a small form factor OpenShift/Kubernetes optimized for edge computing

Overview

Microshift

Microshift is OpenShift1 Kubernetes in a small form factor and optimized for edge computing.

Edge devices deployed out in the field pose very different operational, environmental, and business challenges from those of cloud computing. These motivate different engineering trade-offs for Kubernetes at the far edge than for cloud or near-edge scenarios. Microshift's design goals cater to this:

  • make frugal use of system resources (CPU, memory, network, storage, etc.),
  • tolerate severe networking constraints,
  • update (resp. roll back) securely, safely, speedily, and seamlessly (without disrupting workloads), and
  • build on and integrate cleanly with edge-optimized OSes like Fedora IoT and RHEL for Edge, while
  • providing a consistent development and management experience with standard OpenShift.

We believe these properties should also make Microshift a great tool for other use cases such as Kubernetes applications development on resource-constrained systems, scale testing, and provisioning of lightweight Kubernetes control planes.

Note: Microshift is still early days and moving fast. Features are missing. Things break. But you can still help shape it, too.

1) more precisely OKD, the Kubernetes distribution by the OpenShift community

Using Microshift

To give Microshift a try, simply install a recent test version (we don't provide stable releases yet) on a Fedora-derived Linux distro (we've only tested Fedora, RHEL, and CentOS Stream so far) using:

curl -sfL https://raw.githubusercontent.com/redhat-et/microshift/main/install.sh | sh -

This will install Microshift's dependencies (CRI-O), install it as a systemd service and start it.

For convenience, the script will also add a new "microshift" context to your $HOME/.kube/config, so you'll be able to access your cluster using, e.g.:

kubectl get all -A --context microshift

or

kubectl config use-context microshift
kubectl get all -A

Notes: When installing Microshift on a system with an older version already installed, it is safest to remove the old data directory and start fresh:

rm -rf /var/lib/microshift && rm -r $HOME/.microshift

Developing Microshift

Building

You can locally build Microshift using one of two methods, either using a container build (recommended) on Podman or Docker:

make microshift

or directly on the host after installing the build-time dependencies

sudo dnf install -y glibc-static
make

Running

Use install.sh to set up your sytem and install run-time dependencies for Microshift, then simply:

sudo microshift run

Microshift keeps all its state in its data-dir, which defaults to /var/lib/microshift when running Microshift as privileged user and $HOME/.microshift otherwise. Note that running Microshift unprivileged only works without node role at the moment (i.e. using --roles=controlplane instead of the default of --roles=controlplane,node).

You can find the kubeadmin's kubeconfig under $DATADIR/resources/kubeadmin/kubeconfig.

Comments
  • selinux configs and  volume for microshift-containerized

    selinux configs and volume for microshift-containerized

    Signed-off-by: Parul Singh [email protected]

    Which issue(s) this PR addresses: For podman deployment:

    • systemd unit file for starting and managing microshift-containerized.

    Closes #434, #433, #432

    lgtm approved ok-to-test 
    opened by husky-parul 33
  • USHIFT-535: Remove dns configurable option from MicroShift config

    USHIFT-535: Remove dns configurable option from MicroShift config

    Cluster DNS is set to the 10th IP of Service CIDR

    Signed-off-by: Vu Dinh [email protected]

    Which issue(s) this PR addresses:

    Closes #

    lgtm approved 
    opened by dinhxuanvu 28
  • Do not modify default logging parameters

    Do not modify default logging parameters

    klog is a singleton library, and since we use that library from all our services in a single process setting different log files won't work, and will syphon all logs into the last log file we add.

    Keep the simple strategy of letting all output to stderr for now.

    Related-Issue: #493

    Signed-off-by: Miguel Angel Ajo [email protected]

    approved 
    opened by mangelajo 26
  • USHIFT-233: move the version config map to match where it will be in OCP

    USHIFT-233: move the version config map to match where it will be in OCP

    Closes: USHIFT-233

    This is related to https://github.com/openshift/enhancements/pull/1203, but we can go ahead and take it now to make less work to update test suite changes later.

    approved 
    opened by dhellmann 23
  • logrus -> klog

    logrus -> klog

    Signed-off-by: Parul [email protected]

    Which issue(s) this PR addresses:

    Closes https://github.com/redhat-et/microshift/issues/134

    lgtm approved 
    opened by husky-parul 23
  • USHIFT-227: Cluster Policy Controller integration

    USHIFT-227: Cluster Policy Controller integration

    Which issue(s) this PR addresses:

    Closes USHIFT-227

    This PR carry the following items:

    • Enabling Cluster Policy Controller
    • Disabling resource-quota and cluster-quota-reconciliation controllers.
    • Creating of openshift-kube-controller-manager namespace (it's where the CreatedSCCRanges events happen)
    • Applying csr-approver and namespace-security cluster roles and cluster role bindings. (required by the CPC)
    lgtm approved 
    opened by oglok 22
  • [Enhancement]: MicroShift Health Check

    [Enhancement]: MicroShift Health Check

    What would you like to be added:

    Monitoring Platform/Cluster Monitoring Nodes Monitoring Pods Containers status Pods per Node Services Health Resources Utilization (CPU/Memory/Network) etc.

