Kubernetes has become the open source industry standard for container orchestration. There are numerous Kubernetes products for managing containers, including VMware Tanzu, which the vendor announced at the August 2019 VMworld, and the Red Hat OpenShift Container Platform.
In July 2020, Hewlett Packard Enterprise introduced the Ezmeral Container Platform, its portfolio of cloud-native services for managing and deploying container-based workloads -- effectively, an enterprise platform built on top of Kubernetes.
Examine which product might work best for your data center by comparing Tanzu vs. OpenShift vs. Ezmeral.
VMware Tanzu is built for enterprises that must deploy and manage applications at scale. VMware Tanzu is a portfolio of individual Tanzu-branded products, rather than a single product. It's designed to modernize both applications and the infrastructure on which they run. VMware's Kubernetes offering is called VMware Tanzu Kubernetes Grid.
VMware has chosen to decentralize some of Tanzu's capabilities by breaking them into separate products. Organizations that want to use machine learning capabilities, for instance, must use VMware Tanzu Greenplum.
This article is part of
VMware provides monitoring and operations management for Tanzu through an add-on tool called Tanzu Mission Control. This tool acts as a centralized management platform that provides capabilities such as cluster lifecycle management, policy management, data management and data protection.
Tanzu Mission Control also provides an extra layer of security in the form of identity and access management. In addition to basic authentication and authorization, Tanzu Mission Control can federate identities based on sources such as Microsoft Active Directory, Lightweight Directory Access Protocol and Security Assertion Markup Language.
Key features and capabilities
As previously noted, VMware Tanzu consists of numerous Tanzu-branded products, each with its own feature set. The key features found in VMware Tanzu Kubernetes Grid include:
- automated multi-cluster operations;
- a command-line interface (CLI) tool;
- the ability to automate manual tasks; and
- support for edge, data center, VMware private clouds and public clouds.
Organizations can deploy Tanzu Kubernetes Grid in a variety of ways, including in their own data center as a part of a VMware-based private cloud, in the public cloud or at the edge.
To deploy Tanzu Kubernetes Grid on premises, an organization must download and install the Tanzu Kubernetes Grid CLI to a bootstrap environment. VMware provides the CLI binaries for Linux, macOS and Windows systems.
VMware's Tanzu Kubernetes Grid enables Kubernetes deployments to span data centers and clouds, thanks in part to the product's support for vSphere 7 with Kubernetes. The software fully supports multi-cluster operations and uses automated lifecycle management policies to help reduce the administrative workload. Organizations that require high availability for clustered workloads can use availability zones to achieve the necessary resilience.
VMware licenses Tanzu as an annual subscription when running on premises. Subscriptions are available for one or three years, and are billed on a per-core basis.
Red Hat OpenShift Container Platform
Red Hat markets its OpenShift Container Platform as an enterprise-grade foundation for building containerized applications.
Red Hat OpenShift Container Platform supports both stateless and stateful applications. Its management interface enables a consistent management experience for both on-premises and cloud-based workloads. This interface enables administrators to implement and enforce policies across all OpenShift clusters. Prometheus and the Grafana dashboard provide monitoring capabilities. Additionally, Red Hat delivers automated scaling and health management through an integrated orchestration engine.
Red Hat takes a defense-in-depth approach to container security, with an emphasis on managing security for the entire software supply chain. To accomplish this, Red Hat seeks first to control content sources and then to defend against attacks in all layers of the platform. Red Hat has created APIs that enable security providers to augment the existing security services.
Red Hat built its OpenShift Container Platform to enable machine learning workloads. Additionally, Red Hat's Decision Manager can capitalize on this ability by intertwining machine learning models with conventional decision models.
Key features and capabilities
Some of the key features listed by Red Hat are:
- applications can scale to thousands of instances across hundreds of nodes;
- persistent storage for running stateless or stateful applications;
- support for three-node Kubernetes clusters;
- support for single worker nodes in remote locations;
- automated installation and upgrades;
- self-service provisioning; and
- automation support for builds, deployments and health management.
Red Hat designed its OpenShift Container Platform primarily for use in hybrid cloud environments, with cluster resources supported on premises and in the Amazon and Google clouds. Red Hat also operates a managed service called Microsoft Azure Red Hat OpenShift in the Microsoft Azure cloud.
Although the Red Hat OpenShift Container Platform is built to operate at scale, Red Hat also supports edge deployments consisting of clusters with as few as three nodes.
