►
From YouTube: Application Modernization on AWS with OpenShift (ROSA) Sai Vennam & Javier Naranjo (AWS) OSCG 2022
Description
Partner Keynote: Application Modernization on AWS with OpenShift (ROSA)
Speakers: Sai Vennam (Amazon) | Javier Naranjo Matasan (Amazon)
OpenShift Commons Gathering Kubecon EU
May 17, 2022 Live from Kubecon EU in Valencia, Spain
Full Agenda here: https://commons.openshift.org/gatherings/OpenShift_Commons_Gathering_at_Kubecon_Europe_2022.html
Learn more at: https://commons.openshift.org
A
My
name
is
psy
venom
and
I'm
a
developer
advocate
with
aws.
A
lot
of
you
might
know
me
from
my
days
at
ibm,
I'm
the
guy
that
does
the
lightboard
videos.
Well,
I
was
a
big
fan
of
openshift
back
then,
and
it's
still
following
me.
I
just
can't
shake
this
thing,
but
all
jokes
aside,
I
am
a
big
fan
of
openshift
and
today
we've
got
an
exciting
demo
and
presentation
ready
for
you.
A
So
again
we're
going
to
be
talking
about
app
modernization
on
aws,
the
focus
on
browser,
that's
red
hat
openshift
on
amazon
web
services,
but
I
do
have
a
couple
of
really
cool
demos
lined
up,
but
first
I'm
going
to
pass
it
to
my
co-speaker
javier
to
introduce
himself
and
he's
going
to
do
the
first
part
of
the
presentation.
Today.
Okay,.
B
Thank
you
sai.
My
name
is
javier
naranjo,
I'm
doing
the
business
development
for
aws
in
nvidia,
and
today
we
are
going
to
talk
about.
What's
I
said:
how
do
we
see
modernization
based
on
the
experience
of
our
customers
and
also
explaining
a
little
bit
about
rosa,
how
we
position
it,
which
is
the
added
value
and
and
so
on?
So
first
of
all,
let's
take
a
look
to
what
our
customers
are
asking.
B
So
when
we
are
facing
projects
when
we
are
facing
partners,
what
they
say
is
the
main
four
things
that
our
customers
are
asking
for.
First
of
all
is
to
build
applications
not
to
take
so
much
care
about
the
infrastructure,
because
actually
they
are
looking
for
an
infrastructure
that
is
managed
infrastructure.
B
Of
course
they
want
to
scale
quickly,
because
when
we
are
talking
about,
modernization
is
not
only
that
you
are
creating
application
and
features
in
a
quick
way
in
a
fast
way.
You
also
need
to
scale
it
in
in
a
very
quick
way
and,
of
course,
everything
that
they
want
to
do
and
that
we
are
doing
in
aws
actually
is
around
security.
Okay,
so
everything
that
we
do
had
to
do
with
the
with
security.
Also,
when
we
are
building
that
application,
we
have
to
take
a
look
to
which
are
the
key
features
of
a
modern
application.
B
What
we
call
also
clone
native
application-
and
this
is
a
scale
to
million
of
users-
has
a
global
availability,
because
actually
every
single
feature
that
we
want
to
deliver
needs
to
be
available
for
everybody
inside
a
company
or
if
we
are
talking
about
a
service
that
is
for
our
customers,
then
to
to
our
final
users
being
able
to
respond
in
even
in
mile
seconds.
It's
actually
every
time
that
we
are
talking
about
the
modern
application
we
are
talking
about.
B
Two
facts:
first
is
velocity,
how
quick
you
are,
and
the
other
is
how
you
are
saving
cost.
So
this
is
key
when
we
are
talking
about
an
application
and,
of
course,
also
that
cloud
native
application
still
is
working
with
a
lot
of
data.
So
we
need
to
have
that
into
account.
B
The
white
boxes,
with
the
with
the
blue
letters
that
you
see
over
there
is
just
the
benefit
of
the
modern
application.
Okay,
so
luckily
we
are
just
answering
to
the
questions
to
our
customers,
because
actually,
which
each
of
any
of
the
features
that
we
see
you
see
over
there.
We
are
satisfying
the
fast
that
you
see
around
return
of
investment,
cost
tco,
increasing
the
business
agility.
