About Deploying Red Hat OpenShift on Oracle Cloud VMware Solution

Enterprises today have a “cloud-first” approach when deploying containerized applications in the Cloud.

The following options are available in Oracle Cloud to deploy containerized microservice applications to support customers’ application modernization journey.

• Oracle Cloud Infrastructure Container Engine for Kubernetes: A fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. Developers can reliably build, deploy, and manage cloud-native applications using the Kubernetes container engine.
• Red Hat OpenShift deployment on Oracle Cloud VMware Solution: Oracle Cloud VMware Solution provides a customer-managed, native VMware-based cloud environment, installed within a customer’s tenancy. It offers complete control using familiar VMware tools allowing you to build a resilient, reliable, and high-performance OpenShift implementation with Oracle Cloud VMware Solution.

  Oracle Cloud VMware Solution utilizes the well-known VMware vSphere SDDC components and offers the same experience to the customer.

Note:

This solution playbook focuses on Red Hat OpenShift 4.13 deployment on Oracle Cloud VMware Solution by providing general design guidelines and best practices that can deliver optimum performance, resiliency, and scalability to the containerized applications.

The solution consists of an Oracle Cloud VMware Solution and Red Hat OpenShift Container Platform to deliver the enterprise grade container solution that offers native integration with Container Storage Interface (CSI) and Container Network Interface (CNI) within the VMware infrastructure.

Oracle Cloud VMware Solution allows you to create and manage VMware enabled software-defined data centers (SDDCs) in OCI and offers core SDDC components like vSphere, vSAN and NSX-T. Oracle Cloud VMware Solution provides self-service provisioning with full administrative permissions including root access. Root access provides complete control over the entire hardware and software environment offering a similar experience of managing VMware environment on-premises. Oracle Cloud VMware Solution offers the following benefits:

• Full root level access to the VMware environment.
• Flexible compute and storage shapes meets all the various size workload demands.
• Available across all OCI regions.
• Native integration with OCI Cloud services.
• Use the same VMware and supported third-party tools, automation, container solutions, and so on with Oracle Cloud VMware Solution.

Description of the illustration oracle-cloud-vmware-solution.png

oracle-cloud-vmware-solution-oracle.zip

Oracle Cloud VMware Solution has two distinct deployment models using flexible compute shapes. The primary difference is storage technology used for deployment.

• Oracle Cloud VMware Solution with Dense I/O Shapes: This deployment model provides VMware vSAN as a primary storage option for SDDC workloads and can be deployed on Intel or AMD processors.
• Oracle Cloud VMware Solution with Standard Shapes: This deployment model provides the Oracle Cloud Infrastructure Block Volumes (OCI Block Volumes) as a primary storage option for SDDC workloads and can be deployed on Intel or AMD processors. For more details, see the OCI flexible standard shapes for Oracle Cloud VMware Solution link in the Explore More section.

Red Hat OpenShift Container Platform is a consistent hybrid cloud foundation for on-premises and public cloud workloads to deliver enterprise-grade container solution. It is a reliable application development and delivery platform that accelerates the application modernization journey for enterprises. Red Hat OpenShift provides the agility, speed, portability to developers for quick time to market for container-based mission-critical applications. Red Hat OpenShift offers fully automated installation and lifecycle management throughout the container stack that includes, operation systems, Kubernetes and cluster services.

Key Benefits

The following section describes the key benefits of deploying Red Hat OpenShift on Oracle Cloud VMware Solution categorised into different architecture pillars.

Security

• VMware NSX offered with Oracle Cloud VMware Solution provides the ability for micro-segregation at the container level, this is the best-of-breed security for containers.
• VMware vSphere provides the flexibility to run multiple worker nodes on the same physical server, meaning that the worker nodes with different security requirements can co-exist and offers greater resource utilization.

Networking

• VMware provides a Container Network Interface (CNI) plugin for NSX that offers native integration for Red Hat OpenShift Software-Defined networking, this means networking can automatically be set up as required.

Storage

• Oracle Cloud VMware Solution provides a Container Storage Interface (CSI) plugin for vSAN storage, which means storage can automatically be set up as required by offering flexibility for container storage operations.
• Oracle Cloud VMware Solution provides CSI for vSphere storage that is backed by OCI Block Volumes and allows seamless storage operations with Persistent Volumes.

Elasticity

• Oracle Cloud VMware Solution is a cloud-based solution and offers agility to scale the environment as business demands.
• The worker nodes in Red Hat OpenShift are virtual machines and can be provisioned on demand.

Performance

• Oracle Cloud VMware Solution offers the best possible network and storage performance by leveraging OCI resources.

Architecture

You can implement Red Hat OpenShift with Oracle Cloud VMware Solution using the following two different architecture options.

• Option 1: Red Hat OpenShift on Oracle Cloud VMware Solution with Dense I/O Shapes
• Option 2: Red Hat OpenShift on Oracle Cloud VMware Solution with Standard Shapes

Red Hat OpenShift on Oracle Cloud VMware Solution with Dense I/O Shapes

This architecture follows the Oracle Cloud VMware Solution deployment using OCI Bare Metal with Dense I/O Shapes that leverages the local NVMe drives from the Bare Metal server to provide VMware vSAN storage. This is an industry-certified architecture to offer full container storage integration capabilities for Red Hat OpenShift deployment.

The following diagram illustrates this architecture.