Organizations planning to deploy the Red Hat OpenShift Container Platform on premises require an active OpenShift Container Platform subscription. Additionally, nodes require Red Hat Enterprise Linux 7.4 or later and at least four virtual CPUs and 16 GB of RAM.
Pricing for Red Hat OpenShift varies based on the size of the organization and the subscription chosen. Those who wish to deploy Red Hat OpenShift on premises can choose among Entry Level, Standard and Flagship subscriptions.
Red Hat also offers subscriptions for those who want to run OpenShift in the cloud. Options are available for AWS, Azure, Red Hat OpenShift Dedicated cloud and IBM Cloud. Pricing starts at $0.076 per hour based on a four-virtual CPU configuration and a three-year contract.
Hewlett Packard Enterprise Ezmeral Container Platform
The HPE Ezmeral Container Platform is an enterprise-grade portfolio for deploying containers at scale. With this platform, HPE places a heavy emphasis on data and supports persistent storage on premises, in the cloud or at the edge.
HPE Ezmeral Container Platform can deploy and manage multiple Kubernetes clusters in hybrid cloud or multi-cloud environments. The software's unified control plane supports Amazon Elastic Kubernetes Service clusters, Google Kubernetes Engine and Azure Kubernetes Service clusters. It also supports the Cloud Native Computing Foundation. HPE has designed Ezmeral Container Platform for extreme scalability, with real-world clusters created containing more than a thousand nodes.
To help keep its customers secure, HPE has integrated the Harbor Registry -- a private application registry -- into the Ezmeral Container Platform. This enables the platform to scan for security vulnerabilities and to use image signing to positively identify trusted images. HPE also supports role-based access control, with each tenant getting its own dedicated workspace within the Harbor Registry.
HPE uses AIOps to proactively monitor the underlying infrastructure and address problems when necessary. Predictive analytics can also assist admins with capacity planning and resource allocation.
Similarly, HPE has heavily integrated automation into its platform. Automation helps streamline tasks ranging from the provisioning of physical infrastructure to lifecycle operations.
Some of the key features offered by HPE include:
- hybrid deployments spanning on-premises environments and the cloud;
- enterprise-grade security and control;
- based 100% on open source Kubernetes;
- persistent storage that is pre-integrated and can be scaled out;
- universal shared storage support, including support for Network File System and Hadoop Distributed File System, as well as cloud storage options such as AWS S3; and
- an app store of pre-built application images.
The Ezmeral Container Platform runs on HPE's Synergy integrated system. In addition to this hardware platform, the Ezmeral Container Platform depends on the HPE Ezmeral Data Fabric for persistent container storage, open source Kubernetes and VMware. The Ezmeral Container Platform can be run on virtual hardware or bare metal. Similarly, it's designed for use on premises, in the cloud, at the edge or in a multi-cloud environment.
Licensing for the Ezmeral Container Platform is subscription-based, with plans ranging from one to five years. However, HPE is transitioning to a business model in which all its products are delivered as a service with consumption-based pricing. As such, even on-premises deployments are usage-metered based on the compute and storage resources the cluster nodes consume.
Tanzu vs. OpenShift vs. Ezmeral: Which one to choose?
Tanzu, OpenShift and Ezmeral are all very capable Kubernetes options, and it can be difficult to know which one to choose. Additionally, these products support many of the same features. When selecting, organizations should consider price and the biggest strengths of each platform.
Tanzu is likely be the best choice for organizations that are invested in VMware products or who are using the VMware cloud. Because Tanzu is made by VMware, it should integrate seamlessly into existing VMware environments. Tanzu is also a good choice for those who want to use automation to reduce administrative workloads. It's also a good tool for those who work in multi-platform environments, as VMware provides a CLI tool for a variety of OSes including Windows, MacOS and Linux.
Just as Tanzu might be the best option for those organizations that make extensive use of VMware products, Red Hat OpenShift is likely the preferred option for organizations using Red Hat or the IBM Cloud -- although Red Hat also supports a variety of other clouds.
Red Hat can also be a good choice for organizations that must support a very small Kubernetes architecture. Although all three of the platforms can operate at enterprise scale, Red Hat OpenShift can support three-node clusters or even single worker node remote deployments.
The HPE Ezmeral Container Platform is a good, all-around platform for Kubernetes services, but it might also be a good option for those who are new to Kubernetes. HPE App Workbench makes it easy to click through the creation of a custom image without having to delve into a CLI environment. Additionally, HPE supports single-click provisioning of the images from its app store.