B
Of
course,
the
customer
experience
the
user
experience
is
key
for
us
also
and
increasing
the
efficiency
of
the
developers,
because
we
are
providing
global
tools
in
order
that
they
can
use
it
to
create
their
applications
and
they
are
able
not
only
to
create
in
a
quick
way,
but
as
far
as
we
are
working
align
with
devops,
it's
not
only
creating
the
application
in
a
quick
way,
but
also
being
able
to
operate
it
in
the
day.
Two.
Also
in
a
in
a
modern
scenario,
what
kind
of
workloads
are
using?
Our
customers
for
containers,
of
course,
applications?
B
And
this
is
the
kind
of
applications
you
see
over
there.
We
are
talking
about
web
interfaces.
We
are
talking
about
back
ends.
We
are
talking
about
eot
data
processing,
but
around
we
see
also
staff
regarding
operational
expertise,
and
then
we
are
focusing
in
stuff
like
platform
as
a
service.
Things
like
that
in
which
we
are
providing
ci
cd
solution
infrastructure
as
a
service
solution,
around
management
security,
governance
of
the
of
the
stuff
that
we
are
creating.
B
Of
course,
what
we
are
doing
when
we
are
modernizing
sometimes
is
doing
that
lift
and
shift
not
only
modernizing,
so
we
have
to
take
care
about
moving
applications
legacy,
linux
applications
even
stuff
that
our
customers
are
using
on
premise
and
they
want
to
use
it
in
a
modern
way
in
the
in
the
cloud
and,
of
course,
all
around
machine
learning,
because
actually,
I
think
every
modern
company
that
is
trying
to
create
a
modern
solution
is
focusing
on
that
kind
of
stuff.
B
What
we
see
in
our
customers,
when
they
are
modernizing,
actually
is
the
steps
that
you
see
over
there.
Sometimes
they
discover
that
they
are
using
some
stuff.
That
is
not
useful
anymore,
because
maybe
it's
just
a
couple
of
users
are
using
it
and
they
are
spending
a
lot
of
time
operating
it,
creating
it
and
just
trying
to
provide
new
features
when
nobody
use
it.
So
they
try
to
reduce
it.
B
But
the
key
point
here
is:
when
you
focus
on
modernize,
you
can
decide
if
you
go
to
re-platform
and
that
way
you
will
do
it
with
containers
or
you're
going
to
refactor,
and
that
way
you
will
do
it
in
an
even
driving
architecture.
Using
overland
function,
you
see
over
there
that
we
are
having
different
solutions
for
containers,
even
hybrid
solutions
in
which
we
are
providing
the
capacity
to
our
customers
to
run
containers
on
premise
and
also
containers
on
the
in
the
cloud
and,
of
course,
appears
also
this
last
piece
that
you
see
over
there.
B
In
this
case,
what
we
are
releasing
is
the
the
rosa
service,
red
hat
opencv
on
ws,
and
this
is
because,
when
we
are
talking
to
our
customers,
we
see
that
most
of
the
time
our
cio
ceos
that
say
I'm
investing
a
lot
of
time
in
working
or
creating
the
platform
that
I
will
use
to
create
my
applications
and
I'm
not
focusing
in
my
applications,
I'm
not
focusing
in
the
added
value
that
I
want
to
create
to
my
customers
and
to
my
service,
and
this
is
something
that
we
need
to
fix,
because
when
you
need
to
create
your
own
kubernetes
platform,
if
you
are
doing
yourself,
then
you
are
in
a
in
a
trouble.
B
You
know,
because
sometimes
I
mean
when
we
are
talking
about
enterprise,
we
are
not
doing
ikea
furniture
right.
We
are
not
taking
different
pieces
and
putting
it
together,
because
this
is
something
that
maybe
we
are
doing
at
home.
But
when
you
are
going
to
an
office-
and
you
see
the
fortitude
that
you
have
over,
there
is
office
staff,
professional
staff,
professional
furniture.
B
So
the
difference
is
key.
I
mean
this
is
not
something
that
you
need
to
create.
If
you
have
tools
that
are
already
doing
this
for
you,
you
need
to
be
a
professional
with
your
business
and
you
you
need
to
do
it
using
a
professional
tool,
in
this
case,
a
platform
as
a
service
which
all
the
pieces
integrate
your
node
openshift.
