Search

Personalize your Red Hat OpenShift pods and ensure they are regularly maintained.

Share it

Today we’re thrilled to introduce a fresh method for administrators to securely and effortlessly personalize an OS deployment with exceptionally detailed requirements while fully utilizing the automation and strength offered by Crimson Cap OpenShift. This implies you don’t have to doubt the necessity for unique device drivers for unusual hardware, system agents, or organizational requests that necessitate more authority over your host operating system.

Tailoring a container with Machine Config Operator (MCO)

Packaged in every OpenShift cluster is the Machine Config Operator (MCO). The MCO tweaks container operating system (OS) configurations, updates the container OS, and guarantees that each container is in the desired configuration state. When the MCO enacts a fresh configuration, it conducts the following procedures on each container until all containers have received the updated configuration:

  1. Seals off the container. This signifies that the container is not accessible for extra workloads.
  2. Empties the container. This halts all running workloads on the container, prompting them to be relocated to other containers.
  3. Implements the new configuration. It inscribes any new config files, activates systemd units, sets kernel arguments, or installs a new OS (assuming an OpenShift cluster is being upgraded to a newer OpenShift version).
  4. Restarts the container.
  5. Unseals the container. This signifies that the container may have workloads allocated on it again.

Tailoring a container with On-Cluster Layering (OCL)

System administrators can deliver a Containerfile with an RPM image that overlays customized content, such as device drivers or other specialized software, atop the base OS image. Accessible in OpenShift 4.16 in tech preview, On-Cluster Layering produces a final Open Container Initiative (OCI) image that is automatically:

  • Constructed within the cluster
  • Sent to an OCI image registry
  • Deployed on each cluster container by default

Automatic or manual? You choose.

Fresh opportunities for supplementary testing and automation can be incorporated into this process. Any tools compatible with OCI container images, like OpenShift Pipelines or security scans offered by Quay.io, can be leveraged to confirm the contents and functionality of these bespoke OS images before deployment. The best part is that this procedure can be wholly automated, if preferred.

Keep current

OpenShift clients admire how effortless it is to update to a new OpenShift release, and each new OpenShift release incorporates OS updates. On-Cluster Layering collaborates closely with the OpenShift upgrade mechanism to ensure that whenever an upgrade is executed, any customizations are applied to the new OpenShift release as well. A new customized OS image is automatically assembled prior to commencing the upgrade process.

Optionally, system administrators can subject this upgraded OS image to the same process to validate its contents and functionality before initiating the upgrade. Once assembled and tested, system administrators can commence the upgrade process with complete confidence, knowing that not only do their updated OS images encompass everything required to extract optimal performance from their hardware, but these images have also been examined and confirmed to operate within their specific setting.

Image Mode for Crimson Cap

By now, you may have heard about Image mode for Crimson Cap Linux. As you may imagine, these adjustments are closely intertwined. That’s a significant subject, but the key points to grasp are:

  • In essence, everything remains the same. You can now utilize all the familiar cloud-native tools, patterns, and infrastructure you know from application containers and deploy them with full operating system container images. Nearly all the knowledge gained from customizing CoreOS containers transitions into Image mode for Crimson Cap Linux (and vice versa).
  • Though there are some current technical distinctions between the implementations in OpenShift and Image mode for Crimson Cap Linux, the approaches are actively merging.

The addition of On-Cluster Layering to OpenShift furnishes a potent mechanism to empower complete control over OpenShift cluster containers. It delivers a self-sufficient solution for developing and managing customized OS images within a cluster. This feature presents additional opportunities for testing and automation, ensuring full assurance in the contents and functionality of these personalized OS images. By exploiting On-Cluster Layering, system administrators can markedly alleviate their maintenance responsibilities while still relishing the advantages of a thoroughly automated and entirely customized OpenShift setup.


https://www.redhat.com/en/blog/openshift-intro-on-cluster-layering

🤞 Don’t miss these tips!

🤞 Don’t miss these tips!

Solverwp- WordPress Theme and Plugin