►
From YouTube: OpenShift Administrator’s Office Hour (Ep 5)
Description
Join Andrew Sullivan, Chris Short, and the occasional special guest for an hour designed specifically to help the OpenShift admins out there. Come with your questions, leave with solutions.
A
Hello
good
morning,
good
afternoon
good
evening
and
welcome
to
another
edition
of
the
open
shift
administrator
office
hour,
I'm
here
with
the
one
and
only
andrew
sullivan.
My
name
is
chris
short.
I
am
the
executive
producer
of
openshift
tv.
The
wonderful
channel
you've
turned
into
wherever
you
may
are
wherever
you
are,
you
are
welcome
here.
There's
no
such
thing
as
stupid
questions.
There's
no
such
thing
as
new
questions.
There's
no
such
thing
as
bad
questions.
A
B
Too
and
thankfully,
there
is
only
one
of
me,
as
I'm
sure
my
wife
as
well
as
my
team
will
attest
to
so
I
am
andrew
sullivan
technical
marketing
manager
teammate
with
chris,
where
we
focus
on
everything,
openshift
and
a
whole
lot
more
kind
of,
depending
on
the
day
of
the
week
and
the
mood
of
well.
Whoever
is
asking
us
for
things.
B
B
I
think
we're
being
restreamed
across
a
number
of
different
places,
and
yes,
all
of
the
chat
lands
in
everywhere.
So
by
all
means,
ask
us
questions.
A
B
Thank
you
for
for
keeping
an
eye
on
that
and
monitoring
it.
So
today,
while
you
all
are
thinking
about
and
coming
up
with
and
typing
out
your
questions,
I
want
to
talk
about
something
that
we
might.
You
might
have
missed
when
we
did
the
what's
new
in
openshift
4.6
presentation
a
couple
of
weeks
ago,
in
particular,
what
we
are
calling
the
the
interactive
iso
installer.
A
B
So
very
similar
name
you
could,
I
can
definitely
see
how
there
would
be
confusion
yeah.
So,
let's
take
a
step
back,
so
ins
assisted
installer,
which
is
currently
in
beta.
I
believe.
B
Yeah,
so
it
is
a
hosted
service,
you
can
pull
it
down
locally
and
I
think
you
can
host
it
locally
or
you
will
be
able
to
at
some
point
in
the
future,
but
it
is
an
a
web
service
that
you
go
to
and
say
I
want
to
install
a
new
cluster,
and
here
is
the
name
and
here's
some
other
information,
and
then
you
click
a
button
that
says
download
iso,
and
then
you
boot,
your
servers,
be
they
physical
or
virtual
to
that
iso.
B
When
they
come
up,
they
then
reach
out
to
whatever
that
assisted
installer
service
is
and
say
here
I
am
tell
me
what
I'm
supposed
to
do
so
this
is
great.
If
you
want
to
have
that
type
of
experience,
you
know
hey
it's
it's
neat.
I
can
use
this
gui.
I
can
tell
it
to
go
right,
so
if
you
saw
reese
do
the
whole,
you
know
he
did
a
phenomenal
demo
for
not
the
first
time
I've
seen
that
demo
and
it
was
just
as
good
the
second
time
of
walking
through
that
process
yeah.
B
B
Yeah,
please
do
so
when
we
think
about
installing
openshift
right.
We
we
use
openshift
install
and
we
generate
the
install
config.
We
generate
the
manifest.
We
generate
the
ignition
configs
and
if
we're
not
doing
an
ipi
install
effectively,
what
happens
then
is
I
have
to
install
core
os
to
my
nodes
again,
be
they
physical
or
virtual,
and
basically
tell
them
hey,
go
get
your
ignition
config
so
that
you
can
configure
and
deploy,
and
I
can
get
an
open
shift
right.
B
So
if
I'm
using
a
hyperscaler,
you
know
aws
well,
there's
amis
right.
I
pull
down
the
ami
and
I
use
that
to
as
the
basis
for
my
image,
azure
right,
you,
you
upload
the
or
I
think
it's
similar
process
right,
but
the
the
hyperscalers
have
their
thing
when
we're
talking
about
something
like
openstack
or
red
hat
virtualization,
it's
a
kvm
image.
When
we're
talking
about
vsphere,
it's
an
ova
or
with
bare
metal
or
any
of
those
other
platforms.
I
can
do
a
non-integrated
install
right
effectively.
A
Or
I'm
sorry,
I'm
laughing
jp
day
just
said
something
in
chat.
Assisted
installer
is
called
red
hat
open
shift
support
portal.
Hence
richard
I'm.
C
B
No
so
today
what
I
want
to
show
and
what
I
want
to
walk
through
is
that
interactive
iso
installer.
So
let's
talk
a
little
bit
about
background
so
historically
and
let
me
I'm
gonna,
go
ahead
and
share
my
screen
here.
A
B
B
B
Not,
but
when
I
deploy
openshift
clusters
to
azure,
oftentimes
I'll
use
it
as
a
demo,
because
I
find
their
portal
their
interface.
The
easiest
to
navigate
and
to
show
things
aws
is
a
you
need
to
take
like
a
week-long
training
course
just
to
understand
the
aws
portal.
A
The
portal,
if
that
makes
sense,
talk
about
cloud
capabilities
all
you
want,
but
that
user
experience
really
matters.
B
So
all
I've
done
here,
I've
browsed
to
the
openshift
4.5
documentation,
I've
gone
to
the
installing
on
bare
metal,
documentation
section,
and
we
have
this
kind
of
where
we
gloss
over
it
a
little
bit
of
let's
see
where
is
it:
creating
the
redhead
enterprise,
linux,
core
os
machines
and
using
an
iso
image
where
we
basically
say:
hey,
go
and
download
the
car
os
images
and
then
boot.
B
It's
effective
right!
I
can
get
all
of
my
stuff
in
there
if
I
need
to,
but
it's
clunky
and
error
error-prone.
If
you
will,
as
a
result
of
this
we've
seen
a
huge
number
of
you
know,
kind
of
user
customer
as
well
as
employee,
created
solutions.
I
think
in
one
of
the
streams
I
demoed
creating
a
custom
iso
yeah.
So
that
way
you
can
select
the
option,
and
all
of
this
is
pre-filled
out,
and
I
can
do
it
in
an
editor
where
I
can
fix
my
mistakes.
B
B
You
know
kind
of
weird
language
down
here,
to
define
the
bonds
and
give
it
an
ip
address,
and
all
this
other
information,
but
again
we're
talking
about
typing
out
a
massive
amount
of
information
that
I
have
one
chance
to
get
it
right
from
the
command
line
and
then
move
on,
and
I'm
not
going
to
find
out.
If
I
got
it
wrong,
if,
until
after
it's
installed
and
it
doesn't
connect
to
the
network,
then
I
got
to
go
back
and
reload
everything
right.
B
So
interactive
iso
installer
is
the
new
hotness.
It
is
the
new
way
as
a
4.6
that
we
will,
or
one
of
the
ways
that
you
can,
because
you
can
still
do
it
this
way
to
install
and
configure
the
networking.
B
And
so
one
you
can
see
that
this
is
pre-release
documentation
and
when
we
look
inside
of
here
same
section
creating
the
red
hat
enterprise,
linux,
core
os
machines.
We
have
this
fancy
core
os
installer
option
in
here
now
nice
and
what
it
also
says
as
we
come
down
here,
you
see,
we
have.
The
name
of
the
iso
file
has
changed.
It
now.
Has
this
dash
live
or
tac
live
in
the
name?
B
B
Cloud.Redhat.Com
open
shift,
slash,
install
yep
and
I
went
to
this
before
so.
Hopefully
it
won't
prompt
me
for
a
login
and
it
didn't
ta-da
and
then
I'm
going
to
install
on
bare
metal
using
user
provisioned
infrastructure.
Okay
and
I
want
to
access
the
pre-release
builds,
but
I
don't
want
to.
I
mean
if
I
take
this
it'll
it'll
take
me
over
here,
but
I
need
to
browse
around
and
I
need
to
be
able
to
download
specific
things
to
do
this.
B
So
I'm
going
to
copy
this
link
address
paste
it
in
up
here
and
I'm
going
to
remove
the
specific
file.
So
a
couple
of
things
to
note
here,
one
it
takes
us
to
this
ocp
dev
preview
dash
pre-release.
So
if
you
aren't
aware,
we've
been
cutting
openshift
4.6
rcs
for
a
couple
of
weeks.
Now,
oh
a
long
time,
yeah
yeah.
B
Here
and
it's
going
to
be
hard
to
see
because
it
didn't
expand
out
these
names,
but
if
you
look
in
here
down
at
the
bottom,
where
it
expands
the
whole
url,
you
see
down
where
it
says:
openshift
install
dash,
4.6.0
nightly
and
then
the
date
is
october
3rd.
Let
me
copy
this
link
address
that
way.
I
can
just
paste
it
in
up
here,
so
this
section
up
here
is
telling
us-
and
I
realized
that
I
should
probably
make
this
bigger
for
you
all.
I
don't
think
it'll
expand
the
size
of
that
title
window,
but.
B
3Rd-
and
I
don't
know
if
you've
looked
at
a
calendar
here,
but
today
is
the
21st,
so
why
has
there
been
almost
three
weeks
of
no
nightly
releases
what's
going
on
there?
Oh
that's
because
we're
cutting
rcs
now
rc's
don't
go
into
this
directory,
so
rc's
actually
go
into
the
ocp
directory,
not
ocp
dev
preview,
and
then
we
have
to
scroll
all
the
way
down,
instead
of
doing
it
with
the
scroll
wheel,
we'll
scroll
all
the
way
down
and
now
down
here
you
see
4.6.
