That app you love, part 5: Upping our (cloud) game
Posted byN. Harrison Ripps on October 11, 2016 October 11, 2016
Welcome to the fifth installment of That App You Love , a blog series in which I show you how to you can make almost any app into a first-class cloud citizen. If you want to start from the beginning, jump back and check out Part 1: Making a Connection .
The previous posts of this series have focused on how to package ZNC in a way that exposes run-time configurability into the immutable world of containers. But forget about ZNC – we’re really talking about That App You Love, and what it takes to make that app a secure , stateful and robust cloud resident.
By introducing configurability to our app container image, we are priming the pump for security and statefulness. But what about robustness? Well, we really can’t go much further without a cloud to play around in, so…
It’s Time To Get Our Cluster On
For the rest of this blog series, we’re going to use the OpenShift Container Platform to go through the process of cloud-ifying our app. Why OpenShift? Well, I’m part of the OpenShift team, and it would be weird if I launched into directions on how to do this with cgroups, SSH, and Bash scripts. But also, I’m pretty sure OpenShift is the only full-lifecycle container platform that is a) built on the amazing power of Kubernetes orchestration and b) deployable with a single command.
So without further ado:
If you don’t have docker installed, you’ll need that first. Shortcut for Fedora users: [code]sudo dnf install docker[/code]
Even if you do have docker installed, you may need to change a line in the docker config file. OpenShift runs a docker registry internally on the 172.30.x.y subnet, and we need to let docker know that this registry is okay to use. Shortcut for Fedora users:
Open /etc/sysconfig/docker with root permissions in an editor: [code]sudo gedit /etc/sysconfig/docker[/code]
Uncomment the INSECURE_REGISTRY line and change it to: [code]INSECURE_REGISTRY='--insecure-registry 172.30.0.0/16'[/code]
Save file; start or restart docker: [code]sudo systemctl restart docker[/code]
Download the latest OpenShift client. (If you’ve already installed the Red Hat Container Development Kit (CDK) , then you can skip this installation — OpenShift is already installed in your VM.) As of the time I wrote this, I was using v1.3.0-alpha.3, but any release after that will work as well:
https://github.com/openshift/origin/releases/ (Click on a release title and scroll to the bottom of the page for binary downloads.)
Unpack and move the oc binary to somewhere into your $PATH
Run the magic command as root (required because this does docker operations): [code]sudo /oc cluster up[/code]
In the output from the “cluster up” command, look for an IP address / port number combination ending in port 8443. This is your OpenShift server. As your regular non-root user, log in with the “oc” utility:
[code]oc login -u developer -p developer --server=:8443[/code] You will need to accept the server’s self-signed certificate, and then you are all set!
For a lot more detail on “oc cluster up”, check out these notes .
What Have We Here?
Assuming everything worked correctly, the following things are now true:
Running `oc whoami` should reveal that you are the ‘developer’ user
In a web browser, navigating to the URL listed in the output of “oc cluster up” (the one ending in port 8443) should put you face to face with the OpenShift web console (after you accept the self-signed SSL certificate)
Let’s take a quick tour of the web console. After you log in with user: ‘developer’ and password ‘developer’, you should see a list of your “Projects”:
Projects are namespaces that can contain a number of related application components. When we deploy That App You Love, it will live in a Project along with all of the components that make it secure, stateful and robust.
If you click into “My Project”, which is the project that the oc cluster up command creates for you, you’ll see that there isn’t much going on right now: