OpenShift vs. Platform9 Managed Kubernetes (PMK)

Platform9 Managed Kubernetes (PMK) is the industry’s only SaaS-based, continuously managed Kubernetes service that runs anywhere and guarantees 99.9% uptime SLA with remote monitoring, healing, upgrading, and security patching.

OpenShift Online and OpenShift Dedicated are hosted services running only on AWS and do not let you leverage your existing on-premises infrastructure or edge locations.

If you’re looking to run on-premises, or on mixed, hybrid environment, then you’re directed to the OpenShift Container platform. This is a traditional data center software solution that needs to be deployed and managed by customers themselves with the need for significant Kubernetes operational expertise and having to deal with ongoing complexity of day-2 operations.

Let’s first review the key differences between the two solutions, before drilling into a detailed comparison table.The three most important differences between Red Hat OpenShift and Platform9 Managed Kubernetes are:

Managed Service
Implementation and integration complexity
Proprietary lock-in

Manage it on your own

Red Hat OpenShift Container Platform is a set of software components that have to be installed and managed by customers themselves, on their own infrastructure, similar to traditional software products.
The customer’s internal IT operations team is responsible for ongoing day-2 operations, such as: ensuring HA, upgrades, security patches, monitoring, alerts, and more.

OpenShift provides all the point-tools for running Kubernetes, but the burden is on the customer to operate these systems with strict SLAs. This can pose a significant challenge because many companies lack Kubernetes operational skills and it is quite difficult to hire and retain in-house Kubernetes experts.

Red Hat provides traditional support subscription, where troubleshooting and on ongoing remediation are handled via support tickets. Any issues that customers encounter with managing Kubernetes at scale on their own – including manual upgrades – require engaging with the OpenShift support team, which can prolong resolution considerably.

Ensure 99.9% uptime guarantee with no operational overhead

Platform9 Managed Kubernetes delivers Kubernetes as a fully managed SaaS solution without professional services or complex packaged software implementations.

PMK eliminates the operational burden of Kubernetes at scale by freeing the internal staff, and offloading all production issues, monitoring, troubleshooting and healing to be handled automatically – by the service, with 99.9% SLA guarantee. Some of the critical operational capabilities that are included out of the box are: zero-touch upgrades, multi-cluster operations, high availability, monitoring, diagnostics, and more. Furthermore, when security vulnerabilities are discovered in Kubernetes or related open source components, Platform9 fixes the bug and issues a patch within a few days, that can be deployed on all clusters with no service interruption.

In addition, Platform9 has a team of Certified Kubernetes Admins (CKA) that are an extension of the customer’s Operation team, and are available at a moment’s notice to proactively remediate issues when needed, or consult with around best practices for architecting applications or data centers to maximize the value of Kubernetes.

zero-touch upgrades, multi-cluster operations, high availability, monitoring, diagnostics, and more, all handled automatically and backed by a 24x7x365 SLA

In order to provide an enterprise-grade Kubernetes environment that includes integrated UX, API’s, identify management, storage service, service catalogs, cloud automation etc., Red Hat offers a number of different products from the Red Hat portfolio that need to be integrated with OpenShift, including CloudForms, Core OS, Ceph, Red Hat OpenStack, and more.These disparate products all have their individual roadmaps and release timelines and require significant integration and testing to implement with OpenShift Kubernetes offering. In particular, CloudForms takes a very heavy scripting approach to cloud automation requiring expensive professional services, training, and certification. Red Hat’s ticket-based support will become a bottleneck in maintaining SLA’s and troubleshooting production outages that can span different products and integrated components.

On the other hand, Platform9 Managed Kubernetes is a single, integrated managed service that provides the same enterprise-grade capabilities with no professional services, no long implementation cycles, and no advanced Kubernetes operations expertise. This improves time-to-value and lowers both implementation and admin costs.

Although Red Hat OpenShift uses the open-source Kubernetes as a foundation, its implementation has forked off the pure upstream Kubernetes, and is proprietary along several dimensions. This forces customers to get locked-in to the platform with a very difficult and expensive migration path to other solutions or in order to take advantage of integrated services that use the pure open source version of Kubernetes.

The following is a short list of OpenShift features that lock-in customers to the Red Hat platform:

Openshift’s Kubernetes differs significantly from upstream Kubernetes: Openshift have added their own proprietary/wrapper API’s that are incompatible with Kubernetes constructs and Open source API’s, making applications that run on Openshift to not be portable to upstream Kubernetes.
It is supported only on Red Hat Enterprise Linux (RHEL): No other Linux or Windows Operating Systems are supported as the OS for production deployments- limiting your infrastructure options.
It is difficult to integrate with external container registries: Openshift comes with its built-in private registry but it does not work very well with external registries such as DockerHub.
It uses proprietary App Templates: OpenShift does not support the standard Helm charts, instead forcing customers to use their OpenShift templates which are nowhere near as powerful and feature-rich as Helm charts. OpenShift customers are unable to leverage the rich ecosystem of applications created by thousands of people in the community and delivered as Helm charts.

