What is our primary use case?
As an IT service provider, we work on enterprise technologies for our customers.
We have multiple customers with multiple domains, but the majority of our experience is in the banking and telecom sectors. In banking, they're using the OpenShift platform for their microservices-based requirements, and similarly on the telecom side, they are using it for the microservices-led solutions.
We started with the on-prem deployment of OpenShift Container Platform, version 3.2. But currently, we are also helping our customers to migrate to 4.x and to cloud solutions. The plan is to move to a cloud version, strictly on AWS. We are exploring the OpenShift Container Platform cluster, and ROSA (Red Hat OpenShift Service on AWS) the latest one with the managed services. By mid-2022, we'll probably be on cloud with this.
How has it helped my organization?
OpenShift eliminates distractions so that we can focus on innovation and other things. It completely removes overhead for the developers in terms of managing the orchestration of Kubernetes container clusters. It provides all the built-in features for managing these requirements. As a result, our team is more focused on development and on innovations in the underlying services. With microservices or applications that are deployed on OpenShift, they are able to focus more with the business requirements and innovate by further optimizing efficiently, utilizing the resources at a Kubernetes level.
What is most valuable?
Some of the primary features we leverage in the platform have to do with how we manage the cluster configurations, the properties, and the auto-scalability. These are the features that definitely provide value in terms of reducing overhead for the developers.
Also the Kubernetes cluster management or orchestration is provisioned through the UI and the CLI.
We are using the Red Hat OpenStack OpenShift Platform. It is much faster in terms of deploying the cluster. As of now, our experience rolling it out is more on the on-prem, but I think with the 4.0 version there is a little bit of a change regarding the way it is deployed, either using the installer base or user-driven installations. It takes a couple of days just to roll out the entire cluster and configure it so that it is ready for the applications or the services to be deployed on the cluster.
The robustness, the availability in terms of resilience, and the service availability with the multiple cluster nodes configured automatically, is pretty good. Even if load balancing is required across multiple clusters with the SDN network, it's pretty good. We haven't had many issues when it comes to robustness. We are happy with the performance provided.
From our experience on the on-prem, we know that there are 10 layers of security provisioned by the OpenShift platform, starting from the kernel level, and including the clusters and the container level. That definitely helped us to achieve a lot of enterprise security requirements in terms of accessibility and managing the infra part or the cluster part.
For running business-critical applications, the solution's security is pretty good. We are able to achieve consistent efficiency and availability for all our critical service requirements, when spanned across multiple DCs with the load balancer and DR solutions. We don't have to spend much on it, once we orchestrate the cluster with the proper configurations. At that point, everything is taken care of automatically.
What needs improvement?
At the service level, I don't see a very granular level of security as compared with the container-based clusters. It is at the Kubernetes level, not at the service level.
Also, when I compare it with the other container or Kubernetes technologies, we have pretty good documentation from OpenShift, but with the recent trend of cloud-native, fully managed serverless services, I don't see much documentation about how a customer should move from on-prem to the cloud, or what is the best way to do a lift-and-shift. Even if you are on AWS OCP, which is self-managed infra services, and you want to use the ROSA managed services, what is the best way to achieve that migration? I don't see documentation for these kinds of use cases from Red Hat. There is some room for improvement there.
For how long have I used the solution?
We have been using OpenShift Container Platform, as an organization, for the last three or four years.
What do I think about the stability of the solution?
The stability is pretty good. The industry has been using these enterprise solutions over the long term and we haven't heard of or seen any issues with stability. Of course, it depends on the way you configure it or manage it. But given best practices, the stability is pretty good.
What do I think about the scalability of the solution?
The solution gives us the flexibility to start with a small number of nodes and to scale it to the maximum number of nodes. As of now, we haven't gone beyond whatever the limitations are, in terms of the number of clusters or nodes, within OpenShift. We are well within the limits and are able to achieve our requirements. That aspect makes it more flexible.
Scalability is definitely one of the positives with OpenShift, where you can have a distributed cluster across multiple DCs or multiple Availability Zones with AWS. The only thing we don't see is much documentation. If we want to maintain Active-Active disaster recovery or hot and warm availability requirements, even in on-prem, how do our clusters scale across different regions or different availabilities? And how do I manage the internal cluster storage being replicated across multiple clusters? How does that work, and how do we prove it? That's another use case where, when it comes to documentation, there is a little gap.
But overall, scalability is pretty consistent and achievable with OpenShift.
How are customer service and technical support?
I'm not involved much in post-production support. Usually, it is the customer team that gets into those kinds of requirements. But what I heard from our customers is pretty good, in terms of the support provided by the Red Hat. We know that they have a very good enterprise support team and provide support fairly quickly for technical issues.
On AWS, we have seen they have OCP-dedicated infra, which is completely managed by Red Hat. Now with ROSA, where AWS and Red Hat are both managing it, we are expecting a similar kind of support from Red Hat.
Whether Red Hat acts as a partner with our customers depends on the customer. Most of our customers use Red Hat enterprise support for technical issues with OpenShift Cluster Platform. But they don't get deeply integrated with Red Hat in terms of exchanging ideas or innovating new solutions. But Red Hat is always providing its innovations and doing research into new products. That has definitely helped our customers.
Which solution did I use previously and why did I switch?
We embarked on OpenShift as our first enterprise container technology.
There are open-source-based Kubernetes services provided by AWS and there are a number of cluster-based solutions available. But what Red Hat and OpenShift did was that they packaged all of their solutions within their platform so that it provides added features. For our finance or banking customers, adopting an open-source solution is challenging, but the enterprise-grade support from Red Hat makes it much easier for them to adopt the OpenShift cluster.
As for building our own container platform, initially we tried with Dockers, but when we compared other Kubernetes cluster technologies to OpenShift we found that OpenShift is a much better solution in terms of the features.
How was the initial setup?
With the on-prem solution, with OCP, where you have control of your infra, I feel the setup is straightforward, because you know OpenShift 4.0, or other versions, and how to install it. You have the resources and the skill sets and it is easy to just start with that part.
But ROSA is a very new approach, with the fully-managed and serverless cluster. I feel there are some gaps there because you don't have control of infra provisioning. AWS and Red Hat directly provision things once you provide the configurations. But if a customer wants to use a fully managed service with some level of customization, we don't see how we can easily achieve that.
On average, if it's a single-cluster deployment for five nodes, it may take three days to get the infra up and running. And then, to do all the configurations and get the applications deployed, it probably takes another one or two days, including the testing and readiness of the infra. So a total of about five days is the optimum timeline to get a single cluster up and running with the services deployed in it.
As we are exploring the cloud migration side of things, we definitely have a deployment plan where we use the templates, including Terraform templates, when it comes to infra and core provisioning. We then have a clusterized deployment as a basic migration approach or a phased approach. We leverage tools like the Migration Toolkit from Red Hat itself and some AWS tools which are relevant if there are challenges with agent installation and the like.
What was our ROI?
We have seen return on investment from using OpenShift. The TCO is much better, comparatively, over the course of three to five years. We have seen a reduction in infra and cluster management operational costs. These are some of the aspects where we have definitely seen a return on investment.
Which other solutions did I evaluate?
OpenShift with Red Hat support is pretty costly. We have done a comparison between AWS EKS (Elastic Kubernetes Services) which provides fully managed services from AWS. It's built on open-source-based Kubernetes clusters and it is much cheaper compared to Red Hat, but it is a little expensive compared to ECS provided by AWS.
Initially, we had this interim state where we wanted to move as a lift-and-shift, meaning we wanted to move OpenShift to OpenShift. We had three choices: OpenShift Container Platform, the OpenShift dedicated platform from Red Hat itself, and ROSA with the fully managed services. For lift-and-shift, we wanted to maintain an as-is state and made a decision to go with AWS OCP, which helps us to control our infrastructure and deployment requirements, while maintaining the as-is state. Price-wise, this option is less than ROSA. In ROSA, we would need to pay the cost for the underlying AWS resources we would be using, plus a nominal cost to Red Hat for managing every cluster and every worker node.
There is no doubt about things, feature-wise. In terms of scalability, availability, stability, robustness, OpenShift stands out. It's the cost and support factors which make the decision a little difficult.
What other advice do I have?
If a customer is looking for a fully controlled or fully managed container technology, OpenShift is definitely a choice for them. But there are other services available, like AWS EKS, which come with similar kinds of services. It depends on if you need a deep-dive solution: Do you want to maintain your own infra or do you want fully managed services? And do you want to leverage other OpenShift cluster services? But OpenShift is the choice.
We don't use the full-fledged automated services for OpenShift clusters as of now, although we do use a few of the automated services. What we are using currently is sufficient and it helps us to meet a lot of audit and telemetric requirements.
In terms of using it for cloud native stacks and meeting regulatory constraints, we are still exploring that. We are currently looking at the AWS OCP and ROSA platforms. ROSA provides flexibility in terms of installations and managing the entire infra. ROSA is completely managed by automated serverless services, where you just provide the initial configurations for the kind of a cluster you need and it automatically provisions the infrastructure for you. Whereas with OCP you have control over the infrastructure and you can play with your cluster orchestrations, configurations, et cetera. In these ways, with the cloud services, we do have flexibility, but the cost factor may be a differentiator in terms of the on-prem and the cloud versions.
We definitely plan to use the CodeReady Workspaces, but we are not there yet. The idea is to move on to the AWS Workspaces.
Overall, I would rate the solution at nine out of 10. It has everything. For me, it is not a 10 because the support and the pricing costs stand out.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner