Index
As this ebook edition doesn't have fixed pagination, the page numbers below are hyperlinked for reference only, based on the printed edition of this book.
A
Advanced Cluster Management (ACM)
Application Subscription model 287
cluster compliance 402
used, for provisioning new clusters 397-402
configuring, to send alerts 305
allocatable resources 29
Amazon Web Services (AWS) 41
API server
reference link 178
application
deploying, into multiple remote clusters 403, 404
application architects 65
application delivery model
Tekton and Agro CD, using 233
application developer 67
challenges 68
container platform 68
key responsibilities and duties 68
application life cycle management (ALM) 172
Application Performance Management (APM) 67
application programming interfaces (APIs) 172
applications
managing, with Red Hat ACM 286
Topology view 296
Application Subscription model 287
applications, deploying 290-293
channels 287
placement rules 288
subscriptions 289
application worker nodes 22
application workers 22
architecture-related skills 73
configuring, against multiple clusters 238, 239
definitions 240
Argo CD challenges 240
GitHub repository structure 240
Kubernetes manifests, templating 243
repository per environment 241, 242
secrets, managing 245
argocd CLI
installing 238
Argo CD deployment
image version, building 250-252
promoting, to production 258-261
to multiple clusters 262
Argo CD objects 245
applications 247
application syncing policies 248
application sync order 248
artificial intelligence (AI) 417
authentication (AuthN) 174, 175
access-control troubleshooting 177
authorization (AuthZ) 134, 174
RBAC permissions, configuring 176, 177
automation-related skills 73
B
balancing methods 92
bastion 83
BIND tool 83
Bitbucket 210
blogs
references, for OpenShift 419
bootstrap node 20
BusyBox 370
C
central processing unit (CPU) 132, 180
Cephfs 372
certificate authority (CA) 178
certificates chains, OpenShift
API server 178
etcd certificates 178
ingress 178
node certificates 178
certificate signing requests (CSRs) 113
CI/CD-related skills 74
cluster network 150
clusters
compliance 402
managing, with Red Hat ACM 275
provisioning, with Advanced Cluster Management 397-402
ClusterTriggerBinding 211
CNCF survey
reference link 8
CodeReady Containers (CRC) 190
download link 191
command-line interface (CLI) 18, 136
Common Expression Language (CEL)
reference link 211
computing 27
infrastructure nodes, sizing 28
master nodes, sizing 28
worker nodes, sizing 28
container image registry 263
SCCs 181
Container Network Interface (CNI) 150
container-related skills 74
containers
benefits 7
container security, factors
Container Storage Interface (CSI) 26
Continuous Delivery Foundation 192
Continuous Integration/Continuous Deployment (CI/CD) 66, 413
Control groups (Cgroups) 180
controller manager 18
controllers
reference link 18
control plane 18
CRI-O container runtime and container tools
reference link 21
CSI drivers 34
Custom Resource Definition (CRD) 120
D
database 18
dedicated clusters strategy 53
cons 54
pros 54
deployment logs 139
development-related skills 74
Development-security-operations (DevSecOps) 173
DevOps engineer 69
challenges 70
key responsibilities and duties 70
DevOps transformation 413
culture 413
pipelines and processes 413
practices 413
Domain Name System (DNS) 41, 83
Dynamic Host Configuration Protocol (DHCP) 41, 88, 90
E
Elastic Load Balancing (ELB) 41
Elasticsearch 31
emptyDir 35
enterprise architects 65
etcd 121
performance analysis 129
reference link 18
troubleshooting 123
etcd cluster 112
etcd encryption 179
etcd performance analysis 129
F
failed PipelineRun
fixing 228
Fluentd 31
Flux CD 233
G
GitHub 210
GitHub webhook
GitLab 210
GitOps 232
benefits 232
continuous delivery with 234
principles 232
used, for application deployment 249, 250
used, for deploying Java Quarkus application 388-390
Google Cloud Platform (GCP) 41
Grafana 32
Grand Unified Bootloader (GRUB) 99
group ID (GID) 181
H
HashiCorp research
reference link 6
Health Insurance Portability and Accountability Act (HIPAA) 346
Helm 243
Helm charts 314
high availability (HA) 22, 121
highly available cluster 22
hybrid cloud
challenges 6
characteristics 6
mitigations 6
public cloud challenges, mitigating 5
HyperText Transfer Protocol Secure (HTTPS) 182
I
identity provider (IdP) 133
IDG research
reference link 5
allowed, in OpenShift integration 175
image
checking, on Red Hat Quay 387, 388
image registry
Information Technology (IT) 18
infrastructure/cloud architects 65
infrastructure/cloud provider 39, 40
infrastructure nodes
sizing 28
infrastructure-related skills 73
infrastructure worker nodes 22
infrastructure workers 22
ingress certificate
reference link 178
ingress controller 162
ingress operator
working 162
ingress/router sharding 52
input/output operations per second (IOPS) 34, 130
installation modes, OpenShift
agnostic installer 26
full-stack automated 12
installer-provisioned infrastructure (IPI) 25, 26
pre-existing infrastructure 13
provider-agnostic 13
user-provisioned infrastructure (UPI) 26
installer-provisioned infrastructure (IPI) 25, 26, 100-105
integrated development environment (IDE) 173
Interceptors 210
internet access 41
Internet Protocol (IP) 40
in-tree volume plugins 33
istio-proxy sidecar 153
Istio service mesh 162
IT architect 65
challenges 66
container platform 67
key responsibilities and duties 65, 66
IT architect roles
application architects 65
enterprise architects 65
infrastructure/cloud architects 65
solution architects 65
J
Java Quarkus application
building, with OpenShift Pipelines 381-383
deploying, with GitOps 388, 390
deploying, with OpenShift Pipelines 388-390
K
Kibana 31
basics 414
certifications 415
example 414
URL 414
L
load balancers 41
M
machine learning (ML) 417
Managed by Machine Config Operator (MCO) 21
sizing 28
Mean Time Between Failures (MTBF) 63
Mean Time to Recovery (MTTR) 63
misleading error messages 143
ImagePullBackOff 143
Init*0/1 error message 144
MITRE ATT&CK 331
multicluster observability 299
AlertManager, configuring 306-308
AlertManager, configuring to send alerts 305
prerequisites 299
prerequisites, for enabling services 306
with Red Hat ACM 299
multiple clusters
managing 397
provisioning 397
multiple remote clusters
application, deploying into 403, 404
multiple tenants
handling 50
multitenancy, in OpenShift 50
checklist 58
enabling 50
ingress/router sharding 52
isolation, providing 50
namespaces 51
NetworkPolicy 52
nodeselector 52
ResourceQuotas 52
role-based access control 51
taints 52
tolerations 52
multi-tenant platform architecture 49
multi-tenant strategies 52
shared clusters, with dedicated worker nodes 55, 56
shared clusters, with no physical separation 54
shared cluster, with dedicated worker nodes and ingress controllers 56, 57
N
network address translation (NAT) 40
network considerations 40
DHCP 41
DNS 41
internet access 41
IPMI 41
load balancers 41
PXE 41
VPC/VNet 41
Network Graph 352
network policies 151
north-south traffic 151
NetworkPolicy 52
Network Policy Simulator 355
network traffic
controlling, options 153
node network 150
nodeselector 52
non-functional requirements (NFRs) 22
Non-Volatile Memory Express (NVMe) 34
Noobaa 372
O
okd
URL 9
online learning platforms
Cloud Academy 417
Cloud Guru 417
Pluralsight 417
references 417
Whizlabs 417
Open Demos 418
reference link 418
certificates 178
certifications 416
control plane, components 19
installation, preparing for 105
installation prerequisites 81, 82
managed cloud services 10
offerings 10
personas 62
self-managed solutions 12
skills matrix 72
training 416
OpenShift 4 101 workshop 418
reference link 418
OpenShift API server 19
OpenShift architecture
OpenShift authentication
reference link 177
OpenShift cluster
etcd 121
example 36
operators 120
recovery system 120
OpenShift Container Platform (OCP)
demo and workshop guide 417
OpenShift controller manager 19
OpenShift GitOps
argocd CLI, installing 238
prerequisites 234
OpenShift GitOps (Argo CD) 294-296
OpenShift infrastructure
components 39
OpenShift installation 110
phases 111
OpenShift installation phases
Bootstrap and control plane 112
certificates to sign, checking for 113
servers, provisioning 111, 112
OpenShift installation prerequisites 81, 82
command-line tools 108
configuration file (install-config.yaml) 108-110
installer binary 108
Installer-Provisioned Infrastructure (IPI) 100
SSH key pair 106
UPI/agnostic installer 82
OpenShift internal registry 34
components 32
OpenShift multi-cluster tools
OpenShift Plus 14
Red Hat Advanced Cluster Management for Kubernetes 13
Red Hat Advanced Cluster Security for Kubernetes 14
Red Hat Quay 14
OpenShift Open Authorization (OAuth) server and API 19
OpenShift Pipelines 192
prerequisites, for installation 194
used, for building Java Quarkus application 381-383
used, for deploying Java Quarkus application 388, 390
value preposition, benefits 373, 374
OpenShift-related skills 74
OpenShift SDN 150
Open vSwitch
OpenvSwitch (OvS) 40
operating system (OS) 179
Operator Lifecycle Manager (OLM) 196, 236, 270, 317
operator logs 139
Operator pattern
reference link 20
operators 120
ovs-multitenant network isolation mode 153
P
parameters 207
Payment Card Industry Data Security Standard (PCI DSS) 346
PersistentVolume 204
PersistentVolumeClaim 204
pipeline 193
pod logs 138
