Chapter 2. Technology overview

We offer a solution for running Red Hat OpenShift Container Platform 4.6 and 4.7 on Red Hat OpenStack Platform 16. Our solution deploys Red Hat OpenShift Container Platform 4.6 and 4.7 to physical servers that run Red Hat OpenStack Platform 16.1. We use Red Hat OpenStack Platform director to perform the initial OpenStack installation and Day 2 operations.

Starting with the 4.x stream, the Red Hat OpenShift Container Platform installer features a streamlined interface and simplified installation process allowing a faster, easier, and more precise installation.

Further details of the new installation process are on the OpenShift Container Platform installation overview page.

2.1. Relationship between OpenShift and OpenStack

The relationship between OpenStack and OpenShift is complementary.

  • OpenStack exposes resources via its application programming interface (API) and OpenShift requests them.
  • OpenStack provides OpenShift with compute, storage, and networking infrastructure, plus additional resources, such as self-service load balancers and encryption.
  • OpenShift runs its containerized applications on the infrastructure provisioned by OpenStack.

The products are tightly integrated. OpenShift can consume OpenStack resources on demand and without user intervention.

2.1.1. Red Hat Enterprise Linux CoreOS (RHCOS)

Beginning with OpenShift 4, OpenShift nodes now run on Red Hat Enterprise Linux (RHEL) CoreOS (RHCOS). RHEL CoreOS combines the ease of over-the-air updates from Container Linux (formerly known as CoreOS) with the Red Hat Enterprise Linux kernel to deliver a more secure, easily managed container host.

In an installer-provisioned infrastructure based deployment, RHCOS is the supported operating system for all the OpenShift Container Platform nodes and is used by default for workers and controllers. It is also an OpenShift requirement that the controller nodes run RHCOS. Currently, RHCOS is only used in conjunction with OpenShift and not for use as an independent operating system.

Find more information about Red Hat Enterprise Linux (RHEL) CoreOS.

2.2. Solution overview

Although there are many available options for placing OpenShift on OpenStack, we provide one validated solution to ensure clarity, simplicity, and supportability. The Red Hat Tested Solution represents the components and integrations of this solution, which has been tested by QE and is a starting point for all enterprise deployments.

Figure 2.1. Diagram of the Red Hat solution

A diagram of the OpenShift on OpenStack reference architecture at a high level.

We made these key choices to complete the installation and setup shown in Figure 1:

Installation

  • OpenStack is installed using director.
  • OpenStack is installed using external TLS encryption.
  • OpenShift is installed using the full-stack automation (IPI) method.
  • OpenShift is installed from the director host using a non-privileged OpenStack tenant.

Storage

  • OpenStack deploys Fileshare-as-a-Service (manila) usable with RWX container workloads.
  • OpenStack deploys the Block Storage service (cinder) usable with RWO container workloads.
  • OpenStack utilises RHCS for Compute (nova), Image (glance), Block Storage (cinder), and Object (swift).
  • OpenStack uses RHCS with Ganesha for Fileshare-as-a-Service (manila).
  • OpenShift uses a Container Storage Interface (CSI) driver to provide access to manila.
  • OpenShift 4.6 uses the in-tree Cinder provisioner (kubernetes.io/cinder) to provide access to cinder. Beginning with OpenShift 4.7, we also support a Container Storage Interface (CSI) driver for cinder.
  • OpenShift uses Object storage for the internal registry.

Compute

  • OpenShift control-plane and worker VMs are deployed using nova availability zones to provide high availability.

Networking

  • OpenStack uses Open Virtual Network (OVN) for its SDN.
  • OpenShift networking is managed by Kuryr-Kubernetes and Kuryr-CNI, which allows Neutron-based networking in Kubernetes
  • OpenStack deploys Load-Balancing-as-a-Service (Octavia) for OpenShift load balancing
  • OpenShift uses the OVN Provider driver for Octavia to provide load balancing