Get Appointment

  • contact@wellinor.com
  • +(123)-456-7890

Blog & Insights

WP_Query Object ( [query] => Array ( [post_type] => post [showposts] => 8 [orderby] => Array ( [date] => DESC ) [autosort] => 0 [paged] => 0 ) [query_vars] => Array ( [post_type] => post [showposts] => 8 [orderby] => Array ( [date] => DESC ) [autosort] => 0 [paged] => 0 [error] => [m] => [p] => 0 [post_parent] => [subpost] => [subpost_id] => [attachment] => [attachment_id] => 0 [name] => [pagename] => [page_id] => 0 [second] => [minute] => [hour] => [day] => 0 [monthnum] => 0 [year] => 0 [w] => 0 [category_name] => [tag] => [cat] => [tag_id] => [author] => [author_name] => [feed] => [tb] => [meta_key] => [meta_value] => [preview] => [s] => [sentence] => [title] => [fields] => [menu_order] => [embed] => [category__in] => Array ( ) [category__not_in] => Array ( ) [category__and] => Array ( ) [post__in] => Array ( ) [post__not_in] => Array ( ) [post_name__in] => Array ( ) [tag__in] => Array ( ) [tag__not_in] => Array ( ) [tag__and] => Array ( ) [tag_slug__in] => Array ( ) [tag_slug__and] => Array ( ) [post_parent__in] => Array ( ) [post_parent__not_in] => Array ( ) [author__in] => Array ( ) [author__not_in] => Array ( ) [ignore_sticky_posts] => [suppress_filters] => [cache_results] => 1 [update_post_term_cache] => 1 [lazy_load_term_meta] => 1 [update_post_meta_cache] => 1 [posts_per_page] => 8 [nopaging] => [comments_per_page] => 50 [no_found_rows] => [order] => DESC ) [tax_query] => WP_Tax_Query Object ( [queries] => Array ( ) [relation] => AND [table_aliases:protected] => Array ( ) [queried_terms] => Array ( ) [primary_table] => wp_posts [primary_id_column] => ID ) [meta_query] => WP_Meta_Query Object ( [queries] => Array ( ) [relation] => [meta_table] => [meta_id_column] => [primary_table] => [primary_id_column] => [table_aliases:protected] => Array ( ) [clauses:protected] => Array ( ) [has_or_relation:protected] => ) [date_query] => [request] => SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'expired' OR wp_posts.post_status = 'tribe-ea-success' OR wp_posts.post_status = 'tribe-ea-failed' OR wp_posts.post_status = 'tribe-ea-schedule' OR wp_posts.post_status = 'tribe-ea-pending' OR wp_posts.post_status = 'tribe-ea-draft') ORDER BY wp_posts.post_date DESC LIMIT 0, 8 [posts] => Array ( [0] => WP_Post Object ( [ID] => 3176 [post_author] => 11 [post_date] => 2021-11-17 14:03:20 [post_date_gmt] => 2021-11-17 14:03:20 [post_content] =>

Listed below are some great events coming up that you should check out!

Red Hat Summit Connect - Minneapolis

12/2

Finally! An in person event. Come check out this day-long event with Red Hat in Minneapolis and catch up on what's new with Red Hat. There are a lot of great sessions on Ansible and OpenShift at this event. To register for the event and view the agenda visit the following link: https://www.redhat.com/en/summit/connect/minneapolis

AWS Re:Invent - Las Vegas & Virtual

11/29 - 12/3

This is the event of the year for the AWS ecosystem. If you're doing anything with AWS you're going to want to attend the event. Virtual passes for the event are free and breakout sessions are available to watch on-demand. Register here: https://reinvent.awsevents.com/register/

HashiCorp: Vault + Zero Trust Security - Virtual

12/16

Join HashiCorp for a zero-trust, identity-based security hands-on workshop. During this workshop, participants will learn about the HashiCorp security model which is predicated on the principle of identity-based access and security. In order for any machine or user to do anything, they must authenticate who or what they are, and their identity and policies define what they’re allowed to do. After an overview of zero-trust security, participants will go through a hands-on workshop of HashiCorp Vault. Register here: https://events.hashicorp.com/zero-trust-security-workshop-dec16

Microsoft Azure Virtual Training Day: DevOps with GitHub - Virtual

12/1 & 12/2

Never stop learning! Free 2-day virtual training with Microsoft. Some of the hands-on activities include:

  • Using GitHub to improve team collaboration and performance.
  • Integrating security and quality controls into automation, continuous integration and continuous delivery (CI/CD) pipelines, and runtime environments.
  • Implementing best practices to help remote development teams increase software resiliency.

To attend the event register at the following link: https://mktoevents.com/Microsoft+Event/302741/157-GQE-382

[post_title] => Keyva Winter Events [post_excerpt] => [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => keyva-winter-events [to_ping] => [pinged] => [post_modified] => 2021-11-17 14:04:06 [post_modified_gmt] => 2021-11-17 14:04:06 [post_content_filtered] => [post_parent] => 0 [guid] => https://keyvatech.com/?p=3176 [menu_order] => 1 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [1] => WP_Post Object ( [ID] => 3161 [post_author] => 11 [post_date] => 2021-08-19 17:45:28 [post_date_gmt] => 2021-08-19 17:45:28 [post_content] =>

Listed below are some great events coming up that you should check out!

