OpenShift architecture

The OpenShift Container platform is both simple and complex when it comes to OpenShift components and overall architecture. It is complex in that it involves a lot of components interconnected with each other, but OpenShift is simple in the sense that all its components work independently of each other, and work seamlessly if something fails:

OpenShift and Kubernetes have most architecture components in common, such as:

• OpenShift masters
• OpenShift nodes
• Etcd as a key-value store

Components that are unique to OpenShift are:

• Router as ingress traffic control
• OpenShift Internal Registry

The following diagram describes the OpenShift container platform from an architectural point of view:

OpenShift is built on top of Docker and Kubernetes, sometimes referred to as Kubernetes++. In addition to the Docker and Kubernetes solution, OpenShift brings additional capabilities and features required to provide a stable and production-ready PaaS platform. These new capabilities and features are:

• Authentication: OpenShift has several built-in authentication methods to allow granular access to OpenShift projects:
  • Local authentication
  • LDAP authentication
  • Request header authentication
  • Keystone authentication
  • GitHub authentication
• Multi-tenancy: OpenShift's powerful functionalities allow granular multi-user and multi-project access control, a must-have feature for medium and large organizations that allows collaboration and access control for different groups.

• Internal Image Registry: OpenShift uses an internal registry to store images in OpenShift that are ready to be deployed on OpenShift nodes. It is also used for S2I builds.
• GUI and web console: OpenShift provides an easy-to-use web interface, powerful enough to create, build, deploy, update, and troubleshoot OpenShift projects and microservice applications running inside OpenShift.
• SCM Integration: OpenShift has built-in integration with Git. This solution is tightly coupled with an image builder.
• Image builders: Process that is used to transform image parameters or source code into a runnable image.
• CI/CD Integration: OpenShift provides very flexible integration with Jenkins for Continuous Integration and Continuous Delivery pipelines. It scales the pipeline execution through Jenkins provisioning in containers. This allows Jenkins to run as many jobs in parallel as required and scales solutions on demand out of the box.
• Additional Kubernetes resource extensions: There is a set of resources added to Kubernetes by OpenShift:
  • Deployment Configurations (DC): This is a set of pods created from the same container image.
  • Build Configurations (BC): Primarily used by S2I to build an image from source code in Git.
  • Routes: DNS hostname service used by the OpenShift router as an ingress point for OpenShift applications,
• REST API: In addition to the Kubernetes API, OpenShift provides its own API interface to leverage all the features of automation and seamless integration with external platforms, other automation frameworks, and DevOps solutions.