A
B
B
B
And
if
we
look
inside
of
here,
so
we
have
our
two
files,
I'm
not
going
to
mess
with
those
at
the
moment,
because
we
don't
need
them
right
now.
But
the
other
thing
that
I
need
is
our
iso
file.
So
you
notice
that
we're
in
the
client
subdirectory
here
we
need
to
go
up
to
the
dependencies
directory
core
os
and
then
find
pre-release,
and
then
we
want
the
latest
4.6,
which
is
also
going
to
be
this
4.6
nightly.
B
And
in
here
we
have
a
whole
bunch
of
stuff,
including
the
aforementioned
live
iso,
and
this
is
the
guy
that
we
need
in
order
to
boot
our
servers
and
have
access
to
that
live
deployment.
Environment
you'll
also
notice
that
all
of
the
pixie
files
that
we
have
up
here
so
the
image
the
kernel
the
root
fs
they
are
also
now
live,
so
you
can
boot
into
this
via
pixi
as
well.
B
B
C
D
A
A
A
Yes,
there's
a
question
chat
good
morning.
I
have
a
question:
what
are
the
minimum
requirements
to
install
a
deployment
of
openshift.
A
B
Thank
you
as
well,
so
there's
two
options:
if
you
do
a
three
node
compact
cluster,
obviously
you
need
three
nodes
or
you
can
do
a
five
node
cluster
three
control
planes
and
two
worker
nodes
is
the
minimum
deployment.
B
Yes,
both
of
those,
whether
it's
three
compact
or
five,
three
control
plane,
two
worker
nodes
have
effectively
the
same
resource
requirements,
which
is
what
is
it
18,
v
cpus
or
18,
cpus
and
60,
something
gigabytes
of
ram.
B
B
B
So
that
is
effectively
the
lowest
total
amount
of
ram
that
you
would
need
correct
or
excuse
me
resources
that
you
would
need
and
note
that
that
is
just
the
install.
If
you
want
to
go
and
host
workloads,
you'll
need
to
increase,
you
know,
add
some
more
resources
there.
If
you
want
to
add
services
like
logging
logging
in
particular,
is
one
that
can
consume
a
lot
of
resources,
you'll
want
to
add
additional
hosts
there
etc,
and
I
see
jp
day
talking
about
fast
disk.
B
Yes,
lcd
is
extremely
latency
sensitive,
so
the
faster
your
disks
are
the
better
experience
you're
going
to
have.
I
think
we
there
yeah
and
there's
a
kcs
article.
Let
me
see
if
I
can
dig
it
up
here:
real
quick,
that
talks
about
the
performance
requirements
here
we
go.
I.
B
B
Yeah
so
essentially
using
the
fio
command.
You
want
less
than
10
milliseconds
or
10
000
microseconds
of
fsync
rate
latency.
Anything
beyond
that
and
you're
almost
definitely
going
to
have
performance
issues
you
can.
If
you
would
like
please
reach
out
to
me
andrew.sullivan
firstname.lastname
at
redhat.com,
I
have
a
whole
gigantic
email
that
I
sent
to
our
internal
sme
list
that
talks
specifically
about
performance
for
etcd
that
I'm
happy
to
share
out
so
that
you
can
get
an
idea
of
what's
going
on
behind
the
scenes.
B
Yeah,
so
I
was
thinking
about
doing
like
an
cd
performance
session
for
summit
next
year.
A
B
I
appreciate
it
because
yeah
listening
to
me,
drone
on
about
etcd
for
45
minutes,
might
not
be
ideal
for
everyone.
B
Okay,
so
hopefully
that
answered
your
question.
I
didn't
see
who
asked
that,
but
if
not,
please
clarify
and
crystal
crystal
interrupt
me.
I
will
ping
accordingly.
So
I
downloaded
the
live
iso
here
and
now.
I
need
to
boot
that
boot
a
host
to
that
iso
in
order
to
show
what's
going
to
happen
here,
so
I'm
not
going
to
go
through
and
I'm
not
going
to
install
a
full
openshift
4.6
cluster.
Quite
simply,
we
don't
have
time
for
that
because
it
takes
a
few
minutes.
B
B
B
Drive
so
this
one's
just
it's
going
to
be
running
on
a
local
nvme
drive,
so
that
way,
it's
nice
and
fast
and
we'll
connect
it
to.
B
B
And
then
I
want
to
come
down
here
to
boot
options
and
I
want
to
boot
to
the
cd-rom
and
I
have
not
uploaded
our
iso
yet
so
I
will
do
that
next.
I
think
everything
else
should
be
fine
here.
A
We're
doing
it
live
yeah
there,
it
goes
yeah
I
made
appropriate,
live
demo,
god
sacrifices
yeah.
B
B
Did
complete
yeah?
I
know
I
normally
I
would
get
like
a
a
soda
or
something
but
carbonated
beverages
or
all
right.
So
we'll
come
back
over
to
our
virtual
machines,
find
our
vm.
I'm
gonna
go
ahead
and
attach
the
iso
here
for
it
to
boot.
From.
B
A
B
Yeah,
you
can
see
it,
it's
already
pulled
a
dhcp
address.
Actually
so
it's
on
the
network
and
everything
inside
of
my
lab
here.
So
there's
a
couple
of
things
we
can
do
here.
So
first,
let's
find
our
4.6
documentation
and
if
we
scroll
on
down
here,
I
know
this
makes
people
dizzy.
Sometimes
so
my
apologies,
if
we
scroll
on
down
here,
we
have
this
core
os
installer
command
line,
options,
arguments
and
sub
commands.
B
B
B
B
For
nm's
for
network
manager,
yes,
if
you're
comfortable
with
nmcli,
I'm
not
comfortable
with
nmcli,
you
can
use
an
mcli
commands,
I'm
not
comfortable
with
network.
B
A
So
a
jp
date
is
asking:
this
is
how
you
install
kuberton
ocp.
No,
this
is
not
how
you
install
a
vm
on
ocp.
This
is
how
you
would
install
ocp
right,
correct,
a
vm
or
bare
metal
or
whatever
yeah
yeah
yep.
So
the
way
to
install
vms
and
cubevert
is
er
with
cubevert
aka
cnv
aka
openshift
virtualization
is
installing
the
operator
exactly.
B
Yeah
to
deploy
your
openshift
cluster
to
physical
servers
and
it
looks
like
looks
like
the
stream
video
is
buffering
for
me,
but
hopefully
people
can
still
hear
the
audio
yeah.
So
if
you
want
to
install
openshift
virtualization,
deploy
openshift
to
physical
servers
and
then
install
the
operator
and
that's
pretty
much
all,
there
is.
D
A
Yeah
you
install
the
operator,
and
then
you
say
you
know:
you've
got
to
get
the
yeah.
The
operator's,
the
easy
part
is
jpd
calls
it
storage
is
something
you
have
to
consider
right
like
you
need
some
storage
to
put
your
vms
on.
But
after
that.
B
A
B
So
I
went
through,
you
saw
I
used
where,
hopefully
you
can
see.
I
know
the
video
is
buffering
a
little
bit.
B
B
I
will
I
will
trust
you
and
stop
stop
bringing
it
up.
Then,
okay,
so
I
used
the
nm2e
to
graphically
configure
my
network
interface
here.
If
I
had
multiple
interfaces
I
wanted
to
bond
if
I
want
to
add
vlan
interfaces.
If
I
want
to
do
all
of
those
other
fancy
things
I
can
do
all
of
that
inside
of
here
and
then
I
am
done
right,
so
we're
good,
and
now
I
can
do
an
ipa.
B
You
can
see
that
it
hasn't
taken
effect
because
it
will
do
that
after
it
reboots
and
everything
else
right.
Thank
you
network
manager,
yep
and
now
I
can
do,
for
example,
a
core
os
installer
dash
dash
help,
and
then
there
is
install
dash,
dash,
help
and
there's
a
whole
bunch
of
different
options
that
I
have
available
to
me
here.
B
So
a
couple
of
these
that
are
interesting
here,
so
one
I
have
stream
right.
If
I'm
using
fedora
core
os,
I
have
my
ignition
file,
so
I
can
specify
a
path.
If
I
have
copied
my
ignition
file
into
the
iso,
I
can
tell
it
look
here
locally
without
having
to
reach
out
to
anything.
B
B
I
also
have
this
down
here,
so
this
dash
dash
copy
dash
network
option.
So
what
that
will
do
is
is
copy.
The
current
network
configuration
for
the
live
environment
to
the
installed
core
os
instance.
So
all
of
that
effort
I
just
went
to
to
configure
the
network
using
nm2e
or
nmcli,
as
the
case
may
be.
B
I
can
now
just
copy
that
over
and
then,
when
my
core
os
instance
comes
up,
it
will
have
that
exact
same
network
configuration
available
inside
of
it.
So
it's
a
super
easy
super,
simple
way
of
doing
advanced
network
configuration
for
core
os
at
install
time
without
having
to
you
know
fiddle
with
those
kernel
command
line
options.
B
B
B
So
this
is
particularly
important
because
slash
var
slash
containers
is
where
all
of
the
local
data
so
images,
the
image
layers
etc,
as
well
as
all
of
the
other
data
associated
with
odd
man
with
the
containers
is
located
at.
So
if
you
have,
and
the
reason
why
I
bring
this
up,
is
when
you're
thinking
about
sizing
right.
