Planning for Openshift
OpenShift is a cloud-based Kubernetes platform. Planning considerations and procedures used to deploy Sametime in an Openshift environment are the same as the Kubernetes platform with the additional considerations addressed in this topic.
- Deploying in a namespace
- Deploying in the default namespace
- Deploying video
Deployment in a name space
In the Openshift platform, there are namespace labels used to define a common set of arbitrary User IDs (UID) to be used as runAs UIDs for the pods running in that namespace. Sametime has some containers that require a constant UID of 1000. You must create a Security Context Constraints (SCC) within the namespace where Sametime is to be deployed to apply this MustRunAs policy to allow the service account which runs the deployments to assign this constant UID.
Deployment into the default namespace
Labels are no longer created with a random name by default, which can cause a problem in the default namespace where all containers labels are random. When deploying in the default namespace, comment out the seLinuxOptions:false setting for each activities, files, and recordings in the default namespace.
You can use the Sametime supplied helm charts to deploy Sametime into the default namespace without any additional configuration.
Deployment of video
- Host port
This is the default which provides the best performance and scales automatically scalable. this method requires pod-to-node affinity restriction through node labels.
- Load balancer
Using a load balancer is lower performance and has no pod-to-node restrictions. It requires the Kubernetes load balancing infrastructure.
- Node port
Using a node port is also lower performance but is restricted to a single node. It requires a no host-network SCC.