►
From YouTube: BS2 4 日本マイクロソフト 大溝様 日本ヒューレット・パッカード 惣道様
Description
OpenShift Commons Gathering Japan 20200
December 10, 2020
https://commons.openshift.org/gatherings/Japan_OpenShift_Commons_Gathering_2020.html
A
A
A
A
A
A
A
A
Fact,,
if
you
actually
try
using
this
OpenShift,,
it's
normal,,
you
'll
have
a
hard
time
with
Red,
Hat,
Push
and
OpenShift
from
the
cluster
manager,.
But
from
there
you
can
pull
secrets.
and
deploy
using
dazure's
cli,
well,,
it's
2
minutes.At
the
end,.
When
the
cluster
is
completed,,
you
can
easily
use
the
cluster
with
the
network,
configuration
etc.
A
A
Can
also
increase
availability
by
deploying
clusters
in
multiple
availability,
zones.
In
addition,
azure
has
already
obtained
various
compliance,
certifications,
such
as
Fisk
and
pci
dss,.
So
it
is
a
reliable
cloud
platform
and
baptism.
The
best
part
of
OpenShift,,
which
is
a
cluster
of
Cooper
Natis,.
A
A
A
A
A
A
A
A
Case
of
public
clouds,,
a
managed
empty
version
of
Lentis'
service
is
generally
provided.,
Among
them,.
The
reason
why
OpenShift's
managed
service
is
selected
is
that
in
the
case
of
OpenShift,,
the
cluster
management
function
that
has
the
Coover
name.
This
+
alpha
function
is
also
supported,,
so
there
are
various
service.
Meshes.
You
can
also
use
functions
such
as
log-in
logging
and
metering,
functions.
You.
A
A
A
Think
there
are
a
lot
of
requirements
for
enterprise
customers
who
have
various
difficult
sovereignty
and
want
to
separate
the
network
or
want
to
use
it
securely.
Open
shift
+6
azure
It
can
also
be
linked
with
Perth
and
saas
services,
such
as
databases
and
Kai
Pia
Management,
Cognitive
Services,,
and
it
is
also
possible
to
easily
achieve
network
isolation
and
connection
with
on-premises.
A
A
B
In
the
service
business
division,,
we
are
doing
system
construction,
design,
proposals
for
customers,
and
in
particular,
we
have
a
track
record
of
building
OpenShift,,
which
we
will
introduce
this
time,
for
customers
in
various
environments.
I
heard
from
Mr.
Aro.
We
jointly
created
what
is
called
the
Kuniwa
Reference
Architecture,.
So
today,
I
would
like
to
introduce
the
contents
of
that.
At.
The
end
of
the
first
half,
Mr.
Omizo
introduced
that
it
would
be
very
easy
to
get
started,,
but
of
course
it
is
also
possible
to
use
it
on
a
full-scale
enterprise.
Basis.
B
B
B
B
B
You
can
use
the
oc
command
or
the
cube,
control
command,
and
use
the
OpenShift
Ev
Console
to
operate.
For,
the
azure
resource,
you
can
use
the
az
command
or
the
Hatajuru
Portal.
I
think
that
it
is
a
point
that
should
be
recognized
at
the
beginning
of
the
design
that,
if
you
do
it,,
the
operation
will
become
Kate.
It.
B
B
B
B
As,
you
can
see
on
the
left,
side,
master
nodes
and
workers
are
deployed
as
VMs,,
but
unfortunately
other
network
sources
are
also
automatically
configured
in
the
form
of
load,
balancers
and
public
IP
sources.
If,
you
don't
understand
the
default
sewing
correctly
and
design
and
configure
it
appropriately,.
You
may
end
up
with
a
fragile
and
loose
infrastructure
configuration
from
a
security
perspective,.
So
you
need
to
be
careful
about
that.
B
B
B
B
B
B
As
for
the
security
design
at
that
time,,
if
you
were
to
think
of
it
like
a
church
defense,,
you
would
only
apply
security
to
the
places
that
enter
from
the
outside,
for
example,,
with
firewalls,
etc.
In.
The
unlikely
event
that
an
intrusion
could
occur.
Inside.
There,
is
a
risk
of
allowing
a
horizontal
attack.
B
B
B
B
B
Ip.
It
will
work
together
to
make
it
accessible
from
outside
the
Internet.In
many
enterprises,.
There
are
many
cases
where
access
via
the
Internet
is
not
permitted,
and
in
that
case,,
if
you
deploy
it
as
an
option,
as
shown
on
the
right,
side,
However,,
it
is
also
possible
to
configure
the
master
api
to
be
private.In.
B
This
way,,
the
load
balancer
that
was
stunned,
will
be
replaced
with
an
internal
load
balancer.As
a
result,.
There
is
a
cluster
that
can
not
be
accessed.
In,
this
case,,
as
you
have
in
mind,.
It
will
be
an
access
route
that
allows
you
to
access
only
from
the
maintenance
terminal
there
by
playing
to
obtain
a
maintenance
terminal
in
the
heat
of
that
part,
and
from
the
public
ip
It
is
possible
to
control
whether
or
not
to
allow
it.In.
B
B
B
A
B
B
B
Are
also
cases
such
as
using
the
function
that
allows
secure
access
to
the
vm
from
the
portal,
and
then
stabbing
the
access.
Thinking
about
this
is
an
example
of
input,
route,
restrictions,
and
output.
Type
restrictions
are
the
opposite.
For
example,,
connecting
a
worker
from
a
soil
container
to
an
external
service,
such
as
a
parsing
database,
is
an
example
of
an
output
route
restriction,.
But
here
too,
a
firewall
is
used..
B
B
Can
see
it
as
document
content.
We
also
provide
the
actual
azure
configuration
and
resource
allocation
as
a
script
like
the
one
I
just
introduced,,
so
you
can
access
the
azure
subscription
in
your
environment
and
actually
introduce
it.
Today.
It
is
possible
to
create
something
similar
to
8
Air,
Ropla
class
+
other
resource
configurations.
B
B
Lastly,
I
would
like
to
show
you
that
this
will
not
happen.
Originally,.
The
minimum
range
of
arrow
clusters
was
only
the
master's,
department,,
workers,,
etc.
on
the
left,
and
the
labor
balance.
However,.
If
you
take
a
look
at
the
network
security
restrictions
that
I
introduced
today,,
what
you
see
in
the
bottom
right
is
the
path
of
sound
play,,
but
you
can
access
it
securely
by
separating
v
nets
with
a
private
link..