Introduction To OpenShift Enterprise Container Platform
It is common to hear about different platforms that work on the Kubernetes engine. Today, we will review one of them, the OpenShift Container Platform (OCP). Sometimes OCP is referenced as “Kubernetes on steroids”, which is a bit of a rude reference but could be considered a good analogy. But why are we talking about the OpenShift Container Platform? Because this platform is in high demand at the business level when we talk about the software development life cycle, deployments, agility, and so on.
In this introductory article, we will showcase the key features of OCP as the Kubernetes Enterprise Platform. This post will be the door to a series of articles that will exhibit some OCP use cases and implementations. These articles will contain hands-on labs designed to interact with this platform, including the setup of a suitable local environment to learn more about this platform.
So, let’s get started!
What is Kubernetes? Kubernetes as the foundation of OpenShift
Let’s start by reviewing some key concepts that are essential to understanding how OCP works. Kubernetes is the underlying container orchestration engine on which OCP is built. So, in essence, Kubernetes is the key component that manages, scales, and automates the OCP deployment process.
Kubernetes is an open-source container orchestration platform for running applications as containers in a cluster of computers. It also provides a robust and scalable set of tools to deliver applications in a modern way and alleviates the complexity of orchestrating the underlying infrastructure. This platform manages the deployment and infrastructure details for applications and provides a resilient and elastic environment that ensures application delivery without needing to expand the administrative teams that maintain the infrastructure.
Here are some relevant aspects of Kubernetes:
- Cluster management: Kubernetes operates as a cluster of machines, with one or more master nodes that manage the cluster and worker nodes that are responsible for the deployment’s execution.
- Extensibility: Kubernetes provides extensions, based upon Custom Resource Definitions (CRDs) that allow you to define custom resources and controllers.
- Scaling: Scaling in Kubernetes can be achieved either manually or automatically, with the ability to adjust the number of containerized applications according to resource usage or specified criteria.
- Containers limits and quotes management: Kubernetes allows you to define resource requirements, limits, and quotes for containers, ensuring effective use of cluster resources.
Kubernetes is the standard for container orchestration in the world of cloud-native applications and microservices. It provides a powerful framework for deploying and managing containerized workloads, making it easier to build, scale, and maintain modern applications.
What is the OpenShift Container Platform?
To have a comprehensive definition of the OpenShift Container Platform (OCP), we can say that it is an open-source container management platform developed by Red Hat that is built around Kubernetes. OCP provides extra tools and features to simplify the deployment, management, and scaling of containerized applications. It is designed to help organizations develop, deploy, and run applications efficiently in various environments, including on-premises data centers and public clouds.
OCP uses Kubernetes as a base to put in place additional value-added components that allow greater integration with other systems and maintain interoperability with different cloud providers, on-premises, and virtualization vendors, being considered as an agnostic platform. This platform has a conception of all-in-one; with severe security measures and policies, faster application deployment, dedicated support, and an improved user experience managing container applications, here is where the name of “turnkey platform” comes up.
OCP introduces advanced features via the Operator Framework. This framework extends Kubernetes capabilities, enabling the incorporation of other cluster functionalities. Operators optimize the process of generating, setting up, and overseeing instances of applications native to Kubernetes, encompassing the management of platform components as well as applications served as managed services like:
- The OperatorHub: This is a web console for cluster administrators to discover and select Operators to install on their cluster. It is deployed by default in OCP.
- The Operator Lifecycle Manager (OLM): It oversees the installation, upgrade, and role-based access control (RBAC) of Operators in a cluster.
- The Operator registry: This registry stores Cluster Service Versions (CSVs) and Custom Resource Definitions (CRDs) for the configuration in a cluster and stores Operator metadata about packages.
Glossary
To have a better understanding of the terms and architecture points mentioned in this article, the following OCP concepts are shared:
- OpenShift CLI: OpenShift Container Platform commands on the terminal.
- Container Orchestration Engine: Kubernetes provides the engine for automating the deployment, networking, and scalability of containers.
- Role-Based Access Control (RBAC): A security control to ensure that cluster users and workloads are granted access only to the resources necessary for assigned roles.
- Source to Image (S2I): An OCP-generated image crafted according to the programming language found in the application’s source code for deploying applications.
- Service Mesh: Connect, secure, and monitor microservices in your OpenShift Container Platform environment.
For additional references to terms regarding the OCP Architecture, you can consult the Glossary of common terms for OpenShift Container Platform.
Architecture
Now, we are going to review the key architecture layers that are part of OCP, explaining each of them from the bottom to the top, following the picture shown below:
Red Hat Enterprise Linux or CoreOS
The OpenShift Container Platform architecture starts with the compute layer. The supported Operating Systems on the platform are:
- Red Hat CoreOS: a lightweight Operating System focused on containerization technology. It is the only supported OS for control plane machines.
- Red Hat Enterprise Linux (RHEL): For the compute machines, also known as worker machines, you can use RHEL for the operating system.
It’s important to note that OCP can be deployed on various infrastructure platforms, including on-premises data centers, public clouds (AWS, Azure, GCP), or hybrid environments. The composition and configuration of compute machines can vary based on the specific deployment architecture and requirements. The version of OCP performed for this review is version 4.14; this reference is current as of the publication date of this article.
Kubernetes
Kubernetes provides the components and technologies that form the cluster. The API Server, etcd, Docker, and other services help us manage the proper capacity that workloads require and are established from the control plane nodes.
Automated operations
All automated processes are handled by the Operator Lifecycle Manager (OLM) and container orchestration engine. They improve the Kubernetes foundation, resulting in the provisioning of an enterprise container environment with high quality.
Cluster services
Cluster services are in the top-left corner, which covers cluster functionality and application services that enrich the environment with added capabilities, including metrics tracking, a container image registry, and event logging.
Application services
Application services like Service Mesh are at the top center, which provides a couple of key capabilities, such as ensuring suitable traffic and acting as a centralized point for applications. Moreover, the capabilities and functions of OpenShift Serverless offer Kubernetes-native components that empower developers to build and deploy serverless, event-triggered applications within the OCP.
Developer services
Finally, OCP provides tools and resources for developers to build, test, and deploy applications easily, including source code repositories, continuous integration, continuous deployment (CI/CD) pipelines, and developer-friendly workflows.
Furthermore, as part of the developer services, the Source-to-Image feature allows developers to create images directly from source code, performing application deployments and administration much easier in containerized environments.
Developer and operation services are integrated into the cluster, assisting with continuous integration and application deployment to achieve the software development lifecycle. The stack of an OCP cluster offers more than just a container runtime environment; it encompasses the essential tools necessary for enterprise-level deployments. This stack enables efficient execution of a wide range of tasks on modern business application platforms.
In addition, OCP works with popular IDEs, such as Eclipse or Visual Studio Code, providing developers with a familiar environment for coding, testing, and debugging applications directly within the platform.
OpenShift Container Platform vs Kubernetes
Both are powerful container orchestration platforms, but they have some key differences in terms of features, capabilities, and their overall focus:
- Features and components: Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications. It provides a core set of features for container orchestration and management. OCP builds on top of Kubernetes and adds extra features we mentioned earlier, such as security enhancements, developer-friendly tools, integrated monitoring, logging, automated operations, etc.
- Ease of use: OCP places a strong emphasis on user-friendliness and provides tools that simplify tasks like application deployment, monitoring, and scaling. It aims to provide an easier experience for developers and administrators, particularly in enterprise settings. Kubernetes provides a solid foundation for container orchestration, but it requires more manual configuration and management than OCP.
- Security and compliance: OCP emphasizes security features, including role-based access control (RBAC), image scanning, and enhanced networking policies. These security enhancements are often tailored for enterprise security and compliance requirements. Kubernetes also offers security features, but OCP’s additional layers of security are designed to meet enterprise needs.
- Community and customization: Kubernetes has a broad and active open-source community, with various third-party tools and extensions available. OCP also has its community, but some of its features are more in line with Red Hat’s ecosystem.
- Licensing: OCP is a commercial product that requires a Red Hat subscription for its usage. Kubernetes is an open-source platform that comes without any cost. If budget is a priority, opting for Kubernetes might be the more advantageous decision.
Additional features
OCP builds upon Kubernetes by providing additional tools, features, and services that support the needs of enterprise customers, making it a comprehensive choice for organizations seeking a robust container platform with enhanced security and developer-focused features.
- User experience: OCP provides a web-based console with an intuitive interface for developers to create, deploy, and manage applications without in-depth knowledge of Kubernetes manifests.
- Support: With an OCP subscription, enterprise support is available according to the customer’s requirements.
- Integrated monitoring and logging: OCP provides built-in monitoring and logging solutions for better visibility into the cluster’s health and performance. This includes integration with monitoring tools like Prometheus and Grafana.
- Service mesh integration: OCP integrates with service mesh technologies like Red Hat OpenShift Service Mesh (based on Istio), providing advanced features for traffic management, security, and observability within microservices architectures.
- CI/CD integration: OCP comes with an integrated CI/CD solution called OpenShift Pipelines. This feature allows you to create and manage continuous integration and continuous delivery pipelines directly within the platform.
- Container image management: OpenShift image registry is the registry provided by OCP to manage images. It implements additional authentication features to expose services or to execute push and pull operations.
Use Cases
Up to this point, we have reviewed what OCP is and how it improves the Kubernetes platform. Now, we are going to discuss when each of them should be used, depending on a set of different factors.
When should you use OCP?
The decision to use OCP instead of Kubernetes Platform depends on various factors. Below I present the most relevant ones:
- Security and compliance: OCP provides additional security features and tools to meet strict compliance requirements, making it a preferred choice for industries like finance, healthcare, and government.
- Red Hat ecosystem: If your organization already uses other Red Hat products, integrating OCP may offer a seamless experience within the Red Hat ecosystem.
- Developer productivity: OCP offers a developer-friendly environment with built-in CI/CD pipelines, developer tools, and streamlined workflows.
- Enterprise support: OCP offers enterprise-level support, which can be crucial for organizations that need professional support and SLAs (Service-Level Agreements).
When should you use Kubernetes?
Regarding the Kubernetes Platform, there are also factors that favor its use:
- Community and ecosystem: Kubernetes has a vast and active community, which means frequent updates, a wealth of documentation, and access to a wide range of third-party tools and integrations.
- Cost and budget constraints: Kubernetes is open-source and free to use, making it an attractive choice for organizations with budget limitations.
- Cloud agnosticism: Kubernetes is cloud-agnostic and can be deployed on various cloud providers or on-premises, providing flexibility in terms of infrastructure.
- Flexibility: Kubernetes works with almost every runtime you can think of.
Conclusions
This document presents some characteristics of the OpenShift Container Platform (OCP) and Kubernetes. These are the leading platforms in the business world that are being most demanded in the market, showing relevance in several crucial points in companies, covering topics such as scalability, high availability, maintainability, monitoring, and security, among others. We have presented some points that allow identifying a starting point in the adoption of one of these Kubernetes platforms and why we should do it, depending on the needs, scope, and expectations contemplated to execute an appropriate microservices-oriented architecture.
In summary, OCP stands out as a robust solution, extending Kubernetes with advanced features for enhanced security, streamlined development workflows, and integrated monitoring tools. Positioned as an enhanced Kubernetes platform, OCP addresses the demands of businesses, providing a user-friendly interface and features like the OperatorHub and the Operator Lifecycle Manager. In contrast, Kubernetes, as the industry standard, remains open-source, budget-friendly, and highly flexible, with a strong community and cloud-agnostic deployment options.
The choice between OCP and Kubernetes hinges on specific organizational needs, with OCP excelling in enterprise settings, while Kubernetes offers flexibility and cost-effectiveness.