Description of the illustration ocvs-redhat-openshift-dense-io-shape.png

ocvs-redhat-openshift-dense-io-shape-oracle.zip

Oracle Cloud VMware Solution: A minimum of 3 nodes SDDC with DenseIO to manage the Red Hat OpenShift deployment.

• vSphere: Hypervisor installed on OCI Bare Metal. Also referred to as a VMware ESXi host.
• vSAN: A vSAN offers enterprise-grade storage capabilities for Red Hat Openshift infrastructure nodes and persistent volumes for containers. Persistent Volumes requested by stateful containerized applications can be provisioned on VMware vSAN.
• NSX Data Centre: VMware NSX-T Data Center™ provides advanced software-defined networking (SDN), security, and visibility to container environments that simplifies IT operations and extends native Red Hat OpenShift Container Platform networking capabilities.

Red Hat OpenShift Infrastructure Nodes: A minimum of 3 controllers and workers are required for Red Hat OpenShift infrastructure nodes.

• Control Plane or Controller Nodes: The control plane, which is composed of master machines, manages the Red Hat OpenShift Container Platform cluster. The control plane machines manage workloads on the compute machines, which are also known as worker machines.The controllers are deployed in the form of Virtual Machines in Oracle Cloud VMware Solution and connected to the NSX Overlay Segment for networking services. The controller VMs are placed in vSAN Storage.
• Worker Nodes: In a Kubernetes cluster, the worker nodes are where the actual workloads requested by Kubernetes users run and are managed. In Red Hat OpenShift Container Platform, MachineSets control the worker machines. Machines with the worker role drive compute workloads that are governed by a specific machine pool that autoscales them. The workers are deployed in the form of Virtual Machines in Oracle Cloud VMware Solution and connected to the NSX Overlay Segment for networking services. The worker VMs are placed in vSAN storage.

Note:

• Persistent Volumes created with vSAN storage support the following access modes.
  • ReadWriteOnce (RWO): The volume can be mounted as read-write by a single node.
  • ReadWriteMany (RWX): The volume can be mounted as read-write by many nodes. Note that vSAN File Share is required for RWX access mode.

  For more details about Persistent Volume storage and access modes, see the Understanding persistent storage link in the Explore More section.

Red Hat OpenShift on Oracle Cloud VMware Solution with Standard Shapes

This architecture follows the Oracle Cloud VMware Solution deployment using OCI Bare Metal (BM) with Standard Shapes that leverages OCI Block Volumes as a primary storage option for the Red Hat OpenShift infrastructure nodes.

The following diagram illustrates this architecture.

Description of the illustration ocvs-redhat-openshift-standard-shape.png

ocvs-redhat-openshift-standard-shape-oracle.zip

Oracle Cloud VMware Solution: A minimum of 3 nodes SDDC with Standard Shape to manage the Red Hat OpenShift deployment.

• vSphere: Hypervisor installed on OCI Bare Metal. Also referred to as a VMware ESXi host.
• OCI Block Volumes: OCI Block Volumes offers enterprise-grade storage capabilities for Red Hat OpenShift infrastructure nodes and persistent volumes for containers. Persistent Volumes requested by stateful containerized applications can be provisioned on OCI Block Volumes. The OCI Block Volume is presented as an iSCSI Datastore to the VMware platform.
• NSX Data Centre: VMware NSX-T Data Center™ provides advanced software-defined networking (SDN), security, and visibility to container environments that simplifies IT operations and extends native Red Hat OpenShift Container Platform networking capabilities.

Red Hat OpenShift Infrastructure Nodes: A minimum of 3 controllers and workers are required for Red Hat OpenShift infrastructure nodes.

• Control Plane or Controller Nodes: The control plane, which is composed of master machines, manages the Red Hat OpenShift Container Platform cluster. The control plane machines manage workloads on the compute machines, which are also known as worker machines. The controllers are deployed in the form of Virtual Machines in Oracle Cloud VMware Solution and connected to the NSX Overlay Segment for networking services. The controller VMs are placed on the dedicated VMware iSCSI datastores backed by OCI Block Volumes to deliver the optimum storage performance.
• Worker Nodes: In a Kubernetes cluster, the worker nodes are where the actual workloads requested by Kubernetes users run and are managed. In the Red Hat OpenShift Container Platform, MachineSets control the worker machines. Machines with the worker role drive compute workloads that are governed by a specific machine pool that autoscales them. The workers are deployed in the form of Virtual Machines in Oracle Cloud VMware Solution and connected to the NSX Overlay Segment for networking services. The worker VMs are placed on the dedicated VMware iSCSI datastores backed by OCI Block vVlumes to deliver optimum storage performance.

Note:

• OCI Block Volumes performance can be tuned for a flexible performance meter using Virtual Performance Unit (VPU) that can deliver needed Input/output operations per second (IOPS) and Throughputs for Red Hat OpenShift deployment on Oracle Cloud VMware Solution. The VPU on the OCI Block Volume can be tuned for various performance levels such as Balanced, High-Performance, and Ultra-Performance. For details on different performance levels, see the Block Performance Volume link in the Explore More section.
• Persistent Volumes created with iSCSI Block Storage support the ReadWriteOnce (RWO) access mode where the volume can be mounted as read-write by a single node.

  For more details about Persistent Volume storage and access modes, see the Understanding persistent storage link in the Explore More section.