Red Hat SummitIntroduction to Red Hat OpenShift Data Foundation Managed Service
Overview of Red Hat OpenShift Data Foundation Managed Service
Abstract
Chapter 1. About Red Hat OpenShift Data Foundation Managed Service
OpenShift container-based workloads frequently require access to a full set of Kubernetes storage classes and common cluster data management capabilities wherever OpenShift runs.
The Red Hat OpenShift Data Foundation Managed Service is a fully managed solution, making it easy to provide the OpenShift applications with full-featured Red Hat OpenShift Data Foundation (ODF) ReadWriteOnce (RWO) and ReadWriteMany (RWX) storage classes, equipped with high-availability data replication and security capabilities such as data encryption.
The Red Hat OpenShift Data Foundation Managed Service is based on the ODF to ODF feature from ODF 4.11. ODF is built on the reliability, scalability, and performance of Ceph simplified for Kubernetes using Rook and other OpenShift Operators. The ODF Managed Service provides a trusted data foundation for OpenShift-based workloads, for example SQL/NoSQL database usage of RWO storage, message queue, CI/CD pipeline, and shared metadata usage of RWX shared file system storage.
ODF provides enterprise-grade scalability and reliability for OpenShift workloads with capabilities such as:
- High availability of Persistent Volume data across multiple Amazon Web Services (AWS) availability zones.
- Scales up to 1000 Persistent Volumes per OpenShift node.
- High-speed Persistent Volume attach/detach rate.
The OpenShift Data Foundation Managed Service is available as an add-on for the Red Hat OpenShift Service on AWS (ROSA), a fully-managed OpenShift service, managed and supported by both Red Hat and AWS. For more information on ROSA, see Red Hat OpenShift Service on AWS. The OpenShift Data Foundation provider and consumer add-ons are installed using the Red Hat OpenShift Service on AWS (ROSA) command-line interface. For more information on ROSA command-line interface, see Getting started with ROSA CLI.
Red Hat OpenShift Data Foundation managed service is currently limited to selected customers and available via invitation only.
Chapter 2. Red Hat OpenShift Data Foundation Managed Service architecture
The Red Hat OpenShift Data Foundation Managed Service is layered upon Red Hat OpenShift Service on AWS (ROSA) and comprises two parts, OpenShift Data Foundation provider and OpenShift Data Foundation consumer.
Figure 2.1. Red Hat OpenShift Data Foundation Managed Service architecture diagram
Red Hat OpenShift Data Foundation Managed Service provider (provider)
An OpenShift Data Foundation provider is a single-purpose OpenShift managed cluster that provides ODF storage services to one or more OpenShift managed clusters in the same Virtual Private Cloud (VPC) and region. When ODF providers are built on top of AWS Elastic Block Store (EBS) volumes in at least three availability zones (AZ), ODF replicates the data across these AZs, making the data tolerant to availability zone failures.
Workloads are not allowed to run directly inside the ODF provider. An ODF provider add-on can only be deleted if there are no ODF consumers connected to it. Once all connected ODF consumers are removed, the ODF provider add-on can be deleted via the ROSA command-line interface (CLI).
Red Hat OpenShift Data Foundation Managed Service consumer (consumer)
OpenShift managed clusters that run workloads can optionally connect to the ODF provider. The ODF consumer add-on must be installed in order to connect to and consume storage services from an ODF provider. A token is required when installing the ODF consumer add-on. Multiple ODF consumers can be connected to a single ODF provider running in the same VPC and AWS region, using the same AWS accounts.
When the ODF consumer add-on is installed, the ODF Managed Service creates all necessary resources and users on the target ODF provider and sets up the connection between the managed clusters automatically. To ensure isolation, each ODF consumer has dedicated storage pools and users on an ODF provider.
Chapter 3. Features of Red Hat OpenShift Data Foundation Managed Service
The features of OpenShift Data Foundation Managed Service are as follows:
Kubernetes Storage Classes
OpenShift workloads consume Red Hat OpenShift Data Foundation (ODF) storage services through the following two storage classes made available on every Red Hat OpenShift Data Foundation Managed Service consumer:
- Block storage devices
Block storage devices serve primarily database workloads. Persistent volumes of this type can only be attached to a single node at a time. The ocs-storagecluster-ceph-rbd storage class provides ReadWriteOnce (RWO) volumes for OpenShift workloads.
The supported access modes are:
- ReadWriteOnce (RWO) with volume modes filesystem or block.
- ReadWriteMany (RWX) with volume mode block for OpenShift Virtualization.
- Shared and distributed file systems
Shared and distributed file system class serve primarily to software development, messaging, and data-aggregation workloads. Example workloads include Jenkins build sources and artifacts, WordPress uploaded content and messaging using Red Hat AMQ. The ocs-storagecluster-cephfs storage class provides RWX volumes for OpenShift workloads.
The supported access modes are:
- ReadWriteOnce (RWO) with volume mode filesystem.
- ReadWriteMany (RWX) with volume mode filesystem.
Both storage classes use the Container Storage Interface (CSI) to manage resources within the OpenShift Data Foundation provider. The OpenShift Data Foundation Managed Service supports a maximum of 1000 ODF PVs per OpenShift consumer worker node.
