awesome-kubernetes/docs/openshift.md

OpenShift

• OpenShift Container Platform 3 (OCP 3)
  • OpenShift Cheat Sheets
  • Helm Charts and OpenShift 3
  • Chaos Monkey for kubernetes/Openshift
  • OpenShift GitOps
  • Debugging apps
  • Capacity Management
  • OpenShift High Availability
  • Troubleshooting Java applications on Openshift
  • Red Hat Communities of Practice
  • Identity Management
  • Quota Management
• OpenShift Container Platform 4 (OCP 4)
  • OpenShift 4 roadmap
  • OpenShift Kubernetes Engine (OKE)
  • Storage in OCP 4
  • OpenShift Pipelines. Tekton CI/CD Pipelines
  • OpenShift 4 Training
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat CodeReady Containers. OpenShift 4 on your laptop
  • OpenShift Hive: Cluster-as-a-Service. Easily provision new PaaS environments for developers
  • OpenShift 4 Master API Protection in Public Cloud
  • Backup and Migrate to OpenShift 4
  • OKD4. OpenShift 4 without enterprise-level support
  • OpenShift Serverless with Knative
  • Helm Charts and OpenShift 4
  • Red Hat Marketplace
  • Kubestone. Benchmarking Operator for K8s and OpenShift
  • OpenShift Cost Management
  • Operators in OCP 4
  • Quay Container Registry
• E-books
• Online Learning
• Local Installers
• Cluster Installers
  • OKD 3
  • OpenShift 3
  • OpenShift 4
• Networking (OCP 3 and OCP 4)
• Security
  • How is OpenShift Container Platform Secured?
  • Managing Security Context Constraints
    • Review Security Context Constraints
  • Network Policy
    • Network Security Zones
• Demos
• Openshift Compliant Docker Images
• OpenShift on AWS
• Other Awesome Lists
• Videos
• Slides

OpenShift Container Platform 3 (OCP 3)

• Wikipedia.org: Openshift
• try.openshift.com 🌟🌟🌟🌟
• openshift.io 🌟🌟🌟 an online IDE for building container-based apps, built for team collaboration.
• docs.openshift.com
• https://github.com/openshift/origin 🌟🌟🌟
  • Using Jenkins Pipelines with OpenShift 🌟
• docs.openshift.com: OpenShift Pipeline Builds
• https://hub.docker.com/u/openshift/
• https://www.reddit.com/r/openshift 🌟🌟🌟
• PodCTL Podcasts
• Dzone.com: OpenShift Quick Start 🌟
• Dzone.com: OpenShift Quick Start: Build, Deployment, and Pipeline 🌟🌟🌟 Automation is the key to microservices success. Learn how to use the OpenShift platform to implement a continuous build and deployment platform.
• redhat.com: How to gather and display metrics in Red Hat OpenShift (Prometheus + Grafana)
• claydesk.com: Google Cloud App Engine Vs Red Hat OpenShift
• https://github.com/fabric8io/fabric8-pipeline-library 🌟🌟🌟
• https://twitter.com/openshift
• developers.redhat.com: Source versus binary S2I workflows with Red Hat OpenShift Application Runtimes
• Red Hat Consulting DevOps And OpenShift Playbooks 🌟🌟🌟 Red Hat Consulting DevOps and OpenShift Playbooks are guides for implementing DevOps technical practices and container automation approaches using Red Hat commercial open source products, including OpenShift Enterprise 3. They are intended to reflect real-world experience delivering solutions through these processes and technologies.
• certdepot.net: OpenShift Free available resources 🌟🌟🌟
• blog.openshift.com: From zero to container deployment hero with OpenShift 3 (Video) 🌟🌟🌟
• blog.openshift.com: Using OpenShift 3 on your local environment 🌟
• developers.redhat.com: Securing .NET Core on OpenShift using HTTPS
• OpenShift Commons 🌟 Where users, partners, customers, and contributors come together to collaborate and work together on OpenShift.
• ODO: OpenShift Command line for Developers 🌟🌟🌟 OpenShift Do (Odo) is a CLI tool for developers who are writing, building, and deploying applications on OpenShift. With Odo, developers get an opinionated CLI tool that supports fast, iterative development which abstracts away Kubernetes and OpenShift concepts, thus allowing them to focus on what's most important to them: code.
• blog.openshift.com - Kubernetes: A Pod’s Life 🌟🌟🌟
• Container-native virtualization allows to run and manage virtual machine workloads alongside container workloads
• developers.redhat.com: Handling Angular environments in continuous delivery with Red Hat OpenShift
• developers.redhat.com: OpenShift Actions: Deploy to Red Hat OpenShift directly from your GitHub repository
• developers.redhat.com: Customizing OpenShift project creation 🌟
• developers.redhat.com: Testing memory-based horizontal pod autoscaling on OpenShift 🌟🌟🌟