MSP Ansible Meetup – local, in person meetup this Thursday, 8/19. Great opportunity to meet and talk shop with local Ansible users.

https://www.meetup.com/Ansible-Minneapolis/events/

Ansiblefest 2021 – 9/29 – 9/30: The yearly Ansible conference, online this year. Learn more at: https://www.redhat.com/en/events/ansiblefest-2021

Red Hat Automation for you, beginners… Aug 17th:

https://www.redhat.com/en/events/webinar/automation-for-you-beginners-experts-and-everyone-else

Shift Left Container Security 8/19 (AWS & McAfee) & Cloud Native Application Protection Workshop (8/26):

https://www.mcafee.com/enterprise/en-us/about/events/shift-left-security-event.html?did=ep_card&trk=ep_card

Microsoft Azure Virtual Training: Migrating on-prem infrastructure: 9/2 and 9/3:

https://mktoevents.com/Microsoft+Event/287240/157-GQE-382

Kong Summit – 9/27-9/29:

https://konghq.com/kong-summit/

Accelerating Digital Transformation (On Demand):

https://www.softwareintelligenceforum.com/2021?__hstc=25929826.ac96be39acb3a0a29924412974087157.1629125946338.1629125946338.1629125946338.1&__hssc=25929826.1.1629125946339&__hsfp=1865500357

Rancher Desktop: Kubernetes & Container Management: 8/18

https://more.suse.com/RancherAug2021OnlineMeetup.html

[post_title] => August & September Events 2021 [post_excerpt] => [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => august-september-events-2021 [to_ping] => [pinged] => [post_modified] => 2021-08-19 17:45:31 [post_modified_gmt] => 2021-08-19 17:45:31 [post_content_filtered] => [post_parent] => 0 [guid] => https://keyvatech.com/?p=3161 [menu_order] => 1 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [2] => WP_Post Object ( [ID] => 3107 [post_author] => 11 [post_date] => 2021-05-05 15:31:34 [post_date_gmt] => 2021-05-05 15:31:34 [post_content] =>

Spring is here and while we're all clamoring to get outside and enjoy some fresh air spring is also conference season and there are some great events you should check out. 

Red Hat Virtual Summit - 4/27-4/29

This is Red Hat's major yearly event. In happier time this event switches between coasts every other year, historically alternating between Boston and San Francisco. The event was held virtually last week, but if you missed it, no problem. You can register and view all of the great sessions and presentations on demand here:

https://www.redhat.com/en/summit

HashiCorp & Cisco 5/4:

Making application-centric infrastructure a reality with Cisco ACI and HashiCorp Consul 5/4: This is a  joint webinar between HashiCorp & Cisco and Highlights using Consul (a service mesh) with Cisco ACI. This is a good session for anyone interested in how these solutions can work well together in your environment. If you're interested register here:  

https://engage2demand.cisco.com/LP=26276?utm_source=WEBSITE&utm_medium=WEBINAR&utm_offer=WEBINAR&utm_content=HASHICORP

AWS Virtual Workshop: Cloud and Hybrid Operations Best Practices in a Modern Enterprise 5/10-14:

AWS hosts tons and tons of events every month. This workshop is especially relevant for anyone that is using AWS but would like to know more about best practices for hybrid operations. Register at the link below: https://pages.awscloud.com/AWS-Virtual-Workshop_2021_VW_s14-MGT.html?trk=ep_card-el_a134p000006vlZJAAY&trkCampaign=2021_VW_s14-MGT&sc_channel=el&sc_campaign=pac_Q2-2021_exlinks_events_VW_14&sc_outcome=Product_Adoption_Campaigns&sc_geo=NAMER&sc_country=mult

ServiceNow Knowledge 2021 5/11:

ServiceNow's Knowledge is the event to attend if you're interested in all things ServiceNow and Service Management. Like the other major conferences this one is virtual and free to attend this year. Register at the link below and build your session agenda.

https://knowledge.servicenow.com/

Achieving Security Goals with Vault and AWS 5/20:

We frequently work with our clients to evaluate what in-cloud services they should use vs cloud agnostic solutions like Vault. This session with AWS and HashiCorp details how to use Vault in conjunction with AWS services to achieve robust cloud security. Register at the link below:

https://www.brighttalk.com/webinar/achieving-security-goals-with-vault-and-aws/

 

Azure Webinar Series: K8s on Azure: Lessons from Real-World Deployments: 5/18

An upcoming webinar from Microsoft focused on real-world deployments of kubernetes workloads on Azure. This is a great opportunity to learn and ask your questions around deploying workloads into Azure.

https://info.microsoft.com/ww-landing-kubernetes-on-azure-lessons-from-real-world-deployments.html

[post_title] => May Virtual Events 2021 [post_excerpt] => [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => may-virtual-events-2021 [to_ping] => [pinged] => [post_modified] => 2021-05-05 16:13:34 [post_modified_gmt] => 2021-05-05 16:13:34 [post_content_filtered] => [post_parent] => 0 [guid] => https://keyvatech.com/?p=3107 [menu_order] => 1 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [3] => WP_Post Object ( [ID] => 3053 [post_author] => 11 [post_date] => 2021-02-15 20:46:50 [post_date_gmt] => 2021-02-15 20:46:50 [post_content] =>

Hey everyone! I hope you're staying warm through this historic cold snap. There's no better time than the present to stay indoors and check out some upcoming virtual tech events.

The first event I'd like to mention is coming up this Thursday, Feb 18th, 2021. It's the Open Source North Speaker Series. It's free to attend but you need to register in advance. Here's a look at this Thursday's speaker agenda:

Open Source North Speaker Series

Thursday, February 18, 12:00 - 1:00 PM CST

  • Jenna Pederson, AWS, Setting yourself up for failure: cultivating a culture where failure is celebrated
  • Jason Scherschligt, SDG, Making the shift: projects to products
  • Mark Sielaff, Facebook, Moving Fast and Delivering Quality
  • Todd Gardner, TrackJS, Observable Web Applications

For details on each presentation and speaker - AND TO REGISTER, please visit https://opensourcenorth.com/speaker-series

The next event I want to mention is an event coming up with the CTO of Kong , Marco Palladino.