If
I
have
a
bunch
of
ephemeral,
pods
right,
I'm
not
persisting
any
data,
but
I'm
running
500
pods
on
the
host.
Well,
that's
500
applications
that
could
be
writing
log
data.
That
could
be
writing.
B
B
So
ssds
and
even
nvmes,
particularly
the
ones
that
don't
have
the
dram
cache,
is
effectively
on
par
in
many
cases
with
with
spinning
media.
So
you
have
to
be
a
little
bit
careful.
You
know,
don't
get
the
western
digital
green
ssd
if
you're
doing
headphones.
B
Yeah
yeah
so
a
little
tip.
So
if
we
do
like
a
wd,
750
nvme
drive
so
like
all
manufacturers
right,
they
have
different
tiers.
So
an
interesting
thing.
When
you
look
at
these
devices
they
will
have
a
drive
rights,
measurements
and
I'll
see.
If
I
can
find
it
inside
of
here
somewhere.
There.
A
B
So
this
is
important
for
a
couple
of
reasons,
mostly
in
particular
when
we're
doing
home
lab
type
stuff.
Where
you
might
have
you
know:
5
10,
15,
20,
vms,
all
writings,
you
know
to
the
to
the
drive.
It
can
be
a
lot
of
churn
on
the
drive
and
it
can
affect
that
longevity.
If
we're
talking
enterprise
drives,
they
have
the
same
thing,
but
usually
it's
going
to
be
much
much
higher
it'll.
B
So
just
for
home
labors,
like.
D
A
B
G
B
B
B
So
the
other
thing-
and
you
may
have
noticed
in
the
documentation,
so
this
is
the
live
iso
installer
right,
I
booted
to
the
iso.
It
dropped
me
into
this
command
prompt
right.
I
was
able
to
configure
the
network
if
I
follow,
through
with
the
command
it'll
install
coreos
to
that
device
and
copy
over.
My
networking,
so
great
awesome
phenomenal.
B
What
if
I
don't
want
to
do
that?
What
if
I
want
to
provide
my
ignition
file?
What
if
I
want
to
create
an
iso
that
already
has
my
ignition
file
in
it,
so
that
I
can
boot
it
up
that
way.
I
don't
have
to
even
fiddle
around
with
you
know,
network
connectivity
or
putting
those
those
ignition
files
onto
a
http
server
for
them
to
be
able
to
pull
down.
B
So
I
need
to
find
my
so
again
we're
in
the
we're
browsing
around
in
the
openshift
downloads
website
here,
so
we're
going
to
go
up
a
few
directories
and
we're
going
to
go
back
to
the
clients
directory
and
we
want
to
go
to
core
os
installer,
which
is
a
new
one.
You
can
see
it
was
just
created
on
october
6th
and
if
we
go
in
here,
we
have
the
core
os
installer
for
a
couple
of
different
architectures.
We'll
just
take
this
guy.
B
It
is,
it
is
wednesday
morning
so.
B
So
all
I'm
doing
here
is
moving
that
core
os
installer.
I
made
it
executable,
moved
it
into
my
path.
Now
I
have
core
os
installer
available
on
my
particular
system
here,
so
you'll
also
notice.
I
have
an
install
config
inside
of
here.
This
is
a
very
basic
install
config.
I
guess
I
can
update
my
clients
here.
B
B
All
I'm
doing
is
creating.
This
is
a
non-integrated,
great
quote-unquote,
bare
metal
deployments
inside
of
here.
B
If
I,
if
I
yeah,
if
I
follow
through
with
this
with
this
particular
install-
which
I
won't
again
out
of
the
interest
of
time
so
just
a
very
straightforward,
very
vanilla
deployment
that
I'm
going
to
do
here,
so
open
shift,
install,
create
ignition,
no
still
didn't
get
it
right
configs,
so
it
will
consume
our
file
there
and
just
like
with
any
bare
metal
or
non-integrated
installation
we'll
end
up
with
these
ignition
files
inside
of
here,
bootstrap
master
worker.
B
B
A
B
B
B
B
Well,
I
I
intended
to
test
it
before
the
stream
and
then
I
had
a
meeting
that
ran
very
long
and
did
not
have
time
with
a
partner,
so
we'll
see
hate
it.
When
that
happens
all
right,
so
we
have
this
embed
option
so
now
I
need
to
provide
it
some
options
so
dash
I
and
I'm
going
to
use
the
we'll
call
this
the
bootstrap
ignition
file,
and
then
we
will
do
dash
outputs.
We
want
it
to
do
boot,
strap.
B
Do
is
let's
what
was
the
commands
that
we
saw
a
minute
ago,
ignition
show.
A
B
B
It's
the
bootstrap
ignition,
so
it's
absolutely
massive
yeah.
So
at
this
point
I
could
let's
clear
all
that
junk
off
of
there.
So
at
this
point
I
now
have
a
customized
iso
for
my
bootstrap
and
if
I
have
right
network
configuration
all
that
other
stuff
in
there.
I
can
add
that
in
there
as
well,
there's
a
I
believe
that
there's
a
way
we
can
add
additional
files
in
there
too.
B
So,
for
example,
why
is
this
not
working,
of
course
installer?
Maybe.
B
Dash
dash
help,
maybe
because
I
can't
type
that
that's
probably
probably
the
reason.
B
B
B
I
think
they
are
they
suit
different
use
cases
right
so
assisted
installer
is
nice.
If
you
have
the
ability
to,
in
particular,
use
dhcp
and
connect
into
that
assisted
installer
experience
right
and
be
able
to
provide
all
that
information,
etc.
B
This,
I
think,
is
good,
particularly
if
you
want
to
do
automation
against
your
installs,
so
assisted
installer
requires
a
human
right.
There's
got
to
be
somebody
who
goes
and
says
I
want
to
create
a
new
cluster.
Here's
all
of
the
information.
Let
me
download
the
iso.
Let
me
boot
these
servers
et
cetera,
using
coreos
installer.
Using
this
iso
method,
you
can
script
and
automate
dramatically
more
of
that
installation
process
than
you
can
with
the
assisted
installer.
B
B
D
A
Like
this
is
for
our
offline
folks,
I
feel
like
to
a
a
very
large
extent
and
when
we
say
offline
or
disconnected
there's
a
lot
of
folks
out
there
believe
it
or
not
that
are
running
their
openshift
clusters
and
you
know
not
connected
to
the
internet,
environment
and
there's
all
kinds
of
reasons
to
do
that
manufacturing,
proprietary
products,
you
know
you're
trying
to
keep
your
intellectual
property,
you
know
private
and
protected,
so
don't
connect
with
the
internet.
Governments
use,
you
know
disconnected
clusters
all
the
time.
A
There's
a
lot
of
reasons
to
use
disconnected
clusters
and
helping
those
folks
out
is
a
unique
challenge
for
us
at
red
hat
and
we
we
try
to
live
up
to
it
as
best
we
can
with
every
new
release,
and
sometimes
it
works,
and
sometimes
we
get
new
fun
things
that
will
it
take
us
to
the
next
level.
You
know
as
we
build
and
build
and
build
and
iterate
on
this.
You
know
offline,
install
experience.
B
Agreed
and
4.6
is,
let's
see,
we're
now
a
year
and
a
half
into
openshift
four.
Wouldn't
we
launch
4.1,
it
was
summit
2019,
if
I
remember
correctly
so,
yeah.
B
A
A
I
think
the
yeah,
like
the
you
can
tell
like
if
you
went
to
that
tribe
page
when
four
first
launched
and
today
there's
a
dramatic
difference
right
like
and
I'm
talking,
even
when,
like
if
you
go
back
and
look
at
that
page
from
when
this
channel
launched
in
may
and
now
it's
drastically
different
right
like
so
the
the
amount
of
iteration
we're
doing
on
getting
openshift
installed
in
places
and
a
saying-
and
you
know
more,
you
know
easy
more
simpler
way
to
manage
is
a
key
objective
for
us
right
like
we
want
to
make
this
process
as
easy
as
possible
and
as
a
matter
of
fact,
after
the
stream.
A
Yesterday
we
had
some
discussion
about.
Why
isn't
oc
available
in
a
repository
somewhere
that
you
could
just
dnf
install
oc
for
fedora
and
we're
working
on
that
now
so
yeah,
it's
all
kinds
of
good
fun
stuff.
We
keep.
You
know
finding
these
little
use
cases
and
trying
to
tune
them
and
tweak
them
as
best
we
can
right
like
we
want
to
make
the
experience
exactly
and
your
feedback
is
a
huge
part
of
that
and
that
actually
came
like
jp
day
gave
us
some
great
feedback
yesterday.
A
B
Yeah,
no
it's
one
of
the
great
privileges
of
our
position,
which
is
we
have
direct
ability
to
reach
reach
into
the
product
management,
as
well
as
engineering
teams
to
to
give
that
feedback
to
get
answers,
etc.
So,.
A
B
Yeah,
yes,
very
much
so
no
such
thing
and
if
you're,
if
you're
afraid
of
it
being
a
bad
question,
reach
out
to
us
through
whatever
method,
again
email,
twitter,
it
doesn't
matter.
I
think.
D
B
So
with
our
last
couple
of
minutes
here
I
will
take
a
moment
to
highlight
something
that
is
a
relatively
recent
addition
to
the
docs.
I
think
it
was
added
in
4.5.
B
If
I
can
find,
I
will
use
this
one,
so
a
fun
fun
exercise,
you
can
go
back
and
you
can
look
at
the
docs
from
previous
versions
and
you
can
see
like
here's,
the
here's,
the
things
that
we
launched
we
launched
4.1
with
it
was
just
aws
bare
metal
and
vsphere.