Cross-AZ Redundancy
All persistent volumes (PV) provided by OpenShift Data Foundation provider automatically and synchronously replicate data across three AWS Availability Zones (AZ). Red Hat recommends using the default deployment of three AWS availability zones. The ODF PVs remain accessible in the event of a failure of an AZ or node.
Data Encryption
The underlying EBS volumes used for ODF Managed Service PVs are encrypted-at-rest by default.
Snapshots and Clones
A volume snapshot is the state of the persistent volume in a cluster at a particular time. These snapshots help to use storage more efficiently by not having to make a full copy each time and can be used as building blocks for developing an application.
A clone is a duplicate of an existing persistent volume that is used as any standard volume. You can use snapshots and clones from any OpenShift Data Foundation consumer.
AWS Regions and Availability Zones
All AWS regions supported by Red Hat OpenShift Service on AWS are supported for the OpenShift Data Foundation Managed Service. For more information on the supported AWS regions, see link: AWS regions.
Chapter 4. Resource requirements for installing Red Hat OpenShift Data Foundation Managed Service provider
The OpenShift Data Foundation Managed Service supports a cluster size of 4, 8 and 20 TiB. The following table shows the resources required for the deployment of the OpenShift Data Foundation provider cluster.
| Usable Size in TiB | Replicas | Total Size in TiB | OSD Size in TiB | OSD Count per AZ | Instance Type | Instance Count per AZ |
| 4 | 3 | 12 | 4 | 1 | m5.2xlarge | 3 |
| 8 | 3 | 24 | 4 | 2 | m5.2xlarge | 6 |
| 20 | 3 | 60 | 4 | 5 | m5.2xlarge | 6 |
OpenShift Data Foundation provider is built on top of AWS Elastic Block Store (EBS) volumes in at least three availability zones (AZ). ODF replicates the data across these AZs, making the data tolerant to availability zone failures. Workloads are not allowed to run directly inside the ODF provider.
Chapter 5. Service definition for Red Hat OpenShift Data Foundation Managed Service
This section gives information about the service definition for OpenShift Data Foundation Managed Service.
5.1. Deployment method for Red Hat OpenShift Data Foundation Managed Service
This section describes the deployment method for OpenShift Data Foundation Managed Service.
The ODF Managed Service is layered upon Red Hat OpenShift Service on AWS (ROSA), and comprises two parts, Red Hat OpenShift Data Foundation Managed Service provider and consumer.
Red Hat OpenShift Data Foundation Managed Service provider (provider)
An OpenShift Data Foundation provider is a single-purpose OpenShift managed cluster that provides OpenShift Data Foundation (ODF) storage services to one or more general-purpose OpenShift managed clusters in the same Virtual Private Cloud (VPC) and region. When ODF providers are built on top of AWS Elastic Block Store (EBS) volumes in at least three availability zones (AZ), ODF replicates the data across these AZs, making the data tolerant to availability zone failures.
Customer workloads are not allowed to run on the ODF provider. The OpenShift Data Foundation Managed Service does not support cross-region storage services.
A provider can only be deleted if there are no consumers connected to it. Once all connected consumers are removed, the provider can be deleted via the ROSA CLI.
Red Hat OpenShift Data Foundation Managed Service consumer (consumer)
The consumer add-on is a small footprint add-on which enables general-purpose ROSA clusters to connect to, and consume storage services from, the provider. Multiple consumers can be connected to a single provider running in the same VPC and AWS region, using the same AWS accounts.
When the consumer add-on is installed, the ODF Managed Service will create all necessary resources and accounts on the target provider, and will set up the connection between the clusters automatically. To ensure isolation, each consumer will have dedicated storage pools and users on the provider.
The consumer add-on can be removed from the cluster via the standard add-on removal work flows. Once this removal operation is invoked, it is non-reversible and cannot be undone. The removal operation includes automatic removal of all persistent data from this consumer in the corresponding provider storage pool and includes the related snapshots and clones. As such, the user is expected to delete all the Persistent Volume Claims (PVCs) and Physical Volumes (PVs) from the consumer cluster before deleting the consumer add-on.
5.2. Provisioning of Red Hat OpenShift Data Foundation Managed Service provider
This section describes how the OpenShift Data Foundation provider can be provisioned.
For the starting tier of ODF Managed Service offering, a customer may use the ROSA CLI to create an ODF provider of a single, fixed size. Customers can not expand the ODF provider in the initial phase. The ability to expand a cluster by increments equal to the initial, fixed size, up to a supported maximum size will be part of a subsequent phase of the service. ODF providers will be visible in the OpenShift Cluster Manager console, but all cluster operation tabs will be hidden.
5.2.1. OpenShift Data Foundation provider resources and sizing
For the starting tier of ODF Managed Service offering, the size of an ODF provider is 4, 8, and 20 TiB, based on 3x replication of ODF, and is comprised of the following AWS instances and EBS volumes:
For an ODF provider of size 4 TiB:
- 3 ROSA control plane nodes.
- 3 ROSA infrastructure nodes.
