►
Description
OpenShift Commons Gathering December 5th 2017 Austin, Texas
Panel: .Gov on OpenShift - US Courts, USCIS/DHS, and Oak Ridge National Laboratory with Evong Nham Chung (Red Hat) moderator
A
Hey
guys,
my
name
is
Yvan
Nam
and
I'm.
The
manager
for
the
open
chest
solution.
Architects
for
US
public
sector
I'm
really
excited
to
be
here
today
for
two
reasons:
I
guess
three
reasons:
I've
never
been
Austin
before,
but
the
real
reasons
are.
If
you
know
me,
you
know
that
I
really
really
love
OpenShift
I've,
been
at
Red
Hat.
Ten
years
now
and
I've
never
felt
more
passionate
about
any
technology,
and
the
second
reason
is
in
public
sector.
A
We
don't
often
get
a
lot
of
opportunities
for
us
to
share
the
awesome
things
that
we're
doing
you
guys
know
in
federal,
we've
got
pretty
unique
mission
statements,
pretty
unique
requirements
and
I
know.
Maybe
some
of
you
guys
have
some
preconceived
notions
about
what
IT
is
like
in
federal,
but
I
am
here
to
tell
you
we
are
doing
some
of
the
most
innovative
and
cutting-edge
stuff
with
with
OpenShift.
We
just
can't
talk
about
it.
A
E
Afternoon,
my
name
is
joel
turner,
I
kind
of
have
a
dual
had
a
role,
I
work
for
the
federal
judiciary.
My
main
focus
right
now
is
my
day
job
as
I
lead
the
enterprise
architecture
program
for
the
administrative
office
and
on
the
side
I'm.
Also,
a
chief
deputy
clerk
in
a
District
Court
in
Madison
Wisconsin.
A
E
So
part
of
when
you
think
about
how
we
deliver
software,
a
lot
of
companies
will
handle
software
delivery
for
their
organization.
All
their
users
use
those
particular
applications
that
are
kind
of
approved
and
we
have
the
same
model
in
many
respects,
so
the
administrative
office
delivers
national
applications
to
the
over
200
courts
within
the
federal
judiciary.
However,
local
courts,
because
they
work
very
closely
with
their
local
bar
they're,
basically
their
attorney
practice,
there's
sometimes
unique
characteristics
of
those
groups,
and
they
also
try
and
deliver
solutions
to
their
target
or
and
so
think
about
it.
E
You
have
a
national
service
organization
delivering
service
to
a
wide
group
of
individuals
and
those
individuals
in
turn
are
service
providers
to
the
local
community.
So
you
have
both
national
applications
and
local
applications
and
that
creates
unique
challenges
in
terms
of
delivering
applications
to
those
unique
groups
and
then
sharing
those
applications
across
the
federal
space.
So.
A
D
Yeah
so
so
we've
got
we're
an
open
science
facility,
so
all
the
science
that
we
run
on
our
machines
gets
published.
Although
we
do,
we
do
do
some
work
with
with
industry,
then
they
don't
have
to
publish,
but
they
pay
for
the
use
of
the
computer,
but
our
scientists,
because
of
that
or
scientists,
are
all
over
the
world
right.
We've
got.
A
C
So
one
of
the
things
that
we've
talked
about
is
that,
in
order
to
get
an
open
shift,
implementation
in
place
or
any
kind
of
strategic,
you
know
enterprise
architecture
initiative
in
place.
You
have
to
have
senior
leadership
and
for
us,
our
CIO
kind
of
mandated
that
we
that
we
implement
the
solution
and
one
of
the
one
of
the
reasons
that
led
us
to
this
was
we
had
one.
C
We
wanted
to
improve
the
customer
experience
with
one
of
our
applications
and
we
felt
that
in
order
to
do
that,
the
best
way
to
start
approaching
that
was
to
actually
break
the
service
apart,
creating
the
front-end
and
part
of
this
messaging
queue
and
wind
up.