By
the
way
you
can
see.
B
Difference
the
documentation
was
back
then.
So
if
we
jump
up
here
to
4.5,
we
have
this
new
section
post
installation
configuration.
So
this
originated
from
something
that
our
team
did.
Yeah.
A
B
So
effectively
this
is
meant
to
be
a
not
necessarily
a
checklist,
but
it's
a
list
of
things
to
be
aware
of
to
consider
that
you
might
want
to
do
with
your
cluster
now
that
it
is
deployed,
and
you
can
actually
do
something
with
it,
so
things
like
well
do
I
need
to
adjust
the
worker
nodes
right.
I
didn't
deploy,
or
I
didn't
customize
the
machine
sets
when
I
initially
deployed
so
now.
B
I
need
to
go
back
and
you
know
create
a
new
machine
set
that
has
the
actual
resources
that
I
need
for
my
applications
right
again.
Defaults
for
ipi
is
two
cpus
and
eight
gigabytes
of
ram.
Maybe
I
need
24
cpus
and
you
know
48
gigabytes
of
ram.
Well
wow,
I'm
going
to
go
back
and
make
that
adjustments.
A
So
so
I,
after
you
mentioned
this
last
week,
I
I
went
through
it
and
I
read
the
whole
thing
right
because
that's
what
I
do
and
it
is
very
much
set
up
like
not
as
a
checklist
but
as
a
if
this
then
kind
of
thing
right
like
if
you
need
this,
do
this
and
it's
it's
very
helpful
because
you
don't
think
about
it,
but,
like
all
of
my
state
of
my
cluster
is
in
etcd,
should
I
encrypt
that,
yes
or
no
and
a
lot
of
times?
That
answer
is
yes
and
here's.
How
right
like
that?
B
About
I
mean
you
can
see
here,
fcd
tasks.
Do
I
want
to
use
encryption?
If,
yes,
then
here's
how
to
do
it
right
and
the
docs
team
did
a
phenomenal
job
and
they
keep
this
constantly
up
to
date
as
well,
much
more
so
than
a
series
of
blog
posts
that
we
created,
and
these
are
cluster
level
things
right.
If
I'm
looking
at
on
a
on
a
node
basis,
do
I
need
to
add
rel
compute
nodes
into
my
cluster?
How
do
I
do
that?
Do
I
need
to
use
machine
health
checks?
Here's
how
to.
D
B
That
this
is
one
of
my
favorites
straight,
the
recommended
host
practices-
if
you
didn't
know
that
is
stolen
directly
from
this
scalability
and
performance
section
down
here
right,
all
of
those
things
basically
get
amalgamated
up
to
and
as
far
as
I
know,
the
docs
team
hasn't
written
a
lot
of.
If
I
don't
think
they
wrote
any
new
documents.
Rather
they
just
reorganized
and
linked.
D
B
So
and
then
the
preparing
for
users,
one
is
kind
of
the
end
state
of
okay.
My
cluster
is
now
you
know,
deployed
configured
I've
added
all
of
the
various
services
capabilities
that
I
need
so
now.
What
do
I
need
to
do
to
prevent
my
users
from
going
in,
and
you
know,
are
back
right
going
in
and
destroying
all
of
that
yeah.
B
You
know
how
do
I
add
operators
all
kinds
of
different
things
inside
of
there
again
focused
on
that
day,
two
plus,
how
do
I
get
my
cluster
from
brand
new
install
to
fully
functioning
and
hosting
workload
in
a
secure,
and
you
know
the
manner
that
that
my
organization,
my
applications,
need
exactly
exactly.
A
A
Different
formats,
as
in
yeah,
like
I'm,
not
understanding
the
question
jp
sorry,
the
the
docs
section
doesn't
typically
change
formats
unless
it's
between
major
versions
right,
like
I
think,
from
three
to
four
changed.
B
Yeah
that
I
don't
know
so
I
do
know
that
we
will
oftentimes
use
the
kcs
articles
so
access.redhat.com
as
a
documentation
supplement,
because
the
docs
team
generally
doesn't
update
the
docs
between
releases
right.
So
when
4.5
released,
they
update
the
dots.
Excuse
me
when
4.6
releases
they'll
update
the
docs
so
on
and
so
forth
in
between
4.5
and
4.6.
If
there's
issues
they'll
create
kcs
articles
and
then
that
information
gets
integrated
into
the
documentation
right.
B
A
B
Yeah
and
in
particular
so
another
thing
that
I
answer
a
lot
of
questions
on
is
why
don't
we
have
reference
architectures,
and
so
this
is
something
it
was
a
conscious
decision
that
was
made
by
the
bu
back
in
the
openshift
3.10
days,
which
was
effectively.
B
Let's
take
all
of
that
tribal
knowledge
that
we
sort
of
document,
but
really
we
just
give
you
the
output
in
a
reference
architecture
right.
Let's,
instead
incorporate
all
of
that
directly
into
the
documentation,
and
that's
why
you
see
things
like
this
scalability
and
performance
section
in
the
documentation
exactly.
A
B
Is
meant
to
convey
all
of
the
information
that
you
need
to
make
smart
decisions
about
how
to
configure
how
to
size
how
to
do
all
of
those
things
with
your
with
your
cluster
yeah,
so
oftentimes
for
me
yeah
for
me
at
least
great.
It's
not
we're
missing
documentation,
it's
just!
It's
not
organized.
B
According
to
the
subject
that
you
want.
I
think
I
mentioned
a
week
or
two
ago,
I'm
working
on
a
sizing
guide,
I'm
not
writing
new
documentation.
All
I'm
doing
is
reorganizing
things
so
that
it
fits
the
sizing
model
so
that
we
can
find
it
in
the.
B
B
So
yes,
hopefully,
hopefully
we
will
be
talking
about
regardless
of
what
the
high
level
topic
is.
A
new
release.
Fingers
crossed,
oh
really,
okay,
fun,
all
right,
yeah,
we'll
we'll
see
what
happens
there,
but
thank
you
everybody
for
watching
today.
B
Thank
you
for
the
questions
greatly
appreciated
again,
don't
please
don't
hesitate
to
reach
out
if
you
have
questions
whether
it's
here
on
the
stream
through
the
various
chat
channels,
please
feel
free
to
reach
out
either
through
the
various
social
media
methods
that
either
chris
ryer
accessible
via
or
feel
free
to
send
us
an
email,
directly
yeah.
I
I
don't
mind
that
at
all
and
in
fact
I
would
encourage
it.
So
thank
you
everyone
for
watching
today.
Thank
you
on
behalf
of
chris
as
well.
A
Thank
you
all
yes,
and
we
will
see
you
soon
tune
in
next
for
openshift
comments,
briefing
with
tremelo
security,
we'll
be
talking
about
multi-tenant,
multi-tenant,
get
ops
and
how
to
do
like
automation
of
it.
So
it's
gonna
be
a
fun
stream.
So
yeah,
I'm
about
to
jump
over
to
that
right
now,
so
see
you
soon.
C
H
H
So
mark
I
have
seen
you
at
just
about
every
major
trade
show
for
the
last
is
four
or
five
years
you've
been
at
our
openshift
commons
activities.
You've
been
at
the
openshift
summit
activities.
You've
been
engaged
with
us
on
just
about
just
about
everything.
We
ever
do
webcasts
podcasts
videos,
but
I've
never
actually
asked
you
like
criminal
security.
Is
it
tremolo
security?
Is
it
tremolo
security?
What
what's?
What's
in
the
name.
E
So
it's
pronounced
tremolo
kind
of
a
l,
e
l
sound
there
after
the
m.
So
a
tremolo
is
a
sound
fluctuation.
E
So
if
you
have
ever
played
guitar
or
even
the
organs,
you
know
with
qatar,
you
hit
the
whammy
bar
and
that
you
know
that
fluctuation,
that's
a
tremolo
and
so
where
the
name
originally
came
from
was
when
we
were
first
starting
the
company.
You
know
we're
identity
management
company,
primarily
that's
where
we
got
our
start
and
the
very
first
product
we
were
building
was
a
web
access
management
solution.
So
it
was
a
anybody.
Familiar
with
service
mesh
you'll
be
familiar
with
this
concept.
E
There
was
a
reverse
proxy,
where
you
authenticated
on
the
front
end:
we're
actually
going
to
use
kerberos
on
the
back
end
to
lock
down
access
and
we're
going
to
be
this
universal,
reverse
proxy.
We
want
to
get
away
from
agents,
which
is
a
big
thing
that
our
competitors
were
doing
and
so
yep
I'm.
I
wish
I
could
say
I
was
a
marvin
marketing
maven,
but
I
am
not
the
first
name
for
the
company
was
going
to
be
auto
idm.
E
E
I
was
like
oh
that's,
a
terrible
name
nobody's
going
to
know
what
it
means.
You
know.
My
my
co-founders
is
a
friend
of
mine
from
boston
and
he's
got
a
very
thick
boston
accent.
He
can't
pronounce
it
correctly
to
save
his
life.
I
was
like
that's
just
not
gonna
work
go
back
to
the
drawing
board
and
so
that
night
I
spent
a
good
three
hours
trying
to
find
a
domain
name
for
the
company
that
had
the
word
identity.
In
it
I
tried
different
languages.
E
I
tried
different
combinations,
acronyms
everything
couldn't
find
a
thing
it's
like.
So
who
is
tremolo
security.com?
It's
open
cool.
Now
it's
the
name
of
the
company.