• How to Run HA Elasticsearch (ELK) on Red Hat OpenShift

OpenShift Cheat Sheets

• developers.redhat.com: Red Hat OpenShift Container Platform Cheat Sheet
• github.com: Openshift cheat sheet 1
• gist.github.com: Openshift cheat sheet 2
• github.com: openshift cheat sheet 3
• monodot.co.uk: openshift cheat sheet 4

Helm Charts and OpenShift 3

• blog.openshift.com: From Templates to Openshift Helm Charts
• Templating on OpenShift: should I use Helm templates or OpenShift templates? 🌟🌟🌟

Chaos Monkey for kubernetes/Openshift

• reddit: Help with Kube Monkey setup
• GitHub: kube-monkey
• GitHub: monkey-ops, Openshift compliant, no cluster-admin required
• chaoskube periodically kills random pods in your Kubernetes cluster
• Chaos Mesh

OpenShift GitOps

• blog.openshift.com: Introduction to GitOps with OpenShift
• learn.openshift.com: GitOps introduction
• blog.openshift.com: is it too late to integrate GitOps?
• blog.openshift.com: OpenShift Authentication Integration with ArgoCD

Debugging apps

• developers.redhat.com: Installing debugging tools into a Red Hat OpenShift container withoc-inject
• developers.redhat.com: Debugging applications within Red Hat OpenShift containers

Capacity Management

• blog.openshift.com/full-cluster-capacity-management-monitoring-openshift
• blog.openshift.com/full-cluster-part-2-protecting-nodes
• full-cluster-part-3-capacity-management
• blog.openshift.comhow-full-is-my-cluster-part-4-right-sizing-pods-with-vertical-pod-autoscaler
• blog.openshift.com/how-full-is-my-cluster-part-5-a-capacity-management-dashboard

OpenShift High Availability

• blog.openshift.com/tag/multi-datacenter
• blog.openshift.com/deploying-openshift-applications-multiple-datacenters
• blog.openshift.commetro-area-openshift-stretch-cluster-how-to-survive-an-outage-and-live-to-tell-about-it
• blog.openshift.com/stateful-workloads-and-the-two-data-center-conundrum
• OpenShift 3.11 Multi-cluster Federation
• Multi-cluster Federation in OpenShift 4 is called KubeFed
• Using KubeFed to deploy applications
• Katacoda e-learning platform – Federated Clusters
• KubeFed Operator

Troubleshooting Java applications on Openshift

• developers.redhat.com: Troubleshooting java applications on openshift
• dzone: 8 Options for Capturing Thread Dumps

Red Hat Communities of Practice

• uncontained.io
  • uncontained.io/articles/openshift-ha-installation
  • uncontained.io/articles/openshift-and-the-org
• v1.uncontained.io Red Hat Consulting DevOps & OpenShift Playbooks
• Red Hat Communities of Practice
• OpenShift Toolkit 🌟🌟🌟🌟
• OpenShift Container Pipelines 🌟🌟🌟
• OpenShift Pipeline Library 🌟🌟🌟
• OpenShift Playbooks

