Professional Documents
Culture Documents
Red Hat Openshift and Kubernetes... What'S The Difference?: E-Book
Red Hat Openshift and Kubernetes... What'S The Difference?: E-Book
1 Cloud Native Computing Foundation. “Software conformance (Certified Kubernetes),” Accessed September 8, 2020.
2 Cloud Native Computing Foundation. “CNCF cloud native interactive landscape: Red Hat OpenShift,” Accessed September 8, 2020.
3 Cloud Native Computing Foundation. “Cloud Native Computing Foundation launches certified Kubernetes program with 32 conformant
distributions and platforms,” November 13, 2017.
4 Red Hat press release. “Red Hat Delivers OpenShift Enterprise 3 to power a new web-scale distributed application platform,” June 24, 2015.
5 Stackalytics. “Kubernetes commits by company,” Accessed September 8, 2020.
Red Hat OpenShift and Kubernetes... what’s the difference?
Joe Fernandes
VP, Cloud Platforms Business Unit, Red Hat
6 Cloud Native Computing Foundation. “Software conformance (Certified Kubernetes),” Accessed September 8, 2020.
7 Omdia press release. “Red Hat’s container software strategy paying off, for now,” September 4, 2019.
1
Red Hat OpenShift and Kubernetes... what’s the difference?
TL;DR
Don’t have time to read the whole report? The answer you’re
looking for could be in this list of frequently asked questions.
Does Red Hat OpenShift support kubectl? Does Red Hat OpenShift support
Kubernetes Operators?
Yes. Red Hat OpenShift has always
supported the use of kubectl for users Yes. Red Hat OpenShift 4 platform is built
who prefer to use the native Kubernetes with Operators, which manages the installation
command-line interface (CLI). Red Hat and upgrade of all Red Hat OpenShift
OpenShift also supports other command line platform components. It also enables you
tools, like oc and odo, which provide additional to run Kubernetes Operators on Red Hat
administrative functions and higher-level OpenShift from Red Hat and third-party
CLI functions for developers who aren’t ISV partners.
Kubernetes experts.
Find out more about Red Hat OpenShift’s
Read more about how Red Hat OpenShift can extensive support for Operators on page 10.
help you work the way you want on page 8.
Does Red Hat OpenShift support
Does Red Hat OpenShift support a wide Kubernetes Deployments?
range of third-party tools?
Yes. Red Hat OpenShift supports
Yes. Red Hat OpenShift users can access Kubernetes Deployments for application
an ecosystem of commercial and open deployment. We led the introduction of
source tools to extend the platform, including automated, rolling application deployments
solutions for monitoring, log management, with DeploymentConfigs—these are still
networking, storage, container builds, supported for backwards compatibility.
continuous integration / continuous delivery
(CI/CD), and more. Does Red Hat OpenShift support Helm
Charts?
Red Hat OpenShift users can also deploy
their choice of approved application services, Yes. Red Hat OpenShift has always enabled
including various programming language the use of Helm Charts for application
runtimes, databases, messaging, application deployments. Red Hat OpenShift 4 ships and
programming interface (API) management, supports the Helm 3 binaries as part of the
analytics, artificial intelligence/machine installer for added convenience.
learning (AI/ML), and more. This list
includes fully certified solutions from
Red Hat’s independent software vendors
(ISVs), partners, and from the community.
Find out more about Red Hat OpenShift’s
support for cloud-native CI/CD on page 15.
2
Red Hat OpenShift and Kubernetes... what’s the difference?
Does Red Hat OpenShift support Pod Does Red Hat OpenShift support Istio?
Security Policies (PSPs)?
Yes. Red Hat OpenShift Service Mesh,
Yes. PSPs are still considered beta in based on Istio, is fully supported. This
Red Hat OpenShift and upstream Kubernetes, support enables you to reduce the burden
but Red Hat OpenShift fully supports similar on your DevOps team and successfully run
fine-grained authorization of pod creation a distributed microservice architecture.
and updates via Security Context Constraints It provides a consistent way to connect,
(SCC). Red Hat OpenShift pioneered monitor, manage, and provide security for
the concept of more secure application microservices. It includes components like
deployment policies with SCCs, which later Kiali for visualization, Jaeger for transaction
became the basis for PSPs.8 tracing, and Prometheus for monitoring.
Find out more about Red Hat OpenShift’s Find out more about Red Hat OpenShift’s
additional security features on page 11. support for running microservices on page 9.
Does Red Hat OpenShift support Does Red Hat OpenShift support Knative?
Kubernetes Ingress?
Yes. Red Hat OpenShift Serverless, based
Yes. Red Hat OpenShift supports the on Knative, is fully supported. This support
use of standard Kubernetes Ingress for load enables serverless capabilities across hybrid,
balancing. We pioneered the concept of a multicloud environments—unlike some cloud
fully integrated Kubernetes Ingress load provider serverless offerings that tie you to
balancer with Red Hat OpenShift Routes, their specific cloud.
which is also available as an option and
Find out more about Red Hat OpenShift’s
provides additional capabilities.
support for the serverless model on page 9.
Does Red Hat OpenShift support
Prometheus?
Yes. Red Hat OpenShift ships and supports
Prometheus for monitoring and Prometheus
Alertmanager for alerts management.
8 Block, Andrew and Raffaele Spazzoli. “Increasing security of Istio deployments by removing the need for privileged containers,”
Red Hat OpenShift blog, September 17, 2018.
3
Red Hat OpenShift and Kubernetes... what’s the difference?
4
Red Hat OpenShift and Kubernetes... what’s the difference?
5
Red Hat OpenShift and Kubernetes... what’s the difference?
YURIY DENYSOV
DEVOPS ENGINEER
SCHOLASTIC CORPORATION
1 5 Red Hat case study. “Scholastic develops applications faster with Red Hat OpenShift and AWS,” 2019.
6
Red Hat OpenShift and Kubernetes... what’s the difference?
1 6 Flexera. “RightScale 2019 State of the Cloud Report from Flexera,” 2019.
17 Services like Amazon Elastic Kubernetes Service (EKS), Google Kubernetes Engine (GKE), and Azure Kubernetes Service (AKS) are targeted
toward individual users who are both the administrators and users of the clusters they create.
1 8 Red Hat customer success story. “Deutsche Bank streamlines development platform, democratizes IT,” Accessed September 8, 2020.
7
Red Hat OpenShift and Kubernetes... what’s the difference?
...more freedom to work the way ...an operating system (OS) you
you choose. can trust.
Red Hat OpenShift is focused on meeting Kubernetes depends on Linux. And
developers where they are. For some, that Red Hat OpenShift includes the most
means helping them work with Kubernetes deployed commercial Linux operating system
directly via the kubectl CLI and APIs. As the in the public cloud, Red Hat Enterprise Linux.20
current co-leader of the Kubernetes CLI
We fully support, maintain, and update
Special Interest Group (SIG),19 Red Hat is not
CoreOS as part of the Red Hat OpenShift
just enabling kubectl in Red Hat OpenShift,
platform, freeing you from the work and
but actually powering its evolution upstream.
risk associated with managing your OS and
For others, it means providing higher-level platform separately. Few competitors can
abstractions through more developer-friendly make this claim, and Red Hat’s advantage is
CLIs, like odo, via: that we can say it across bare-metal, virtual
machines, and public cloud environments.
• The Red Hat OpenShift developer console,
in the browser. In addition, our trusted images provide a
• Integrated developer environments (IDEs) strong foundation for your applications. They
like Red Hat CodeReady Workspaces, align the user space with the underlying host
powered by Eclipse Che. kernel running on your Red Hat OpenShift
Kubernetes worker nodes, provide security,
• Other popular IDEs, like VSCode and Intellij,
and keep them up to date.
through plugins.
These optional interfaces enable developers
to focus on their code and integrate with
supporting services for builds, CI/CD, Red Hat
OpenShift Service Mesh, Red Hat OpenShift
Serverless, and more.
8
Red Hat OpenShift and Kubernetes... what’s the difference?
AUDREY RESNIK
DATA SCIENTIST
EXXONMOBIL
9
Red Hat OpenShift and Kubernetes... what’s the difference?
