"Cloud native app developers delight: Container storage just got a whole lot easier!" by Michael Adam, Engineering Lead, Container Native Storage, and Sayan Saha, Head of Product, Red Hat Gluster Storage
Editor's note: In January, Red Hat announced the release of the latest iteration of its OpenShift Container Platform. Red Hat OpenShift Container Platform 3.4 offers dynamic storage provisioning for both traditional, hybrid cloud and cloud-native app environments, as well as enhanced multi-tenant capabilities and streamlined deployment for hybrid clouds. By leveraging the improved capabilities of Kubernetes 1.4, which is maintained by the open source Kubernetes Project community, the goal is to deploy container-based applications and micro-services on "a stable, reliable and more secure enterprise platform" to provide a richer developer and management experience. Containers have been a great way to encapsulate test and and development environments, with the moves Red Hat are making to connect containers to storage with enterprise class features it is possible that we will see the use cases for containers expand increasingly to production applications.
Full Story follows:
Today, Red Hat announced general availability of Red Hat OpenShift Container Platform 3.4, which includes key features such as enhanced multi-tenancy and streamlined deployment for hybrid clouds. In addition, a number of open source storage innovations have been included in this release, which enable easier storage management and provisioning across the lifecycle of containers.
The story so far
Containers were built to be ephemeral and stateless. However, stateful applications running in containers need enterprise-grade persistent storage. Over the past 18 months, Red Hat has delivered a continuum of innovation around persistent storage for containers, leading the charge on both fronts – the open source communities and enterprise products. Red Hat offers container-native storage – durable, distributed, software-defined storage integrated deeply into the Red Hat OpenShift Container Platform, managed by Kubernetes.
Rich developer and management experience
In the latest release, Red Hat OpenShift Container Platform 3.4 offers dynamic provisioning of persistent volumes, allowing for a much richer developer experience, addressing annoying delays due to lengthy storage provisioning cycles needed by traditional storage platforms.
Storage administrators can expect to find that easier volume management with dynamic provisioning frees them up for more value-added tasks. Developers building cloud-native apps deployed in containers can benefit from faster storage provisioning and a better user experience.
DevOps managers can relish the automation and integration through a new deployment tool included with the subscription that can deploy container-native storage with push-button simplicity.
Dynamic provisioning for persistent volume claims
Prior to this release, storage administrators and application developers were limited to a static provisioning model where persistent volumes (PVs) of fixed capacity had to be pre-provisioned manually to be consumed by applications running in Kubernetes pods.
Persistent volume claims (PVCs) are used to consume storage resources in Kubernetes like pods that consume compute resources. When new PVCs were received, an attempt was made to match the PVC request with the closest available PV in terms of capacity, and if one was found the claim would be bound to it. This scheme is inefficient.
Consider a situation where 10, 100 GB PVs have been pre-provisioned and made available. A request for 50 GB of storage would be matched to one of the available 100 GB PVs. This is wasteful as storage is over-committed.
On the other hand, a request for 150 GB of storage would go unsatisfied as there is no close match, even though there is unused storage capacity.
The new dynamic provisioning feature fixes that issue by automating the provisioning of storage volumes. For instance, a 50 GB PVC request is addressed using a 50 GB PV that is dynamically provisioned for developers requiring zero admin intervention. In other words, users can expect to get exactly what they asked for as long as the underlying storage platform has available capacity.
Note that dynamic provisioning is supported even when Red Hat Gluster Storage serves out storage from a dedicated storage cluster in addition to container-native storage. This demo shows how container-native storage can be dynamically provisioned in OpenShift Container Platform.
Dynamic provisioning using storage classes
Dynamic provisioning is enabled by a new feature in OpenShift called storage classes. Storage classes enable storage admins to describe as well as classify their various storage implementations that are available to be used by the OpenShift cluster, and they enable developers to configure specific parameters when requesting storage on demand. Container-native storage can be configured as a storage class, which allows OpenShift developers to dynamically provision storage when submitting claims against the storage class, as seen below.
Faster and easier storage deployments using Kubernetes daemon sets
Container-native storage now ships with a deployment tool that will deploy the whole system in an already installed OpenShift cluster. The deployment tool is flexible in that it can easily be used in Ansible playbooks. The administrator only needs to prepare a topology file, a JSON-formatted file describing the nodes and storage devices to be used. Based on that, the deployment of the Gluster storage cluster and the management server as pods in the OpenShift cluster is achieved with the invocation of just a single command. Once deployment is completed, the Gluster storage is ready for both manual and dynamic provisioning with an appropriate storage class. In case of any errors encountered during deployment, the tool supports an abort operation that undoes the failed partial deployment, so that it can be started from scratch. This demo shows the deployment tool in action.
GID level security and endpoints
Several features have been added to Red Hat OpenShift Container Platform 3.4 to create a more secure storage environment. The first of these is the addition of system-controlled, preallocated GIDs for the Red Hat Gluster Storage container. This enables the container to run as a non-root user, permitting only allowed users to access the data.
Second, usability with endpoints has been resolved with the deployment of a service and endpoint for each dynamically provisioned volume. This allows PVs to be specific to the requestors namespace without the added steps of manually creating these resources.
The most comprehensive persistent storage for containers
Red Hat continues to be a major contributor to the Docker and Kubernetes communities. In fact, as of today, Red Hat has the second-most contributors in each, second only to Docker and Google, respectively. Much of the innovation happening upstream is focused on solving the persistent storage challenge for stateful applications. Red Hat has contributed a number of volume plugins for a variety of protocols. Learn more here.