Identity Management

• GitHub redhat-cop: Ansible Role

Quota Management

• GitHub redhat-cop: OpenShift Toolkit - Quota Management 🌟🌟🌟🌟
• OpenShift 4 Resource Management
• techbeatly.com: How to create, increase or decrease project quota
• Quotas setting per project
• Quotas setting across multiple projects

OpenShift Container Platform 4 (OCP 4)

• blog.openshift.com: Introducing Red Hat OpenShift 4
• Dzone: What’s in OpenShift 4?
• youtube: Installing OpenShift 4 on AWS with operatorhub.io integration 🌟🌟🌟🌟
• blog.openshift.com: OpenShift 4 Install Experience
• operatorhub.io OperatorHub.io is a new home for the Kubernetes community to share Operators. Find an existing Operator or list your own today.
• developers.redhat.com: Get started with Jenkins CI/CD in Red Hat OpenShift 4
• youtube: OpenShift 4 OAuth Identity Providers
• cloudowski.com: Honest review of OpenShift 4 🌟🌟🌟🌟
• kubevirt.io 🌟🌟🌟🌟
• Getting Started with KubeVirt Containers and Virtual Machines Together
• Open Policy Agent 🌟🌟🌟
• blog.openshift.com: Fine-Grained Policy Enforcement in OpenShift with Open Policy Agent 🌟🌟
• OpenShift 4.2 documentation 🌟🌟🌟
• OpenShift Youtube
• Enabling OpenShift 4 Clusters to Stop and Resume Cluster VMs
• youtube: OpenShift on Google Cloud, AWS, Azure and localhost
• blog.openshift.com: Simplifying OpenShift Case Information Gathering Workflow: Must-Gather Operator (In the context of Red Hat OpenShift 4.x and Kubernetes, it is considered a bad practice to ssh into a node and perform debugging actions) 🌟🌟🌟🌟
• youtube: Getting Started with OpenShift 4 Security 🌟🌟🌟
• blog.openshift.com: Configure the OpenShift Image Registry backed by OpenShift Container Storage
• youtube playlist: London 2020 | OpenShift Commons Gathering 🌟🌟🌟 OCP4 Updates & Roadmaps, Customer Stories, OpenShift Hive (case study), Operator Ecosystem.
• blog.openshift.com: OpenShift Scale: Running 500 Pods Per Node 🌟🌟🌟

OpenShift 4 roadmap

• blog.openshift.com: OpenShift 4 Roadmap (slides) 🌟🌟🌟🌟
• blog.openshift.com: OpenShift Container Storage (OCS 3 & 4 slides) 🌟🌟🌟🌟
• blog.openshift.com: OpenShift 4 Roadmap Update (slides) 🌟🌟🌟🌟

OpenShift Kubernetes Engine (OKE)

• Similarities and differences between OpenShift Kubernetes Engine and OpenShift Container Platform

Storage in OCP 4

• State of OpenShift Container Storage

OpenShift Pipelines. Tekton CI/CD Pipelines

• tekton.dev
• https://blog.openshift.com: Cloud-Native CI/CD with OpenShift Pipelines based on Tekton
• github.com: Tekton pipelines
• OpenShift Pipelines Node.js Tutorial
• developers.redhat.com: Modern web applications on OpenShift, Part 4: Openshift Pipelines

OpenShift 4 Training

• github.com: Openshift 4 training
• learn.openshift.com
• learn.crunchydata.com

Red Hat Advanced Cluster Management for Kubernetes

• Red Hat Advanced Cluster Management for Kubernetes 🌟🌟

Red Hat CodeReady Containers. OpenShift 4 on your laptop

• developers.redhat.com: Developing applications on Kubernetes 🌟
• Red Hat OpenShift 4.2 on your laptop: Introducing Red Hat CodeReady Containers
• dzone: Code Ready Containers - Decision Management Developer Tools Update
• Overview: running crc on a remote server
• dzone: Code Ready Containers: Installing Process Automation Learn how to make better use of Red Hat's Code Ready Containers platform by installing process automation from a catalog.

