Redhat OpenShift Origin Community Day 2013

Redhat LogoI went to the Redhat OpenShift Origin Community Day in Mountain View today.

Redhat has a few offices on different floors at 444 Castro St., above the BofA branch. They have a nice training room and break room on the 11th floor with a great north-facing view of the South Bay, including the radio telescope and South SF area.

There was a full classroom of about 25 attendees.


Diane Mueller, Cloud Ecosystem Evangelist, “Introduction”

– OpenShift is the public PaaS operated by Redhat. It is free forever for 3 gears.
– Origin is the OpenShift source code, available to run from a VM or on your own servers as a private PaaS
– Redhat is working hard to build a community around Origin, and has thousands of users.
– a Linux container (LxC) is the combination of several linux features, including cgroup, selinux and iptables
– previously was the evangelist for ActiveState’s PaaS, Stackato

Krishna Raman, Redhat, “OpenShift and OpenStack”

a previous talk on YouTube

Krishna’s Github

Redhat developer, “OpenShift HA”

– currently HAproxy is used, but that introduces a SPOF
– OpenShift developers are looking for a new architecture.

Lightning Talks

David Strauss, Pantheon Systems, “Drupal8, Config. Mgmt. and OpenShift”

– David is a committer to systemd, FuseDAV and several other projects
– David operates a PaaS for Drupal and some other apps with paying clients called Pantheon Systems in SF with 22 employees
– instead of re-inventing 100% of cloud mgmt. tools, wants to build on top of Origin
– strong talk on cloud shared filesystems, and why he built his on FuseDAV with Cassandra for metadata
– glusterfs is ok for like 10 nodes and large files, not for a Drupal webscale system
– Neon is crappy, use libcurl – timeouts and edge-case behavior are very important in the cloud
– most fuse fs are single-threaded and crappy.

Pantheon on Facebook
David’s Github

Mrunal Patel, Redhat, “Cartridges”

– described differences between 1.0 and 2.0 cartridges
– talked about building your own cartridges
– root is not required or allowed for 2.0.

David Strauss, “Socket Activations”

– described process of getting a socket request and waking up a container
– takes less than 1 second worst case
– for dev/qa containers, users learn to expect the first request in the morning will take a second
– allows over-subscribing to 1000x or more.

David Strauss, “X509 PKI”

– in addition to public SSL certificates, self-signed client and server certificates are useful
– likes certificates because there’s no SPOF like kerberos, which needs a ticket server to be available
– client certificates can be copied, so you still need additional measures, like passwords, like always
– “slightly better security than plain HTTP” is still valuable for private communications, even if full authentication is not provided from a public CA

Krishna Raman, Redhat, “Libvert/Sandbox”

Follow Dan Walsh, Redhat Openshift programmer. Boston YouTube video, plus others.

Thanks to Redhat for organizing and hosting this event, and the free sandwiches, beer and pizza.

OpenShift Github

IRC: #openshift on
OpenShift Slideshare
Welcome to the OpenShift Origin Community with Diane Mueller
LxC Howto

This entry was posted in Cassandra, Cloud, Conferences, Linux, MySQL, Open Source, Storage, Tech. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.