Red Hat Summit, Boston 2023: A Version 1 Report
By Dan McElligott and Donagh Noone
Red Hat’s flagship event, the Red Hat Summit took place in Boston for a consecutive year but this time in a much larger venue: the Boston Convention and Exhibition Center. The event was huge with both the Red Hat Summit and AnsibleFest taking place together.
I can’t overstate how large this conference was, with over 300 sessions taking place over a 3-day period. The sessions were split into various categories such as keynotes, interactive talks, lightning talks, labs, expo booths, and many more.
Red Hat provided plenty of new and exciting products, the majority of which focused on: automation, the OpenShift / K8s ecosystem, sustainability, and of course AI/ML.
AI is omnipresent and Red Hat is no different with several products announced such as Ansible LightSpeed, Ansible EDA & Kepler, all of which contain AI/ML functionality. However, the biggest AI announcement was OpenShift AI, a framework optimized to run resource-intensive AI/ML workloads alongside your standard cloud-native apps. With both types of workloads running on the same OpenShift cluster, it brings consistency to your operations and drastically reduces the lead time for customers looking to explore AI as a solution for their business.
So, let’s jump into it. For the first half of the report, I’ll focus on the key announcements, broken down into categories, to help navigate and jump into areas of interest. If you are responsible for a Platform, a DevOps capability, or automation in general, then this section is for you. My colleague Donagh Noone will provide the second half of the report with a viewpoint from a software architect & developer perspective
Part 1: Key Announcements
Platform Engineering
Red Hat Developer Hub
The Developer Hub is based on the CNCF project backstage.io. Essentially it’s an implementation of an IDP (Integrated Development Platform), a key tenant in the Platform Engineering world. It provides a self-service way for developers to create new apps and services, automating the “scaffolding ” of new K8s apps. Providing “Golden Paths” for promoting code while ensuring that customer-defined security and standards are built in.
Why is this important? It drastically reduces the lead time for developers to get their apps onto the cluster and abstracts away the lower-level details of Kubernetes in order to get an app running on the cluster. Salesforce’s 2022 ‘Great Resignation’ research, reported that “(76%) of organizations say the cognitive load required to learn their software architecture is so high that it is a source of angst and low productivity for developers”. This tackles the complexity of the cluster head-on, abstracting away the details of the OpenShift/K8s APIs and its toolsets, allowing developers to focus on the business logic they are developing. Dev preview for Developer Hub is available towards the end of June.
Sustainable Computing
Kepler
We work in an industry where growth and scalability are required to deliver business demand. The rise of micro-services, IoT, AI/ML workloads, hybrid clouds, fleets of clusters, and ever-growing data centers are common. In Ireland, electricity consumption by data centers increased by 32% from 2020 to 2021 according to the CSO. Data centers (14%) now consume more metered electricity than all of Ireland’s rural homes(12%).
In short, it’s a big deal, with both environmental and social factors now key goals that businesses must achieve to become sustainable and energy-efficient.
Intel, IBM, and RedHat have contributed to project Kepler (Kubernetes-based Efficient Power Level Exporter).
Kepler runs as “DaemonSet” across all nodes of the cluster. It uses eBPF (extended Berkeley Packet Filter), which is event-driven and runs extremely fast at the kernel level to capture and expose energy-related metrics. The metrics are scrapped by Prometheus into a TSDB, which can be observed by dashboards just like any other metric on your cluster.
It gets really interesting, how the Kepler Model Server can use ML models to estimate Pod & Container energy computations. The Kubernetes Auto-Scalers can use these metrics to move higher energy workloads to lower carbon impact regions. This is only the start for Kepler, with more use cases no doubt on the way, with shift-left thinking in sustainability when developing apps and pipelines that utilize Kepler power metrics.
Automation
Ansible LightSpeed & Event-Driven Ansible
One of the major announcements at the Summit was the use of an IBM generative AI program “Watson Code”, which has the ability to create Ansible formatted playbooks based on plain English! This is a major leap forward in the time and effort required to create complex tasks and provisioning automation. It comes as a Visual Studio code extension, so you can now reap the benefits of AI right in your IDE.
Staying with Ansible, was the announcement of EDA, not to be confused with Event Driven Architecture but rather Event-Driven Ansible. In short, this provides “Always on” automation to provide “Self-Healing” properties to your applications in a production environment. This sounds very promising with Spanish Insurance company MM Group Mutua describing a “50% reduction in support tickets”. EDA currently works with the Dynatrace Obserability platform to monitor and predict issues. Runbooks wait for events to trigger, which are sent to an Ansible automation controller to run specific playbooks responding to production outages. All issues are logged via the Service Now ticketing system. This is an impressive use case for Ansible and something that we anticipate implementing with our customers once it becomes GA’d later in June.
Multi-Cluster Networking
(ACM) Submariner & RedHat Service Interconnect
Red Hat ACM (Advanced Cluster Management) was announced at last year’s summit as a hub to centrally manage a fleet of clusters. It provided a single location for aggregating cluster metrics, applying patches, setting policies, and deploying applications across your clusters. This year, the CNCF project Submariner was announced as a feature of ACM to provide cross-cluster connectivity using a central IPSec tunnel to connect clusters. Acting as LB between clusters it can provide service fail-over as well as cross-cluster service discovery, all of which can be centrally managed by the ops team with ACM.
While independent of ACM, and more developer focused was the announcement of Red Hat Service Interconnect. This is based on the upstream project Skupper, which enables developers to write “location-less” apps that can communicate with apps on different clusters without the need to understand lower-level networking or firewall rules. Simply applying annotations to services and they magically appear as local services on another cluster.
Why are both important? They allow true cross-cluster communication on the hybrid cloud without having to expose your services on the internet. This will support many application resilience and DR use cases for our customers.
Security
RedHat Trusted Software Supply Chain
On the security side, Red Hat announced a Trusted Software Supply Chain which consists of different products that bake in security automatically during code, build, and run time.
First up is Trusted Content: this creates an immutable historic record of how your image is built. It provides full code dependency analytics using Snyk. By scanning the code’s built meta info, it creates an SBOM (software Bill of Material), which is a list containing each of the components that were used to make the application. It also creates a VEX (Vulnerability Exploitability eXchange), which lists each of the exploits and what the remediation is. This is available as a plugin for developers IDE’s allowing them to view what exploits their code may contain as soon as they start programming!
Expanding on this and providing the automation it is the cloud service Trusted Application Pipeline. This takes your GitHub URL to import code and performs a network-isolated build to import all dependencies. Various scans are triggered be it Snyk or roxctl and if it passes, the image gets cosigned using Sigstore. Sigstore creates an immutable record of how the container was created.
Finally, further enhancements to ACS were announced. ACS (Advanced Cluster Security) was announced last year, a Kubernetes-native approach to security based on StackRox.Updates include availability as a cloud service and a network topology UI. The UI provides a visual means for admins to secure namespaces access the cluster and generate secure policies. ACM still provides vulnerability scanning of images in the registry providing runtime security monitoring.
AI/ML
OpenShift AI and OpenShift Data Science
Plenty of AI topics in this post so far, but the big one was the announcement of OpenShift AI. Interestingly, it’s the same platform that was used to build IBM Watson Code Assistant, the AI function used to power Ansible Lightspeed that was mentioned earlier. It’s built on top of OpenShift Data Science, the MLOps platform that provides several ML-based products like TensorFlow, Jupyter Notebooks, Python, Seldon…etc
OpenShift AI builds on this by providing AI-based pipelines, model servings, and model monitoring. It provides several additional partner offerings such as Anaconda, IBM Watson Studio, Intel OpenVINO and AI Analytics Toolkit, NVIDIA AI Enterprise, and Starburst.
There are two key advantages to this. Firstly operational consistency. Your platform team can support the data scientists and the developers on the same platform. The same RBAC, CI/CD, onboarding...etc. Secondly, portability. The data you need to manage can live anywhere. On-Prem, cloud, hybrid…etc You still retain the same operating model.
That’s the bulk of the announcements, there was a ton more discussed but for the interest of attention span, I’ll hand it over to Donagh!
Part 2:
Unlike Dan, I attended the conference with my development/architectural hat on. What delights, insights, and innovations could we bring to our teams of developers in Version 1 currently focused on Digital Transformation on the Openshift platform?
App Modernization
My first highlight was an interesting talk on a transformation project from nTier to Openshift for a public sector organization very closely aligned to my current customer. The team defined the steps as:
1. Understand the old system to the nth degree. Devote the time and effort to understanding the processes, data models, jobs, topology, key dates that relate to what you are replacing. This is often a major challenge
2. Define the vision and the objectives. What is the North Star ? Clearly articulate the purpose and goals of your digital transformation initiative. Identify what you want to achieve, whether it’s improving operational efficiency, enhancing customer experience, or driving innovation
3. Develop a plan. Create a detailed plan or roadmap that outlines the sequence of initiatives, milestones, and timelines. Break down the transformation journey into manageable phases to ensure progress and reduce disruption. Often the plan does not survive intact for long. As Mike Tyson said — ‘Everyone has a plan until they get punched in the mouth’. Often at this point the plan gets forgotten about. You still have to have one. If things go wrong then adjust it.
4. Implement and test on an Agile basis. A good idea is to run the old and new systems in parallel for a period.
5. Observability is crucial. Data-driven insights are crucial for informed decision-making and identifying areas for improvement. Ensure data security and privacy measures are in place.
6. On completion decommission the old system — this step is often omitted.
7. Post-migration activity is just as important. This needs to be planned for as well and in just as much detail.
Digital Transformation is not easy and the potholes are cavernous, so it was helpful to listen to the approach taken. Change is often as much about culture as it is technological advancement.
Java Performance
Next up was a deep dive into a topic close to many developers' hearts.
What is the future of the performance of Java in a Kubernetes world? John Doyle, Director of Product Management at Red Hat gave an engaging presentation on what is going on to optimize and maintain the benefits of Java. This session covered how Kubernetes-native Java, Quarkus and Eclipse Adoptium are proving to be more and more important. The demands of the Kubernetes environment are quite different in terms of performance.
Workloads must be immutable. Throughput is solved by scaling microservices. That requires that scaling occur elastically to meet the demand. In turn that means that the individual service must become available much quicker than is typically historically available in traditional containers.
Red Hat Quarkus vastly improves the performance on startup by moving a lot of processing to compile time rather than run time. Red Hat considers that they have solved the traditional problems associated with Java in terms of run-time performance and memory optimization with Quarkus. Java is now completely competitive with Go on native builds.
In addition, Adoptium is an open-source project that provides community based, quality assured, trusted distributions of the JDK, based on OpenJDK, that meet high standards of stability and reliability. It can perform class pre-initialization that will further improve performance.
Debezium
Debezium is another arrow in the Solution Architects’ box of tricks. It’s an open-source project that provides a low latency data streaming platform for CDC (change data capture). You would set up Debezium to monitor your databases, and then your applications consume events for each row-level (committed only) change made to the database. Debezium provides a single model of all change events, so your application does not have to worry about the intricacies of each kind of database management system. This immediately offers many options for migration projects. You could easily run a legacy project in parallel with the new version, and Debezium will ensure that the new database will continue to be up to date. A great way of doing A/B tests!
All in all, Red Hat Summit was a wonderful and educational experience. An added bonus was, of course, seeing a quote from one of our customers who we delivered.
Thanks to Red Hat and to Version 1 for sending us!
References
https://www.redhat.com
https://backstage.io
https://skupper.io
https://sustainable-computing.io
https://www.dynatrace.com
https://snyk.io
https://www.stackrox.io
https://www.cncf.io/projects
https://opendatahub.io
https://hybrid-cloud-patterns.io
https://www.konveyor.io
https://www.tensorflow.org
https://jupyter.org
https://www.seldon.io
https://quarkus.io
https://debezium.io
About the Authors:
Dan McElligott is a Tech Lead for Platform Engineering here at Version 1.
Donagh Noone is a Portfolio Director here at Version 1.