- 3 ROSA worker nodes, with each node being of AWS instance type m5.2xlarge and containing a full set of 3 ODF OSDs (logical devices), each OSD based on 4 TiB EBS volumes of type gp2.
For an ODF provider of size 8 TiB:
- 3 ROSA control plane nodes.
- 3 ROSA infrastructure nodes.
- 6 ROSA worker nodes, with each node being of AWS instance type m5.2xlarge and containing a full set of 6 ODF OSDs (logical devices), each OSD based on 4 TiB EBS volumes of type gp2.
For an ODF provider of size 20 TiB:
- 3 ROSA control plane nodes.
- 3 ROSA infrastructure nodes.
- 6 ROSA worker nodes, with each node being of AWS instance type m5.2xlarge and containing a full set of 15 ODF OSDs (logical devices), each OSD based on 4 TiB EBS volumes of type gp2.
5.3. Account Management for Red Hat OpenShift Data Foundation Managed Service
This section provides information about the service definition on account management.
5.3.1. Billing
The Red Hat OpenShift Service on AWS (ROSA) is billed through Amazon Web Services (AWS) based on the usage of AWS components used by the service, such as load balancers, storage, EC2 instances, other components, and Red Hat subscriptions for the OpenShift service. For the initial, Limited Availability ODF Managed Service offering, there is no fee charged for the ODF add-on located on ODF consumers
5.3.2. Cloud Providers
The initial ODF Managed Service offering is only available on the Red Hat OpenShift Service on AWS (ROSA).
5.3.3. AWS Regions and Availability Zones
All AWS regions supported by ROSA are supported for the ODF Managed Service.
5.3.4. Identity and Access Management
Customers will not have access to set up Identity providers to access the ODF Managed Service Cluster.
5.3.5. Service Level Agreements
Any service level agreements (SLAs) for the ODF Managed service itself are defined in Appendix 4. For more information on Appendix 4, see Red Hat Enterprise Agreement Appendix 4 (Online Subscription Services).
SLAs for support response times are covered in the Support section of this document.
5.3.6. Support
The ODF Managed Service includes Red Hat Premium Support, which can be accessed by using the Red Hat Customer Portal.
Support ticket to be raised for the product Red Hat OpenShift Data Foundation Managed Service.
For more information on the Scope of Coverage Page for what is covered with ODF Managed Service support, see Production Support and Scope of Coverage. OpenShift Data Foundation Managed Service support SLAs can be found at Support SLAs.
5.3.7. Service logging
System logs for all components of the ODF Managed service are internal and available only to Red Hat authorized personnel. Red Hat does not provide user access to component logs.
5.3.8. Service Metrics
Service metrics are internal only. They are used by Red Hat SREs to provide and maintain the service at agreed levels. Service metrics are accessible to Red Hat authorized personnel only.
The ODF Managed Service comes with an integrated Prometheus stack for internal storage monitoring that includes capacity, utilization, and performance metrics.
Customer Metrics
- ODF Provider
Storage capacity and utilization metrics are available per OpenShift cluster that is running the ODF storage service.
Customers will be notified by email when the cluster is running out of capacity, and they are expected to free up space to avoid disruption of service. This notification requires an opt-in to the service during the installation or after the installation.
- ODF Consumer
Utilization metrics are available per OpenShift cluster.
- Per volume, used capacity in bytes (Kubelet_volume_stats_used_bytes )
- Number of PVs (job:kube_pv:count)
5.3.9. Software Updates
All software updates will be managed by the ODF Managed Service. Red Hat will make a commercially reasonable effort to notify customers prior to service impacting updates and upgrades. The determination of the need for a service update and the timing thereof are the sole responsibility of Red Hat. Customers do not have control over when a service update occurs.
The ODF Managed Service is run as a service and is kept up to date with the latest ODF version. Minor version updates (x.Y.z) may include API changes and additional functionality. Therefore, customers are notified by email two weeks in advance before these upgrades are automatically applied. Patch level (also known as z-stream; x.y.Z) updates are optionally applied automatically the week following their release as long as the ODF managed service’s specific end-to-end tests pass. Upgrades to the version of the ODF Consumer add-on are considered part of the service update. The ODF Consumer add-on version needs to be the same as the ODF Managed Service version to ensure compatibility. Customers are responsible for the OpenShift platform needed to maintain this version compatibility.
Actions available in OpenShift Cluster Manager must not be directly performed from within the ODF Provider as this may cause adverse effects, including, but not limited to, automatic reversal of all actions.
5.4. Cluster backup policy for Red Hat OpenShift Data Foundation Managed Service
This section provides information about the cluster backup policy for OpenShift Data Foundation Managed Service.
It is critical that customers have backup plans for their applications and application data.
Application and application data backups are not part of the ODF Managed Service add-on. The user is responsible for backing up application data with a solution of their choice (e.g. Velero, OADP, or other commercial offerings). For more information, see Velero and OpenShift APIs for Data Protection.
The underlying OSD cluster is backed up per OSD’s backup and recovery policy. For more information, see OSD backup and recovery policy.
The underlying ROSA cluster is backed up per ROSA’s backup and recovery policy. For more information, see ROSA backup and recovery policy.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}