Enterprise Kubernetes Solutions:

Comparing Platform9 Managed Kubernetes (PMK) and Red Hat OpenShift

Platform9 Managed Kubernetes (PMK) is the industry’s only SaaS-based, continuously managed Kubernetes service that runs anywhere and guarantees 99.9% uptime SLA with remote monitoring, healing, upgrading, and security patching.

OpenShift Online and OpenShift Dedicated are hosted services running only on AWS and do not let you leverage your existing on-premises infrastructure or edge locations.

If you’re looking to run on-premises, or on mixed, hybrid environment, then you’re directed to the OpenShift Container platform. This is a traditional data center software solution that needs to be deployed and managed by customers themselves with the need for significant Kubernetes operational expertise and having to deal with ongoing complexity of day-2 operations.

Let’s first review the key differences between the two solutions, before drilling into a detailed comparison table.The three most important differences between Red Hat OpenShift and Platform9 Managed Kubernetes are:

  1. Managed Service
  2. Implementation and integration complexity
  3. Proprietary lock-in

Managed Service

Manage it on your own

Red Hat OpenShift Container Platform is a set of software components that have to be installed and managed by customers themselves, on their own infrastructure, similar to traditional software products.
The customer’s internal IT operations team is responsible for ongoing day-2 operations, such as: ensuring HA, upgrades, security patches, monitoring, alerts, and more.

OpenShift provides all the point-tools for running Kubernetes, but the burden is on the customer to operate these systems with strict SLAs. This can pose a significant challenge because many companies lack Kubernetes operational skills and it is quite difficult to hire and retain in-house Kubernetes experts.

Red Hat provides traditional support subscription, where troubleshooting and on ongoing remediation are handled via support tickets. Any issues that customers encounter with managing Kubernetes at scale on their own – including manual upgrades – require engaging with the OpenShift support team, which can prolong resolution considerably.

Ensure 99.9% uptime guarantee with no operational overhead

Platform9 Managed Kubernetes delivers Kubernetes as a fully managed SaaS solution without professional services or complex packaged software implementations.

PMK eliminates the operational burden of Kubernetes at scale by freeing the internal staff, and offloading all production issues, monitoring, troubleshooting and healing to be handled automatically – by the service, with 99.9% SLA guarantee.  Some of the critical operational capabilities that are included out of the box are: zero-touch upgrades, multi-cluster operations, high availability, monitoring, diagnostics, and more. Furthermore, when security vulnerabilities are discovered in Kubernetes or related open source components, Platform9 fixes the bug and issues a patch within a few days, that can be deployed on all clusters with no service interruption.

In addition, Platform9 has a team of Certified Kubernetes Admins (CKA) that are an extension of the customer’s Operation team, and are available at a moment’s notice to proactively remediate issues when needed, or consult with around best practices for architecting applications or data centers to maximize the value of Kubernetes.

Operations Automation

zero-touch upgrades, multi-cluster operations, high availability, monitoring, diagnostics, and more, all handled automatically and backed by a 24x7x365 SLA

Implementation and integration complexity

In order to provide an enterprise-grade Kubernetes environment that includes integrated UX, API’s, identify management, storage service, service catalogs, cloud automation etc., Red Hat offers a number of different products from the Red Hat portfolio that need to be integrated with OpenShift, including CloudForms, Core OS, Ceph, Red Hat OpenStack, and more.These disparate products all have their individual roadmaps and release timelines and require significant integration and testing to implement with OpenShift Kubernetes offering.  In particular, CloudForms takes a very heavy scripting approach to cloud automation requiring expensive professional services, training, and certification. Red Hat’s ticket-based support will become a bottleneck in maintaining SLA’s and troubleshooting production outages that can span different products and integrated components.

On the other hand, Platform9 Managed Kubernetes is a single, integrated managed service that provides the same enterprise-grade capabilities with no professional services, no long implementation cycles, and no advanced Kubernetes operations expertise. This improves time-to-value and lowers both implementation and admin costs.

