Red Hat announced on Sept. 22 OpenShift Container Platform 3.3 as well as a new project called Open Container Initiative Daemon (OCID) in a bid to optimize enterprise container deployments in production.
OpenShift Container Platform 3.3—Red Hat’s platform-as-a-service (PaaS) offering—is the latest evolution of a product that Red Hat rebranded in July. It was formerly known as OpenShift Enterprise. OpenShift underwent an overhaul in version 3, becoming a container-based system using the open-source Kubernetes container orchestration system.
Among the core elements in OpenShift Container Platform 3.3 is Kubernetes 1.3, which was released in July.
Red Hat also integrated the Docker Engine, though it isn’t using the most recent 1.12 release. Instead, OpenShift Container Platform 3.3 uses Docker 1.10, which is included in Red Hat Enterprise Linux (RHEL), along with Red Hat’s patches and backported fixes, said Joe Fernandes, director of product management for OpenShift at Red Hat. Red Hat also ships the latest Docker 1.12 packages in RHEL for users who want to use newer features of Docker, he said.
“We will update OpenShift to Docker 1.12 when Kubernetes supports it, likely in the Kubernetes 1.4/OpenShift 3.4 release, which will be out later this year,” Fernandes told eWEEK.
The big new feature in Docker 1.12 is swarm mode, which provides integrated clustering and container orchestration capabilities. Fernandes said that Red Hat currently has no plans on using Docker Swarm, as Red Hat is focused on Kubernetes to provide scalable, enterprise-ready container orchestration and management.
Red Hat did a thorough assessment of the container orchestration landscape before it chose to back Kubernetes, according to Fernandes. Red Hat’s assessment found that Kubernetes has advantages in the areas of integrated service discovery, declarative health management, scheduling capabilities and storage orchestration support for running stateful applications. Kubernetes originally was a Google project, but is now run under the auspices of the Cloud Native Computing Foundation (CNCF), which itself is a Linux Foundation Collaborative Project.
“Today Red Hat is second only to Google in contributions and provides an enterprise distribution of Kubernetes in OpenShift, but Kubernetes is also backed by a strong community of vendors and committers, and by CNCF as the neutral governance body,” Fernandes said. “While other container orchestration solutions like Swarm, Mesos and others exist, we are happy with our decision and feel that Kubernetes is becoming a de facto standard for container orchestration in the industry.”
Networking is also part of the OpenShift Container Platform. Fernandes explained that OpenShift provides an integrated, software-defined networking (SDN) solution based on Open vSwitch and VXLAN that provides multitenant container networking.
“Multitenant means that customers can run multiple applications on the platform and have them isolated from each other via Kubernetes namespaces,” he said. “OpenShift also works with our SDN partners to integrate their SDN solutions with OpenShift as an alternative via the Kubernetes container networking interface.”
Red Hat Updates Enterprise Container Platform
In addition, OpenShift provides an integrated, routing solution with HAProxy that provides inbound request routing/load balancing out of the box, Fernandes said.
“We also work with partners like F5, Nginx, Cisco and others to integrate their routing and load balancing solutions as an alternative,” he said. “Our goal for OpenShift is to provide fully pluggable interfaces so customers can select the solutions of their choice.”
Part of the Docker upstream open-source effort is the Nautilus project that provides security scanning of container images. Red Hat doesn’t participate in the Nautilus project, choosing instead to support other container security effort.
“We have introduced new projects around both container image signing (Simple Signing) and container scanning (Atomic Scan) and are working with both the upstream Linux and Docker communities and partners like Black Duck on these initiatives,” Fernandes said. “These capabilities will be available in RHEL in the upcoming 7.3 release and will be integrated with OpenShift as well in a future release so customers can drive policy-based decisions for execution based on signing and scanning results.”
Looking beyond just Docker, Red Hat is now also leading a new effort called Open Container Initiative Daemon that aims to provide an optimized container engine for Kubernetes.
“The OCID project is aimed at exploring new innovations in container runtime, image distribution, storage, signing and more, with an emphasis on driving container standards through the Open Container Initiative (OCI),” Dan Walsh, consulting engineer at Red Hat, told eWEEK.
The OCI is an effort that got underway in June 2015 as a way to define container standards. OCI has continued to evolve, defining the runC container runtime standard.
Walsh emphasized that OCID is not an effort to replace Docker Engine. Rather, OCID is part of Red Hat’s continued efforts to evolve containers capabilities so they can be used in development, test and production environments, he said.
“Red Hat is a leader in both contributions to Docker and OCI and is committed to driving both innovation and standards in the containers space,” Walsh said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.