We
ended
up
putting
the
messaging
portion
of
that
application
as
one
of
our
first
micro
services
onto
the
openshift
platform,
and
because
of
the
leadership
that
we
had
and
because
of
the
way
that
we
approached
the
problem,
we
were
actually
able
to
yeah.
A
I
think
they
actually,
they
got
something
to
production
from
zero
to
production
in
six
weeks
with
open
ships
that
was
really
exciting,
Dave
now
you're.
What
the
IRS
and
I
imagine
that
you
guys
have
pretty
unique
challenges
around
dynamic
workloads
right,
so
I
bet
your
workload
scale
up
and
down
pretty
dramatic.
B
We
do
yeah,
that's
one
of
the
things
that
you
know
our
filing
season
is
January
to
April,
so
that's
really
the
period
that
we
build
to
it
right
now.
We
have
a
lot
of
applications.
We
build
to
the
physical
limit,
so
we
have
you
know
four
or
five
servers
in
web
form
and
it's
targeting
the
high-water
mark,
which
really
is
those
four
months.
So
it's
a
shame
that
infrastructure
is
sitting
there,
those
other
months,
you
know
from
May
through
December
they're,
not
nearly
as
busy.
B
A
A
B
I'll
take
okay,
yes,
so
per
our
perspective,
it's
breaking
the
dependency
between
a
server
and
JBoss.
So
I
have
people
waiting
in
line
for
months
and
months
to
get
a
server,
so
they
can
get
JBoss
to
start
doing
their
work
and
we
have
a
JBoss
7
upgrade
coming
pretty
soon.
These
people
are
waiting
in
line.
They
can't
get
to
work
because
they're
waiting
for
server
deliveries
through
our
current
pipeline
and
I,
don't
know
what
happened
over
the
last
couple
of
years,
but
the
volumes
have
just
gone
too
high.
B
There's
not
enough
human
beings
in
the
building
to
be
able
to
build
these
servers
timely
using
these
processes
that
we
defined
over
years.
It
has
to
go
automated,
and
so
for
us,
it's
breaking
that
dependency
between
the
server
and
that
JBoss
container,
because
we
did
a
pilot
test
and
one
of
those
applications
the
the
legacy
applications.
We
put
it
on
a
container,
took
about
six
weeks
to
convert
it
from
an
oracle
application
server
on
solaris
running
to
JBoss
6.4
instance.
We
did
it
on
a
virtual
server
dedicated.
B
We
did
it
on
a
container
and
to
the
developer.
It
was
exactly
the
same.
He
had
no
concerns
which
one
it
was.
He
really
said:
I
don't
care,
because
now
I
have
a
JBoss
instance
that
I
can
actually
use.
So
for
us
that
was
sort
of
the
trigger
point,
but
we
can
get
our
developers
productive.
They
need
a
good
six
months
or
nine
months
or
a
year
to
do
these
conversion
efforts.
We
got
to
get
that
clock
ticking
as
soon
as
possible
in
the
physical.
B
E
Think
for
us
there
were
there's.
A
lot
of
things
are
attractive
about
the
technology,
but
there
are
really
two
things
that
stood
out
almost
the
portability
of
the
containers,
the
ability
for
a
developer
to
work
anywhere
and
have
an
entire
environment
up
and
running
and
not
be
bound
to
exceed
either
existing
infrastructure
or
some
of
the
services
that
were
necessary.
Those
could
be
basically
on
their
laptop
that
can
work
anywhere.
They
want
the
other
issue
or
the
other
attractive
feature
was
the
immutability
change.
E
Management
is
an
issue
that
I'm
sure
a
lot
of
people
face,
I'm,
not
sure
if
we're
unique
in
that
regard.
Nonetheless,
the
ability
to
have
an
immutable
container
industry
and
be
assured
that
when
you
start
in
the
development
process
and
as
you
move
through
testing
and
then
staging
that
application,
finally
putting
in
production
that
you
can
assure
that
what
you
started
with
is
actually
what
you
end
up
with,
and
you
don't
get
a
lot
of
fat-fingered
configuration
changes.
