►
From YouTube: OpenShift at National Geospatial-Intelligence Agency James Cherry OpenShift Commons Gathering 2019
Description
OpenShift at NGA Case Study with tbd
at OpenShift Commons Gathering 2019
Case Study: OpenShift @ National Geospatial-Intelligence Agency (NGA)
Andrew Heifetz (Ampsight) | James Cherry (National Geospatial-Intelligence Agency) | Nick Sabine (Red Hat)
A
I'm
Nick
Saban
I'm,
a
senior
solution
architect
working
with
the
national
geospatial-intelligence
agency
or
nga,
and
today,
I
have
with
me
James
Jerry,
with
nga
and
Andy
CEO
of
website
the
red
hat
partner
and
they're
here
to
talk
about
the
mission
of
nga,
what
they
do
all
the
cool
work
they
do
to
support,
disaster
relief
and
our
country
and
also
talk
about
some
of
the
challenges
and
of
OpenShift
as
a
hybrid
cloud
strategy
and
challenges
of
getting
that
in
a
disconnected
environment
on
to
the
edge.
So
James.
B
All
right,
thanks
Nick
today
wax,
would
be
discussing
three
things:
what
is
GEOINT
our
hybrid
cloud
strategy
and,
as
Nick
said,
some
challenges
and
lessons
learned
along
the
way.
My
name
is
James.
Cherry
I
were
21
years
in
the
private
sector
before
coming
over
to
nga
I'm,
currently
heading
up
our
high-performance
computing
program
within
our
storage
and
compute
division,
and
our
role
is
to
ensure
our
customers,
both
internally
and
externally,
can
ingest
process
and
analyze
as
quickly
and
efficiently
as
possible.
B
Brief
introduction
of
nga
nga
is
the
national
geospatial-intelligence
agency
and
its
mission
is
to
provide
geospatial
intelligence
or
Gon
for
our
nation's
security.
We
are
a
valued
customers,
Combat
Support,
Agency
and
principal
member
of
the
intelligence
community
with
diverse
customers
and
mission
says
we
use
GEOINT
to
provide
decision-making
advantage
to
war
fighters
first
responders
and
policy
makers,
but
still
what
is
gon
gon
is
the
use
of
imagery
imagery
intelligence
and
geospatial
information
to
describe
and
depict
features,
activities
and
locations
on
earth.
Gon
is
more
than
the
use
of
imagery.
B
It's
combining
this
combining
combining
more
sources
to
create
a
comprehensive
picture.
Basically,
if
you
have
a
point
and
location
on
earth,
if
you
can
map
it,
if
you
can
chart
it,
if
you
can
represent
spatially,
this
gon
gon
tells
you
where
exactly
something
or
someone
is
what
it
is
and
why
it's
important.
B
This
slide
further
illustrates
the
layer
of
GEOINT
data
that
we
ingest
analyze
and
process.
We
have
the
ability
to
process
publicly
available
social
media,
that's
important,
such
as
Twitter
Instagram,
Facebook
commercially,
provided
imagery,
which
supports
close-up
navigation
planning
and
urban
area
operations,
street
level
data
topography,
which
provides
a
certain
level
of
detail
for
ground
operations,
geography,
ocean
data
such
as
currents,
reef
locations
and
water,
depth
and
terrain,
which
provides
changes
in
elevation
and
slope
and
in
the
underlit
in
any
undulations
in
the
environment.
B
B
B
On
this
slide,
we
have
a
flooding
event
from
actually
a
couple
of
months
ago
and
offered
Air
Force
Base
in
Nebraska,
and
we're
able
to
use
imagery
to
help
assess
damage,
as
well
as
assist
with
recovery
efforts
for
agencies
such
as
FEMA.
So
if
you
look
down
at
the
bottom,
you'll
see
where
we
can
focus
in
on
a
couple
of
hangars
that
flooded,
I
think
the
water's
got
up
to
about
seven
feet
and
we
can
determine
okay.
What
was
in
those
hangars?
What
do
we
need
to
get
out
of
there?
B
Here?
We
have
a
volcanic
event
in
Hawaii
on
Mount
kilowatt,
hey
where
there
were
two
craters:
they
either
collapsed
or
started
to
drain
and
imagery
helped
not
only
with
the
evaluative
a
QA
ssin
of
residents,
but
also
how
it
could
possibly
affect
the
disposition
of
the
power
plant
that
you'll
see
at
the
top
in
that
particular
area.
B
B
Here
you
can
see
where
a
tornado
ripped
a
swath
right
through
the
city
of
Moore
Oklahoma
back
in
2013.
This
was
the
five
tornado
with
winds
above
200
miles
per
hour.
The
tornado
stayed
on
the
ground
for
approximately
37
minutes
and
was
over
1
mile
in
diameter
at
its
peak.
By
being
able
to
chart
that
path
of
that,
tornado
were
able
to
assist
first
responders,
but
focusing
on
where
the
most
damage
is
and
to
try
to
just
aid
in
any
recovery
that
we
can.
B
This
was
an
event
that
was
predicted
to
happen
every
two
to
five
hundred
years,
but
yet
here
we
are
and
we're
able
to
see
the
before
and
after,
and
we
get
that
kind
of
imagery
to
see
how
bad
the
damage
actually
is.
This
slide
right
here
is
our
world.
According
to
gon
land,
sea,
air,
science
and
geography,
we
have
196
square
kilometers
of
precise
stereo
and
mono
Auto
rectified
imagery
70
million
hydrographic
features.
B
They
are
four
billion
aeronautical
data
elements
and
if
you
look
at
that,
second
bullet
32
million
vertical
obstructions
that
could
be
antennas
that
could
be
powerlines
that
could
be
smokestacks.
That's
a
variety
of
vertical
obstructions
science,
125
million
gravity
records,
geography,
11-million
geographic
names
and
now
I'm
gonna
pass
this
over
to
Andy
who's
gonna
go
through
the
rest
of
our
presentation.
C
Great
thank
you
for
that
great
introduction
to
geo
and
chains
as
James
has
talked
about,
there's
a
massive
volume
of
data
and
compute
resources.
We
need
to
support
these
life-saving
missions,
so
stop
for
a
second
and
ask
yourself:
how
would
you
manage
all
the
required
storage
and
compute
infrastructure?
How
can
you
apply
kubernetes
and
OpenShift
to
support
disaster
relief?
C
You
know
our
hybrid
cloud
center
identified
five
key
areas
where
we
can
use
kubernetes
and
OpenShift
I'll,
give
you
a
quick
overview
of
some
of
these
areas
and
then
we'll
dive
into
two
areas
in
more
detail.
The
first
is
cloud
native
development.
As
james
said,
our
expertise
is
gon.
Our
knowledge
is
in
areas
like
katha
graffiti
ography
map
projections
and
digital
elevation
data.
Anything
we
can
do
to
help
developers
move
up
the
stack
and
focus
more
in
the
mission
and
less
on
infrastructure
as
a
win
for
us.
C
A
developer,
centric
platform
like
open
chefs,
helps
us
move
closer
to
the
mission.
The
second
is
digital
transformation,
a
big
focus
area.
That
transformation
is
modernizing
legacy
applications
like
any
enterprise.
We
have
a
lot
of
sigla
Jassi
systems,
but
we
want
to
help
transform
these
systems
to
take
full
advantage
of
the
elastic
condom.
Each
on
demand.
Nature
of
the
cloud
containers
have
helped
us
reap
platform.
These
legacy
applications.
We
also
had
developed
detailed
assessment
approach,
called
cloud
vector
to
analyze
different
cloud
and
container
migration
approaches.
C
The
third
topic
is
machine,
learning
and
I
think
would
be
illegal
to
give
a
tech
talk
in
2019
without
mentioning
machine
learning.
But
it's
important
to
us
because
of
this
sheer
volume
of
data
is
too
great
for
people
to
handle
alone.
There
simply
aren't
enough
eyes
to
look
at
the
petabytes
of
data,
especially
for
environmental
missions
like
countering
illegal
fishing
and
wildlife
poaching.
In
addition
to
developing
algorithms
data,
Sciences
need
a
platform
to
quickly
build
pipelines
to
pre-process
data,
to
train
and
refine
models.
C
Then
application
developers
need
a
need,
a
platform
to
deploy
those
container
based,
algorithms,
whether
they're
a
tensor
flow
or
pipe
torch
or
some
custom
model.
There's
a
tremendous
amount
of
innovation
in
the
kubernetes
community
around
ml,
and
we
want
to
leverage
that
you
know,
as
we
saw
the
talks
from
NASA
and
Volkswagen.
It's
it's
a
great
area
of
innovation.
The
fourth
is
global
infrastructure.
C
We
need
to
employ
applications
to
the
cloud
on
Tom
from
its
data
centers
and
to
the
edge
we're
looking
at
open
shift
to
give
us
a
common
baseline
to
deploy
applications
anywhere,
the
fifth
area
of
security
automation.
Given
the
missions
we
support,
we
need
speed
without
sacrificing
security
and
we're
looking
for
a
platform
to
help
with
both.
C
C
C
So,
as
we
saw
from
James
early
examples,
natural
disasters
can
happen
anywhere
in
the
world
and
the
first
thing
you
probably
lose
is
communications
back
to
the
cloud.
So
when
we
work
in
disconnected
environments,
so
so
we
need
to
work
in
disconnected
environments.
But
when
the
network's
up,
we
want
a
deploy
application
seamlessly
to
the
cloud
to
the
edge
into
data
centers
we're
using
kubernetes
and
openshift
to
provide
that
abstraction
layer
across
a
wide
variety
of
hardware,
from
ruggedized
devices
to
hyper
scale.
C
One
of
the
edge
devices
that
were
deploying
open
chef
to
is
AWS
snowball
edge
and,
if
you're
not
familiar
with
the
snowball,
it's
a
ruggedized
device.
It's
got
a
hundred
terabytes
of
online
storage,
52
cores
for
running
virtual
machines.