OpenShift Hive: Cluster-as-a-Service. Easily provision new PaaS environments for developers

• OpenShift Hive is an operator which enables operations teams to easily provision new PaaSenvironments for developers improving productivity and reducing process burden due to internalIT regulations.
• blog.openshift.com: openshift hive cluster as a service
• youtube: how to deliver OpenShift as a service (just like Red Hat)

OpenShift 4 Master API Protection in Public Cloud

• blog.openshift.com: Introducing Red Hat OpenShift 4.3 to Enhance Kubernetes Security 🌟🌟🌟 OpenShift 4.3 adds new capabilities and platforms to the installer, helping customers to embrace their company’s best security practices and gain greater access control across hybrid cloud environments. Customers can deploy OpenShift clusters to customer-managed, pre-existing VPN / VPC (Virtual Private Network / Virtual Private Cloud) and subnets on AWS, Microsoft Azure and Google Cloud Platform. They can also install OpenShift clusters with private facing load balancer endpoints, not publicly accessible from the Internet, on AWS, Azure and GCP.
• containerjournal.com: Red Hat Delivers Latest Kubernetes Enhancements
• Create an OpenShift 4.2 Private Cluster in AWS 🌟
• cloud.ibm.com: openshift-security
• docs.aporeto.com: OpenShift Master API Protection

Backup and Migrate to OpenShift 4

• blog.openshift.com: Migrating your applications to OpenShift 4 🌟🌟🌟
  • Velero Backup and migrate Kubernetes applications and their persistent volumes
  • Restic Backups done right!

OKD4. OpenShift 4 without enterprise-level support

• OKD.io: The Community Distribution of Kubernetes that powers Red Hat OpenShift.
• docs.okd.io 🌟
• GitHub: OKD4
• youtube.com: OKD4
• blog.openshift.com: OKD4 Roadmap: The Road To OKD4: Operators, FCOS and K8S 🌟🌟🌟
• github.com: OKD 4 Roadmap
• youtube.com: How To Install OKD4 on GCP - Vadim Rutkovsky (Red Hat)
• blog.openshift.com: Guide to Installing an OKD 4.4 Cluster on your Home Lab
• okd4-upi-lab-setup: Building an OpenShift - OKD 4.X Lab Installing OKD4.X with User Provisioned Infrastructure. Libvirt, iPXE, and FCOS

OpenShift Serverless with Knative

• redhat.com: What is knative?
• developers.redhat.com: Serverless Architecture
• datacenterknowledge.com: Explaining Knative, the Project to Liberate Serverless from Cloud Giants
• knative-tutorial A pratical guide to get started with knative. Knative concepts are explained simple and easy way with lots of demos and exercises.
• Announcing OpenShift Serverless 1.5.0 Tech Preview – A sneak peek of our GA
• Serverless applications made faster and simpler with OpenShift Serverless GA

Helm Charts and OpenShift 4

• The supported method of using Helm charts with Openshift4 is via the Helm Operator
• youtube
• blog.openshift.com: Helm and Operators on OpenShift, Part 1
• blog.openshift.com: Helm and Operators on OpenShift, Part 2

Red Hat Marketplace

• marketplace.redhat.com 🌟🌟🌟
• developers.redhat.com: Building Kubernetes applications on OpenShift with Red Hat Marketplace

Kubestone. Benchmarking Operator for K8s and OpenShift

• kubestone.io
• https://operatorhub.io/operator/kubestone

OpenShift Cost Management

• blog.openshift.com: Tech Preview: Get visibility into your OpenShift costs across your hybrid infrastructure 🌟
• Cost Management and OpenShift - Sergio Ocón-Cárdenas (Red Hat) 🌟🌟

Operators in OCP 4

• OLM operator lifecycle manager
  • OLM Architecture 🌟🌟
  • OLM Philosophy
• Top Kubernetes Operators
• operatorhub.io
• learn.crunchydata.com
• developers.redhat.com: Operator pattern: REST API for Kubernetes and Red Hat OpenShift 🌟🌟🌟