That
was
a
very
attractive
feature
for
us.
D
Yeah
for
for
me,
it
was,
it
was
a.
It
was
a
good
technology
decision,
because
in
an
HPC
over
the
past,
30
or
so
years
as
a
community
they've
really
bought
into
POSIX
right,
so
pause,
accusers,
POSIX
file
systems.
We
have
a
huge
parallel
file
system,
that's
that's
POSIX
compliant
called
lustre.
Gpfs
is
another
one,
and
so
these
are
all
at
the
OS
level
right
and
so
being
able
to
kind
of
use
containers.
D
And
since
it's
at
the
OS
level
and
and
kind
of
use
that
as
a
you
know,
you
can
you
can
abstract
as
much
as
you
need
to
right.
Since,
since
containers
are
just
C
groups
and
namespaces,
you
can
kind
of
peel
back
what
what
legacy
applications
can't
don't
understand
right
being
namespaces
or
things
like
that,
but
it
still
gives
us
that
control
that
allows
user
to
come
in
and
run
whatever
application
they
need
to
run.
So
that
was
the
big
thing
for
containers.
C
So,
for
us,
the
portability
issue
was
was
a
problem
also,
we
have.
We
have
different
contract
teams
that
develop
software
for
us,
so
the
containers
address
that
issue.
The
other
part
of
it
is
that
and
when
we
did
the
containers
and
we
put-
and
we
built
our
pipeline
to
go
into
openshift,
we
kind
of
created
a
level
playing
field
for
everyone,
and
it
also
allowed
us
to
you
know,
put
put
everything
under
standard
standard
code.
A
Steve
you
hit
on
a
really
interesting
point,
so
in
federal
we
have
some
unique
challenges:
we're
not
like
an
enterprise
company
where
everybody
is
an
employee
right,
so
we've
got
all
different
sorts
of
contractors
with
different
terms
around
their
contracts.
So
organizationally
we
face
a
lot
of
barriers
for
adoption.
So
can
some
of
you
guys
speak
to
the
organizational
challenges
that
you
guys
have
had
around?
Maybe
the
date
yeah.
B
I
mean
I'll
be
happy
to
part
of
our
challenges.
Like
you
said,
we
have
a
lot
of
contractors.
You
come
on
board
to
support
applications.
One
of
the
challenges
we
have
is
a
lot
of
these
systems
for
mission-critical.
You
know
taxis
and
filing
systems,
so
the
contractor
come
in
comes
in
and
says
I
need.
You
know,
50
servers
to
be
able
to
deliver
that
workload.
B
You're
kind
of
held
to
that
number
so
part
of
this
technology
provides
me
the
ability
to
start,
judging
that
and
seeing
whether
I
need
to
or
not-
and
you
know,
like
I
mentioned,
with
our
build
processes
being
slow,
it's
difficult
other
projects
get
delayed
while
primary
systems
get
the
treatment
that
kind
of
thing.
So
that's
one
of
the
things
that
I
think
that
we
look
at
is
hopefully
being
able
to
kind
of
shift
out
of
this
model
where
we're
doing
server
directly.
C
So
when
we
went
to
go
to
implement
the
open
shift
platform,
one
of
the
techniques
that
we
used
was
a
was
a
war,
what
they
called
war
rim
style.
We
invited
pretty
much
everyone
all
of
the
stakeholders
that
were,
and
the
initial
rollout
of
our
microservice.
We
invited
the
business
unit,
the
operations
side,
the
developers
and
security
and
a
couple
other
couple
other
folks,
but
anyway
we
got
them
all
in
a
room.
We
talked
about
what
we
wanted
to
do,
what
the
what
the
goals
of
the
project
were,
and
we
got
buy-in
from
everyone.
C
You
know
all
at
one
time
this
technique.