On the other hand, Platform9 Managed Kubernetes uses a 100% pure, upstream open source version of Kubernetes – certified by CNCF, with no forks. This ensures that customer applications are portable across any certified Kubernetes distribution using the standard Open API’s. Furthermore, with PMK, the same version of upstream Kubernetes can be deployed to any target cloud provider including AWS, Azure, VMware, or bare metal. This eliminates lock-in from proprietary distributions but also avoids lock-in to the Kubernetes services offered by the public clouds such as AWS’s EKS or Azure’s AKS, allowing customers to deploy Kubernetes easily on the ‘regular’, much cheaper, instances types (i.e. EC2)).

Finally, PMK provides an app catalog with hundreds of pre-built applications based on Helm charts from the Kubernetes community which are available to deploy with a single click.

The following detailed comparison table covers 18 technical and operational categories including deployment & provisioning, application & infrastructure management, and production features such as HA, zero-touch upgrades, and monitoring. The pie charts indicate level of completeness of the corresponding capability in PMK and OpenShift.

Platform9 Managed Kubernetes (PMK)

Red Hat OpenShift

Provisioning of Kubernetes Clusters

Fully automated provisioning of clusters on any infrastructure: on-premises, public clouds, or at the edge

Fully automated provisioning of clusters

High Availability and Healing

Built-in support for highly available clusters out of the box
Clusters of 1/3/5 masters are supported for quorum
Built-in etcd high availability support
Supports full repair or recovery of etcd upon failure

Supports a highly available cluster deployment
The default HAProxy load balancer can be used to create a multi-master and multi-etcd cluster environment – with etcd nodes either forming their own cluster or deployed on the same node as the master

Deployment Model(s) Supported

Platform9’s unique remotely hosted SaaS-managed offering means that customers can run their upstream open source kubernetes clusters on any infrastructure: on-premises, VMware, public clouds, or at the edge. Platform9 remotely handles all the complex monitoring, alerting, upgrading, and SLA management.

Three deployment models offered:

Hosted Public Cloud Offering – trial environment only
OpenShift Dedicated – Single-tenant, high-availability OpenShift clusters hosted on Amazon Web Services. Delivered as a hosted service

OpenShift Container Platform – Enterprise offering available for large customers with on-prem and/or hybrid infrastructure.

Prerequisites and Operating System Requirements

Supports all popular enterprise Linux distributions – Red Hat, CentOS, Ubuntu

Supports Red Hat Linux only
RHEL subscription is required and included as part of the OpenShift bundled product subscription

Monitoring and Operations Management

24 x 7 live monitoring
99.9% guaranteed SLA
Proactive repair
Automated email notifications for any issues
Automated support ticket creation and triaging of issues

Diagnostic tools via command line for health statistics
Environmental health check information:
- Prometheus is available and comes pre-configured with OpenShift 3.11.

Cluster Upgrades

Fully automated cluster upgrades delivered seamlessly, with no interruption to the environment
Zero-downtime upgrade

OpenShift provides Ansible playbooks for upgrades. Built-in automated cluster upgrades are not available in OpenShift 3.11

Multi-cluster Management

Built in multi-cluster support. Create any number of clusters
Admins can manage multiple clusters across different regions, data centers and clouds

A typical deployment creates a single Kubernetes cluster that is designed to scale up to 2000 nodes
All users of that deployment are expected to share that single cluster and achieve isolation via a combination of Kubernetes namespaces, and OpenShift multi-tenancy
Multiple clusters achieved through multiple OpenShift deployments

Multi-tenancy, Role-based Access Control, and Single Sign-on Support

Support for multi-region management. Built in multi-tenancy support
Kubernetes RBAC is fully supported
Full support for Single-Sign On (SSO). Integrate with a SAML-based provider that your organization uses such as Okta, ADFS, Ping Identity, etc.

Delivers multi-tenancy through projects, called Kubernetes namespaces
Kubernetes RBAC is utilized to define granular access policies for users
There is no cross cluster multi-tenancy

Load Balancing

Out of the box support for cluster and service level load balancing with MetalLB load balancer
Can integrate with customer specific load balancers (AVI and others)

Out of the box support for cluster and service level load balancing with default HAProxy load balancer. Other load balancers are supported with plug ins.

