Today at Red Hat Summit we celebrate the announcement of Red Hat OpenShift 4, which will be available in the next month.
A big thank you to our customers from more than 1,000 worldwide organizations, our partners, the Kubernetes community at large, and our Red Hat teams for all of the progress we’ve made together on the platform.
In this first major release since we completely rebased OpenShift 3 on Kubernetes four years ago, we’re going beyond Kubernetes and the fully integrated platform we deliver through OpenShift, and redefining Kubernetes for the enterprise through full stack automation.
Realizing the Red Hat and CoreOS Vision
This represents the realization of the vision and plans that we laid out with the CoreOS team shortly after Red Hat’s acquisition closed almost 15 months ago now. But it also represents years of work by both companies innovating in the upstream Kubernetes and containers communities, bringing that innovation to enterprise customers in a consumable form and listening to their feedback and challenges.
It was amazing to watch how quickly our teams came together, with a unified mission, to deliver a fully integrated platform in OpenShift 4 that combines the best ideas and innovations from both companies. Today, there are many vendors attempting to offer their own Kubernetes solutions. But no one can match the experience, expertise and enterprise-grade Kubernetes innovation that Red Hat brings to the table through OpenShift.
Kubernetes at the Core with Full Stack Automation
OpenShift 4 is Kubernetes at its core and in this release we have completely re-architected how we install, upgrade and manage the platform, while also bringing advanced day 2 management and automation to the application services that run on the platform. These advancements are based on many new innovations in the Kubernetes ecosystem, none bigger than Kubernetes Operators.
Operators automate life cycle management of containerized applications with Kubernetes. With Operators, administrators can extend the Kubernetes API to codify operational knowledge and workflows for managing complex applications right into those services, so they run seamlessly on Kubernetes. For OpenShift customers and ISV partners, this allows them to bring the same level of management and automation found in public cloud services to their own services, while providing a consistent operating model for running these services across the hybrid cloud.
Since OpenShift itself is a fully containerized platform consisting of many different components, we also take advantage of Operators for driving the installation and upgrades of OpenShift and all of its services. This includes Kubernetes core services, along with Prometheus, Grafana, Elasticsearch, software defined networking, storage, registry and other components that make up the OpenShift Kubernetes platform. OpenShift 4 is an Operator-driven platform that delivers full-stack automation from top to bottom. From Kubernetes, to the core services that support the OpenShift cluster, to the application services deployed by end users; everything is managed throughout its lifecycle with Operators.
Trusted Enterprise Kubernetes
Delivering a trusted enterprise Kubernetes solution means delivering trusted container content, a trusted container platform and trusted Linux host infrastructure to run it on. This has been our focus with OpenShift 3, building on the solid foundation of Red Hat Enterprise Linux, providing a more secure and reliable OpenShift Kubernetes distribution, and delivering certified container images through the Red Hat Container Catalog.
When we set out to build OpenShift 4, we wanted to address the challenges customers still faced installing the platform consistently and keeping it updated with the latest security patches and rapidly moving Kubernetes releases. We also wanted to make it easier to deploy complex applications on the platform and manage those applications across the lifecycle. To do this we needed to unify and consistently manage all aspects of the platform, both day 1 and day 2.
Full Stack Kubernetes Install & Upgrade Challenges
This started with rethinking how we install the OpenShift platform on day 1. To install OpenShift 3.x, a user first manually configures the underlying infrastructure layer, whether they are running OpenShift in the public cloud or in their own data center. They then deploy instances of Red Hat Enterprise Linux and run the OpenShift 3.x installer, which leverages Ansible, to automate the deployment and configuration of the Kubernetes control plane, worker nodes and integrated platform services. Day 2 and beyond, the OpenShift platform is then managed and updated separately from the underlying RHEL infrastructure, although both need to remain in synch with compatible versions.
This creates a couple of challenges. First, the burden of configuring the provider infrastructure and installing the RHEL OS is a separate activity from the OpenShift Kubernetes installation; creating more work for the platform administrator. Second, upgrades or changes made by Linux administrators could be incompatible with the Kubernetes platform layer, potentially causing issues during upgrades of the OpenShift platform. These challenges aren’t unique to OpenShift, they are present in any Kubernetes platform, which has driven both Red Hat and the broader Kubernetes community to explore new innovations to address them.
