Date:
15 May 2018
Author:
Alfred Deeb

Containerisation blog

We recently blogged on containers — what they are, t ody is running the Linux Kernel directly, it’s always bundled in a Linux distribution. OpenShift is such a distribution for Kubernetes and has the following advantages:

  1. OpenShift is fully focused on enterprise-grade security. Containers are running by default as a random user that cannot be guessed by the developer writing the Docker image. This increases security drastically.

  2. OpenShift brings a networking system to Kubernetes that gives every namespace (also called project within OpenShift) a virtual network that cannot be accessed from outside the namespace.

  3. The Kubernetes code moves very fast, as soon as a new version of Kubernetes comes out, there is no support for the older ones, no bug fixes are backported into older versions. RedHat maintains versions of OpenShift much longer and also provides backports of critical patches for older versions.

  4. The ‘default’ Kubernetes upgrade path is very rough and sometimes the only way to upgrade a Kubernetes cluster is to build a completely new one and migrate all Docker containers to the new one. This is very expensive and time intensive. OpenShift provides fully automatic upgrade paths that are fully tested.

  5. RedHat also provides an enterprise 24/7 support and dedicated security response team.

OpenShift in action

We recently used OpenShift as part of the platform setup for a large government client. amazee.ioExternal Link was engaged to carry out the OpenShift cluster setup in the Amazon Web Services (AWS) Sydney region. The cluster was setup in a highly available configuration spread across all three availability zones for redundancy. This redundancy allows the cluster to withstand losing two of the three zones and still maintain service availability.

LagoonExternal Link was installed inside the cluster and used for continuous delivery of all projects linked to the platform. Any new branch created in a source repository automatically deploys the branch to OpenShift. Lagoon includes support for a local development environment based on Docker Compose. This allows developers to setup an exact production clone of the production platform because it’s reusing the same base images.

Get in touch

If you’d like to know more about containers, feel free to contact us using the form below or call us on 1300 727 952.

Subscribe to Salsa Source

Subscribe to Salsa Source to keep up to date with technical blogs. 

Subscribe