What
it
allowed
us
to
do
was
allow
us
to
make
decisions
in
real
time
so
that
you
know
if,
if
a
contractor-
or
you
know,
someone
from
the
from
the
development
side
had
a
question
about
one
of
the
policies
or
about
one
of
the
decisions,
you
know
a
federal
lead
was
already
there.
We
were
already
there
to
explain
it
if
we
had
to
go
back
and
forth
with
security.
Security
was
right
there
to
make
the
decision.
C
So
you
know
we
didn't
have
to
call
anybody
or
anything
like
that
as
the
progress
as
the
project
did
progress,
though
we
found
that
we
did
have
to
reach
outside
of
the
core
group.
Obviously
this
came
pretty
apparent
when
we
started
to
interface
on
out
outward
from
the
network
we
started
getting
into.
You
know:
security
certificates
and
things
of
this
nature.
C
A
It
seems
like
you,
you
made
a
deliberate
effort
to
reset
the
culture
to
one
of
inclusion,
collaboration,
communication,
I.
Think
Jewell
also
made
a
pretty
deliberate
effort
to
make
sure
that
everybody
in
his
organization
was
educated
on
open
shift
and
containers
and
DevOps
and
and
these
new
practices
so.
E
To
be
fair,
it's
not
just
Joel
that
there's
a
whole
team
of
people.
Some
of
them
are
here
with
me
today
they
do
most
of
the
work
I'm,
just
the
guy
on
the
stage
delivering
this
particular
presentation.
The
reality
is,
though,
is
that
I
wouldn't
characterize
them
as
organizational
challenges.
I
think
it's
more
about,
at
least
in
our
space.
Our
groups
or
teams
have
been
delivering
applications
on
a
virtualized
environment
for
years.
They
know
how
to
do
that
and
what
you're
now
introducing
is
a
new
technology
that
has,
you
know,
inherent
questions
about.
E
How
do
I
do
security?
How
does
this
gonna
impact
my
job,
and
so
that's
what
you're
really
dealing
with
the
technologies?
Never
the
problem,
it's
what
is
it
in
it
for
me
and
how
do
you
get
people
to
see
the
value
proposition?
What
are
you
trying
to
solve
and
then
the
technology
kind
of
sells
itself?
So
we
just
things
similar
to
what
Steve
indicated.
We
spent
a
lot
of
time
doing
one-on-one
reach
out
to
individuals.
We
spent
a
lot
of
time
having
training
sessions.
E
We
created
reference
implementations
to
demonstrate
how
the
technology
could
work
pipelines,
delivering
both
internal
and
external
to
the
cloud,
but
I
think
the
most
important
thing
was
trying
to
dispel
the
notion
that
this
is
just
for
greenfield.
We
have
a
lot
of
you
know
older
applications
that
are
mission
critical,
and
so
we
took
some
of
our
main
applications
that
one
may
construe
as
legacy
and
we
started
showing
how
those
could
be
containerized
that
got
people's
attention.
I
think
that
was
where
we
started
to
gain
more
traction.
Is
that
okay,
this
isn't
just
for
new
stuff.
E
A
And
we
were
talking
about
this
earlier,
but
so
much
about
this
technology
change
is
like
relationship
counseling
right.
So
you
need
to
break
down
old
barriers
that
existed
before
and
get
people
to
talk
to
each
other
in
a
way
that
they
they
never
did
before
now
with
Jason.
Your
your
constituency
is,
is
remarkably
different
right,
so
you
have
you're
working
with
the
with
academia
and
scientists
right
so
I
imagine
sometimes
they're
very
opinionated
about
their
technologies.
Oh
yeah.
D
Yeah
yeah
and
the
big
thing
with
with
I
mean
it's
two
things
right.
It's
kinda
like
what
you're
saying
about
the
operational
side,
and
that's
that
takes
a
lot
of
presentations.
Things
like
that
to
the
office
members
off
team,
the
guys
and
talking
about
the
the
technology
and
then
getting
them
and
letting
them
play
with
it
right
that
helps
dissipate
a
lot
of
those
fears
about
operationally
supporting
this
technology.
