Azure-redhat-openshift notes

 Azure redhat openshift-

1.openshift extendes k8s , in the case of user account i.e. logging and monitering tools ,aunthentication resourses ,supports, juggle image registries,storage management,networking solutions and many other feature.

this all extended feature are tested and managed by azure redhat openshift.

2.ARO is provides you fully managed o/s cluster.it provides approximately 100 percent support for any kind of issue or problem is happen.

3.ARO is platform as a service i.e. Paas ,beacause it provides single managed platform to container managing tools, in case of middleware ci/cd,data storage ,frameworks.

4.ARO managed by -1.microsoft 

                                   2.redhat

5.ARO gives you fully cloud based cluster management beacause there is no any type of machine  infrastrucure and maintainace of machines.

6.work on subscription bases in case you pay azure bill.

7.ARO provides you with azure ad i.e. azure directory with role base access control of k8s.in which you can able to health check of cluster.

8.to deploy ARO cluster you have to complete 

                                    1.set up all prerequisites.

                                    2.created the vertual network and subnet

                                    3.deploy a clustrer.

this all available at https://learn.microsoft.com/pdf?url=https%3A%2F%2Flearn.microsoft.com%2Fen-us%2Fazure%2Fopenshift%2Ftoc.json

9.the one of the the most valuable feature is Using Azure Spot Virtual Machines allows you to take advantage of our unused capacity at a significant cost savings. At any point in time when Azure needs the capacity back, the Azure infrastructure will evict Azure Spot Virtual Machines. For more information around Spot Instances

10.ARO allows you to use infrastructure machine sets to create machines that only host infrastructure components, such as the default router, the integrated container registry, and the components for cluster metrics and monitoring. These infrastructure machines aren't counted toward the total number of subscriptions that are required to run the environment. In a production deployment, it's recommended that you deploy at least three machine sets to hold infrastructure components. Each of these nodes can be deployed to different availability zones to increase availability. This type of configuration requires three different machines sets; one for each availability zone.

11.Azure Red Hat OpenShift uses cluster certificates stored on worker machines for API and application ingress. These certificates are normally updated in a transparent process during routine maintenance. In some cases, cluster certificates might fail to update during maintenance. If you're experiencing certificate issues, you can manually update your certificates using the az aro update command: Azure CLI where: name is the name of the cluster resource-group is the name of the resource group. You can configure the default group using az-config --defaults group= . refresh-credentials refreshes cluster application credentials Running this command restarts worker machines and updates the cluster certificates, setting the cluster to a known, proper state

12.Get a Red Hat pull secret (optional) i.e.A Red Hat pull secret enables your cluster to access Red Hat container registries along with other content. This step is optional but recommended.

13.sequrity level -By default, the OS disks of the virtual machines in an Azure Red Hat OpenShift cluster were encrypted with auto-generated keys managed by Microsoft Azure. For additional security, customers can encrypt the OS disks with self-managed keys when deploying an Azure Red Hat OpenShift cluster. This feature allows for more control by encrypting confidential data with customer-managed keys (CMK).

14.Use Azure Container Registry with Azure Red Hat OpenShift (ARO)

Azure Container Registry (ACR) is a managed container registry service that you can use to store private Docker container images with enterprise capabilities such as geo replication. To access the ACR from an ARO cluster, the cluster can authenticate with ACR by storing Docker login credentials in a Kubernetes secret. Likewise, an ARO cluster can use an imagePullSecret in the pod spec to authenticate against the registry when pulling the image. In this article, you'll learn how to set up an Azure Container Registry with an Azure Red Hat OpenShift cluster to store and pull private Docker container images

15.If you want to learn ARO  the you have learn this concepts

                    1.application gateway

                    2.Front doar 

                    3.Security