Red Hat Extends Reach and Scope of OpenShift Platform

Red Hat today at the KubeCon + CloudNativeCon event announced general availability of a Red Hat Device Edge platform that can be configured with Podman, an engine for managing containers, or with a lightweight instance of Red Hat OpenShift known as MicroShift.

At the same time, Red Hat is also generally making available version 4.14 of Red Hat OpenShift to provide IT teams with a control plane based on a previously launched HyperShift project that can be deployed on a bare-metal server, in addition to being compatible with Red Hat Virtualization, an instance of open source kubevirt software for encapsulating virtual machines in containers.

Step 1 of 7

14%

Which of the following best describes how you currently monitor and manage systems across your hybrid cloud environment?(Required)

Multiple separate tools for different environments

Multiple separate tools for different monitoring and management functions

Single consolidated dashboard

Custom built monitoring and management solution

No full monitoring and management solution

Don’t know

How valuable would it be for your monitoring and management solution to incorporate predictive analytics to help you identify and address system issues that are critical and not waste time or effort working through all the data and “noise” that is not critical?(Required)

Extremely valuable

Moderately valuable

Somewhat valuable

Slightly valuable

Not valuable

How do you most typically address potential system issues BEFORE they impact your operations?(Required)

Automated workflows and playbooks to remediate potential issues as soon as they are detected

An orchestrated response process that leverages automation, AI, and human expertise to rapidly respond to potential issues

Advanced monitoring tools such as predictive analytics and anomaly detection to proactively identify and address potential issues

Respond to issues as they arise, using manual processes and troubleshooting techniques

A combination of automated remediation, orchestrated response, and/or proactive monitoring to address potential system issues

Don’t know

Other

What methods does your organization use to control and monitor cloud/IT spending?(Required)

Centralized procurement processes

Pre-approved budget thresholds

Automated cost monitoring tools

Department-level spending controls

Regular cost audits and reviews

Cloud cost optimization platform

Approval workflows for resource provisioning

Native financial operations tools provided by the cloud provider

No formal controls in place

Don’t know

Other

Please specify:

Which methods do you rely on most to detect security vulnerabilities in your systems?(Required)

Automated scanning tools

Manual assessments

Vendor notifications

Threat modeling (for early detection)

None of these

Don’t know

Other

Please specify:

What are the TWO most common ways you prioritize vulnerabilities to address within your environment?(Required)

Based on potential impact

Based on exploitability

Regulatory compliance requirements

Based on CVSS scores

Risk-based analysis of multiple factors

First-in-first-out approach

No formal prioritization process

Don’t know

How do you typically handle system updates and security patches?(Required)

Automated updates and patches

Manually review and apply updates and patches on a regular schedule

A combination of automation and manual review

Apply updates and patches on an as-needed basis.

Outsourced update and patch management

No defined process

Don’t know

Other

Δ

Finally, Red Hat is also donating plug-ins to the open source Backstage project that many organizations are using to build internal developer portals. The plug-ins for the platform, originally developed by Spotify, enable integration with JFrog Artifactory, Azure Container Registry, Kiali, Nexus and 3Scale platforms.

Red Hat Device Edge combines Red Hat OpenShift with an instance of Red Hat Enterprise Linux (RHEL) and the Red Hat Ansible automation platform to make it simpler to deploy and manage cloud-native application workloads in edge computing environments.

Richard Henshall, senior manager for Ansible product management at Red Hat, said Red Hat Device Edge is an example of how a Red Hat Ansible Inside initiative makes it possible to embed Ansible Playbooks within platforms to streamline operations. Organizations that have already adopted Red Hat Device Edge include ABB, DSO National Laboratories, Dynatrace, Lockheed Martin, Intel and Guise.AI.

The overall goal is to move the management of IT platforms such as Red Hat OpenShift a step closer to democratization by providing a declarative framework to automate complex tasks.

Red Hat is also trying to streamline the amount of infrastructure required to deploy a Kubernetes control plane. The HyperShift project reduces the number of nodes required to run a control plane in a way that Red Hat claims can reduce infrastructure costs by as much as 30% while at the same time increasing developer productivity by centralizing the management of multi-cluster environments.

In addition, Red Hat is moving to improve security via a preview of a Red Hat OpenShift Shared Resource CSI Driver that enables secrets such as certificates, encryption keys, passwords and tokens to be stored outside of clusters and in a secrets management system.

Red Hat is also adding support for Azure Managed Identities and Google Cloud User Tags to provide cybersecurity teams with visibility into how security policies are being enforced, along with providing access to a free trial of an existing managed Red Hat Advanced Cluster Security Cloud Service based on the StackRox platform it acquired in 2021.

It’s not clear how quickly the combination of automation frameworks and cybersecurity services will accelerate adoption of platforms based on Kubernetes. Red Hat is clearly betting that, as organizations move to deploy Kubernetes at scale in production environments, they will rely more on frameworks such as Ansible to manage Kubernetes alongside the rest of the IT environment. Regardless of approach, the one thing that is certain is fleets of Kubernetes clusters running everywhere from the network edge to the cloud will require a new approach.