Marco is a dynamic speaker and excellent CTO, always a fun, informative watch.

Kong - Automatic Observability With Service Mesh

Friday, February 26, 11:00 - 12:00 PM CT


In this session you'll learn how a service mesh can observe all of our traffic in new modern applications running on both Kubernetes and virtual machines.

Key takeaways:

  • Understanding the service mesh pattern and how it helps to modernize our applications out of the box.
  • A live demonstration of a service mesh to extract logs, metrics and traces from our service traffic and store it in Prometheus + Grafana, Jaeger and Elasticsearch.
  • Learning how to use the service mesh policies available in CNCF’s Kuma to enable observability in one click.

To register go here: Register Now

The last event I want to draw your attention to this month is focused on the OpenShift Developer Sandbox hosted by Red Hat DevNation during which you will create an account an OpenShift cluster and deploy a sample app. The dev cluster will be available for you to use thereafter for 14 days.

OpenShift Developer Sandbox

Thursday, February 18, 11:00 - 12:00 PM CST

Have you heard of the new OpenShift Developer Sandbox? Join this DevNation Tech Talk where you will be guided through the process of creating an account, creating/configuring your Developer Sandbox cluster, and deploying a sample application on OpenShift. Your OpenShift cluster will be available for your use for 14 days. If you've ever wanted to test out OpenShift, this is your chance to do it!

Produced by the Red Hat Developer team, DevNation Tech Talks are live discussions led by the Red Hat technologists who create our products. Sessions include real solutions and code to help you build with open source, plus sample projects, robust discussion, and live Q&A to help you get started.

Are you new to DevNation Tech Talks? See what you've missed.

To register for this event go here: Register for the OpenShift Sandbox Tech Talk

[post_title] => Upcoming Tech Events - February 2021 [post_excerpt] => [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => upcoming-tech-events-february-2021 [to_ping] => [pinged] => [post_modified] => 2021-02-15 20:46:53 [post_modified_gmt] => 2021-02-15 20:46:53 [post_content_filtered] => [post_parent] => 0 [guid] => https://keyvatech.com/?p=3053 [menu_order] => 1 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [4] => WP_Post Object ( [ID] => 3047 [post_author] => 11 [post_date] => 2021-01-27 16:46:39 [post_date_gmt] => 2021-01-27 16:46:39 [post_content] =>

In this post we'll briefly explore the history of the Opsware automation portfolio and talk about modern equivalents and replacements you should be considering.  

A Brief History of Opsware  

Let’s start with defining what we are talking about in today's blog. I'm focusing specifically on the IT datacenter automation software, namely: Cloud Service Automation (CSA), Server Automation (SA), Network Automation (NA), and Operations Orchestration (OO) - a product which once had the acronym HPOO… you can't make it up! 

If we allow ourselves to hop in the way back machine, the story starts with a Bay Area startup called Loudcloud which was founded by Ben Horowitz and Marc Andreesen in 1999. Loudcloud was an infrastructure and application hosting company and developed really cool management software to manage its clients' IT infrastructure. The company went public in 2001. In 2002 Loudcloud sold its managed services business to EDS. (Ed. note: EDS briefly became HP ES in an acquisition on its ultimate voyage into the sun and to a merger with CSC, the joint company becoming known as DXC Technology in 2017.) Loudcloud rebranded as an enterprise software company called Opsware that focused on developing and selling its IT datacenter lifecycle management software. In 2007 Opsware was acquired by HP Software. In 2017 HP sold the software business to Micro Focus. This software that Loudcloud / Opsware built back in the late 1990 / early 2000s is the aforementioned suite of automation software, specifically: Server Automation (System), Network Automation (System), and Process Automation (System) - all of which were rebranded slightly after the 2007 acquisition by HP Software.  

So other than exercising some knowledge on the history of the software, why mention all of this? It's because it is truly old tech. It's been upgraded and expanded and rewritten since the early days, but it is still that kind of old school top-down management interface for IT environments with more modern amenities like the ability to write automation in YAML stapled to the side of it. At their peak these software solutions were used to manage tens of thousands of operating systems, network devices, and to automate endpoints leveraging an agent-based architecture. And it wasn't cheap! Solutions like Server Automation, Operations Orchestration and other similar market offerings (anyone remember BMC Bladelogic, now TrueSight?) were closed-source and partially responsible for the explosion of enterprise open source software. Sales teams had a number back then, if your device count was smaller than that number they knew there was no business case for you to evaluate that type of software - you just couldn't get there. A good chunk of mid-market and large, but not large-enough, IT enterprises were left with no good enterprise automation solutions.  

What Else Is Out There? 

So what happens? People start looking for (and building) their own solutions in the mid-2000s. Open source solutions start getting community adoption and IT staff are able to go way beyond things like CFEngine and are starting to adopt solutions like Chef and Puppet and learn more modern languages like Ruby. Chef and Puppet provide an early example of how to build a userbase on open source software but quickly realize no one wants to suddenly pay for things they'd been previously given for free. Licensing models change, some products go open core and paywall subsequently developed features. Far more recently, that is, in the last 10 years (geez, I am getting old)open source software supporting modern software development and hybrid cloud architectures has become the standard. And if you find yourself in a traditional IT environment or at least one with some tech debt you're looking to retire, you really owe it to yourself to look at Ansible & Terraform.  

Red Hat Ansible & HashiCorp Terraform 

Ansible began life as an open source project in 2012. Automation is written in YAML, a simple scripting language that anyone can learn and it is an agentless architecture. Ansible was acquired by Red Hat in 2015, and to their great credit, Red Hat not only left Ansible core as open source, they went and open-sourced the enterprise version Ansible Tower (the community version of which is AWX)! Awesome move for the community. Due to the commitment to open source, Red Hat's market reach, and the extraordinarily simple-to-use scripting language YAML, usage of Ansible in enterprises of all sizes has skyrocketed. If you're not using it today, you're in luck, you're a simple web search and download from having an enterprise grade solution that really acts as a jack-of-all-trades for endpoint configuration regardless of operating system running on the target. It's been used quite successfully for years at very large scale in organizations of every size.  