Quay Container Registry

• Red Hat Introduces open source Project Quay container registry
• Red Hat Quay
• projectquay.io
• quay.io
• GitHub Quay (OSS)
• blog.openshift.com: Introducing Red Hat Quay
• operatorhub.io/operator/quay

E-books

• O'Reilly Free Book: DevOps with OpenShift
• O'Reilly Free Book: Openshift for developers
• O’Reilly: Free ebook: Kubernetes Operators: Automating the Container Orchestration Platform
• Manning: Openshift in action
• Packt publishing: Learn Openshift
• O’Reilly: Free ebook: Knative Cookbook: Building Effective Serverless Applications with Kubernetes and OpenShift
• magalix.com: Kubernetes Application Architecture Patterns eBook

Online Learning

• learn.openshift.com 🌟🌟🌟🌟 Interactive Learning Portal
• katacoda.com 🌟🌟🌟🌟 Interactive Learning and Training Platform for Software Engineers
• Red Hat Tutorials & Examples: github.com/redhat-developer-demos 🌟🌟🌟
• redhatgov.io 🌟🌟
• udemy.com: Red Hat OpenShift With Jenkins: DevOps For Beginners
• udemy.com: OpenShift Enterprise v3.2 Installation and Configuration
• udemy.com: Ultimate Openshift (2018) Bootcamp by School of Devops 🌟🌟🌟 With Openshift Origin 3.10 / OKD 2018, Kubernetes, Jenkins Pipelines, Prometheus, Istio, Micro Services, PaaS

Local Installers

• developers.redhat.com: Red Hat Container Development Kit
• Fabric8.io Microservices Development Platform It is an open source microservices platform based on Docker, Kubernetes and Jenkins. It is built by the Red Hat guys.The purpose of the project is to make it easy to create microservices, build, test and deploy them via Continuous Delivery pipelines then run and manage them with Continuous Improvement and ChatOps. Fabric8 installs and configures the following things for you automatically: Jenkins, Gogs, Fabric8 registry, Nexus, SonarQube.
• A few other options to use OKD locally include oc cluster up and minishift. These may be a better fit for your use case if you only need a quick throwaway environment.
• github.com/redhatdemocentral: OpenShift Container Platform Install Demo 🌟🌟
  • Dzone.com: Installing OpenShift Container Platform v3.5 in Minutes
  • Dzone.com: Install OpenShift Container Platform 3.6 in Minutes
  • Dzone.com: How to Install New OpenShift Container Platform 3.7
  • Dzone.com: Install OpenShift Container Platform in Minutes [Video]

Cluster Installers

OKD 3

• OKD.io: The Community Distribution of Kubernetes that powers Red Hat OpenShift.
• blog.openshift.com: Installing OKD 3.10 on a Single Host 🌟🌟🌟🌟
• youtube.com: OpenShift Origin is now OKD. Installation of OKD 3.10 from start to finish
• Install RedHat OKD 3.10 on your development box: This repository is a set of scripts that will allow you easily install the latest version (3.10) of OKD in a single node fashion. What that means is that all of the services required for OKD to function (master, node, etcd, etc.) will all be installed on a single host. The script supports a custom hostname which you can provide using the interactive mode.]
• docs.okd.io: Planning your installation

OpenShift 3

• belgium.devoteam.com: Using Ansible Tower to deploy OpenShift 3 on Azure: a step-by-step guide

OpenShift 4

• github.com/openshift/installer openshift installer 🌟🌟🌟
• CI/CD Pipeline to deploy OpenShift Container Platform 4.x to AWS 🌟
• blog.openshift.com: 9 steps to awesome with kubernetes openshift
  • github: burrsutter/9stepsawesome
• OpenShift 4.2 deployment on vSphere:
  • reddit
  • blog.openshift.com: OpenShift 4.2 vSphere Install Quickstart
  • blog.openshift.com: OpenShift 4.2 vsphere install with static IPs 🌟🌟🌟
  • youtube

Networking (OCP 3 and OCP 4)

• Using sidecars to analyze and debug network traffic in OpenShift and Kubernetes pods

• developers.redhat.com: Skupper.io: Let your services communicate across Kubernetes clusters
• blog.openshift.com: Troubleshooting OpenShift network performance with a netperf DaemonSet
• blog.openshift.com: Advanced Network customizations for OpenShift Install

Security

• itnext.io: Adding security layers to your App on OpenShift — Part 1: Deployment and TLS Ingress 🌟🌟🌟

How is OpenShift Container Platform Secured?