podman 370
Preparation Stuff Table 100
product documentation, OpenShift 419
reference link 419
professional roles (personas) 62
application developer 67
DevOps engineer 69
IT architect 65
security engineer 71
Site Reliability Engineer (SRE) 69
system/cloud/platform administrator 63
pruning 248
public cloud
benefits 5
challenges 4
Q
Quality Assurance (QA) 67
Quarkus 380
Quay operator
installation prerequisites 361
Red Hat Quay, deploying with 360
quorum 121
R
Raft Consensus Algorithm
reference link 22
Raft Distributed Consensus protocol 121
Raft protocol 22
random-access memory (RAM) 30
Red Hat Advanced Cluster Management (ACM) 266
governance feature, using 297-299
hub cluster 268
installation, prerequisites 268
managed cluster 268
multi-cluster observability 299
used, for managing applications 286
used, for managing clusters 275
Red Hat Advanced Cluster Security 314
configuration management 314-352
Network Policy Simulator 355, 357
vulnerability management 314-343
Red Hat Advanced Cluster Security, for Kubernetes 14
features 13
Red Hat Advanced Cluster Security, installation processs 314
prerequisites 315
Red Hat CodeReady Container
reference link 9
Red Hat Container Catalog 183
Red Hat UBI, limiting 184
Red Hat Developer portal 418
Red Hat Enterprise Linux CoreOS (RHCOS) 18
Red Hat Enterprise Linux (RHEL) 20, 21, 172
Red Hat Learning Subscription (RHLS)
reference link 417
Red Hat OpenShift Container Platform (OCP)
features 8
Red Hat OpenShift Data Foundation 22
Red Hat OpenShift Plus 314
deploying, with Quay operator 360
features, for image registry 360
using 369
certifications 412
skills paths 412
resource hooks
using 248
ResourceQuotas 52
role-based access control (RBAC) 72, 176
RoleBinding scope
Cluster RoleBinding 134
Local RoleBinding 134
roles 51
router sharding 162
routes 165
roxctl CLI 314
S
S2I
used, for building Java Quarkus application 381-383
scheduler 18
secured clusters 322
adding, on ACS Central 323-328
Secure Shell (SSH) 82
security checks
adding, in build and deployment process 390-393
failure 394
issues, fixing with Dockerfile 394-397
security context constraints (SCCs) 144, 181
security engineer 71
challenges 71
container platform 72
key responsibilities and duties 71
Security-Enhanced Linux (SELinux) 172
self-healing 248
server disks 34
shared cluster, with dedicated worker nodes and ingress controllers strategy 56
pros and cons 57
shared cluster, with dedicated worker nodes strategy 55
pros and cons 55
shared cluster, with no physical separation of resources strategy 54
pros and cons 54
single-tenant platform architecture 49
Site Reliability Engineer (SRE) 69, 412
challenges 70
key responsibilities and duties 70
skills matrix
architecture-related skills 73
automation-related skills 73
CI/CD-related skills 74
container-related skills 74
criteria 72
development-related skills 74
infrastructure-related skills 73
OpenShift-related skills 74
skills paths 412
DevOps transformation 412, 413
Software-Defined Network (SDN) 148
solid-state drive (SSD) 34, 130
solution architects 65
SSL certificates 42
Stackrox 314
storage 33
sizing 38
storage backends
CSI drivers 34
in-tree volume plugins 33
StorageClass 204
storage requirements 34
OpenShift internal registry 34
OpenShift Logging 35
server disks 34
storage workers 22
supported hypervisors, for Red Hat Enterprise Linux
reference link 13
system/cloud/platform administrator 63
challenges 64
container platform 64
key responsibilities and duties 63
T
taints 52
elements 200
benefits 192
components 193
concepts 193
Tekton Catalog 193
Tekton CLI 193
Tekton Hub 201
Tekton Operator 193
Tekton pipeline 193
creating 199
tasks, creating 200
Tekton Triggers 193
tenants 49
Test Driven Development (TDD) 68, 413
tested providers and integrations, with OpenShift
reference link 13
TestRun 203
tkn CLI
tolerations 52
trial options, by Red Hat
reference link 9
using, with GitHub webhooks 210-212
troubleshooting reference guide 136
deployment logs 139
events 137
oc CLI commands and options 141, 142
pod logs 138
pods, debugging 139
troubleshooting scenarios, etcd
Twitch
reference link, for OpenShift content 419
U
unique identifier (UID) 181
Universal Base Image (UBI) 173
UPI/agnostic installer 82
Domain Name System (DNS) 83-88
use case
user interface (UI) 18
user-provisioned infrastructure (UPI) 26, 81
V
virtual CPUs (vCPUs) 28
virtual machines (VMs) 38
W
webhook 211
worker nodes
sizing 28
application workers 22
infrastructure workers 22
storage workers 22
workspace 207
Y
YAML Ain’t Markup Language (YAML) 125, 182
YAML Lint tool 201
reference link 202
YouTube
reference link, for OpenShift content 419
Z
zero-touch provisioning (ZTP) 106