HashiCorp Terraform launched in the community in 2014. It has since seen massive growth as an open source project and as both SaaS-based and on-premise enterprise software solutions. Terraform is an extremely powerful tool which enables infrastructure-as-code use cases. Terraform manages external resources using what it calls providers and gives the end-user the ability to declare the end-state configuration leveraging those external providers. This declarative architecture allows for highly modular, scalable, and reusable code to configure highly complex end points, platform-as-a-service, etc.  

In practice, we see Ansible + Terraform being used in concert with code release processes as well as being front-ended by service catalogs like ServiceNow to enable a limitless variety of push button IT capabilities. Please contact us If you'd like to learn more about using Ansible or Terraform .

[post_title] => Are There Any Alternatives to HP Software / Micro Focus Automation Tools? [post_excerpt] => [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => are-there-any-alternatives-to-hp-software-micro-focus-automation-tools [to_ping] => [pinged] => [post_modified] => 2021-03-12 20:26:29 [post_modified_gmt] => 2021-03-12 20:26:29 [post_content_filtered] => [post_parent] => 0 [guid] => https://keyvatech.com/?p=3047 [menu_order] => 1 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [5] => WP_Post Object ( [ID] => 2952 [post_author] => 7 [post_date] => 2020-10-21 16:24:17 [post_date_gmt] => 2020-10-21 16:24:17 [post_content] =>

By Brad Johnson, Lead DevOps Engineer

Continuing from 'Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part I)', we are going to install OpenShift Cluster in this section. We are going to use a public Route53 domain name for our install.

If you wish to create a private cluster then you will need to do a bit more setup. See the following pages for more information on creating a private cluster that does not require DNS. The first page has the RedHat solution on the install-config program not supporting private clusters and contains an install config yaml file to use instead of the install-config command.

https://access.redhat.com/solutions/5158831

https://access.redhat.com/sites/default/files/attachments/aws-internal-install-config.yml

This page has more info on the install process and limitations of private clusters:
https://docs.openshift.com/container-platform/4.5/installing/installing_aws/installing-aws-private.html

First create the install-config yaml file and back it up as it is consumed by manifest creation.
Note: from here out all commands are run from the openshift_windows_cluster directory unless otherwise stated.

$ mkdir ~/openshift_windows_cluster && cd ~/openshift_windows_cluster

$ openshift-install create install-config
? Platform aws
INFO Credentials loaded from the "default" profile in file "/home/ec2-user/.aws/credentials"
? Region us-east-2
? Base Domain example.com
? Cluster Name win-test-cluster
? Pull Secret [? for help] (Paste your Pull Secret from the Red Hat web site or text file you downloaded)

$ sed -i 's/OpenShiftSDN/OVNKubernetes/g' install-config.yaml

$ cp -p install-config.yaml install-config.yaml.backup

Now we can create the manifest files and set up the OVN CNI settings:

$ openshift-install create manifests
INFO Credentials loaded from the "default" profile in file "/home/ec2-user/.aws/credentials"
INFO Consuming Install Config from target directory

$ cp -p manifests/cluster-network-02-config.yml manifests/cluster-network-03-config.yml

$ vi manifests/cluster-network-03-config.yml

The important things to change in this file are the apiVersion and defaultNetwork settings. It is important that the hybrid cluster network CIDR does not overlap with the cluster network CIDR. If you are following this guide exactly you can use this our network config file.

Here are the contents of our manifests/cluster-network-03-config.yml file:

apiVersion: operator.openshift.io/v1
kind: Network
metadata:
  creationTimestamp: null
  name: cluster
spec:
  clusterNetwork:
  - cidr: 10.128.0.0/14
    hostPrefix: 23
  externalIP:
    policy: {}
  networkType: OVNKubernetes
  serviceNetwork:
  - 172.30.0.0/16
  defaultNetwork:
    type: OVNKubernetes
    ovnKubernetesConfig:
      hybridOverlayConfig:
        hybridClusterNetwork:
        - cidr: 10.132.0.0/14
          hostPrefix: 23
status: {}

Creation of the Cluster

With those files in place we can now create the cluster. Take a coffee break, this will take around 30 minutes to complete.

$ openshift-install create cluster
INFO Consuming Openshift Manifests from target directory
INFO Consuming Worker Machines from target directory
INFO Consuming Master Machines from target directory
INFO Consuming OpenShift Install (Manifests) from target directory
INFO Consuming Common Manifests from target directory
INFO Credentials loaded from the "default" profile in file "/home/ec2-user/.aws/credentials"
INFO Creating infrastructure resources...
INFO Waiting up to 20m0s for the Kubernetes API at https://api.win-test-cluster.example.com:6443...
INFO API v1.18.3+5302882 up
INFO Waiting up to 40m0s for bootstrapping to complete...
INFO Destroying the bootstrap resources...
INFO Waiting up to 30m0s for the cluster at https://api.win-test-cluster.example.com:6443 to initialize...
I1015 22:40:12.502855 1042 trace.go:116] Trace[1959950141]: "Reflector ListAndWatch" name:k8s.io/client-go/tools/watch/informerwatcher.go:146 (started: 2020-10-15
22:39:55.810110164 +0000 UTC m=+886.539985514) (total time: 16.692708687s):
Trace[1959950141]: [16.692655552s] [16.692655552s] Objects listed

INFO Waiting up to 10m0s for the openshift-console route to be created...
INFO Install complete!
INFO To access the cluster as the system:admin user when using 'oc', run 'export KUBECONFIG=/home/ec2-user/openshift_windows_cluster/auth/kubeconfig'
INFO Access the OpenShift web-console here: https://console-openshift-console.apps.win-test-cluster.example.com
INFO Login to the console with user: "kubeadmin", and password: "XXXXX-XXXXX-XXXXX-XXXXX"
INFO Time elapsed: 30m48s

Now you can run the export command and start using oc commands.

