIL ARORA MS (Ortho) DNB (Ortho) Dip SIROT (USA) FAPOA

Total Knee Replacement DR. (PROF.) ANIL ARORA MS (Ortho) DNB (Ortho) Dip SIROT (USA) FAPOA

Evaluation of Painful Total Knee Replacement DR. (PROF.) ANIL ARORA MS (Ortho) DNB (Ortho) Dip SIROT (USA) FAPOA (Korea), FIGOF (Germany), FJOA (Japan) Commonwealth Fellow Joint Replacement (Royal National Orthopaedic Hospital, London, UK)

1.48k views • 58 slides
Patellofemoral Pain Syndrome and Hip Strengthening Candace Gorby, AT, USAW-L1 Kettering Sports

Patellofemoral Pain Syndrome and Hip Strengthening Candace Gorby, AT, USAW-L1 Kettering Sports

Patellofemoral Pain Syndrome and Hip Strengthening Candace Gorby, AT, USAW-L1 Kettering Sports Medicine, Sports Acceleration Learning Objectives Identify current best practices for strengthening exercises for PFPS. Recommend a

543 views • 36 slides

More recommend