D
But
then,
yes
from
the
from
the
customer
side
for
us,
it's
the
it's,
the
the
scientific
customer
who
who
is
probably
not
anything
like
a
computational
scientist
or
anything
like
that.
They're,
a
domain
scientists
who
learned
enough
programming
to
do
his
computational
fluid
dynamics
code
and
to
get
it
to
run
on
a
computer
but
he's
or
she's
mainly
designed
around
getting
that
code
to
run
right.
D
So
for
us
and
OpenShift,
it's
it's
getting
that
getting
that
framework
so
that
we
reduce
that
kind
of
that
friction
for
for
them
being
able
to
do
their
job
to
get
to
get
what
they
need
out
of
the
system
and
and
not
get
bogged
down
in
MongoDB
and
things
like
that
being
able
to
just
kind
of
to
do
their
their
their
scientific
work
and
move
on.
So
you.
F
C
Obviously,
one
of
the
first
things
that
we
that
we
were
able
to
bring
value
to
is
doing
the
Bluegreen
deployments.
We
leverage
the
features
in
in
the
OpenShift
platform
that
allow
us
to
you
know,
deploy
a
new
version
of
the
application
without
bringing
the
other
one
down
and
open
chef.
Does
that
automatically
so?
But
that
obviously,
is
a
good
value,
a
feature
for
us
and
from
a
business
business
perspective,
what
that
allowed
is
for
for
users
to
basically
continue
on
with
their
input
of
data.
E
So
we're
fairly
early
in
our
implementation,
we're
out
of
a
pilot
station
that
we're
moving
to
operationalizing
the
service
I
think
the
biggest
benefit
we've
seen
so
far
as
we've
changed
the
dynamic
of
the
conversation.
People
have
bought
into
containers
as
a
strategic
objective
and
how
they
want
to
deliver
applications.
E
So
you're,
seeing
more
enthusiasm
around
the
technology,
more
discussion
about
how
to
do
it
and
I
think
it's
energized
a
number
of
people
around
the
technologies,
a
point
that
they're
becoming
the
evangelists
for
us,
rather
than
us,
oiz
being
the
group
that
trying
sells
what
the
advantage
is.
Now
you
have
the
actual
lines
of
business
that
are
playing
with
these
technologies.
Saying
hey
I've
been
able
to
do
X,
Y,
&
Z.
Because
of
this
you
really
should
look
at
it.
I.
D
Think
for
us
it's
it's!
The
conversation
is
it's
changed
absolutely
and
in
a
very
positive
way.
You
know
with
the
scientific
community.
We
don't
have
to
I,
don't
know
how
many
of
you
guys
have
have
watched
like
Kelsey,
Hightower's,
intro
to
kubernetes,
I'm
sure
a
lot
bunch
of
us
have-
and
you
know
he
spends
like
20
minutes
doing
like
the
the
tetris
scheduling
talk.
You
know,
which
is
great,
but
what's
cool
in
scientific
space.
D
We
don't
really
have
to
have
that
conversation
because
high-performance
computing
machines
already
live
and
die
by
a
batch
of
scheduler
right,
and
so
so
for
us
it's
it's
been.
It's
been
cool
because
we've
been
able
to
kind
of
focus
in
on
what
they're
trying
to
do
and
empower
them
to
do
to
get
their
work
done
on
the
openshift
side,
just
like
they
already
can
get
their
work
done
on
the
high
performs
competing
science.
So
that's
been
the
biggest
benefits
in
part,
so.
B
We're
just
really
starting
our
pilot
work.
Exiting
that
and
entering
into
is
the
phase
where
the
CIO
has
identified.
This
is
being
a
major
activities
assigned
budget
as
well
as,
but
an
executive
in
charge.
So
we
have
that
you
know
really
ramping
up
now
we're
negotiating
with
our
partners
what
the
scope
is,
and
obviously
that's
part
of
the
fun
work
trying
to
explain
with
what
this
technology
is.