So
I'm
not
going
to
talk
in
deep
here
about
openshift,
but
the
key
difference
is
that
we
are
not
doing
a
building
block
solution
just
trying
to
integrate
anything.
B
What
we
are
doing
is
a
natural
way,
a
natural
aroma
from
the
self-managed
solution
with
openshift
that
you
can
run
it
even
on
premise,
then
you
can
run
that
self-managed
solution.
Also
in
the
cloud
in
aws,
red
hat
was
selling
their
own
managed
service
solution
with
openc
dedicated
that
was
transparent
to
the
customer,
but
was
running
on
top
of
aws,
but
the
relevant
thing
now
is.
We
have
a
new
solution.
B
Everything
is
integrated.
It's
a
joint
mana
service.
It's
like
open
c
dedicated
with
a
new
flavor,
because
actually
we
are
providing
from
aws
support
to
the
infrastructure
and
to
the
integration
with
our
infrastructure
and
red
hat
is
providing
support
to
the
platform
as
a
service
to
the
solution
that
is
running
on
top
okay.
And
that
said,
I'm
going
to
pass
this
now
to
to
my
colleague's
side
and
we
are
going
to
see
a
little
demo.
A
All
right,
don't
worry,
I'm
here
to
be
coming
back
on,
but
it's
time
for
the
demo
and
just
want
to
kind
of
recap
a
little
bit.
I
think
the
the
the
way
that
rosa
is
operated
and
managed
we're
going
to
dive
a
little
bit
more
into
detail
there,
but
I
think
it's
a
model
that
works
really
well
and
that's
because
you
know
even
looking
at
the
roadmap
presentation
earlier,
it's
very
clear,
there's
a
lot
of
complexities
that
are
associated
with
managing
openshift.
A
Yes,
of
course,
with
all
the
tools
and
services
that
make
openshift
easier
to
run.
A
lot
of
that
is
easier
than
bare
vanilla,
kubernetes,
but
there's
still
a
level
of
complexity
and
so
right
now
what
I
want
to
do
is
kick
off
a
demo.
I
want
to
show
you
what
the
rosa
experience
looks
like
and
it's
an
experience
that
starts
in
the
console
in
the
aws
console
and
for
better
or
worse
I'll,
say
that
this
is
about
the
extent
of
which
it's
integrated
into
the
console.
A
Today
I
think
openshift
users
like
openshift
and
openshift,
esque,
consoles
and
user
experiences.
So
when
you
start
in
the
console,
you
really
just
have
to
click
one
button.
You
enable
the
service
and
then
immediately
you'll
notice.
It
says
download
cli
and
the
first
thing
it'll
do
is
it'll.
Take
you
to
a
red
hat
documentation
page.
Let's
quickly,
check
that
the
ethernet
is
connected
here.
I
think
we
are
good.
Well,
luckily,
I
have
it
open
in
another
tab
regardless
you
can
see
here
that
it's
pretty
straightforward.
It's
a
one.
A
Two
three
four
steps:
you
download
the
cli,
you
make
sure
that
you're
kind
of
logged
in-
and
you
know,
I'm
so
confident
that
this
demo
is
going
to
work
today
and
that's
partly
because
rosa
has
this
amazing
command.
It's
called
rosa
init
and
what
this
does
is
essentially
make
sure
that
the
system
is
ready.
It's
ready
to
create
a
cluster.
You
have
the
right
quotas
in
place.
I
ran
the
command
twice,
but
just
I
wanted
to
zoom
in
a
little
bit.
You
can
kind
of
see
it
right
here.
A
What
it's
doing
is
it
logs
in
with
my
username
and
validates
the
credentials
make
sure
I
have
the
quota.
The
the
policies
are
in
place
now.
Folks,
I
know
that
if
you're
like
me,
working
with
aws
one
of
the
things
that
trips
you
up
probably
is
making
sure
all
your
iam
policies
are
in
place,
and
so
I
think
this
experience
it
just
ensures
that
all
the
permissions
are
set
correctly.
A
I'm
feeling
good
I'm
feeling
ready
about
this
demo
right
now.
So
what
I'm
going
to
do
is
create
a
cluster
using
the
rosa
cli
and
it's
very
straightforward.
I
will
quickly
point
out
that
the
dash
dash
sts
this
is
the
security
token
service
from
aws.
That
makes
sure
that
the
service
is
created
securely.
A
A
It's
too
long
there
we
go
so
pick
something
a
little
shorter.
We
picked
the
openshift
version.
Now.
What
I'm
going
to
do
is
walk
through
walk
you
through
some
of
the
different
options
that
that'll
kind
of
give
me.
So
it's
using
the
arns
that
I've
already
created
external
id.
This
is
for,
if
you
have
a
special
account
where
you
need
a
custom
account
id
operator
roles.
Prefixes
are
some
more
permissions
things
for
rosa
to
have
access
to
aws,
here's
a
cool
one.
You
can
actually
deploy
rows
across
multiple
availability
zones.
A
When
we
talk
about
dr
strategy,
this
is
going
to
be
the
best
possible
approach
for
a
majority
of
customers,
the
chance
that
you
know
when
we
look
at
a
deployment
across
multiple
availability
zones.
You
get
that
you
know
high
availability,
that
a
lot
of
industries
and
customers
need
keep
going
here.
Let's
pick
a
region
that
we
want
to
deploy
it
in.
A
Don't
worry
folks!
We're
almost
done
through
this
set
of
kind
of
prompts
here,
a
private
link.
Cluster
say
you
wanted
to
have
a
cluster:
that's
not
exposed
to
the
public
internet
workloads
that
can
run
within
the
context
of
their
cluster
without
need,
reading
to
reach
out
or
have
services
reach
in
and
of
course,
if
you
do
need
to
access
certain
services,
there's
a
number
of
aws
services
that
have
private
link
endpoints
essentially
make
sure
traffic
doesn't
go
on
public
pipes
kind
of
going
forward
here.
Do
you
want
to
install
into
an
existing
vpc?
A
Let's
just
say
no,
we'll
create
a
new
one.
A
customer
managed
key.
If
you
want
to
use
a
custom
key
for
encrypting
data,
you
could
choose
that
right.
There
choose
the
compute
nodes,
a
lot
of
options
here.
Let's
choose
m5x
large,
auto
scaling.
Now
you
can
actually
configure
this
automatically
here.
So
essentially,
it'll
automatically
scale
up
the
nodes
in
in
response
to
load
and
there's
some
default
parameters
that
are
set
there.
A
Two
compute
nodes
by
default,
some
cider
block
information.
It's
a
question
for
if
you
want
to
encrypt
ncd
data
that
cd
data
is
already
encrypted
and
by
the
way
this
terminal
is
so
cool.
If
I
want
some
more
information,
I
can
just
hit
the
question
mark
it'll
tell
me
a
little
bit
more
about
what
exactly
it's
doing
so
by
default.
It
is
already
encrypted
it's
kind
of
an
additional
encryption
on
top,
so
go
with
the
default
there
workload
monitoring.
A
This
is,
if
you
don't
want
red
hat
sres,
to
see
your
application
logs
and
there
we
go,
and
it's
going
to
start
creating
that
cluster.
Now
we
went
through
a
lot
of
different
options
there.
What?
If
I
wanted
to
do
that
again
in
the
future
and
change
just
one
option,
it
gives
me
the
entire
command,
so
in
the
future
I
could
just
copy
that
change
the
command
a
little
bit
and
and
redeploy
it.
A
So
here,
let's
click
on
the
clusters
itself,
which
is
going
to
launch
into
the
openshift
dashboard
specifically,
and
so
I
created
a
cluster
last
week
that
I'm
going
to
use
for
the
demo
today
by
the
way
that
one
that
we
just
created,
we
already
see
it
in
the
console
and
it's
installing,
but
we're
not
going
to
wait
for
that
today,
we're
going
to
switch
over
to
the
cluster
that
I've
already
created,
and
here
we
can
see
a
few
things
now.
First
off.
A
I
think
this
is
what
I
was
saying
about
how,
although
this
is
openshift
running
on
aws,
it's
the
same,
familiar
openshift,
console
and
experience
that
you
know,
and
so
here
we
can
see
the
cluster.
We
can
do
things
like
updating
the
version.
I
won't
go
into
too
much
detail
here
because
again
shift
is
open
shift,
but
there
is
one
thing
that
I
want
to
quickly
show
here.
A
We'll
see
that
the
logs
have
actually
started
streaming
into
cloudwatch
from
my
cluster
and
then
go
to
my
login
sites.
Let's
make
sure
I'm
in
the
right
region.
A
Love
it.
The
internet
is
working
great,
we'll
pick
all
my
log
groups
we'll
run
a
quick
query
and
boom.
We
can
see
the
logs
coming
directly
from
my
cluster,
for
example,
I
can
open
up
one
of
these
and
we
can
see
that
this
particular
container
is
running
in
rosa
demo
and
it's
the
ip
controller
manager.
But
there
you
go.
That's
the
first
part
of
the
demo.
Here,
I'm
going
to
switch
back
to
the
slides
here,
and
I
want
to
quickly
talk
about
a
few
things
and
we'll
kick
into
the
next
one.
A
And
so
what
we
can
kind
of
see
here
is
that
the
most
opinionated
it's
going
to
be
kind
of
a
serverless
approach.
Really
the
only
thing
you're
worrying
about
there
is
application
code
and,
on
the
other
end
of
the
spectrum,
we
have
things
like
ec2,
which
have
ultimate
flexibility.
In
fact,
you
can
run
openshift
yourself
on
ec2.
If
you
want-
and
a
number
of
customers
do
that,
but
when
we
talk
about
containers
specifically
when
we
look
at
something
like
ecs
eks,
now
there's
a
number
of
solutions
on
aws
that
support.
A
You
know
things
like
automating
automating,
like
the
delivery,
with
eks
blueprints
things
like
app
mesh
for
kind
of
worrying
about
kind
of
service
level.
Networking,
there's
container
registry
there's
a
number
of
solutions,
but
with
rosa
what
you
get
is
a
turnkey
application
platform,
and
that
is
it's
it's
kind
of
baked
into
the
platform
itself,
and
so
I
want
to
quickly
talk
about
what
that
means
for
users.
So
again
with
eks,
we
saw
that
landscape
slide
tons
of
solutions
in
the
cncf.
A
The
model
the
difference
with
rosa
is
that
you
have
red
hat
sres
that
actually
manage
that
compute
data
plane
and
control,
plane,
they're
in
the
back
end
and
they're,
making
sure
things
run
smoothly.
When
you
open
a
support
ticket,
you
can
open
against
aws
or
red
hat.
Of
course,
billing
is
going
to
be
coming
through
aws.
A
Now,
of
course,
today
we
talked
we
were
talking
about
modernization
of
applications.
What
we
see
here
is
that
there's
a
number
of
services
on
aws.
Really
this
is
the
bread
and
butter
of
aws.
It's
what
we
do.
Well,
we
have
so
many
services
that
allow
you
to
do
things
from
storage
to
ci,
cd,
for
storing
containers,
a
central
managed
service.
Now,
of
course,
a
lot
of
these
things.
Customers
may
choose
to
run
them
within
cluster,
but
also
when
you're
looking
at
a
bigger
scope.
A
A
This
allows
us
to
operate
aws
from
within
openshift.
This
is
pretty
powerful.
So
let
me
scroll
down
here.
Let
me
find
one
of
these,
let's
say
rds
and
we'll
hit,
install
and
we'll
see
that
it
gives
me
the
option
to
go
through
here
and
install
this
operator
into
my
cluster
and
notably,
I
think
openshift
does
a
great
job
with
this.
It
shows
me
the
apis
that
become
exposed.
What
can
I
actually
do
once
this
operator
is
installed?
A
So
let's
go
to
my
installed
operators.
I've
set
up
the
s3
operator
and
I
want
to
create
a
bucket,
so
we'll
say,
create
bucket
and
we'll
name
this
bucket
commons,
demo,
one
and
then
the
name
of
the
bucket
itself
actually
needs
to
be
completely
unique.
So.
A
There
we
go
seems
random
enough
and
we'll
hit
create,
keeping
all
the
other
defaults
all
right.
So,
let's
take
a
look,
we'll
click,
the
bucket
make
sure
there's
no
errors
make
sure
I
didn't
mess
anything
up.
Resource
synced,
successfully
jump
to
my
s3
console,
I'm
in
the
right
region.
Already
there
we
go
and
just
like
that,
I
was
able
to
get
a
bucket
created
using
a
kubernetes
based
artifact,
that
is
I'm
able
to
work
with
aws
using
a
crd
within
kubernetes.
A
I
think
this
is
very
powerful
and,
of
course,
if
you
wanted
to
take
the
information
from
that
actual
deployed
cluster,
of
course
I
lost
it
here
we
go
and
say
I
wanted
to
pass
in
something
like
the
location
into
a
config
map
or
secret,
so
that
my
containers
could
access
it.
You
can
do
that
fairly
easily.
It's
just
another
crd,
just
another
resource
you
deploy
into
kubernetes.
A
I
really
wanted
to
show
this
today
because
it
shows
that
you
know,
with
openshift
running
on
aws
you're
able
to
actually
integrate
and
operate
services
running
within
aws
as
well.
All
right,
that's
my
demo!
For
today,
I'm
going
to
pass
it
back
to
the
slides
and
javier's
got
a
couple
more
that
he
wants
to
share
with
you.
Thank
you.
B
Okay,
so
that
was
a
really
good
content,
really
good
demo.
Finally,
we
want
to
talk
about,
which
is
the
consumption-based
pricing.
Of
course,
when
we
are
talking
about
opencv
self-managed,
you
will
see
that
the
price
is
much
cheaper.
When
you
go
to
a
managed
service
solution,
actually
you
have
to
dimensioning
in
the
proper
way,
but
you
need
to
understand
which
stuff
you're
going
to
pay
and
which
part
of
the
price
that
you
are
facing
is
mapped
to
any
of
the
of
the
staff
that
you
see
over
there.
B
First
there's
some
rosta
services
fees
and
these
fees
are
compelling
or
competing
to
the
work
to
the
worker
nodes.
Actually,
every
four
cpus
you
are
paying
a
price
for
the
for
the
fee
in
that
workload,
worker,
not
infrastructure.
So
it
depends
on
the
kind
of
instance
that
you
are
using.
I
mean
if
you
need
to
use
for
your
worker,
for
your
workloads
in
that
notes,
more
capacity,
then
you
are
paying
more.
B
It
depends
on
the
dimensioning
that
you
are
doing
and
also
you
have
to
pay
a
little
fee
for
the
control
plane
that
actually
you
will
see
in
the
public
prices.
That
is
a
ridiculous
price
for
for
that,
and
then,
of
course,
you
have
to
pay
for
the
infrastructure
that
you
are
going
to
use
for
the
control
plane
and
also
for
the
workers.
The
good
news
is
that
the
the
same
way
that
you
are
paying
for
one
year
up
to
three
years
for
the
subscriptions
with
red
hat,
you
have
a
similar
model.
B
So
if
you
acquire
compromise
for
for
rosa
for
one
to
three
years,
the
price
will
be
changing
and,
of
course,
if
you
are,
if
you
are
going
to
use
it
for
for
more
years,
is
going
to
be
a
cheaper,
but
the
the
pricing
is
really
simple.
If
you
go
to
the
to
the
to
the
internet,
and
you
just
write
rosa
pricing,
you
will
see
different
examples
with
different
control
planes,
different
worker
nodes
and
so
on,
and
it's
really
useful.
My
last
slide.
Can
you
pass
it
there,
because
this
is
not
working?
B
Please
say
so,
I'm
here
it's
just
to
talk
about
the
aliens.
This
is
not
something
that
we
are
just
creating
now
for
rosa
I
mean
we
have
been
working
with
the
aws
for
many
years
now.
We
have
a
lot
of
workloads
and
different
solutions
on
top
of
aws.
Red
hat
is
using
a
lot
of
stuff
on
top
of
us.
In
fact,
you
have
to
understand
that
the
first
managed
service
that
they
were
creating
opencv
dedicated,
was
indicted
lee
on
top
of
aws
and
what
they
say.
B
My
my
colleagues
and
my
peers
from
from
from
red
hat
diabetes.
They
say
you
know
the
first
steps
of
the
that
we
are
testing
for
new
releases
and
the
first
cloud
in
which
we
are
testing.
Everything
is
aws,
so
I
think
that
is
a
natural
step
in
the
growing
of
a
managed
service
to
go
to
other
aws,
with
rosa
for
that
integration,
with
openshift
in
a
joint
managed
service
with
aws,
in
order
that
we
can
provide
a
better
service
and
a
better
solution
to
our
customers,
and
that's
all
that
we
have
for
today.