ANDERSON AGAPITO
FORMER I.T. MANAGER
ELO SERVIÇOS
10
Red Hat OpenShift and Kubernetes... what’s the difference?
Kubernetes so the whole SCC has been a feature of Red Hat OpenShift
since version 3, and it’s the basis for Pod
community has access to them. Security Policies (PSPs). At the time of this
But as we’re able to support writing, PSPs are still considered beta in
upstream Kubernetes.26 And even vendors that
those fixes in more releases allow you to use PSPs often have remarkably
and more places than upstream permissive default policies.
Kubernetes, Red Hat OpenShift
You can switch off any of
customers don’t have to wait.
Red Hat OpenShift’s additional
Red Hat employs many leading Kubernetes built-in security functions, but
contributors. These contributors have both
the knowledge and ecosystem credentials
Red Hat thinks that security
to create bug reports upstream and should come configured as a
backport fixes.
default—don’t you?
11
Red Hat OpenShift and Kubernetes... what’s the difference?
…improved access control, by default. Red Hat OpenShift also makes integrating
with other systems and third-party apps easier.
Red Hat OpenShift makes permissions
Integration with Lightweight Directory Access
management more efficient. With it, admins
Protocol (LDAP) and Active Directory (AD)
can easily delegate the appropriate level of
is built in and straightforward to set up. And
access and authorization to different types
Red Hat OpenShift’s built-in OAuth server
of users.
can be integrated with a variety of
For example, admins can be given full identity providers.
privileges to manage the whole cluster, while
As a result, users can authenticate against
developers can be restricted to their own
a cluster and their authorization can be
namespaces and applications. Red Hat helped
determined based on their role. Roles can
develop RBAC in upstream Kubernetes, and
be defined for different types of users
it’s been a default feature since the first
and integrated with your LDAP groups.
Kubernetes Red Hat OpenShift release.
Authorization can be delegated to other users
With upstream Kubernetes, RBAC is an without sharing passwords, and to service
optional feature. With Red Hat OpenShift, accounts, components can directly access the
it’s the default. It’s also key to achieving and API with added security—without a regular
maintaining compliance with standards like user account.
GDPR, PCI DSS, and HIPAA.27
In addition, you can monitor which tokens
are making requests, giving insight into how
services are being used. Of course, access
tokens can be revoked if it’s suspected that
they’ve been compromised.
You could try to do this with other Kubernetes
solutions, but with Red Hat OpenShift’s built-
in access control features, it’s easier.
27 General Data Production Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and
Accountability Act (HIPAA).
28 Red Hat press release. “Deutsche Bank activates digital transformation with Red Hat.” May 6, 2019.
12
Red Hat OpenShift and Kubernetes... what’s the difference?
13
Red Hat OpenShift and Kubernetes... what’s the difference?
14
Red Hat OpenShift and Kubernetes... what’s the difference?
15
Red Hat OpenShift and Kubernetes... what’s the difference?
Red Hat…
...can support more of your needs. ...is here to stay.
We have a wide-ranging portfolio to support Red Hat is now part of IBM, one of the
your needs. Whether you want to expand your industry’s most established names. Red Hat’s
storage offering, introduce more automation, open hybrid cloud technologies are now paired
simplify your management, or even reconsider with the scale and depth of IBM’s innovation
virtualization, we have the products and and industry expertise, and sales leadership in
services to help. more than 175 countries. IBM and Red Hat are
better together.
You can choose between self-hosted
(Red Hat OpenShift Container Platform), Red Hat remains committed to investing in
managed (Amazon Red Hat OpenShift, maintaining and strengthening its portfolio,
Red Hat OpenShift Dedicated, Microsoft including Red Hat OpenShift.
Azure Red Hat OpenShift, or Red Hat
We are confident that Red Hat OpenShift will
OpenShift on IBM Cloud), or mix and match
be around in years to come—gaining features
to suit your organization’s needs. And because
and functionality each year.
all of these products are backed by our team
of experts, you can rest assured that your
business is in safe hands.
16
Red Hat OpenShift and Kubernetes... what’s the difference?