You
can
have
an
on-board
GPU,
graphics
card
for
inferences
or
light
weight
training.
It's
got
a
local
s3
object
store
as
well
as
data
sync
API
is
back
to
the
public
cloud
plus
it
handles
on
it.
C
C
C
So
kubernetes
has
a
pluggable
cloud
provider
that
allows
access
to
AWS
resources
and
api's,
which
is
great,
and
the
next
slide
shows
the
path
of
how
iws
is
accessed.
Kubb
calls
the
cloud
provider
which
then
calls
the
AWS
go
SDK,
which
then
calls
the
public
or
commercial,
AWS,
endpoints
or
URLs,
but
there's
a
catch.
C
The
the
go
SDK
hard
codes,
all
the
region
names
by
your
hard
codes,
all
the
region
names
in
URLs
in
an
enumeration
that
statically
compiled
into
a
Kuh
binary,
there's
no
way
to
easily
override
these
endpoints
for
for
edge
devices
or
other
private
cloud
regions.
The
silver
lining
is
kubernetes
as
an
open
source
project,
so
we
can
quickly
identify
the
problem
and
I
can't
overstate
the
importance
of
having
an
open
source
code
base
as
your
platform
to
troubleshoot
these
hyper
issues.
C
C
This
is
where
this
is:
where
support
from
Nick
and
the
Red
Hat
team
really
helped.
We
were
able
to
herb.
Red
Hat
was
able
to
help
us
navigate
the
community
process,
as
well
as
help
us
design
and
fix
the
test
where
it
had
facilitated
meetings
with
Amazon
and
other
community
partners,
and
we
were
able
to
get
the
pour
requests
into
the
next
release
of
kubernetes,
as
well
as
the
enterprise
version
of
open
shift.
C
Next,
so
here's
a
screenshot
of
the
pull
request.
You
know
a
big
shout
out
again
to
Nick
and
everyone
at
Red
Hat
for
making
this
happen,
and
we
found
the
issue
and
had
the
fix
in
the
next
release
of
kubernetes.
So,
as
Dan
said,
the
community
was
really
important.
A
Red
Hat
also
added
it
into
version
3
of
open
shift,
even
though
they
were
releasing
four,
oh,
and
that
was
the
priority.
So
again,
you
know
tremendous
thanks
to
the
whole
Red
Hat
team.
We
couldn't
have
done
this
alone.
C
So
in
the
next
slide,
I'm
gonna
switch
gears
a
bit
and
talk
about
one
of
our
last
challenges
and
that's
the
security
accreditation
process.
Now
security
is
always
paramount
and
in
highly
regulated
industries,
new
systems
have
to
go
through
a
lengthy
security
accreditation
process
and
the
government
new
systems
must
receive
and
maintain
an
ATO
ATO
stands
for
authority
to
operate,
and
this
approval
can
take
between
six
and
18
months
to
achieve
it
involves
implementing
documenting
testing
and
auditing
over
a
thousand
security
controls.
C
We're
using
open
shift
to
reduce
that
time
line
by
building
on
a
secure
heart
and
kubernetes
platform.
Applications
can
inherit
up
to
90%
of
the
security
controls.
Open
shiftin
becomes
a
common
control
provider
by
handling
all
the
security
services.
Every
application
needs
like
authentication,
Deedat,
rest
and
transport,
encryption,
auditing
and
logging
and
so
forth.
By
providing
these
common
controls,
applications
just
have
to
go
through
a
sec,
devops
pipeline
of
static
and
dynamic
code
testing,
as
well
as
dependency
analysis.
C
The
application
code
passes
these
tests
and
meets
a
predefined
risk
threshold
occurrence,
even
expedited
approval
up
to
deploy
to
the
platform,
and
this
raises
overall
security
bar.
You
know
the
platform
handles
the
infrastructure,
security
and
the
team
can
spend
more
time
on
application
level
or
abilities,
and
this
diagram
shows
shows
one
of
the
pipelines
we
have
in
place.
So
Nirvana
for
us
would
be
a
two
in
a
day,
but
our
target
and
we've
achieved
in
some
cases,
ATO
in
a
sprint.
C
So
in
conclusion,
these
were
just
a
couple
examples
of
how
we're
using
open
shift
to
accelerate
the
security
process
and
deploy
to
edge
locations,
we're
using
kubernetes
and
openshift
in
our
hybrid
cloud
strategy
to
better
support
missions
like
disaster
relief,
I'm
going
to
turn
it
back
to
James
for
some
parting
thoughts.
All.
B
C
B
B
B
I
believe
this
was
something
where
it
was
like:
1.7
million
pounds
of
toxic
mud
and
debris
were
spread,
so
we're
just
able
to
come
in
and
show
them
exactly
what
needs
to
happen
and
help
just
in
their
recovery
efforts,
as
we
have
stated
privileged
before
so
enclosing
nga
continues
the
efforts
to
deliver
meaningful
impact
to
our
customers.
Our
vision
is
to
know
the
earth
show
the
way
and
understand
the
world.