Proprietary lock-in

Although Red Hat OpenShift uses the open-source Kubernetes as a foundation, its implementation has forked off the pure upstream Kubernetes, and is proprietary along several dimensions. This forces customers to get locked-in to the platform with a very difficult and expensive migration path to other solutions or in order to take advantage of integrated services that use the pure open source version of Kubernetes.

The following is a short list of OpenShift features that lock-in customers to the Red Hat  platform:

  1. Openshift’s Kubernetes differs  significantly from upstream Kubernetes:  Openshift have added their own proprietary/wrapper API’s that are incompatible with Kubernetes constructs and Open source API’s, making applications that run on Openshift to  not be portable to upstream Kubernetes.
  2. It is supported only on Red Hat Enterprise Linux (RHEL): No other Linux or Windows Operating Systems are supported as the OS for production deployments- limiting your infrastructure options.
  3. It is difficult to integrate with external container registries: Openshift comes with its built-in private registry but it does not work very well with external registries such as DockerHub.
  4. It uses proprietary App Templates: OpenShift does not support the standard Helm charts, instead forcing customers to use their OpenShift templates which are nowhere near as powerful and feature-rich as Helm charts. OpenShift customers are unable to leverage the rich ecosystem of applications  created by thousands of people in the community and delivered as Helm charts.

On the other hand, Platform9 Managed Kubernetes uses a 100% pure, upstream open source version of Kubernetes – certified by CNCF, with no forks. This ensures that customer applications are portable across any certified Kubernetes distribution using the standard Open API’s. Furthermore, with PMK, the same version of upstream Kubernetes can be deployed to any target cloud provider including AWS, Azure, VMware, or bare metal. This eliminates lock-in from proprietary distributions but also avoids lock-in to the Kubernetes services offered by the public clouds such as  AWS’s EKS or Azure’s AKS, allowing customers to deploy Kubernetes easily on the ‘regular’, much cheaper, instances types (i.e. EC2)).

Finally, PMK provides an app catalog with hundreds of pre-built applications based on Helm charts from the Kubernetes community which are available to deploy with a single click.

Detailed Comparison

The following detailed comparison table covers 18 technical and operational categories including deployment & provisioning, application & infrastructure management, and production features such as HA, zero-touch upgrades, and monitoring. The pie charts indicate level of completeness of the corresponding capability in PMK and OpenShift.

Platform9 Managed Kubernetes (PMK)
Red Hat OpenShift
Provisioning of Kubernetes Clusters

Fully automated provisioning of clusters on any infrastructure: on-premises, public clouds, or at the edge

Fully automated provisioning of clusters

High Availability and Healing

  • Built-in support for highly available clusters out of the box
  • Clusters of 1/3/5 masters are supported for quorum
  • Built-in etcd high availability support
  • Supports full repair or recovery of etcd upon failure

  • Supports a highly available cluster deployment
  • The default HAProxy load balancer can be used to create a multi-master and multi-etcd cluster environment – with etcd nodes either forming their own cluster or deployed on the same node as the master
Deployment Model(s) Supported

Platform9’s unique remotely hosted SaaS-managed offering means that customers can run their upstream open source kubernetes clusters on any infrastructure: on-premises, VMware, public clouds, or at the edge. Platform9 remotely handles all the complex monitoring, alerting, upgrading, and SLA management.

 

Three deployment models offered:

  • Hosted Public Cloud Offering – trial environment only
  • OpenShift Dedicated – Single-tenant, high-availability OpenShift clusters hosted on Amazon Web Services. Delivered as a hosted service

OpenShift Container Platform – Enterprise offering available for large customers with on-prem and/or hybrid infrastructure.

Prerequisites and Operating System Requirements

Supports all popular enterprise  Linux distributions – Red Hat, CentOS, Ubuntu

  • Supports Red Hat Linux only
  • RHEL subscription is required and included as part of the OpenShift bundled product subscription
Monitoring and Operations Management

  • 24 x 7 live monitoring
  • 99.9% guaranteed SLA
  • Proactive repair
  • Automated email notifications for any issues
  • Automated support ticket creation and triaging of issues

  • Diagnostic tools via command line for health statistics
  • Environmental health check information:
    • Prometheus is available and comes pre-configured with OpenShift 3.11.
Cluster Upgrades

  • Fully automated cluster upgrades delivered seamlessly, with no interruption to the environment
  • Zero-downtime upgrade

  • OpenShift provides Ansible playbooks for upgrades. Built-in automated cluster upgrades are not available in OpenShift 3.11
Multi-cluster Management

  • Built in multi-cluster support. Create any number of clusters
  • Admins can manage multiple clusters across different regions, data centers and clouds

  • A typical deployment creates a single Kubernetes cluster that is designed to scale up to 2000 nodes
  • All users of that deployment are expected to share that single cluster and achieve isolation via a combination of Kubernetes namespaces, and OpenShift multi-tenancy
  • Multiple clusters achieved through  multiple OpenShift deployments
Multi-tenancy, Role-based Access Control, and Single Sign-on Support

  • Support for multi-region management. Built in multi-tenancy support
  • Kubernetes RBAC is fully supported
  • Full support for Single-Sign On (SSO). Integrate with a SAML-based provider that your organization uses such as Okta, ADFS, Ping Identity, etc.

  • Delivers multi-tenancy through projects, called Kubernetes namespaces
  • Kubernetes RBAC is utilized to define granular access policies for users
  • There is no cross cluster multi-tenancy
Load Balancing

  • Out of the box support for cluster and service level load balancing with MetalLB load balancer
  • Can integrate with customer specific load balancers (AVI and others)

  • Out of the box support for cluster and service level load balancing with default HAProxy load balancer. Other load balancers are supported with plug ins.
Private Registry Support and Image Management

  • Does not provide out of the box support for private registries
  • Registries and secrets required to authenticate with the registries need to be managed by the customer separately

  • The internal integrated Docker registry can be deployed in the  OpenShift environment to locally manage images. OpenShift does not handle DockerHub well with their private registries. Because of complex security requirements and configs specific to openshift, a user is prevented from pulling a docker image. A user would have to build image streams, secrets management, and built to image in a lot of cases, unlike pure kubernetes which is much less complex
Hybrid Cloud Integrations and APIs

  • Includes the most native integration with all major private data center/private cloud offerings and major public cloud providers
  • Integrates natively with VMware vSphere, Linux/KVM, OpenStack
  • Clusters on public clouds are created with the public cloud’s IaaS layer to provide a native Kubernetes cluster experience

  • Provides a managed deployment on AWS
  • A joint collaboration has been announced with Microsoft to support OpenShift deployment on Azure
Enterprise Grade User Experience

  • Provides and enterprise class UI and user experience
  • The clarity UI provides a single pane of glass across bare metal, virtualized and containerized workloads
  • Unify all your data centers, private clouds, and public clouds under single UI

  • Provides a native UI that enables management of your Kubernetes resources and the catalog
Application Lifecycle Management - Application Catalog

  • Built in support for Application catalog that’s populated with public Helm chart applications
  • Administrators can provide users access to applications that are private to the organization
  • Support for managed apps

  • An extensive application catalog and PaaS layer helps with building and deploying apps
  • The service catalog is based on Open Service Broker API https://www.openservicebrokerapi.org/
  • It ships with two service brokers, one to enables applications from their built in app template library, the other is an ansible broker
  • The templated applications support – Rails (Ruby), Django (Python), Node.js, CakePHP (PHP), and Dancer (Perl)
  • The Ansible broker supports integration w/ Ansible Playbook Bundles (APB)
  • The service catalog offers Prometheus, EFK, Jenkins etc.
Production Grade Service Level Agreement

  • Platform9 contractually promises 99.9% cluster uptime and high availability
  • Provides self healing, problem resolution through the service

  • Provides traditional support via subscription model
  • Troubleshooting is handled via support tickets
  • Customers drive the manual upgrades and any issues require support team engagement
Ease of Setup, Installation, Continuous Use, Management, and Maintenance

  • Platform9’s SaaS managed gets Kubernetes up and running in minutes
  • Create a simple Kubernetes cluster using on-prem servers, VMs or public cloud resources in minutes
  • Manage clusters with one-click UI-based upgrades and troubleshooting

  • Installing and configuring OpenShift is a manual process which is ansible-based
  • Several ansible playbooks are required during the installation
Networking Support and Integrations

  • Provides full CNI support
  • Integrates OOB with Flannel, Calico, Weave and OpenContrail
  • Other CNI compatible integrations possible on customer request

  • OpenShift provides CNI support and can integrate with any CNI based SDN
  • By default OpenShift SDN is deployed, which configures an overlay network using Open vSwitch (OVS) and supports 3 modes:
    • Flat network model with ovs-subnet plugin where every pod can communicate with every other pod
    • Project level isolation for pods
    • Services using ovs-multitenant plugin, and which enables administrators to configure their own isolation policies using Network Policy objects with ovs-network policy plug-in
  • Out of the box third party CNI plugins supported: Flannel, Nuage and Kuryer
Storage Support and Integrations

  • Supports integration with any flexvolume drivers
  • Integrates with any cinder supported storage backend. – Supports integration with all popular storage backends such as NetApp, Pure Storage, etc.

  • Supports integration with network based persistent storage using the Kubernetes persistent volume framework
  • Supports a wide variety of persistent storage endpoints such as NFS, GlusterFS, OpenStack Cinder, FlexVolume, VMware vSphere etc
Self Service Provisioning

  • Complete self-service provisioning enabled via Platform9’s clarity UI
  • Users log into the UI as part of a specific Tenant (eg dev/test/production) and are able to access clusters provided they have been granted access
  • Quick deployment of pods, deployments and services via a wizard

  • Provides a self-service UI that is separate from the default Kubernetes dashboard UI to enable self-service for developers and administrators
Built-in CI/CD Support

Provides Spinnaker and Jenkins via the Helm application catalog

  • Pipelines and Build Strategies simplifies the creation and automation of dev/test and production pipelines
  • Ships out of the box with a Jenkins build strategy and client plugin to create a Jenkins pipeline. However, the setup to create and configure production pipelines is manual and time consuming.
  • The pipeline build configuration creates a Jenkins master pod (if one doesn’t exist) and then automatically creates slave pods to scale jobs & assign different pods for jobs with different runtimes

Summary

Kubernetes is enormously complicated to operate at scale.  A large number of unexpected events ranging Kubernetes service failures and upgrade failures to infrastructure component failures can occur in an actual production environment. Monitoring these events, triggering alerts, proactively preventing production outages to maintain enterprise SLA’s requires a sophisticated monitoring/alerting system combined with Kubernetes experts who are available on call to fix issues 24×7.

Red Hat does not invest time or resources for managing any of this on behalf of the customer other than providing assistance in implementing and servicing any issues that may occur as part of standard customers ticket-based support contract or offer expensive professional services.

Platform9 Managed Kubernetes is the industry’s first SaaS-based continuously managed service is production ready and easy to use. Benefit from the open source innovation with our 100% pure upstream Kubernetes, avoid lock-in, and ensure portability across environments. Let platform9 handle all the complex operational tasks including zero-touch upgrades, patching, logging, monitoring, alerting, and high availability.

See how you can run Kubernetes instantly, anywhere

Contact Us Try Sandbox

The browser you are using is outdated. For the best experience please download or update your browser to one of the following:

[Webinar] How Retail Industry Technology Leaders Should Architect Software-Driven Stores.Register Now
+