So
then
that's
how
we
got
the
name
of
the
company
and
the
guitar
logo
and
everything
there.
E
H
E
Actually
started
the
company
in
2010
was
when
the
company
originally
started
and
we
kind
of
flew
under
the
radar
somewhere
between
a
hobby
and
a
science
project
for
a
few
years,
while
we
were
kind
of
you
know
getting
our
feet
under
us
building
out
the
technology
and
then
in
2013
we
got
our
first
customer
public
safety
environment
here
in
the
dc
area,
which
kind
of
catapulted
us,
and
then
we
didn't
really
come
out
of
like
not
that
we
were
ever
really
in
stealth
mode,
but
we
didn't
really
start
getting
out
there
until
2015,
which
is
when
we
had
our
first
booth.
E
Actually
at
a
red
hat
summit
that
was
kind
of
our
coming
out,
you
know
come
and
ask
stealth
mode
party
was
that
first
booth
at
red
hat
summit
in
15
in
boston.
It's
also
when
we
became
an
open
source
company.
We
said
you
know
what
open
source
is
going
to
be
the
way
to
go.
It's
going
to
be
the
way
to
get
to
the
most
people,
and
so
we
decided
to
go
ahead
and
open
source
up
and
it's
been
off
to
the
races
since
then,
and.
E
So
I
was
a
consultant
at
pricewaterhousecoopers,
so
if
folks
are
familiar
at
all
with
the
audit
industry,
they
call
it
the
big
four
chrysler
house
coopers,
which
I
was
deloitte
ernst
young
kpmg,
and
so
I
was
an
identity
management
consultant
there
for
for
about
seven
years
and
if
you
name
a
vendor
and
an
industry,
there's
a
pretty
good
chance.
E
I
was
involved
with
some
kind
of
cross-section
of
doing
an
identity
management
deployment
there,
and
so
what
we
found
when
we
were
doing
these
deployments
was
that
we
were
spending
a
lot
more
time,
customizing
this
beautiful
vendor
demo
to
what
the
customer
needed,
rather
than
actually
implementing
their
business
logic.
So
we
we
would,
you
know
the
the
the
vendor
would
walk
in
and
say
here's
this
big
gorgeous
demo,
with
all
our
opinions
of
how
you
run
your
identity
management.
E
What's
interesting
about
identity
management
versus
a
lot
of
other
technical
disciplines,
it's
very
closely
bound
to
the
business.
It's
got
a
tie
to
the
way
the
business
is
set
up
because
often
you're
saying,
okay,
you
know
our
management
processes
a
certain
way
or
an
organizational
process
is
a
certain
way.
E
A
lot
of
enterprises
are
very
siloed
organizationally,
so
your
technology
has
to
match
that
silo,
and
so
we
would
spend
most
of
our
time
kind
of
pulling
that
demo
apart
and
reconstructing
it
in
a
way
that
would
work
for
customers,
and
so
this
was
before
the
term
micro
services.
You
know,
really
existed,
but
we
said
you
know
the
better
way
to
do
this
is
instead
of
building
this
monolith
identity
system
that
you
then
have
to.
You
know,
pull
pieces
out
and
reconnect,
let's
start
from
basics
and
build.
E
You
know
what
would
today
be
described
as
microservices
for
identity
management,
so
your
web
access
management,
your
sso,
your
virtual
directory,
your
user
provisioning,
your
apis,
your
self-service,
all
those
different
things,
and
so
we
built
that
out
and
what
became
really
interesting
was
as
we
were,
building
it
out.
It
just
meshed,
really
well
with
the
open
shift
in
kubernetes
world,
because
we
had
built
these
small
building
blocks
that
we
said.
E
E
However,
you
want,
and
it
really
it
really
turned
both
the
implementation
time
on
set
and
the
costs
on
its
head
and
one
of
the
things
one
of
our
rules
of
thumb
was
that
your
your
ratio
of
professional
services
to
licensing
dollars
is
going
to
be
two
to
one
for
every
dollar
you
spend
on
a
license
for
software.
You're
gonna
spend
two
dollars
to
implement
it.
E
We
wanted
to
turn
that
on
its
head
and
we
found
that
by
going
with
a
micro
services
like
approach,
a
building
blocks
approach,
our
implementation
times
just
bottomed
out
and
we
were
able
to
you
know
we
had
one
customer
as
an
example.
We
replaced
a
a
long-standing
legacy
system
that
took
them.
I
think
three
years
to
get
implemented,
we
had
the
proof
of
concept
up
and
ready
to
go
in
three
days
to
replace
them,
and
at
that
point
it
was
just
provisioning
hardware
and
applications
and
whatnot.
H
E
So
a
lot
has
changed.
We
got
started
in
kubernetes
back
in
the
one
three
days,
maybe
one
eight.
Whenever
our
back
first
came
out
and
open
shift
at
first
come
out.
E
In
fact,
we
had
a
booth
at
the
first
kubecon
n
a
in
seattle
four
years
ago,
when
it
was
still
small
enough
to
be
in
a
hotel
lobby,
not
not
small
enough
to
do
that
anymore
right,
and
so
we
we
actually
originally
got
involved
with
openshift
and
then
later
with
the
upstream
kubernetes
and
with
our
back,
and
so
we
started
with.
So
when
you
go
to
the
kubernetes
authentication
page
and
talks
about
open
id
connect,
we
rewrote
all
that
documentation
and
donated
it
back
to
kubernetes.
E
We
then
went
ahead
and
started
to
set
to
look
at
the
way.
Openshift
and
kubernetes
deals
with
identity.
You
know
one
of
the
things
that's
really
changed
over
the
last
several
years.
Is
this
notion
of
what
goes
into
your
cluster
and
we're
going
to
talk
a
lot
about
that
during
the
demo?
You
know
it's
more
than
just
kubernetes,
it's
more
than
just
openshift
right,
I
mean
you've,
got
you've,
got
monitoring
systems.
You've
got
your
get
off
system.
We're
going
to
talk
about
argo
cd.
E
Today,
you've
got
your
build
system,
we're
going
to
talk
about
tecton.
You
got
your
code
system,
we're
going
to
be
using
git
lab
for
that
today,
and
all
of
these
systems
have
their
own
concept
of
identity,
and
so
specifically,
when
you're
looking
at
like
an
enterprise
world
most
of
the
implementations
of
multi-tenant,
you
know
it's.
It's
most.
Enterprises
are
looking
for
multi-tenant
solutions.
They're,
not
you
know
most
implementations,
I've
seen
that
are
where
the
tenancy
is
at
the
cluster
that
doesn't
scale
real
well
from
a
management
solution
it
it.
You
know
it.
E
There
are
advantages
to
and
obviously
you're
going
to
have
multiple
clusters.
But
when
all
is
said
and
done
it,
the
management
process
of
multi-cluster
doesn't
scale
when
you're
you're
trying
to
have
a
cluster
per
application,
so
multi-tenancy
becomes
really
important
and
so
identity
is.
You
know
it's
kind
of
like
the
force
in
star
wars.
It's
it
binds
everything
together.
You
know.
Argo
cd
has
its
own
internal
rbac
system.
It
doesn't
work
with
kubernetes
our
back
system.
It's
got
its
own
thing.
E
Gitlab
has
its
own
identity
system
and
then,
of
course,
openshift
and
kubernetes
has
its
own
identity
system.
So,
if
you're
going
to
provide
a
platform
for
your
developers
to
be
able
to
access
these
systems
securely
and
to
to
you
know
really
get
the
it
people
out
of
the
room
to
out
of
the
way
right,
you
know
the
goal
is:
is
that
the
people
who
own
openshift
are
not
involved
day-to-day
in
applications?
Right?
E
If
you
know
one
of
the
things
in
the
identity
world,
I
always
say,
is
if
I'm
in
the
room,
something's
probably
gone
terribly
terribly
wrong.
You
know
people
can't
log
in
people
are
unhappy.
You
know
it
should
be
the
same
way
with
the
the
people
who
run
the
kubernetes
and
openshift
deployments
if
you're
running
openshift
or
kubernetes
and
you're
in
the
room
during
an
issue.
Something's
gone
really
really
wrong.
Ideally,
your
application
owners
are
managing
all
that
process.
H
Speaking
of
being
in
the
room,
we
have
somebody
else
from
your
company
here,
brian
and
he's
sitting
there
down
in
the
bottom
left
corner
of
my
screen.
Brian,
who
are
you
and
how
did
you
get
involved
with
the
company.
G
Hey
great
question
mike
thanks
for
having
us
on
this
morning,
I
go
back
20
plus
years
in
the
identity.
Access
management
space
with
some
very
large
programs
of
record
the
early
days
were
extremely
challenging
to
enable
access
to
uniquely
different
data
repositories.
G
G
He
had
started
his
own
company
tremolo
security.
Most
intriguing
was
his
subject
matter,
expertise,
successful
consulting
background
and
the
fact
that
he
had
developed
his
own
ip
to
secure
the
authentication
process
and
speed
the
implementation
phase,
huge
game
changer
for
organizations
leveraging
their
existing
infrastructure
to
deploy
a
solution
in
weeks
not
months.
G
H
Okay,
fair
enough
back
to
you
mark,
I
couldn't
help
but
notice
when
you
were
talking
just
a
couple
minutes
ago
that
there
was
something
in
the
background
there
and
I
thought
maybe
I
thought
maybe
you
might
want
to
talk
about
something.
That's
exciting!
That's
going
to
be
coming
out
here.
Is
there
a
book
coming
out.