    Why is this needed:

    Give end-user visibility, on the state and health of their applications and solutions Very important for the mission-critical applications

    lifecycle/rotten 
    opened by lahorite 21
  • Allow MicroShift to join new worker nodes

    Allow MicroShift to join new worker nodes

    Allow MicroShift to join new worker nodes, according to design here #498 (see individual commits for review),

    • 4523987f Add flags to allow TLS bootstrapping of nodes
    • 9d8e2ade Add bootstrap module and generate token file
    • 26f04a33 Add ClusterRoleBinding for bootstrap process
    • 1103d731 Generate bootstrap kubeconfig
    • 1fd2a3c9 Allow MicroShift to start node role standalone
    • 6c84f168 Apply CRB for bootstraping nodes
    • 1366626f Use bootstrap kubeconfig for kube-proxy
    • c2eacfd6 Use netcgo insted of netgo
    • 40bff393 Add vagrant env to test/devel/debug multi-worker

    Related PRs: #499 , #500

    needs-rebase lifecycle/stale 
    opened by oglok 19
  • [RFE] Multi-node Request for Enhacement

    [RFE] Multi-node Request for Enhacement

    This commit only describes the addition of new compute nodes to an existing MicroShift cluster. Highly available control plane will be described in later PRs.

    Signed-off-by: Ricardo Noriega [email protected]

    This Enhacement proposal addresses part of the #460 epic.

    needs-rebase kind/design lifecycle/rotten 
    opened by oglok 18
  • API-1433: Configure route host assignment admission plugin.

    API-1433: Configure route host assignment admission plugin.

    $ cat<<EOF | oc apply --server-side -f-
    apiVersion: route.openshift.io/v1
    kind: Route
    metadata:
      name: hello-microshift
    spec:
      to:
        kind: Service
        name: hello-microshift
    EOF
    
    route.route.openshift.io/hello-microshift serverside-applied
    
    $ oc get route hello-microshift -o yaml
    
    apiVersion: route.openshift.io/v1
    kind: Route
    metadata:
      annotations:
        openshift.io/host.generated: "true"
      creationTimestamp: "2022-11-11T23:53:33Z"
      generation: 1
      name: hello-microshift
      namespace: default
      resourceVersion: "2659"
      uid: cd35cd20-b3fd-4d50-9912-f34b3935acfd
    spec:
      host: hello-microshift-default.cluster.local
      to:
        kind: Service
        name: hello-microshift
      wildcardPolicy: None
    
    $ cat<<EOF | oc apply --server-side -f-
    apiVersion: route.openshift.io/v1
    kind: Route
    metadata:
      name: hello-microshift
    spec:
      to:
        kind: Service
        name: hello-microshift
      wildcardPolicy: ""
    EOF
    
    The Route "hello-microshift" is invalid: spec.wildcardPolicy: Invalid value: "": field is immutable
    
    lgtm approved 
    opened by benluddy 17
  • Adds the openvswitch dependencies, repos and optimized systemd files

    Adds the openvswitch dependencies, repos and optimized systemd files

    This PR adds the OpenvSwitch dependencies to MicroShift, as well as the optimized versions of the ovs daemons (CPUAffinity=0 can't be injected in a different way)

    Closes: https://issues.redhat.com/browse/USHIFT-141

    lgtm approved 
    opened by mangelajo 17
  • USHIFT-573 avoid NodeName changes in running systems

    USHIFT-573 avoid NodeName changes in running systems

    NodeName changes are dangerous to running systems (attached storage, running pods, etc., need to be relocated). This change persists the NodeName in /var/lib/microshift/nodename and makes sure it's not modified across runs. If the NodeName was auto-generated from the hostname it will write a Warning and continue with the old NodeName. If the NodeName is explicitly configured, it will fail with an error.

    Which issue(s) this PR addresses:

    [Closes USHIFT-573

    approved 
    opened by mangelajo 3
  • Follow up on kube-controller-manager options

    Follow up on kube-controller-manager options

    What happened?

    Follow up on the following options for kube-controller-manager and decide how these apply to microshift:

    • --pv-recycler-pod-template-filepath-hostpath, --pv-recycler-pod-template-filepath-nfs (currently not set)
    • --flex-volume-plugin-dir (currently not set)
    • tls-min-version, and tls-cipher-suites (currently not set)
    • enable-dynamic-provisioning (currently not set)
    opened by tkashem 1
  • [Bug] Docs - add caveat to storage capacity tracking

    [Bug] Docs - add caveat to storage capacity tracking

    Which issue(s) this PR addresses:

    • Add documentation on storage capacity tracking to warn users of the potential for over-provisioning LVs.

    Relates to USHIFT-507

    kind/bug documentation approved do-not-merge/work-in-progress 
    opened by copejon 2
Releases(nightly)
Owner
Red Hat Emerging Technologies
Red Hat Emerging Technologies
Edge Orchestration project is to implement distributed computing between Docker Container enabled devices.

Edge Orchestration Introduction The main purpose of Edge Orchestration project is to implement distributed computing between Docker Container enabled

null 1 Dec 17, 2021
A helper tool for getting OpenShift/Kubernetes data directly from Etcd.

Etcd helper A helper tool for getting OpenShift/Kubernetes data directly from Etcd. How to build $ go build . Basic Usage This requires setting the f

Open Lab Red Hat 3 Dec 10, 2021
Managing your Kubernetes clusters (including public, private, edge, etc) as easily as visiting the Internet

Clusternet Managing Your Clusters (including public, private, hybrid, edge, etc) as easily as Visiting the Internet. Clusternet (Cluster Internet) is

Clusternet 1.1k Nov 26, 2022
Secure Edge Networking Based On Kubernetes And KubeEdge.

What is FabEdge FabEdge is an open source edge networking solution based on kubernetes and kubeedge. It solves the problems including complex network

FabEdge 464 Nov 7, 2022
OpenYurt - Extending your native Kubernetes to edge(project under CNCF)

openyurtio/openyurt English | 简体中文 What is NEW! Latest Release: September 26th, 2021. OpenYurt v0.5.0. Please check the CHANGELOG for details. First R

OpenYurt 1.3k Dec 7, 2022
A Rancher and Kubernetes optimized immutable Linux distribution based on openSUSE

RancherOS v2 WORK IN PROGRESS RancherOS v2 is an immutable Linux distribution built to run Rancher and it's corresponding Kubernetes distributions RKE

Rancher 90 Nov 14, 2022
Addon Operator coordinates the lifecycle of Add-ons in managed OpenShift

Addon Operator Addon Operator coordinates the lifecycle of Addons in managed OpenShift. dev tools setup pre-commit hooks: make pre-commit-install glob

OpenShift 13 Aug 1, 2022
A controller to create K8s Ingresses for Openshift routes.

route-to-ingress-operator A controller to create corresponding ingress.networking.k8s.io/v1 resources for route.openshift.io/v1 TODO int port string p

Mohammad Yosefpor 5 Jan 7, 2022
A TUI interface to navigate and view OpenShift 4 must-gather logs

MGR "Must Gather Reader" MGR "not the final name" is a simple TUI interface to navigate and view OpenShift 4 must-gather files. How to run it: Downloa

Amr Elganzory 7 May 30, 2022
Openshift's hpessa-exporter allows users to export SMART information of local storage devices as Prometheus metrics, by using HPE Smart Storage Administrator tool

hpessa-exporter Overview Openshift's hpessa-exporter allows users to export SMART information of local storage devices as Prometheus metrics, by using

Shachar Sharon 0 Jan 17, 2022
Implementations of Power VS Provider for the OpenShift machine-api

Machine API Provider Power VS This repository contains implementations of Power VS Provider for the OpenShift machine-api. This provider runs as a mac

OpenShift 1 Jan 31, 2022
Oc-clusteroperator - OpenShift CLI plugin to change the state of ClusterOperators from managed to unmanaged and back again

oc-clusteroperator OpenShift CLI plugin to change the state of ClusterOperators

Chad Scribner 0 Feb 15, 2022
A serverless cluster computing system for the Go programming language

Bigslice Bigslice is a serverless cluster data processing system for Go. Bigslice exposes composable API that lets the user express data processing ta

GRAIL 514 Nov 27, 2022
An Alert notification service is an application which can receive alerts from certain alerting systems like System_X and System_Y and send these alerts to developers in the form of SMS and emails.

Alert-System An Alert notification service is an application which can receive alerts from certain alerting systems like System_X and System_Y and sen

null 0 Dec 10, 2021
Simplified network and services for edge applications

English | 简体中文 EdgeMesh Introduction EdgeMesh is a part of KubeEdge, and provides a simple network solution for the inter-communications between servi

KubeEdge 149 Dec 5, 2022
Go library providing algorithms optimized to leverage the characteristics of modern CPUs

asm Go library providing algorithms optimized to leverage the characteristics of modern CPUs. Motivation With the development of Cloud technologies, a

Segment 776 Nov 26, 2022
Tape backup software optimized for large WORM data and long-term recoverability

Mixtape Backup software for tape users with lots of WORM data. Draft design License This codebase is not open-source software (or free, or "libre") at

Dave Anderson 16 Oct 30, 2022
Kubernetes OS Server - Kubernetes Extension API server exposing OS configuration like sysctl via Kubernetes API

KOSS is a Extension API Server which exposes OS properties and functionality using Kubernetes API, so it can be accessed using e.g. kubectl. At the moment this is highly experimental and only managing sysctl is supported. To make things actually usable, you must run KOSS binary as root on the machine you will be managing.

Mateusz Gozdek 3 May 19, 2021
Litmus helps Kubernetes SREs and developers practice chaos engineering in a Kubernetes native way.

Litmus Cloud-Native Chaos Engineering Read this in other languages. ???? ???? ???? ???? Overview Litmus is a toolset to do cloud-native chaos engineer

Litmus Chaos 3.4k Nov 27, 2022