June 23, 2021

Two Hats Are Redder Than One: OpenShift Continuation (Week 6)

Two Hats Are Redder Than One: OpenShift Continuation  (Week 6)

Hi Everyone!

We are back for another week of Red Hat technology discussion. Last week we introduced our kubernetes based container platform OpenShift Container Platform. Just to recap on that writeup (as always please go and reread the last week if you need more information) we discussed the need for running applications at scale. This need leads to a whole bunch of new challenges. How do you maintain thousands of containers? How do you ensure they are all secure and operating as they should? Do you want to hire someone to only handle container maintenance? With these answers comes more questions but industry agrees that kubernetes as a management platform is the best way to manage containers in production. With kubernetes (k8s) there are many different routes to go. You could build your own application but that would take time and resources so the other option is to go with something out of the box. Red Hat OpenShift Container Platform is the industry’s most mature k8s implementation. For more information on that refer back to our first OpenShift post or check out Red Hat’s website on OpenShift. For now we are going to continue the discussion.

Cody

My background is in programming. I majored in Computer Science and worked for 3 years doing application development for manufacturing companies. I always approach applications that I am using from a developer standpoint. OpenShift makes this easy, it offers two different perspectives. A perspective is essentially a view in OpenShift, it allows for different tools to be displayed depending on the perspective that is selected. The Administrator perspective shows tools for administrators of the platform itself. As I am sure you can guess, I am going to discuss the Developer perspective.

Siloing tools may seem counterintuitive but it helps push the correct tools to the experienced developers that can put them to work. It also removes tools that developers don’t need as well as reducing the amount of risk from undertrained developers. It also ensures that any 3rd parties who gain access to the developer perspective don’t have access to the entire system.

Now to be clear about something, perspectives are only available in the web UI. Developers who use the CLI will not have the same view as developers in the web console. If you do choose to use the web console with the Developer Perspective then you will have access to creating and deploying applications through a variety of methods. The Source-to-Image (S2I) tool allows you to build containers directly from source code in OpenShift. You could also select containers from a private repository or a series of preselected containers in our catalog. There is also a very large (and growing) list of Red Hat certified operators in our marketplace which can help automate application life cycles.

Once you have an application up and running the Developer Perspective will also give you access to tools to manage the day 2 operations of your applications. You can visually interact with the applications and their associated services and networking. You can also easily group applications together and connect applications across different groups.

The Developer Perspective provides a visual toolset for developers to manage application deployment and application lifecycle. Rather than reading about the different tool sets that OpenShift can provide you can also utilize free Red Hat resources to try out OpenShift for yourself. Through learn.openshift.com you can take OpenShift training. For now I will pass it over to Cam to continue the discussion but after reading his post I recommend heading to the OpenShift url for training. Thanks!

Cam

Thanks for the rundown Cody!  Really got a lot out of your perspective.  I think I would like to wrap up our painfully short overview of Red Hat OpenShift with something I’ve been helping our customers and partners with a lot recently and that’s security in kubernetes based environments, particularly OpenShift.

OpenShift has many tools and services that you can use as soon as you install it.  I’ll take you through a few of those in the next few paragraphs.  Things like Red Hat Quay with Clair for vulnerability scanning, encrypted networking with Red Hat Service Mesh, and finally our ability to extend the functionality of our platform by working alongside our partner ecosystem.

Red Hat Quay with Clair and other tools like it are critical for securing the software supply chain in your DevOps pipelines.  Red hat Quay and Clair are available with Red Hat OpenShift and offer the capability to execute container scanning on containers in your container registry.  Once scanned, the containers can be a trusted part of the software supply chain and data from the scanning is viewable in the Red Hat OpenShift Platform so that you are constantly monitoring and in touch with the status of your environment.

Red Hat Service Mesh is something I mentioned before but its ability to perform mTLS (Mutual Transport Layer Security protocol) is a major upgrade to the integrity of the container environment.  More specifically the mTLS is handled entirely by the service mesh infrastructure between the two communications objects’ sidecar proxies.  The other benefits of Red Hat Service mesh can help with all aspects of your environment’s networking but having this level of encryption is increasingly becoming table stakes for the kubernetes environments run in enterprise environments.

The Red Hat Partner Ecosystem is more than a way in which Red Hat and our partners work together to make sure that other ISVs are able to run their offerings on our platforms.  Together, the Red Hat Partner Ecosystem is creating the best in class solutions.  This is even more the case for the security based solutions.  Just today, I co-presented with F5, an ecosystem partner, and we demonstrated the ability to combine F5, Red Hat, and Elasticsearch technology into a single DevSecOps solution that could automatically address security intrusions into the OpenShift environment.

There’s so much more to say about OpensShift but Cody and I have to stop somewhere or we’d be here all year.  OpenShift is special to me among all our products, I spend the most time around it and I think it has an amazing future in our industry.  Reach out to Cody or I if you have any questions or want to chat.  Also, check out our demos, learning labs, and partner solutions if you’re interested.  Hope you all have a great week!