Private Registry Support and Image Management

Does not provide out of the box support for private registries
Registries and secrets required to authenticate with the registries need to be managed by the customer separately

The internal integrated Docker registry can be deployed in the OpenShift environment to locally manage images. OpenShift does not handle DockerHub well with their private registries. Because of complex security requirements and configs specific to openshift, a user is prevented from pulling a docker image. A user would have to build image streams, secrets management, and built to image in a lot of cases, unlike pure kubernetes which is much less complex

Hybrid Cloud Integrations and APIs

Includes the most native integration with all major private data center/private cloud offerings and major public cloud providers
Integrates natively with VMware vSphere, Linux/KVM, OpenStack
Clusters on public clouds are created with the public cloud’s IaaS layer to provide a native Kubernetes cluster experience

Provides a managed deployment on AWS
A joint collaboration has been announced with Microsoft to support OpenShift deployment on Azure

Enterprise Grade User Experience

Provides and enterprise class UI and user experience
The clarity UI provides a single pane of glass across bare metal, virtualized and containerized workloads
Unify all your data centers, private clouds, and public clouds under single UI

Provides a native UI that enables management of your Kubernetes resources and the catalog

Application Lifecycle Management - Application Catalog

Built in support for Application catalog that’s populated with public Helm chart applications
Administrators can provide users access to applications that are private to the organization
Support for managed apps

An extensive application catalog and PaaS layer helps with building and deploying apps
The service catalog is based on Open Service Broker API https://www.openservicebrokerapi.org/
It ships with two service brokers, one to enables applications from their built in app template library, the other is an ansible broker
The templated applications support – Rails (Ruby), Django (Python), Node.js, CakePHP (PHP), and Dancer (Perl)
The Ansible broker supports integration w/ Ansible Playbook Bundles (APB)
The service catalog offers Prometheus, EFK, Jenkins etc.

Production Grade Service Level Agreement

Platform9 contractually promises 99.9% cluster uptime and high availability
Provides self healing, problem resolution through the service

Provides traditional support via subscription model
Troubleshooting is handled via support tickets
Customers drive the manual upgrades and any issues require support team engagement

Ease of Setup, Installation, Continuous Use, Management, and Maintenance

Platform9’s SaaS managed gets Kubernetes up and running in minutes
Create a simple Kubernetes cluster using on-prem servers, VMs or public cloud resources in minutes
Manage clusters with one-click UI-based upgrades and troubleshooting

Installing and configuring OpenShift is a manual process which is ansible-based
Several ansible playbooks are required during the installation

Networking Support and Integrations

Provides full CNI support
Integrates OOB with Flannel, Calico, Weave and OpenContrail
Other CNI compatible integrations possible on customer request

OpenShift provides CNI support and can integrate with any CNI based SDN
By default OpenShift SDN is deployed, which configures an overlay network using Open vSwitch (OVS) and supports 3 modes:
- Flat network model with ovs-subnet plugin where every pod can communicate with every other pod
- Project level isolation for pods
- Services using ovs-multitenant plugin, and which enables administrators to configure their own isolation policies using Network Policy objects with ovs-network policy plug-in
Out of the box third party CNI plugins supported: Flannel, Nuage and Kuryer

Storage Support and Integrations

Supports integration with any flexvolume drivers
Integrates with any cinder supported storage backend. – Supports integration with all popular storage backends such as NetApp, Pure Storage, etc.

Supports integration with network based persistent storage using the Kubernetes persistent volume framework
Supports a wide variety of persistent storage endpoints such as NFS, GlusterFS, OpenStack Cinder, FlexVolume, VMware vSphere etc

Self Service Provisioning

Complete self-service provisioning enabled via Platform9’s clarity UI
Users log into the UI as part of a specific Tenant (eg dev/test/production) and are able to access clusters provided they have been granted access
Quick deployment of pods, deployments and services via a wizard

Provides a self-service UI that is separate from the default Kubernetes dashboard UI to enable self-service for developers and administrators

Built-in CI/CD Support

Provides Spinnaker and Jenkins via the Helm application catalog

Pipelines and Build Strategies simplifies the creation and automation of dev/test and production pipelines
Ships out of the box with a Jenkins build strategy and client plugin to create a Jenkins pipeline. However, the setup to create and configure production pipelines is manual and time consuming.
The pipeline build configuration creates a Jenkins master pod (if one doesn’t exist) and then automatically creates slave pods to scale jobs & assign different pods for jobs with different runtimes

Kubernetes is enormously complicated to operate at scale. A large number of unexpected events ranging Kubernetes service failures and upgrade failures to infrastructure component failures can occur in an actual production environment. Monitoring these events, triggering alerts, proactively preventing production outages to maintain enterprise SLA’s requires a sophisticated monitoring/alerting system combined with Kubernetes experts who are available on call to fix issues 24×7.

Red Hat does not invest time or resources for managing any of this on behalf of the customer other than providing assistance in implementing and servicing any issues that may occur as part of standard customers ticket-based support contract or offer expensive professional services.

Platform9 Managed Kubernetes is the industry’s first SaaS-based continuously managed service is production ready and easy to use. Benefit from the open source innovation with our 100% pure upstream Kubernetes, avoid lock-in, and ensure portability across environments. Let platform9 handle all the complex operational tasks including zero-touch upgrades, patching, logging, monitoring, alerting, and high availability.