$ export KUBECONFIG=/home/ec2-user/openshift_windows_cluster/auth/kubeconfig
$ oc get nodes
NAME STATUS ROLES AGE VERSION
ip-10-0-128-115.us-east-2.compute.internal Ready master 1h v1.18.3+970c1b3
ip-10-0-150-141.us-east-2.compute.internal Ready worker 1h v1.18.3+970c1b3
ip-10-0-161-110.us-east-2.compute.internal Ready worker 1h v1.18.3+970c1b3
ip-10-0-186-69.us-east-2.compute.internal Ready master 1h v1.18.3+970c1b3
ip-10-0-201-57.us-east-2.compute.internal Ready master 1h v1.18.3+970c1b3
ip-10-0-220-129.us-east-2.compute.internal Ready worker 1h v1.18.3+970c1b3
$ oc version
Client Version: 4.5.14
Server Version: 4.5.14
Kubernetes Version: v1.18.3+5302882

To verify you have the proper network running you can run this command:

 $ oc get network.operator cluster -o yaml

Look at the spec section of the yaml output. It should look like this.

spec:
  clusterNetwork:
  - cidr: 10.128.0.0/14
    hostPrefix: 23
  defaultNetwork:
    ovnKubernetesConfig:
      hybridOverlayConfig:
        hybridClusterNetwork:
        - cidr: 10.132.0.0/14
          hostPrefix: 23
    type: OVNKubernetes
serviceNetwork:
- 172.30.0.0/16


Bootstrapping the Windows Worker Nodes

If you already have an SSH keypair in AWS you can use that, if not you can generate a new one with the steps below. Note that you cannot use a key with a passphrase for Windows machines.

$ ssh-keygen -t rsa -b 4096 -N "" -C "example-key" -f ~/.ssh/example-key

$ aws --region us-east-2 ec2 import-key-pair --key-name "example-key" --public-key-material file://$HOME/.ssh/example-key.pub

Now we need to download the Windows node bootstrapper and create our Windows nodes. This will take about 5 minutes to run.

See this page for the latest releases: https://github.com/openshift/windows-machine-config-bootstrapper/releases

See this page for more info on wni: https://github.com/openshift/windows-machine-config-bootstrapper/tree/master/tools/windows-node-installer

Note: Due to a bug in the Intel 82599 network adapter used in most Intel based instances that causes issues with overlay networks, we suggest using AMD based instances like m5a.large

$ wget https://github.com/openshift/windows-machine-config-bootstrapper/releases/download/v4.5.2-alpha/wni -O ~/bin/wni

$ chmod +x ~/bin/wni && mkdir windowsnodeinstaller

$ wni aws create --kubeconfig $KUBECONFIG --credentials ~/.aws/credentials --credential-account default --instance-type m5a.large --ssh-key example-key --private-key ~/.ssh/example-key --dir ./windowsnodeinstaller/
2020/10/16 20:05:13 kubeconfig source: /home/ec2-user/openshift_windows_cluster/auth/kubeconfig
2020/10/16 20:05:14 Added rule with port 5986 to the security groups of your local IP
2020/10/16 20:05:14 Added rule with port 22 to the security groups of your local IP
2020/10/16 20:05:14 Added rule with port 3389 to the security groups of your local IP
2020/10/16 20:05:14 Using existing Security Group: sg-0123456789012345
2020/10/16 20:09:41 External IP: 4.138.182.84
2020/10/16 20:09:41 Internal IP: 10.0.42.50

After creating the node we can get the login info and run Ansible to finish node setup.

See this page for more information: https://github.com/openshift/windows-machine-config-bootstrapper/tree/master/tools/ansible

Get the Windows node Instance ID from the json file and get the Windows Administrator password. This password can also be used for RDP.

$ cat windowsnodeinstaller/windows-node-installer.json
{"InstanceIDs":["i-0123456789012345"],"SecurityGroupIDs":["sg-0123456789012345"]}

$ aws ec2 get-password-data --instance-id i-0123456789012345 --priv-launch-key ~/.ssh/example-key

Ansible Windows Node Finalization

Now we need to create an Ansible inventory file.

 $ vi inventory.ini

Your file should look like this, with your Windows node password and node address. Be sure to put the password in single quotes and set the cluster address to match the name of your cluster and private IP to match your node as well.

[win]
4.138.182.84 ansible_password='YOURWINDOWSNODEPASSWORDHERE' private_ip=10.0.42.50

[win:vars]
ansible_user=Administrator
cluster_address=win-test-cluster.example.com
ansible_connection=winrm
ansible_ssh_port=5986
ansible_winrm_server_cert_validation=ignore

Verify Ansible connectivity with this command and look for SUCCESS in the output:

$ ansible win -i inventory.ini -m win_ping
4.138.182.84 | SUCCESS => {
"changed": false,
"ping": "pong"
}

Clone the Windows Machine Config Bootstrapper repo and run the ansible playbook against the node:

$ git clone https://github.com/openshift/windows-machine-config-bootstrapper.git

$ ansible-playbook -v -i inventory.ini windows-machine-config-bootstrapper/tools/ansible/tasks/wsu/main.yaml

This will produce a lot of output and take 10 minutes or so. In the end you should see the Play Recap. As long as 'failed=0' then everything should be good.