F
There
is
I'm
going
to
show
off
my
my
my
the
book.
E
Cover
here
I'm
going
to
do
a
little
bit
of
shameless
self
promotion,
so
I
co-authored
a
book
with
my
partner
in
crime
here,
scott
sarovic,
on
enterprise
kubernetes.
So
when,
when
we
started
talking
about
writing
this
book
together,
we
found
that
there
was
a
big
gap
in
the
knowledge
out
there.
The
written
knowledge,
I
guess,
on
on
how
you
implement
kubernetes
between
enterprises,
which
are
really
unique
from
you,
know,
kind
of
your
more
consumer
facing
companies.
You
know
the
the
in
enterprise,
you
know
you're,
not
you're,
you're.
E
You
have
to
work
around
the
organization
as
well.
You
know
most
enterprises,
you
might
only
have
a
dozen,
maybe
even
less,
of
these
massive
truly
enterprise,
wide
application
right,
your
erp,
your
messaging
things
like
that,
but
then
most
of
your
applications
are
these
siloed
systems,
be
that
might
have
a
couple
of
hundred
to
a
couple
thousand
users,
and
so
the
people
who
own
it
it's
the
most
critical
application
in
the
world
and
so
and
and
they're
now
responsible
for
keeping
it
up
and
running.
And
you
know
their
paycheck
depends
on
right.
E
Their
bonus
depends
on
so
we
wanted
to
write
a
book
with
that
in
mind,
so
heavy
focus
on
identity.
So
we
we
have
full
chapter
on
authentication,
our
back
authorization,
pod
security
policies
and
open
gatekeeper
and
then
a
lot
of
the
stuff
that
just
you
might
think,
is
kind
of
mundane,
but
is
really
important
to
managing
that
kind
of
a
diverse
environment,
backups
logging
and
log
aggregation,
and
then
what
we're
going
to
demo
here
was
one
of
the
most
fun
things
that
I've
done
in
a
while.
E
Our
last
chapter,
we
said
you
know
we're
going
to
build
a
platform,
we're
we're
going
to
talk
about
how
you
build
pipelines
and
then
build
a
platform
with
the
goal
of
not
having
to
have
excuse
me
not
having
to
have
a
a
kubernetes
admin.
Building
these
bespoke
clusters,
everything's
automated
everything's
done
through
through
get
ops
and
and
what
you
know.
What
we
we
really
wanted
to
to
handle
with
this
book
was
to
say
look.
This
book
is
more
than
just
theory
right
it.
E
A
lot
of
books
are
theory,
you
know,
and
they
give
you
great
information,
but
it's
not
necessarily
always
in
a
practical
context
where
you
have
cookbooks,
which
give
you
really
specific
recipes.
They'll,
give
you
great
ideas
and
great
knowledge,
but
they
might
not
relate
directly
to
what
you're
doing
we
wanted
to
kind
of
go
in
the
middle,
where
it's
a
practical
book
with
a
lot
of
theory
in
it.
E
So
the
thing's
huge,
I
think
it's
650
pages
of
you
know
of
kubernetes,
and
there
are
labs
and
most
of
the
chapters
that
you
can
go
through
and
and
everything's
open
source
it's
up
on
github,
and
so
we
we
had
a
blast
it's
coming
out
on
november
6th,
and
then
anybody
who
wants
to
get
their
hands
on
it.
We
have
a
discount
code,
we'll
have
it.
On
the
last
slide,
we
put
up
it's
25
kubernetes.
You
go
to
amazon
order,
it
there
you'll
get
a
25
discount.
H
I
just
I
just
linked
it
in
the
in
the
chat
as
well,
but
we
will
have
that
up
on
the
on
the
last
slide.
As
you
said,
awesome
650
some
odd
pages.
I
can't
wait
to
pull
that
down.
Yeah.
H
Right
well,
demo
time
can
you
show
us
something
and
hopefully
hopefully
there's
going
to
be
lots
of
terminal
windows
and
manually,
editing,
config
files
or.
E
I
promise
we
will
not
manually
edit
a
single
config
file,
so
I'm
going
to
go
ahead
and
share
my
screen
and
everybody
can
see
what's
going
on
here.
We
got
a
lot
going
on
on
this
demo.
E
So
when,
when
we
built
that
final
chapter
and
we
wrote
the
book
building
a
platform,
I
have
a
graphic
where
we
automated
the
deployment
of
argo
cd
projects,
get
lab
and
kubernetes
projects
and
techton,
so
that
they're
all
integrated-
and
I
made
this
diagram
of
all
the
different
objects
that
we
had
to
create
and
the
relationships-
and
this
is
just
in
one
cluster
because
there's
a
book
right.
It's
not
a
production
system,
20
plus
kubernetes
objects.
E
I
think
I
had
about
45
git
lab
calls
to
create
the
various
projects,
forks
etc
and
a
handful
of
calls
to
argo
cd.
Argo
cd
has
a
combination
of
its
own
api,
plus
it's
reliant
on
kubernetes
there's
some
crs
in
there
to
create
all
these
relationships,
and
then
you
think
about
the
automation
part
of
it.
You
know
you
don't
want
to
commit
code
to
gitlab
and
then
go
into
argo
and
say:
let's
trigger
a
sync
or
commit
code
to
gitlab,
and
then
you
know,
run
a
cli
command
to
fire
up
a
pipeline.
E
You
want
everything
to
just
happen.
So,
in
the
background
that's
all
built
on
web
hooks,
so
you
gotta
create
the
web
hook.
You
gotta
create
the
secret.
You
gotta
provision
the
secret
all
these
differences.
It
isn't
rocket
science,
but
there's
just
a
lot
of
stuff
to
do,
and
so
what
we're
going
to
show
you
is
what
the
results
of
that
are,
because
it's
it's
one
of
those
things
that
I
could
probably
sit
here
for
two
hours
and
go
through
each
little
detail.
E
So
I'm
going
to
start
with
logging
into
open
unison.
E
I'll,
be
my
first
stop
so
down
here
in
the
bottom
left-hand
corner
and
anybody
who
works
in
enterprise.
Saml2
is
a
big
thing
that
you
always
have
to
deal
with.
We
actually
provide
a
nifty
little
testing
tool,
a
sample
to
identity
provider
for
testing.
So
you
don't
have
to
set
up
your
own
to
be
able
to
imitate
what
your
corporate
environment
is
doing
and
that's
free
to
use.
E
E
Nope
all
right,
I'm
gonna
stay
here.
I'm
gonna
log
into
my
portal
and
I'm
gonna
request
a
new
application,
so
think
of
this
as
a
self-service
request
and
say
the
email
shuffle
of
hey.
Can
you
know,
can
I
get
a
project
get
created
or
cli
command?
This
is
something
that
I,
as
an
application
owner.
Okay,
we're
gonna,
go
launch
a
new
application.
E
So
I'm
going
to
go
ahead
and
submit
that
request.
This
is
going
to
kick
off
a
workflow
and
what
that
workflow
is
going
to
do.
Is
it's
going
to
notify
somebody
or
some
set
of
people
that
we've
identified
as
responsible
for
approving
the
access
say?
Hey,
you
know,
you've
got
this
open
request,
so
I'm
gonna
go
ahead
and
log
in
this
time
as
a
super
user
is
an
admin
that
is
able.
E
To
update
the
request
and
act
on
it,
we've
been
having
some
fun
with
the
internet
here,
but
you
can
see
that
there
it
is
so
we
got
this
open
approval
and
I'm
going
to
go
ahead
and
review.
It
all
looks
good.
Give
it
a
reason.
E
You
know
we're
provisioning
namespaces,
so
we're
provisioning,
a
development
name,
space,
we're
division,
provisioning
production,
name,
space,
we're
provisioning,
a
build
name
space
where
the
tecton
pipeline
is
going
to
live,
we're
provisioning,
a
gitlab
project
for
production,
we're
forking
that
project
for
dev
to
be
able
to
maintain
that
gitlab
flow,
we're
creating
a
project
for
the
application
itself,
we're
creating
project
for
the
build
and
then
we're
also
inside
of
argo,
we're
creating
repositories
so
that
argo
can
go
ahead
and
talk
to
these
systems.
E
So
when
I
go
ahead-
and
I
log
out
of
this-
and
I
log
back
in-
as
my
you
know,
as
my
application
owner-
I
go
into
gitlab
and
I
go
into
argo
you're
actually
going
to
see
that
I
only
have
access
to
my
applications.
E
I
don't
see
all
the
other
applications
that
I've
built
and
that's
again
where
the
identity
management
side
of
automation
really
comes
in.
I
think
it's
done
just
do
a
quick
check
here.
I
believe
we
are
no
we're
still,
I
think,
we're
still
rocking
and
rolling.
No,
I
think
we're
good.
So
let
me
go
ahead
and.
E
Just
to
give
you
a
sense,
so
this
is
another
area
where
you
know:
identity
becomes
really
important,
we're
not
just
provisioning.
All
these
things,
we're
not
just
creating
these
objects,
we're
creating
an
audit
log
of
this
provisioning
that
can
then
be
tracked.
So
I'm
going
to
go
ahead
and
show
off
here.
E
E
So
now
we
can
not
only
create
all
these
objects,
but
we've
tied
them
to
a
request
and
an
approval
so
that
when
it
comes
audit
time
instead
of
the
email
shuffle
of
hey,
did
you
access
this?
Did
you
approve
access
that
nope?
Here's
the
report,
let's
export
to
excel
and
give
it
to
the
auditors
call
it
an
afternoon.