I
will
say
this,
though,
that
I
found
interesting
from
the
conversations
with
these
guys
that
are
ahead
of
us.
B
Some
of
the
conversations
are
a
little
intimidating
because
it
sounds
like
they're
so
far
ahead,
but
a
lot
of
these
projects
are
only
four
five
six
seven
months
ahead
of
you,
so
the
speed
at
which
you
can
take
off
is
really
kind
of
cool.
So
when
you
hear
people
talking
about
how
far
along
they
are,
in
my
mind,
I'm
thinking,
oh
they're,
two
years
ahead
of
me
and
I'm,
finding
out
they're,
three
or
four
months
ahead
of
me,
so
I
feel
a
lot
better
about
where
we're
sitting
right
now,
yeah.
A
F
F
G
Yes,
so
we
kind
of
make
this
just
sort
of
gut
instinct
delineation
between
commercial
and
government.
Have
you
guys
seen
the
other
side
of
the
fence?
And,
and
so
what
are,
the
differences
is
my
experience
in
with
government
customers?
Is
there
pretty
much
enterprise
customers
and
there
are
different
security
standards?
There
are
different
data
sets,
but
the
problems
us
really
span
both
what
are
what's
the
biggest
difference
like
what's
the
biggest
challenge
that
being
in
a
government
organization
offers
that
doesn't
exist
or
does
exist
in
the
commercial
space.
E
B
Gonna
say
that
one
of
the
big
ones
is
just
technology
insertion.
When
you
look
at
the
graph
you're
showing
up
there,
you
know
there's
a
thousand
and
fifty
new
tools
coming
out
every
day
and
for
us
it
takes
us
a
year
and
a
half
two
years
to
get
it
procured.
Cyber
approved
somebody
trained
on
how
to
install
it
and
to
maintain
it.
So
you
know
some
of
the
restrictions
we
have
is
trying
to
take
advantage
of
investments.
We
already
have
my
car.
You
know
investment
RedHat,
we
use
VMware
products.
B
E
Would
I
would
also,
as
David's
a
contracting
procurement?
It
is
a
major
issue
in
terms
of
speed
of
delivery
for
any
solution
that
you're
trying
to
do.
The
other
factor,
which
is
probably
also
prevalent
and
nonprofit,
is
just
that
there
is
no
profit
motive
from
a
government
agency.
Our
drivers
are
probably
more
cost
containment
and
then
delivery
of
value
to
our
constituents
as
opposed
to
a
line
of
business
driving
for
revenue
or
for
general.
E
B
I
was
just
saying
what
we're
finding
is
just
keep
muscling
through
I.
Think,
like
the
young
lady
said
earlier,
you
know
you're
running
into
these
barriers.
I
felt
like
a
buzzsaw,
I
love
the
Don
Quixote
picture
that
was
up
there
every
day
feels
like
that
as
we're
trying
to
get
this
sort
of
going.
But
it
sounds
like
the
ramped
up
after
it
takes
off,
is
just
phenomenal.
So
we're
really
looking
forward
to
that.
That
part
of
this.
C
You
know
one
making
sure
that
you
have
your
pipeline
set
up,
making
sure
that
you
can
automate
your
implementations
from
the
beginning,
we're
key
from
a
from
a
agency
perspective
in
terms
of
organization
and
people
really
what
it
came
down
to
was
the
relationships
between
different
groups
of
people
and
their
ability
to
you
know
to
trust
each
other
and
to
be
able
to
represent
their
interests
in
a
given
situation.
So
those
were
I
think
the
two
key
aspects,
along
with
obviously
I,
would.
D
Also
say,
don't
be
afraid
of
integration.
I
think
we
found
that
integrating
with
existing
tools
and
technologies,
storage
systems
IDP
those
kinds
of
things
are
massively
simpler
than
than
I've
ever
seen
before.
So
so
don't
be
afraid
of
that
that
sort
of
integration
with
your
existing
tools
and
technologies
so.