To check the node is good and working in the cluster run this command:

$ oc get nodes -o wide -l kubernetes.io/os=windows
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
ip-10-0-42-50.us-east-2.compute.internal Ready worker 29m v1.18.3 10.0.42.50 3.138.182.84 Windows Server 2019 Datacenter 10.0.17763.1518 docker://19.3.12

At this point you should use RDP to connect to the Windows worker node using the Administrator user and the password you pulled earlier. Just add the Windows Worker Node to a security group allowing RDP and then open a connection. After logging in start a powershell session with admin rights and run 'docker ps'.

Deploy a Windows sample application:

$ oc create -f https://raw.githubusercontent.com/keyvatech/blog_files/master/kubernetes_windows_web_server.yaml -n default


You can check it is running in OpenShift with this command:

$oc rollout status deployment win-webserver -n default
deployment "win-webserver" successfully rolled out

On Windows docker output should look like this:

PS C:\Users\Administrator> docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
09c8bbd2a7e8 mcr.microsoft.com/windows/servercore "powershell.exe -com…" 13 minutes ago Up 13 minutes k8s_windowswebserver_win-webserver-85b49f8677-cgqkq_default_01fe28db-5ae7-4ead-8e84-5d9d5cd2cb01_0
52d42f33de9d mcr.microsoft.com/k8s/core/pause:1.2.0 "cmd /S /C 'cmd /c p…" 16 minutes ago Up 16 minutes k8s_POD_win-webserver-85b49f8677-cgqkq_default_01fe28db-5ae7-4ead-8e84-5d9d5cd2cb01_0

If you have any issues try waiting 15 minutes and then redeploying with one of the following commands:

$ oc rollout restart deployment/win-webserver
$ oc rollout retry deployment/win-webserver

To look at logs for the container, do this:

$ oc get pods
NAME READY STATUS RESTARTS AGE
win-webserver-564d75c5f7-l4kk2 1/1 Running 0 96s
$ oc logs win-webserver-564d75c5f7-l4kk2
Listening at http://*:80/

After the application is up and running DNS will take up to 5 minutes to populate. So if this doesn't work try again. Check the service is up and running by getting the external IP for the service and curling it.

$ oc get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 172.30.0.1 <none> 443/TCP 23h
openshift ExternalName <none> kubernetes.default.svc.cluster.local <none> 23h
win-webserver LoadBalancer 172.30.88.146 a038a9aa4571f4a7cafaf15ebf7ae270-23672059.us-east-2.elb.amazonaws.com 80:32601/TCP 35m
$ curl a038a9aa4571f4a7cafaf15ebf7ae270-23672059.us-east-2.elb.amazonaws.com
<html><body><H1>Windows Container Web Server</H1></body></html>

Deleting the Cluster

If you're all done and want to tear down here are the commands:

$ wni aws destroy --kubeconfig $KUBECONFIG --credentials ~/.aws/credentials --credential-account default --dir ./windowsnodeinstaller/

$ openshift-install destroy cluster

If you have any questions about the steps documented here, or have any feedback or requests, please let us know at info@keyvatech.com.

[post_title] => Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part II) [post_excerpt] => [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => creating-an-openshift-cluster-in-aws-with-windows-worker-nodes-part-ii [to_ping] => [pinged] => [post_modified] => 2020-10-21 16:24:23 [post_modified_gmt] => 2020-10-21 16:24:23 [post_content_filtered] => [post_parent] => 0 [guid] => https://keyvatech.com/?p=2952 [menu_order] => 9 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [6] => WP_Post Object ( [ID] => 2934 [post_author] => 7 [post_date] => 2020-10-20 10:46:46 [post_date_gmt] => 2020-10-20 10:46:46 [post_content] =>

By Brad Johnson, Lead DevOps Engineer

This guide covers how to set up an OpenShift cluster in AWS with Windows worker nodes. Because this requires the OVN Kubernetes container network interface you can not simply add Windows nodes to existing clusters. Please also understand that this functionality is still considered to be preview or beta from Red Hat is not supported in production environments at this time. This functionality also requires using OpenShift 4.4 or later, we tested this using OpenShift 4.5, which was the latest when this was published.

Requirements:
- Ansible 2.9+
- Python 3
- Python winrm module
- AWS CLI
- OpenShift 4.4+
- OC CLI 4.4+
- GIT
- AWS IAM User with programmatic access key and AdministratorAccess policy attached

Environment Setup:
If you don't have an environment that meets the above specs then create an EC2 instance with Amazon Linux 2.
I used a t2.micro instance and a security group allowing SSH on port 22. This environment already has the AWS CLI set up. During my run I only needed 4GB total disk space so the default disk size is fine.

After the instance is launched, SSH to the new VM as 'ec2-user' using your keyfile.
Run the following commands to set up python pre-reqs:

$ sudo yum install python3 python3-pip git
$ pip3 install --user pywinrm ansible

Navigate to https://cloud.redhat.com/openshift/install/aws/installer-provisioned and log in with your Red Hat account. This page provides links to the latest installer and CLI. You will also need to download your pull secret from here. These are correct as of Oct 2020, however if you have an issue, please use the links on the latest page from Red Hat.

Download OpenShift CLI and Installer and place the binaries in the $PATH. Note: /home/ec2-user/bin is in the default of $PATH on AMZ Linux 2 and openshift-client also contains a kubectl binary.

$ cd ~

$ wget https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/openshift-client-linux.tar.gz

$ mkdir bin && tar -xvf openshift-client-linux.tar.gz --directory bin && mv bin/README.md ~/openshift-client-README.md

$ wget https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/openshift-install-linux.tar.gz

$ tar -xvf openshift-install-linux.tar.gz --directory bin && mv bin/README.md ~/openshift-install-README.md

Check the versions of the pre-reqs. Here is the output from when I tested this example as well.