Go
get
some
coffee,
so
I'm
gonna
go
ahead
and
log
out
and
log
back
in
as
my
user.
E
E
You
can
see
here
I
have
a
bunch
of
projects
and,
let's
log
into
argo
and
as
well,
you
got
a
bunch
of
repositories.
Now
there
are
a
lot
of
relationships
between
these
projects.
We
have
our
production
project,
which
is
where
our
manifests
are
going
to
live
deployments
deployment
configs
things
like
that.
We
have
a
dev
project
which
is
a
fork
of
production.
So
when
it
comes
up
when
it
becomes
time
to
to
you
know
push
to
production,
we're
not
making
an
api
call
we're
doing
a
merge
request
into
production.
E
We
then
also
have
our
our
application
code.
So
that's
where
our
actual
source
code
for
our
little
hello,
world
microservice
will
go
and
then
finally,
we
have
our
build
project,
so
this
is
going
to
be
our
techton
namespace
that
is
going
to
store
our
pipeline
and
run
our
pipeline.
What's
also
important.
We're
not
going
to
dive
too
deeply
into
this
rabbit
hole
is
that
inside
of
kubernetes,
we
are
excuse
me
openshift.
E
We've
actually
set
up
role
bindings
so
that
I,
as
a
user,
if
I
were
to
log
into
the
openshift
console
this
is
all
I
see,
and
there
are
different
roles
between
devs
and
operations
where
a
dev
you
know,
might
only
have
access
to
the
dev
name
space
and
maybe
read-only
access
to
techton.
E
But
an
operations
person
will
have
prod
access
or
you.
F
E
F
E
F
E
E
So
that's
not
super
interesting,
but
it's
right
now,
it's
sitting
in
my
fork
branch.
So
we're
going
to
come
back
to
that
later.
Nothing
really
special
is
happening
there.
So
next
thing
we're
going
to
do
is
deploy
our
pipe
or
our
operation,
so
we're
going
to
start
with
our
dev
operations
now
in
the
real
world.
E
I
would
also
fork
this,
but
I
could
do
work,
but
you
know,
let's
keep
it
a
little
simple,
so
you
can
see
here
that
there
is
a
dev
name
space
in
git
lab
with
a
dev
operations
project.
So
that's
where
we're
going
to
put
our
manifests,
so
we
don't
really
have
a
whole
heck
of
a
lot
there
right
now.
So
let's
go
ahead
and
clone
this.
F
E
E
So
we're
going
to
go
ahead
and
push
that,
and
let's
come
over
here
to
our
dev
environment.
You
can
see
in
argo
down
here.
There
isn't
a
lot
going
on
because
there
just
isn't
anything
there,
but
give
it
a
quick
refresh,
and
we
can
see
it's
already
popped
up
and
argo
cd
is
already
deploying
things
now
you
can
see
here.
It's
got
a
broken
heart
because
we're
broken
because
we
haven't
actually
built
anything
yet
right.
We
come
down
here
to
our
deployment.
E
There
isn't
a
whole
heck
of
a
lot
going
on
here,
we're
talking
to
a
tag
that
doesn't
exist,
yet
we
haven't
built
it
yet.
So
let's
go
ahead
and
build
our
container.
So
the
next
thing
we're
going
to
do
is
we're
going
to
come
to
our
build
name
space.
So
again,
I
would
want
to
do
a
fork
test
this
out.
I'm
going
to
make
this
a
little
simpler
for
the
sake
of
the
demo.
E
Back
to
our
build
name
space
so
before
I
go
ahead
and
check
things
in
what
I'll
point
out
here
is:
we've
got
a
couple
of
things
in
there,
so
we
part
of
our
workflow.
We
pre-built
the
link
between
gitlab
and
kubernetes
through
a
web
hook.
So
when
you
commit
your
code,
it's
going
to
call
web
hook
that
is
listening
inside
of
open
shift.
E
E
E
E
D
F
F
I
know
I
work
test
build
star
all.
D
F
C
E
Wrong
one,
so
we've
just
committed
it
and
if
we
take
a
look
here,
it
might
take
a
minute
there.
We
go
it's
already
starting
to
build
out
all
of
our
objects.
So
it's
creating
our
template.
It's
creating
our
tags,
all
that
good
stuff,
so
everything's
been
pushed.
So
now
we
actually
have
a
working
techton
pipeline.
That's
ready
to
go!
E
E
We
don't
have
any
pipelines,
so
let's
go
ahead
and
merge
our
code,
so
I'm
going
to
go
to
my
dev
application
and
I'm
going
to
create
a
merge
request.
So
this
is
a
big
part
of
the
get
ops
model
right,
making
sure
that
everything
is
being
done
and
get
so
I'm
going
to
go
ahead,
compare
it
to
master
and
okay.
It's
an
initial
commit
now
a
whole
heck
heck
a
lot
there.
Now
in
theory
this
would
be
a
developer.
E
You
know
committing
the
code.
So
now
I
is
the
app
owner,
I'm
getting
an
email
saying:
hey
you've
got
this
open
commit.
You
know
this
open,
merge
request.
Please
take
a
look,
I'm
going
to
approve
it
and
go
ahead
and
hit
merge,
so
we
can
see
immediately
something's
going
on
right
because
stuff's
being
generated
if
we
go
ahead
and
we
look
at
our
pipeline.
E
There
we
go
so
we've
got
pipeline
running,
so
let's
go
ahead
and
see
what's
going
on
here,
so
our
pipeline
is
pretty
straightforward,
the
big
difference
with
our
pipeline.
That
is
because
it
is
a
get
ops
model
at
the
end
of
the
pipeline.
You
know
the
first
task
of
the
pipeline
is
we
generate
a
tag
so
that
tag
is
just
time
stamp.
E
E
That's
going
to
take
the
longest,
and
so
you
know,
obviously,
today's
day
and
age,
we
don't
like
damon,
so
we're
using
a
daemon-less
system
here
to
create
the
container.
E
From
our
dev
repo
and
then
patching
the
yaml
file
inside
the
repo
with
the
new
tag
and
pushing
it
because
we're
not
going
to
make
an
api
call
to
open
shift
and
say:
hey
here
is
the
new
image.
That's
how
you
know
you
used
to
do
it,
but
in
the
github
small
you
want
git
to
be
your
source
of
record,
and
so
once
this
is
done,
it's
going
to
then
go
ahead
patch
that
and
we're
going
to
come
over
here
we're
going
to
go
back
to.
H
E
We're
we're
almost
there.
Well
we're
not
quite
that
far
we're,
not
quite
that
close
to
the
end
of
our
time.
This
usually
doesn't
take
too
long
to
build
we're.
I
think
we're
just
about
there
with
building
the
image.
E
But
you
know
once
this
image
is
built
and
gets
committed,
we're
going
to
be
able
to
see
inside
of
our
repo
where's
the
dev
dev.
Here
we
go
so
here's
our
operations,
we're
actually
going
to
see
a
new
commit
into
our
dev
operations
project
with
the
commit
id
of
our
application
code.
So
we
have
an
audit
trail
there
of
what
it
was
integrated
with,
and
we
can
see
that
the
patch
is
completed.
F
Oh,
it
failed.
Why
did
it
fail.
F
F
You
know
I'm
gonna,
I'm
gonna
cheat
a
little
bit
here.
How
can
I
do
this.
F
F
Yeah,
I
think
I
fudged
something
when
I
screwed
up
the
copy.
E
So
but.
E
Now,
okay,
well,
choice
of
a
live
demo,
so
the
what
would
then
happen
is
it
would
commit
to
and
check
this
out
real
quick,
see.
F
E
F
E
H
E
Here
go
ahead
and
sign
in
with
this
privileged
user.
You
can
see
all
these
extra
applications
that
I
have
access
to
other
than
my
first
user.
So
this
is
where
the
power
of
identity
integration
really
comes
in,
because
I
can
see
everybody
right,
so
we've
not
just
managed
to
automate
the
deployment
of
infrastructure,
but
we've
managed
to
automate
the
security
of
that
infrastructure
too.
E
I'm
gonna
go
ahead
and
stop
sharing
so
yeah,
so
demo
got
most
of
the
way
there.
C
E
You
know
the
the
biggest
effect
for
customers
is
the
fact
that
they,
the
their
I.t
departments
or
their
the
people
who
own
their
infrastructure,
don't
have
to
get
involved
with
the
day-to-day
of
applications.
E
So
a
customer
that
I
built
a
similar
solution
for
we
went
live
about
a
year
ago,
and
I
hear
from
him
once
in
a
blue
moose,
a
hedge
fund
over
in
the
uk
small.
As
these
things
go,
I
guess
a
small
hedge
fund
is
like
five
billion
dollars
and
you
know
their
developers
want
to
be
able
to
launch
microservices,
and
so
you
know,
but
they
didn't
want
to
have
to
get
the
it.
E
You
know
the
the
infrastructure
side
of
the
it
department
involved,
so
we
set
up
a
very
similar
solution
for
them
where
the
their
developer
would
log
in
say,
create
me
a
project.
Now
we
based
the
permissions
off
of
their
active
directory,
so
there
was
no
request
approval,
but
based
on
that,
it
provisioned
out
everything
it
provisioned
out
the
git
repos
it
provisioned
out
the
build
systems,
it
provisioned
out
the
name
spaces
it
tied
everything
together,
and
so
the
developers
were
then
able
to
say.
E
Hey
I'm
going
to
just
go
ahead
and
start
pushing
code
and
we
actually
gave
them
a
little
button
so
that
they
could,
you
know,
say
I'm
going
to
push
from
open
unison
from
the
open
unison
portal
rather
than
from
inside
of
kubernetes
and
he's
like
yeah,
I
I
don't
get
phone
calls.
I
mean
that
is
one
less
thing
that
that
guy
has
to
manage,
because
at
the
end
of
the
day
we
all
have
better
things
to
do
than
building
bespoke
clusters
for
people,
so
it
really
becomes
a
force
multiplier.
E
People
are
happier
because
they're
getting
their
job
done,
they're,
not
complaining.
Oh,
I
don't
have
access
to
this.
I
don't
have
access
to
that
and
really
you're
spending,
hundreds
of
thousands,
maybe
even
millions,
depending
on
the
size,
your
organization
on
this
automation
solution.
Do
you
really
want
to
manually
onboard
people
it
just?
It
doesn't
work?
Well,
so
it
really
becomes
a
big
force
multiplier.
There.
H
You
earlier
in
the
in
the
discussion,
you
interchanged
the
words
kubernetes
with
open
shift,
and
I
would
imagine
that
that
that
your
your
technology
and
your
solutions
work
on
any
kubernetes
based
implementation.
Not
just
openshift
is
that
correct,
sure
yeah,
but
we
have
been
working
with
you
folks
for
years
you
guys
are
a
member
of
openshift
commons.
You
have
a
red
hat
certified
operator
for
openshift,
which
means
that
it's
gone
through
the
red
hat
internal
testing
and
blessings.
H
So
when
customers
want
to
use
it,
they
know
it's
tried,
tested
trusted
and
they
can
get
support
from
from
red
hat
and
your
company
at
the
same
time.
So
I
did
want
to
put
that
gratuitous
plug
in
there.
So
thank
you.
E
And
we're
we're
we're
a
security
company
right
I
mean
we
go
we're
going
to
the
cio
and
saying
we're
going
to
help,
make
your
infrastructure
more
secure
and
being
able
to
say
and
we're
certified
on
the
platform
that
you're
using
yeah
here
in
the
dc
area.
You
know
back
in
the
before
times
when
we
used
to
go
places,
you
go
on
the
metro
and
there
are
signs
everywhere.
E
You
know,
100
of
of
government
agencies
run
red
hat
linux
right,
that's
that's
not
hyperbole,
that's
true,
and
and
so
in
the
enterprise
you
know
being
able
to
say
yep.
This
is
certified
on
the
platform
that
you're
using
you
know
we
had
to
go
through
their
rigorous
process.
They
had
to
review
it,
we're
also
in
the
red
hat
marketplace.
E
So
that's
an
additional
avenue
to
be
able
to
get
access
to,
but
we
have
we
made
big
bets
on
openshift
very
early
on
in
our
kubernetes
journey
and
those
those
bets
have
definitely
paid
off.
H
So
war
stories,
everybody
loves
a
good
war
story.
What
you've
been
in
the
in
the
security
business
for
quite
a
good,
quite
quite
a
long
time,
both
at
your
company
and
previously
tell
us
tell
us
one
of
your
favorite
war
stories
that
you've
that
you've
addressed.
E
E
So,
while
I
was
still
with
pwc,
I
was
on
a
project
where
we're
helping
a
customer,
a
name
brand
that
everybody's
heard
of
and
everybody's
used
was
migrating
between
different
identity,
vendors.
I
was
brought
onto
the
project
as
well.
Look,
you
know
you
have
a
limited
number
of
hours
to
get
this
done
now.
400
applications
across
six
continents
here
are
three
or
four
developers
in
india.
Just
have
them
go
and
manually
update
the
configuration
now
like
that
sounds
like
a
terrible
idea.
E
I
don't
want
to
do
it
they're
not
going
to
want
to
do
it
and
it's
going
to
be
error
prone
and
all
sorts
of
problems.
E
So
I
said,
look
I'm
telling
you
we
can
automate
this
we're
going
to
come
in
under
budget
customers
going
to
be
happy,
they're
going
to
have
a
much
better
product
and
they're
going
to
have
a
much
better
time
and
so
got
with
the
team
in
india.
And
you
know
there
are
always
issues
when
you're
dealing
with
different
time
zones
and
whatnot
to
be
able
to
get
that
done.
E
But
you
know
we
all
were
able
to
work
together
and
build
this
amazing
set,
and
this
was
before
devops
devops
wasn't
a
word
yet,
and
so
we
were
able
to
build
this
system
that
queried
the
apis
of
the
old
system,
and
you
know
constructed
out
a
a
a
framework
tested
the
old
system
to
make
sure
that
that
framework
worked
the
way
we
thought
it
did,
provision
that
then
automatically
into
the
new
system
test
the
new
system
and
then
turn
it
all
on
automatically.
E
And
you
know
the
the
project
went
really
really
well.
For
the
most
part,
we
did
have
one
issue:
we
we
accidentally
turned
off
sap
in
japan,
which
didn't
really
go
over
real
well.
E
But
we
fixed
that
pretty
quickly,
but
then
we
went
ahead
and
once
we
got
that
you
know
figured
out
the
original
go
date.
We
had
to
cancel
because
our
product
owner
or
project
owner
from
the
customer
had
to
have
an
emergency
a
pandemic.
Remove
his.
E
E
So
you
know
he
said:
no,
I'm
not
we're
not
going
live
with
this
without
me
being
okay.
Well,
I
was
promised
to
another
project,
so
I
had
to
go
and
they
delayed
the
rollout
three
weeks
and
I
got
a
phone
call.
One
day
I
was
like
yep
done.
I
was
like
really
yeah
no
bridge
call
nope,
we
threw
the
switch
and
everything
just
worked
and
it's
like
we
came
in
under
budget.
We
automated
everything.
People
were
happy
with
it
of
the
400
applications.
E
I
think
we
were
able
to
automate
like
395
of
them
and
so
that
that
was
a
big
inspiration
for
for
the
approach
that
we
ended
up
taking
when
we,
when
we
started
trembling
getting
into
the
automation
space.
H
E
So
I
I
guess
the
biggest
thing
that
I
I'd
want
to,
let
people
know
is
that
you
know
everything
I
showed
is
not
vaporware
right,
it's
real
it!
It's
it's
out!
There
we're
constantly
involved
in
the
kubernetes
and
openshift
world.
If
you're
asking
questions
on
either
openshift
commons
or
in
the
kubernetes
slack
channel,
we're
going
to
be
there
and
we're
here
to
help.
You
know
we
are
we're
experts,
I'm
a
ckad.
E
I
I
went
through
that
certification
process.
You
know
the
the
the
dark
ugly
truth
of
most
enterprise
software
is
that
the
people
write
this
stuff
never
have
to
use
it.
We
use
our
own
software
with
customers,
we're
out
there,
deploying
it
we're
making
changes
as
customers
need
it.
So
we're
not
just
building
in
fluff
features
that
nobody's
going
to
use
we're
building
features
that
people
are
actively
using
actively
need,
and
so
as
you're
kind
of
going
through,
that
journey
of
figuring
out
how
you're
going
to
automate
your
infrastructure
think
about
tremolo
security.
E
Think
about
how
you're
going
to
automate
your
your
infrastructure
with
security
in
mind.
H
E
Good
in
the
us
only
until
november
15th,
what
I
will
say-
because
I
know
a
lot
of
folks,
especially
in
the
open
source
world
care
very
much
about
these
things-
is
that
if
you
do
go
direct
to
the
publisher
once
it's
available,
it's
drm
free,
I'm
sorry,
it's
drm
free!
If
you
go
directly
to
packet
who's,
the
publisher.
H
C
F
E
D
E
Like
an
smtp
black
hole
that
we
keep
updated,
that's
really
useful.
B
H
Okay,
I
don't
know
if
you're,
if
someone's
doing
dishes
in
the
background,
but
we
hope
you
all
the
best
with
the
book.
I
think
I
will
obviously
be
pulling
down
a
copy
using
my
25
discount
code.
Where
are
we
going
to
see
you
next
or
you
know
in
this
in
this
world,
with
everything
is
virtual
these
days
we're
not
going
to
see
you
physically
in
person
at
commons
or
the
red
hat
summit,
but
you
know:
where
can
we
see
you
next.
E
So,
actually,
I'm
going
to
have
the
great
pleasure
of
giving
a
lightning
talk
at
the
kubecon
n
a
virtual
security
day.
I'm
going
to
be
talking
about
why
you
should
be
using
openid
connect
with
your
clusters
and
not
certificates
for
authentication.
So
that'll
be
my
next
kind
of
big
thing.
H
That's
was
that
november
17th
right.
E
Yeah,
I
think
seventeenth
is
the
security
day
conference.
D
H
A
it's
a
co-located
event
correct!
It's
it's
before
coupon
starts
okay,
yep
good!
Well,
I
would
like
to
say
on
behalf
of
everyone
here
on
the
openshift
commons
briefing
hour,
that
we'd
really
appreciated
having
you
join
us
here
today.
H
H
Thanks
everybody:
I
hope
that
hope
that
this
was
informative
and
useful.
You
can
tune
in
every
wednesday
at
noon
eastern
time
and
we
have
a
full
lineup
of
software
partners
booked
out
all
the
way.
I
think
we're
booked
all
the
way
into
march.
At
this
point,
so
all
of
our
software
partners,
with
red
hat
certified
operators
for
openshift
they're,
going
to
be
here
on
the
show
talking
about
their
technology,
their
products,
their
war
stories
and
hopefully,
some
more
books
thanks
again
mark
and
we
are
signing
off
for
the
day.
Thanks
for
joining.