isoga - Fotolia

Red Hat OpenShift Tekton pipelines reflect strategic platform focus

OpenShift and its competitors now offer enterprises soup-to-nuts DevOps platforms, rather than simple Kubernetes management tools, that are based on different points of strategic lock-in.

The Red Hat OpenShift Container Platform continued its expansion well beyond Kubernetes and container management this week with support for built-in Tekton pipelines and developer desktop integration.

This week's release made OpenShift integrations with the Istio service mesh, dubbed OpenShift Service Mesh, and the Knative event-driven computing framework, called OpenShift Serverless, generally available as well. OpenShift Service Mesh builds in open source observability project Kiali and open source tracing with Jaeger. Version 4.2 also expanded the OpenShift 4 installer's support for cloud infrastructure providers beyond AWS and vSphere to include Azure, Google Cloud Platform and OpenStack. The CoreOS Operators-based installer is one of the main selling points for OpenShift 4, as an attempt to address the complexity of Kubernetes setup.

The integration of Istio, Knative and Tekton extends that same ease-of-use value proposition, according to Red Hat officials. Users can cobble those projects together from upstream code on their own without paying Red Hat a licensing fee, but this often comes with too steep a learning curve for mainstream enterprises.

"When you look at pipelines based on Tekton, the Istio service mesh, Knative serverless, it's similar to Kubernetes itself -- if you want to use it in a productive way, you generally need more than [the core open source project], like a Linux operating system to run it on, a logging and monitoring stack for applications, a software-defined network and load balancer," said Joe Fernandes, vice president of products in the cloud platform business unit at Red Hat. "People might say they just need the upstream code, but we say, 'Try to build it and see how far you get.'"

People might say they just need the upstream code, but we say, 'Try to build it and see how far you get.'
Joe FernandesVP of products, cloud platform business unit, Red Hat

Most OpenShift shops have yet to upgrade to version 4, and a significant portion of enterprises at large have yet to commit to a container orchestration platform in production. But already, platforms such as OpenShift and competitors such as Google Kubernetes Engine, Amazon EKS and VMware Pivotal Kubernetes Service (PKS) have expanded their reach to the point where Kubernetes management features are no longer a central point of comparison for prospective buyers, analysts said.

"You can roll your own CI/CD pipelines, just like you can roll your own container management, and avoid licensing costs -- but you're paying for it in another way by doing all the downstream integration work," said Tom Petrocelli, analyst at Amalgam Insights. "That integration work is also ongoing, so the engineering resources to do it are a recurring cost."

The rise of microservices applications drives interest in not only container infrastructure, but also CI/CD pipelines, making platforms such as Red Hat OpenShift and CI/CD pipeline tools such as Tekton a natural fit, along with developer desktop-level tools such as CodeReady Containers, which allow developers to simulate a container cluster locally as they develop apps. Docker also ties in third-party CI/CD tools with its container management platform and offers Docker Desktop for developer productivity; other Kubernetes-based platforms such as VMware PKS build in integrations with Cloud Foundry PaaS for application development on one end, and virtual server and hybrid cloud network infrastructure on the other. Vendors that are traditionally focused on CI/CD, such as CloudBees, are also expanding into broader value stream management and built-in integrations with Tekton pipelines and Google Cloud Platform infrastructure through Jenkins X.

"CI/CD has been around a long time, as have containers," Petrocelli said. "The key change is microservices -- tiny applications that require many deployments that are pushed out quickly, which call for a lot of automation and symbiosis between CI/CD and microservices platforms."

OpenShift Tekton pipelines.
OpenShift now supports Tekton-based CI/CD pipelines.

Where do you want your container lock-in?

All this integration gives enterprises a set of convenient one-stop shops for fully loaded DevOps platforms, but the downside is that whichever platform they select will come with lock-in, Petrocelli said. For cloud providers' integrated container management and CI/CD platforms, from Google, Microsoft and Amazon to GitLab and CircleCI, the lock-in is usually at the cloud resource level, as public cloud providers seek to drive usage of their underlying cloud infrastructure, which generates their main source of revenue.

Platforms such as PKS, Rancher and Red Hat OpenShift are cloud-agnostic and allow users the freedom to manage multiple clusters across a variety of infrastructures but come with their own forms of lock-in, Petrocelli said.

"There, the cloud resources are not the issue -- it's adding value to create lock-in to the platform itself," he said.

Thus, OpenShift's bundling of Istio, Knative and Tekton make it easy and convenient to continue to use OpenShift as enterprises expand their container usage -- along with Red Hat Enterprise Linux, which is a requirement under OpenShift.

Enterprises that don't want to be locked into an infrastructure platform can look to a tool such as CloudBees' SDM, but that could limit the compatible CI/CD choices. Linux competitors such as Ubuntu and Canonical also offer their own Kubernetes management platforms for users that don't want to buy in to RHEL.

All of these complicate and shift the evaluation equation for enterprises as they contemplate microservices, containers and DevOps, Petrocelli said.

"A lot of companies are still in the exploration phase," he said. "Kubernetes itself also still needs to evolve in terms of stateful containers and persistent storage support, but eventually these will also be features everybody has -- and the choice will partly come down to whatever IT vendor's lane you're already in."

Absorption into IBM may shift Red Hat strategy

Red Hat remains fiercely loyal to RHEL as the foundation for the rest of its product line, but new parent company IBM supports other flavors of Linux, and Red Hat OpenShift may need to become more flexible about the underlying Linux OS to accommodate existing IBM customers, Petrocelli said.

All DevOps and microservices platform vendors should also begin to integrate application development tools such as Red Hat's JBoss for Java applications and Pivotal's Spring Boot, he said, to help users figure out how to break traditional monolithic applications down into microservices before porting them onto a platform such as OpenShift or PKS.

"If you do microservices only for greenfield apps, you're more or less left with a set of legacy apps that are second-class citizens," Petrocelli said. "Vendors like Red Hat and Pivotal can play a role in refactoring those apps."

Dig Deeper on Containers and virtualization

Software Quality
App Architecture
Cloud Computing
Data Center