• docs.openshift.com/container-platform/3.11/architecture/index.html
• docs.openshift.com/container-platform/3.11/security/securing_container_platform.html
• ocs.openshift.com/container-platform/4.2/authentication/understanding-authentication.html

Managing Security Context Constraints

• docs.openshift.com: Managing Security Context Constraints
• docs.openshift.com: Managing Security Context Constraints. Security Context Constraints
• Dzone: Understanding OpenShift Security Context Constraints

Review Security Context Constraints

• Security Context Constraints (SCCs) control what actions pods can perform and what resources they can access.
• SCCs combine a set of security configurations into a single policy object that can be applied to pods. These security configurations include, but are not limited to, Linux Capabilities, Seccomp Profiles, User and Group ID Ranges, and types of mounts.
• OpenShift ships with several SCCs. The most constrained is the restricted SCC, and the least constrained in the privileged SCC. The other SCCs provide intermediate levels of constraint for various use cases. The restricted SCC is granted to all authenticated users by default.
• The default SCC for most pods should be the restricted SCC. If required, a cluster administrator may allow certain pods to run with different SCCs. Pods should be run with the most restrictive SCC possible.
• Pods inherit their SCC from the Service Account used to run the pod. With the default project template, new projects get a Service Account named default that is used to run pods. This default service account is only granted the ability to run the restricted SCC.
• Recommendations:
  • Use OpenShift's Security Context Constraint feature, which has been contributed to Kubernetes as Pod Security Policies. PSPs are still beta in Kubernetes 1.10, 1.11, and 1.12.
  • Use the restricted SCC as the default
  • For pods that require additional access, use the SCC that grants the least amount of additional privileges or create a custom SCC Audit
  • To show all available SCCs: oc describe scc
  • To audit a single pod: oc describe pod <POD> | grep openshift.io\/scc
  • Remediation: Apply the SCC with the least privilege required

Network Policy

• GitHub - redhat-cop - OpenShift toolkit 🌟🌟🌟🌟
• Fully Automated Management of Egress IPs with the egressip-ipam-operator 🌟🌟🌟

Network Security Zones

• OpenShift and Network Security Zones: Coexistence Approaches 🌟🌟🌟🌟

Demos

• kubernetesbyexample.com 🌟🌟🌟
• github Red Hat Tutorials & Examples 🌟🌟🌟🌟
• redhatgov.io RedHatGov.io is an open source collection of workshop materials that cover various topics relating to Red Hat's product portfolio.
• Deploying Docker Images to OpenShift We take a look at how to deploy a Docker image from DockerHub into RedHat's OpenShift environment, bringing added functionality along the way.
• Deploying PostgreSQL in MiniShift/OpenShift 3
• Clustering WildFly on Openshift
• Java EE example on Openshift
• Microprofile example on Openshift
• Deploying WildFly apps on Openshift
• Running Thorntail apps on Openshift
• Running Spring Boot applications on Openshift
• github.com/openshiftdemos 🌟🌟
• github.com/openshift-labs 🌟🌟

Openshift Compliant Docker Images

• Red Hat Container Catalog - RedHat Registry (registry.redhat.io) License required
• DockerHub openshift
• https://github.com/sclorg/
• https://github.com/sclorg/postgresql-container/
• https://github.com/sclorg/mariadb-container

OpenShift on AWS

• blog.openshift.com: AWS and red hat quickstart workshop
• aws.amazon.com: AWS Quick Start (OpenShift 3.11 on AWS) View deployment guide

Other Awesome Lists

• Awesome Openshift
• Awesome Openshift 2

Videos

Slides