Red Hat kicked off its annual user conference today with a series of announcements that reinforce the company's commitment to application container development and deployment.
Among the new efforts announced by Red Hat is the online OpenShift.io software-as-a-service (SaaS) platform for building cloud-native container applications. OpenShift is Red Hat's product platform for containers and already has an online service called OpenShift online that provides a SaaS Kubernetes platform for container deployment.
Matt Hicks, VP of Engineering at Red Hat explained to eWEEK that OpenShift.io makes use of the open-source Eclipe Che online Integrated Developer Environment (IDE) project. He added that the goal with the OpenShift.io platform is to provide tools that help developers to get started with container-driven, cloud-native application building.
OpenShift Online and OpenShift.io are two separate but linked and highly-integrated services. Hicks explained that OpenShift.io provides the developer view of containers, with a development pipeline and build tools. In contrast, OpenShift online provides more of an operator's view on how to run containers in production, including monitoring and management functionality.
As part of Red Hat's container push for developers is a new tool called Source to Image, for building container application image files. Hicks explained that Source to Image can be used to help enable a continuous integration/continuous development (CI/CD) model for rapid development.
Container Health Index
Understanding where the underlying source components of a given container application comes form is important for security purposes as well as enterprise stability and support. The new Container Health Index service announced by Red Hat is all about providing a listing of rated container applications, to help organizations make informed choices.
This isn't the first time that Red Hat has announced some form of trusted container approach. Back in March 2014, Red Hat announced an effort to certify application containers, and in October 2015, Red Hat announced a partnership with Black Duck to provide container security scanning.
Docker Inc. also has a container image effort with the open-source Notary project and the commercial Docker Content Trust offering. With Content Trust, what Docker is providing is an implementation of The Update Framework to make sure that images are not tampered with and users can get secure updates.
Hicks explained that the Container Health Index is taking Red Hat's existing processes for its own software and extending them to containers. He said that in contrast the Black Duck scanning is applicable for code bases that Red Hat doesn't know about.