views
Courses are led by RedPeppy’s Master Cloud Architect Trainer, Lawrence Manickam, and offer insights from his 25+ years of IT experience.
Redpeppy:- https://redpeppy.com/
Red Hat OpenShift
In twenties, it was not hard to choose a hosting platform for an application. It was either BEA WebLogic or IBM WebSphere or NET.
The growth of Cloud Computing, Agile, DevOps, Infrastructure as Code and Microservices introduced a large amount of build and platform tools in the Market. The hosting environments have become software defined, cloud native and immutable infrastructure.
Containers revolutionized the way we deploy applications and the concept of speed to market demanding agility in every phase of the Software Development Life Cycle (SDLC) and Deployment.
Tools such as Docker, Podman, Kubernetes and Red Hat OpenShift drives the Digital Transformation in 2020. In this article, you will learn about Red Hat OpenShift and its capabilities.
What is Red Hat OpenShift?
Red Hat OpenShift is a COTS Kubernetes product aimed at enhancing the better experience of Kubernetes for developers and operational teams to host their Containerized applications.
Red Hat OpenShift helps organizations implement a Kubernetes infrastructure that is designed for rapid application development and deployment. It’s a leading developer and contributor to the Kubernetes project and uses a transparent open-source development model to deliver enterprise-grade container engineering software.
It provides a strong foundation for Hybrid and MultiCloud deployments.
Applications are increasingly built as discrete functional parts, each of which can be delivered as a Container. That means for every application, there are many individual parts to manage. To handle this complexity at scale, businesses need a policy-driven, automated solution that dictates how to run containers resiliently. Red Hat OpenShift, an extensible container orchestrator, is designed to handle these challenges.
What makes Red Hat OpenShift different from Kubernetes?
Let us consider the first-generation flip mobile phone. It was only used to call and deliver messages with a few functions.
On other hand, let us have a look at smart phones. They are entirely different from the first-generation flip cell phone. Other than calling and texting, there are many advanced features such as GPS, Maps, IM Bots, Ecommerce, Authenticators and Entertainment.
The core features are the same for both.
Kubernetes has the core features of a flip cell phone.
Red Hat OpenShift uses the core features of a flip cell phone with advancements.
With Opensource Kubernetes implementation, your team should go through extensive design discussions to select network drivers, storage drivers, service mesh, monitoring and logging etc.
Red Hat OpenShift integrates Kubernetes, Istio, Prometheus and many other open-source tools, undergoing extensive testing to verify that components are robust and meet customer requirements.
Red Hat tests all the above ecosystem components and bundle with Kubernetes to create Red Hat OpenShift. It will save a lot of time and money for your organization from endless debates about Cloud Native/DevOps tool selection and adoption.
Also, the combination with Red Hat Enterprise Linux and CoreOS makes Red Hat OpenShift more durable and usable. Red Hat provides end-to-end support for Red Hat OpenShift unlike the Opensource Kubernetes.
Software Conformance
There are over 90 Certified Kubernetes offerings in the market. CNCF (Cloud Native Computing Foundation) reviews the Kubernetes software conformance testing results from vendors and certify them to ensure interoperability and portability with Kubernetes primitives.
Red Hat OpenShift is certified by CNCF.
Capabilities
Hybrid Cloud
NIST definition of Hybrid cloud – A composition of two or more distinct cloud infrastructures (private or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability.
It offers greater consistency for enterprises by switching workloads between cloud solutions as requirements and costs vary.
Not any cloud provider or on-premises environment has everything you want, and too often, proprietary solutions can restrict your choices and adaptability in the future.
Red Hat OpenShift brings the new strategy of open hybrid cloud. This approach strengthens the exchangeability, workload mobility and versatility of corporate environments with open-source applications. Red Hat Open Hybrid Cloud ensures the security of organizational private data.
Red Hat OpenShift Open Hybrid Cloud approach provides:
- A consistent platform running diverse workloads on every infrastructure.
- Integrated management and automation capabilities.
- Cloud-native application services and tools for developers.
- Changing or adding public cloud providers doesn’t always lead to costly refactoring or retraining.
- Any proprietary software you use is ultimately connected to flexible open standards across your organization.
Managed Kubernetes
Managed Kubernetes is when third-party providers take over responsibility for some or all of the work necessary for the successful set-up and operation of K8S. … When managed Kubernetes services include a hosting platform, they will also manage all of the maintenance, configuration, patching and security needed for your infrastructure.
Some examples are AKS (Azure Kubernetes Service), GKE (Google Kubernetes Engine) and AWS EKS (Elastic Kubernetes Service).
Red Hat partners with Azure and AWS to provide a Managed OpenShift service to customers.
Azure Red Hat OpenShift
Azure Red Hat OpenShift is jointly engineered, operated, and supported by Red Hat and Microsoft to provide an integrated support experience. There are no virtual machines to operate, and no patching is required. Master, infrastructure, and application nodes are patched, updated, and monitored on your behalf by Red Hat and Microsoft. Billing is managed by your Azure subscription.
AWS Red Hat OpenShift
Similar to Azure Red Hat OpenShift, this Managed Service will be tentatively launched by March 2021.
Tested Kubernetes ecosystem tools
Red Hat OpenShift stacks with the following tested Kubernetes ecosystem components. Red Hat thoroughly vet and test these ecosystem tools and deliver to you as a COTS product, hence you can focus on your business applications development.
- Compliance
- File Integrity
- OpenShift SDN default CNI (Container Network Interface) network plugin
- OVN-Kubernetes default CNI network plugin
- Routes
- DNS
- Ingress
- Customized NodePort Service
- Container Storage Interface plugin (Ceph)
- Container Registry
- Container Vulnerability Scanning (Clair)
- Container Image Build
- Operators
- Machine Management
- Application Management
- Logging (Elasticsearch, Fluentd)
- Logging Visualization (Kibana)
- Monitoring (Prometheus)
- Metering
- Optimized tools for Scalability and Performance
- Backup/Recovery utilities
- CLI tools (oc, odo, Helm, Knative CLI, Pipelines CLI, opm CLI)
- Web Administration Console
- Service Mesh (Istio)
- Microservices event tracker (Jaeger)
- OpenShift Virtualization
- Serverless Computing
Stable Operating System: Red Hat Enterprise Linux (RHEL)
Red Hat Enterprise Linux is the world’s leading enterprise Linux Platform. As the most deployed commercial Linux distribution in the public cloud, Red Hat Enterprise Linux is certified on hundreds of public clouds and service providers as well as thousands of other types of software and hardware.
Certified to run exclusively on Red Hat Linux and Red Hat Linux CoreOS, OpenShift enable your business with all the salient non-functional factors that includes robust security.
CI/CD/CD and GitOps
Continuous Integration (CI) is an automation process for developers. Code changes to an application are regularly built, tested, and merged to a shared repository.
Continuous Delivery (CD) uses automation to ensure that a developer’s changes to an application are tested and sent to a repository, where an operations team can deploy them to a production environment.
Continuous Deployment (CD) enables the release of changes, starting from the repository and ending in production. It speeds up application delivery and prevents the operations team from getting overloaded.
GitOps is a set of practices that use Git pull requests to manage infrastructure and application configurations. The Git repository in GitOps is the only source of truth for system and application configuration. The repository contains the entire state of the system so that the trail of changes to the system state are visible and audit able. GitOps enables you to implement a DevOps methodology.
Red Hat OpenShift enable your team with CI/CD/CD and GitOps methodologies.
Red Hat OpenShift utilities ArgoCD to implement GitOps practice for your DevOps CI/CD.
ArgoCD is a declarative continuous delivery tool that leverages GitOps to maintain cluster resources. It is implemented as a controller that continuously monitors application definitions and configurations defined in a Git repository and compares the specified state of those configurations with their live state on the cluster. Configurations that deviate from their specified state in the Git repository are classified as Out Of Sync. ArgoCD reports these differences and allows administrators to automatically or manually resync configurations to the defined state.
Red Hat OpenShift Pipelines is a cloud-native, CI/CD solution based on Kubernetes resources. It uses Tekton building blocks to automate deployments across multiple platforms by abstracting away the underlying implementation details. Tekton introduces a number of standard Custom Resource Definitions (CRDs) for defining CI/CD pipelines that are portable across Kubernetes distributions.
- A serverless CI/CD system
- Microservice based Architecture
- Extendable and easy to integrate with the existing Kubernetes tools
- Build images with Kubernetes tools such as Source-to-Image (S2I), Buildah, Buildpacks, and Kaniko that are portable across any Kubernetes platform.
- OpenShift Container Platform Developer Console can be used to create Tekton resources, view logs of Pipeline runs, and manage pipelines in your OpenShift Container Platform namespaces.
Developer Perspective
The OpenShift Container Platform web console provides two perspectives;
- Administrator perspective
- Developer perspective
The Developer perspective is displayed by default if the user is recognised as a developer.
The Developer perspective provides workflows specific to developer use cases, such as the ability to:
- Create and deploy applications on OpenShift Container Platform by importing existing codebases, images, and Dockerfile
- Visually interact with applications, components, and services associated with them within a project and monitor their deployment and build status
- Group components within an application and connect the components within and across applications
- Integrate serverless capabilities (Technology Preview)
- Create workspaces to edit your application code using Eclipse Che
Security
Red Hat OpenShift is protected by the industry leading Red Hat Enterprise Linux with SELinux as a first line of defense.
It uses the following to protect the container hosting environment:
- Network policies
- RBAC
- Service Accounts
- Secrets
- Pod security policies
- Iptables
Red Hat OpenShift provides utilities to encrypt etcd data, replace default ingress certificates, check compliance, enable auditing, and container vulnerability scanning (Clair).
The recent acquisition of StackRox will enable Red Hat OpenShift with CIS Benchmark validation, Kernel intrusion detection, Incident response and Dockerfile validation in a MultiCloud environment.
Red Hat Marketplace provides validated applications and operators from Red Hat Certified ISV partners.
Monitoring
The OpenShift Container Platform monitoring stack is based on the Prometheus open-source project and its wider ecosystem.
OpenShift Container Platform includes a pre-configured, pre-installed, and self-updating monitoring stack that provides monitoring for the following core platform components.
- CoreDNS
- Elasticsearch (if Logging is installed)
- etcd
- Fluentd (if Logging is installed)
- HAProxy
- Image registry
- Kubelet
- Kubernetes apiserver
- Kubernetes controller manager
- Kubernetes scheduler
- Metering (if Metering is installed)
- OpenShift apiserver
- OpenShift controller manager
- Operator Lifecycle Manager (OLM)
After installing OpenShift Container Platform 4.6, cluster administrators can optionally enable monitoring for user-defined projects. By using this feature, cluster administrators, developers, and other users can specify how services and pods are monitored in their own projects.
Red Hat Support
From the Red Hat Customer Portal, a customer can:
- Search or browse through the Red Hat Knowledgebase of articles and solutions relating to Red Hat products
- Submit a support case to Red Hat Support
- Access other product documentation
The Red Hat Knowledgebase consists of articles, product documentation, and videos outlining best practices on installing, configuring, and using Red Hat products. In addition, a customer can search for solutions to known issues, each providing concise root cause descriptions and remedial steps.
The Red Hat support link provides more details about Red Hat support model for OpenShift and other products: https://www.redhat.com/en/services/support
Customer Success Story
Royal Bank of Canada (RBC) is in the top 10 of global banks with over 86,000 employees and a complex IT environment. As a leader in banking technology and innovation, RBC has been at the forefront of digital transformation.
The majority of the commercial banks in the Fortune 500 rely on Red Hat.
Over the years, the bank has used Red Hat platforms, starting with Red Hat Enterprise Linux (RHEL) and Satellite to Red Hat Ansible Tower and Red Hat OpenShift.
For the past two decades, RHEL has served as the foundation for building software stacks for many HPC systems, and this trend continues with the next wave of deployments that run on OpenShift, just like RBC’s Apache Spark clusters.
By working closely with Red Hat and NVIDIA, RBC through Borealis AI is working to transform the customer banking experience while also helping maintain its leadership edge in the financial technology landscape. Combining the unique, yet complementary, capabilities of NVIDIA DGX systems, RHEL and OpenShift enabled RBC to build an AI infrastructure for excellence.
I hope you enjoyed this article.
This advanced Kubernetes COTS product has earned the trust of both fortune companies and Government. With features like Hybrid Cloud, Managed Kubernetes, RHEL etc., Red Hat OpenShift makes its customers profitable.
Lawrence Manickam is the Master Cloud Architect Trainer in RedPeppy , E-Learning division of Kuberiter.
Please visit RedPeppy to register for my premium Cloud native courses such as Certified Kubernetes Administrator (CKA) and Certified Kubernetes Security Specialist (CKS).