$ ansible --version
ansible 2.10.2
config file = None
configured module search path = ['/home/ec2-user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/ec2-user/.local/lib/python3.7/site-packages/ansible
executable location = /home/ec2-user/.local/bin/ansible
python version = 3.7.9 (default, Aug 27 2020, 21:59:41) [GCC 7.3.1 20180712 (Red Hat 7.3.1-9)]

$ aws --version
aws-cli/1.18.107 Python/2.7.18 Linux/4.14.193-149.317.amzn2.x86_64 botocore/1.17.31

$ oc version
Client Version: 4.5.14

$ openshift-install version
openshift-install 4.5.14
built from commit 9893a482f310ee72089872f1a4caea3dbec34f28
release image quay.io/openshift-release-dev/ocp-release@sha256:95cfe9273aecb9a0070176210477491c347f8e69e41759063642edf8bb8aceb6

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.2-0-g52c56ce", GitCommit:"d7f3ccf9a5bdc96ba92e31526cf014b3de4c46aa", GitTreeState:"clean", BuildDate:"2020-09-16T15:25:59Z", GoVersion:"go1.13.4", Compiler:"gc", Platform:"linux/amd64"}

$ pip3 freeze
ansible==2.10.1
ansible-base==2.10.2
certifi==2020.6.20
cffi==1.14.3
chardet==3.0.4
cryptography==3.1.1
idna==2.10
Jinja2==2.11.2
MarkupSafe==1.1.1
ntlm-auth==1.5.0
packaging==20.4
pycparser==2.20
pyparsing==2.4.7
pywinrm==0.4.1
PyYAML==5.3.1
requests==2.24.0
requests-ntlm==1.1.0
six==1.15.0
urllib3==1.25.10
xmltodict==0.12.0

$ pip3 show pywinrm
Name: pywinrm
Version: 0.4.1
Summary: Python library for Windows Remote Management
Home-page: http://github.com/diyan/pywinrm/
Author: Alexey Diyan
Author-email: alexey.diyan@gmail.com
License: MIT license
Location: /home/ec2-user/.local/lib/python3.7/site-packages
Requires: xmltodict, requests, requests-ntlm, six


Configure the AWS and the AWS CLI

You will need an AWS IAM user with a programmatic access key and the AdministratorAccess policy attached. You will also need to set up Route53 for a public cluster, but this is not reqiured, if you wish to create a private cluster see our steps below.
See this page for information on setting up your AWS account. https://docs.openshift.com/container-platform/4.5/installing/installing_aws/installing-aws-account.html

If you need information on names for availability zones you can run one of the following commands.
Be sure you are using a region supported by RedHat for Openshift on the AWS.

$ aws ec2 describe-regions
$ aws ec2 describe-availability-zones --region us-east-2
$ aws ec2 describe-availability-zones --all-availability-zones

Run these commands to set up the AWS CLI

$ aws configure
AWS Access Key ID [None]: YOURACCESSKEYID
AWS Secret Access Key [None]: YOURSECRETACCESSKEY
Default region name [None]: us-east-2
Default output format [None]: json

We are now ready to set up the OpenShift Cluster. Please go to 'Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part II)'.

  1.  

Helpful links: 

https://cloud.redhat.com/openshift/install/

If you are interested in deploying Windows worker nodes with Rancher,  please see our post here.

If you have any questions about the steps documented here, or have any feedback or requests, please let us know at info@keyvatech.com.

[post_title] => Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part I) [post_excerpt] => [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => creating-an-openshift-cluster-in-aws-with-windows-nodes [to_ping] => [pinged] => [post_modified] => 2020-10-20 10:46:49 [post_modified_gmt] => 2020-10-20 10:46:49 [post_content_filtered] => [post_parent] => 0 [guid] => https://keyvatech.com/?p=2934 [menu_order] => 9 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [7] => WP_Post Object ( [ID] => 2931 [post_author] => 11 [post_date] => 2020-10-12 14:25:37 [post_date_gmt] => 2020-10-12 14:25:37 [post_content] =>

AnsibleFest 2020 digital event kicks off today. The event runs from Oct 13th – Oct 14th. You can find the detailed agenda for this event here – https://www.ansible.com/ansiblefest 

The event features a number of talk sessions and talk tracks, as well as live demos and Q&As. Red Hat Ansible is regarded as the de-facto standard for open source automation and orchestration. Red Hat Ansible Tower – the enterprise version of community Ansible – provides support for clustered architecture, enterprise level support from Red Hat, and other enterprise features. Ansible is used by a large number of organizations to implement use cases like infrastructure-as-code, platform as a service, DevSecOps automation and more. Leveraging one of Keyva's integrations like ServiceNow App for Red Hat Ansible Tower, and ServiceNow App for Red Hat OpenShift, you can also tie back automated remediations with your IT Service Management systems. 

Keyva has strategic partnership with Red Hat, and Keyva provides services and offerings around community and enterprise versions of Red Hat Ansible and OpenShift. You can check out some of those offerings here - https://keyvatech.com/red-hat/ or can always reach our team at: info@keyvatech.com to request additional information.  

[post_title] => Red Hat AnsibleFest 2020 [post_excerpt] => [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => red-hat-ansiblefest-2020 [to_ping] => [pinged] => [post_modified] => 2021-03-04 20:48:51 [post_modified_gmt] => 2021-03-04 20:48:51 [post_content_filtered] => [post_parent] => 0 [guid] => https://keyvatech.com/?p=2931 [menu_order] => 0 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) ) [post_count] => 8 [current_post] => -1 [in_the_loop] => [post] => WP_Post Object ( [ID] => 3176 [post_author] => 11 [post_date] => 2021-11-17 14:03:20 [post_date_gmt] => 2021-11-17 14:03:20 [post_content] =>

Listed below are some great events coming up that you should check out!

Red Hat Summit Connect - Minneapolis

12/2

Finally! An in person event. Come check out this day-long event with Red Hat in Minneapolis and catch up on what's new with Red Hat. There are a lot of great sessions on Ansible and OpenShift at this event. To register for the event and view the agenda visit the following link: https://www.redhat.com/en/summit/connect/minneapolis

AWS Re:Invent - Las Vegas & Virtual

11/29 - 12/3

This is the event of the year for the AWS ecosystem. If you're doing anything with AWS you're going to want to attend the event. Virtual passes for the event are free and breakout sessions are available to watch on-demand. Register here: https://reinvent.awsevents.com/register/

HashiCorp: Vault + Zero Trust Security - Virtual

12/16

Join HashiCorp for a zero-trust, identity-based security hands-on workshop. During this workshop, participants will learn about the HashiCorp security model which is predicated on the principle of identity-based access and security. In order for any machine or user to do anything, they must authenticate who or what they are, and their identity and policies define what they’re allowed to do. After an overview of zero-trust security, participants will go through a hands-on workshop of HashiCorp Vault. Register here: https://events.hashicorp.com/zero-trust-security-workshop-dec16

Microsoft Azure Virtual Training Day: DevOps with GitHub - Virtual

12/1 & 12/2

Never stop learning! Free 2-day virtual training with Microsoft. Some of the hands-on activities include:

  • Using GitHub to improve team collaboration and performance.
  • Integrating security and quality controls into automation, continuous integration and continuous delivery (CI/CD) pipelines, and runtime environments.
  • Implementing best practices to help remote development teams increase software resiliency.

To attend the event register at the following link: https://mktoevents.com/Microsoft+Event/302741/157-GQE-382

[post_title] => Keyva Winter Events [post_excerpt] => [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => keyva-winter-events [to_ping] => [pinged] => [post_modified] => 2021-11-17 14:04:06 [post_modified_gmt] => 2021-11-17 14:04:06 [post_content_filtered] => [post_parent] => 0 [guid] => https://keyvatech.com/?p=3176 [menu_order] => 1 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [comment_count] => 0 [current_comment] => -1 [found_posts] => 70 [max_num_pages] => 9 [max_num_comment_pages] => 0 [is_single] => [is_preview] => [is_page] => [is_archive] => [is_date] => [is_year] => [is_month] => [is_day] => [is_time] => [is_author] => [is_category] => [is_tag] => [is_tax] => [is_search] => [is_feed] => [is_comment_feed] => [is_trackback] => [is_home] => 1 [is_privacy_policy] => [is_404] => [is_embed] => [is_paged] => [is_admin] => [is_attachment] => [is_singular] => [is_robots] => [is_favicon] => [is_posts_page] => [is_post_type_archive] => [query_vars_hash:WP_Query:private] => c5f8786ab4150007f777a5c4c925f836 [query_vars_changed:WP_Query:private] => [thumbnails_cached] => [stopwords:WP_Query:private] => [compat_fields:WP_Query:private] => Array ( [0] => query_vars_hash [1] => query_vars_changed ) [compat_methods:WP_Query:private] => Array ( [0] => init_query_flags [1] => parse_tax_query ) [tribe_is_event] => [tribe_is_multi_posttype] => [tribe_is_event_category] => [tribe_is_event_venue] => [tribe_is_event_organizer] => [tribe_is_event_query] => [tribe_is_past] => )
November 17, 2021

Keyva Winter Events

Listed below are some great events coming up that you should check out! Red Hat Summit Connect – Minneapolis 12/2 Finally! An in person event. Come check out this day-long event with Red Hat in Minneapolis and ...
Read more
August 19, 2021

August & September Events 2021

Listed below are some great events coming up that you should check out! MSP Ansible Meetup – local, in person meetup this Thursday, 8/19. Great opportunity to meet and talk shop with local Ansible users. https://www.meetup.com/Ansible-Minneapolis/events/ Ansiblefest ...
Read more
May 5, 2021

May Virtual Events 2021

Spring is here and while we’re all clamoring to get outside and enjoy some fresh air spring is also conference season and there are some great events you should check out.  Red Hat Virtual Summit – 4/27-4/29 ...
Read more
man looking down at mobile phone in his hand while women sits next to him looking at a laptop in front of her
February 15, 2021

Upcoming Tech Events – February 2021

Hey everyone! I hope you’re staying warm through this historic cold snap. There’s no better time than the present to stay indoors and check out some upcoming virtual tech events. The first event I’d like to mention ...
Read more
January 27, 2021

Are There Any Alternatives to HP Software / Micro Focus Automation Tools?

In this post we’ll briefly explore the history of the Opsware automation portfolio and talk about modern equivalents and replacements you should be considering.   A Brief History of Opsware   Let’s start with defining what we are talking ...
Read more
code displayed on computer monitor
October 21, 2020

Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part II)

By Brad Johnson, Lead DevOps Engineer Continuing from ‘Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part I)‘, we are going to install OpenShift Cluster in this section. We are going to use a public Route53 ...
Read more
code displayed on computer monitor
October 20, 2020

Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part I)

By Brad Johnson, Lead DevOps Engineer This guide covers how to set up an OpenShift cluster in AWS with Windows worker nodes. Because this requires the OVN Kubernetes container network interface you can not simply add Windows ...
Read more
Red Hat Ansible
October 12, 2020

Red Hat AnsibleFest 2020

AnsibleFest 2020 digital event kicks off today. The event runs from Oct 13th – Oct 14th. You can find the detailed agenda for this event here – https://www.ansible.com/ansiblefest  The event features a number of talk sessions and talk tracks, as well ...
Read more