WavebreakMediaMicro - Fotolia
IBM deepened its commitment to Red Hat OpenShift with enhancements to the container platform on IBM Cloud, including a handful of security and productivity capabilities that will be available to OpenShift 4.3 users.
The latest features are primarily designed to cut down on the time spent by IT administrators on routine maintenance tasks including updating, scaling and provisioning. Other new features offer better resiliency that protects against unexpected power surges as well as against attacks that increase possible breaches and outages.
Tying OpenShift more tightly to the IBM Cloud came as little surprise to analysts who said the integration has been in the works for some time -- possibly before IBM acquired Red Hat in July of last year.
"This is a complete integration between OpenShift and the IBM Cloud platform, which is something users I talk to have been looking for," said Judith Hurwitz, president and CEO of Hurwitz & Associates, consultants in Needham, Mass. "Having [OpenShift] already on mainframes and the Power platforms, this reinforces its strategic importance to IBM."
Charles King, principal analyst with Pund-IT Research, agreed that optimizing OpenShift to take better advantage of the IBM Cloud is a logical extension of Big Blue's strategy, but it also demonstrates IBM's intent to maximize the return on the hefty financial investment it made in acquiring Red Hat.
"Given the prevalence of OpenShift, the move makes sense; it's a good tactical move," King said. "But when you spend $34 billion for a company, you want to make sure you get every ounce of value out of that investment."
Some advantages IT professionals gain with the new enhancements include automated recovery that protects the master server of the cluster using capabilities in the IBM Cloud, better automated worker management, and improved security and management of OpenShift, thereby freeing up development teams to focus more on accelerating the development of cloud-native applications, IBM said.
Charles KingPrincipal Analyst, Pund-IT Research
By automating recovery, IT admins can spend more time helping users resolve technical issues and other problems.
With continuous backup now at their disposal, users can also minimize the threat of data loss because of a complete master outage. Users can further protect masters from a single data center failure with the ability to add multizone clusters. For instance, if one data center goes offline, there would be no impact to availability because the IBM Cloud runs an "active-active master," IBM said.
One of the new improvements in Red Hat OpenShift on IBM Cloud allows "cluster-admin access" without the risk of an admin accidentally taking down the master. Master nodes for the offering are physically isolated from the worker nodes, the company explained, making the master nodes inaccessible from any of the worker nodes within the cluster.
Additional as-a-service features for OpenShift 4.3 operators include automated updates and health checks for those tools deployed into OpenShift, along with serverless applications development for event-based workloads and microservices management for distributed componentized applications.
Pricing for OpenShift on IBM Cloud varies based on factors such as number of cores, resource use and type of storage.
At this week's Red Hat Summit, the company debuted OpenShift 4.4, which uses the Kubernetes Operators model to better automate OpenShift services that is typically used to deploy containerized applications, the company said. Based on the 1.17 version of Kubernetes, the latest version also features enhancements to OpenShift 4.4's basic compute, networking and storage capabilities.
Company officials did not address when version 4.4 would be fully optimized to take advantage of the IBM Cloud.
Underscoring its commitment to ongoing open source initiatives aimed at developers, IBM Research has contributed to two new projects. The first, called Encrypted Container Images, which is intended to ensure that container images remain encrypted and private, and the second, called Trusted Service Identity, is designed to ensure the data processed by these images also remains secure.