With this in mind, we set out to deliver a better full stack install and upgrade experience with OpenShift 4.
Delivering Full Stack Automation
OpenShift 4 unifies operations across the layers of the platform, to provide full stack automation from the underlying infrastructure, to the RHEL OS, to the OpenShift Kubernetes platform and its integrated services. OpenShift 4 uses Kubernetes itself to provision and scale your Kubernetes clusters, leveraging the new OpenShift installer. The new installer first asks you what infrastructure you want to deploy OpenShift on and to provide credentials to access that infrastructure. Based on your choice, it then configures that infrastructure on your behalf and starting from a single Kubernetes node, bootstraps a complete, highly available Kubernetes cluster in minutes.
This installation process includes provisioning the Linux host operating system OpenShift runs on, leveraging Red Hat Enterprise Linux CoreOS. RHEL CoreOS provides a fully immutable, container optimized, Linux OS host that is delivered and installed as a component of OpenShift. RHEL CoreOS is RHEL, leveraging the latest RHEL 8 kernel and core libraries, but delivered as an immutable host image. Thus it benefits from the compatibility, reliability and innovation delivered by the RHEL team.
To drive the installation, the OpenShift installer leverages provider specific machine controllers that automate the provisioning of Kubernetes supportable hosts. These controllers not only support the initial installation of the Kubernetes cluster, but they give you the ability to add and remove worker nodes, to scale the capacity of the cluster over time to meet user demand. This ability to automatically scale cluster resources, means customers can optimize infrastructure utilization to match demand and better control costs.
In addition to the fully “installer provisioned infrastructure” approach OpenShift 4 delivers, the installer will also enable a “user provisioned infrastructure” mode for users who want to configure their own cloud or data center infrastructure or manage their Linux OS separately using their existing traditional RHEL distribution. This gives administrators more flexibility in locked down environments where it may be needed.
Extending Automation From Install to Upgrades
The goal for OpenShift 4 wasn’t just to simplify initial installation, but upgrades as well, leveraging the same operator-driven approach combined with a guided over-the-air update model. In OpenShift 4 clusters are deployed with telemetry to report on the state of the cluster over time. If those clusters are connected to Red Hat, users can be notified when critical updates or new releases are available and immediately get those updates. Since operators are backing the components of the OpenShift platform, they will then drive upgrades of any components requiring updates, including Kubernetes and the RHEL CoreOS host. Disconnected clusters running in air-gapped environments will pull those updates from a local content registry, which we are developing now, but they will leverage the same operator-driven automation to deploy them. Ultimately, the goal is to reduce friction in the upgrade process, so OpenShift clusters can be more secure and up to date.
A cloud-like experience, everywhere
OpenShift 4 will be deployable on all the major public and private cloud platforms with a few clicks, so users can be up and running quickly. Heterogeneous support is anticipated in coming months across major public cloud vendors including Amazon Web Services (AWS), Microsoft Azure, Google Cloud, IBM Cloud, private cloud platforms powered by Red Hat OpenStack, virtualization platforms like VMWare and Red Hat Virtualization and even on bare-metal infrastructure.
Managing Multiple Clusters Across Multiple Clouds
While OpenShift 4 simplifies the installation and upgrades for your Kubernetes cluster, we know most OpenShift customers have multiple clusters and in many cases those clusters are deployed across multiple cloud or on-premise infrastructure footprints. To help make this easier to manage, OpenShift 4 introduces a new unified hybrid cloud console at cloud.redhat.com. This console will allow customers to view and manage multiple OpenShift clusters.
Users will be able to register existing OpenShift clusters as well as provision new OpenShift clusters across multiple clouds and on-premise infrastructure footprints. They can see what version their clusters are running and manage upgrades and in the future get access to cross-cluster metrics, dashboards and more.
Enabling Hybrid Cloud Services with Operators & OperatorHub
Ultimately our goal is to enable OpenShift customers to deliver a cloud-like experience everywhere. This goal is not just for your OpenShift clusters, but also extends to the services that run on those clusters. Your developers and end users want to consume those services everywhere, with that same cloud experience. In order to simplify the process of managing these distributed services, we introduced Kubernetes Operators, which have been critical for both how Red Hat delivers services but have also been extended to our ISV ecosystem.
Recently Red Hat launched OperatorHub.io with partners like AWS, Google Cloud and Microsoft to provide a community registry where users can find curated Kubernetes Operators. You can also access Operator Hub content through the OpenShift 4 Console. OpenShift 4 will also include certified Operators through Red Hat OpenShift Operator Certification. This program enables ISV partners to jointly build and certify their Operators with Red Hat and unifies support for Operators on OpenShift, for our joint customers.
With the Operator Lifecycle Manager (OLM) found in OpenShift 4, Operators help to provide the manageability, traceability and accountability developers have become used to in the public cloud, all while unifying said services offerings in both public and private clouds. IT teams can set policies using Operators that help provide governance and oversight for resources that are often required in regulated industries, without having to provision these resources manually for developer teams.
Empowering Developers to Innovate
OpenShift’s goal is to help developers to innovate more rapidly, to address the needs of the business. Cloud native application development brings new challenges. As developers adopt microservice architectures, managing the communication between each service, securing those services and getting better service to service traceability to debug issues is an absolute necessity. These are the challenges that the Istio open source project seeks to address.
The OpenShift 4 Service Mesh takes Istio and combines it with other key projects, like Jaeger for tracing and Kiali for visualization, to provide better manageability and traceability to microservices deployments. Developers can focus on building the business logic, letting the service mesh manage how each microservice communicates based on policies they define. They can also leverage the tracing and visualization capabilities to debug issues when they occur.
Development approaches haven’t stopped evolving, and serverless is yet another way developers are looking to build applications, by leveraging function as a service based offerings. Building functions leveraging a serverless model enables the ability to scale to zero, and only consume compute resources when functions execute, which can be an effective way to control operational costs, particularly in the public cloud. FaaS offerings were first pioneered by public cloud providers like AWS, but have the potential to lock your applications into a single cloud environment. This is why Red Hat is working to bring these capabilities to a hybrid cloud environment via Knative.
Knative is an open source project that Red Hat is collaborating on with the Kubernetes community to drive upstream development that enables hybrid serverless capabilities. Using the Knative framework enabled in OpenShift, users can extend Kubernetes to build, deploy and manage serverless applications, supporting containerized and serverless deployments from a single Kubernetes control plane.
To meet developers where they live, developers can code and interact with OpenShift from within their favorite integrated developer environments (IDEs) using plugins for environments such as VSCode, IntelliJ and Eclipse. Through Red Hat CodeReady Workspaces, developers can leverage a fully integrated Web browser-based IDE that enables developers to easily collaborate on code. CodeReady Workspaces is based on the Eclipse Che project and is fully supported by Red Hat for OpenShift development.
For those developers that simply live at the command line, Red Hat has also created a command line interface (CLI), called odo, designed to improve how code gets containerized and deployed on OpenShift. Developers can use odo to construct applications and quickly iterate on code.
Platforms are nothing without the content they provide to build applications. OpenShift 4 delivers a wealth of certified middleware, database, storage and other runtimes from Red Hat and our ISV partners. All of this content is container ready and will be backed by Operators to drive better management and automation. This includes solutions for application integration, messaging and automation from the Red Hat Middleware portfolio. It will also include OpenShift Container Storage, which will be completely operator-driven leveraging Ceph and the Rook project in OpenShift 4. Developers will be able to access all of this content via OperatorHub.io or embedded OperatorHub in their OpenShift Console.
OpenShift 4: Enterprise Kubernetes Renewed
OpenShift 4 renews the promise we delivered on 4 years ago when Red Hat launched the industry’s first enterprise Kubernetes platform with OpenShift 3. It is designed to deliver a unified experience across hybrid cloud by driving automated installation and updates across Kubernetes deployments everywhere, powered by Kubernetes Operators. OpenShift 4 is still built on a core of Red Hat Enterprise Linux, and delivered in a new immutable form as Red Hat Enterprise Linux CoreOS and fully integrated and managed as a component of the OpenShift platform.
Operators extend this automation to any service that runs on the platform, including certified Operators from Red Hat and our ISV Partner ecosystem. OpenShift 4 also will bring a number of new developer services and capabilities needed to build cloud-native applications and deploy them consistently across any supported on-premises, private, or public cloud infrastructure. Red Hat OpenShift 4 is Kubernetes for the Enterprise, designed to power business transformation and unite your development teams on a single platform.
Red Hat OpenShift 4 is scheduled to be available in the next month but in the meantime you can try it out.