What is the difference between OpenShift and Kubernetes?

Kubernetes is an open source project (or even a framework), while it is an enterprise product and a fully certified Kubernetes on the backend. OpenShift is an enterprise product and a fully certified Kubernetes on the backend. OKD is the open source version that is the upstream project of Red Hat OpenShift.

We can imagine the difference between an engine and a car. OpenShift is not an alternative to Kubernetes but OpenShift is built on top of Kubernetes. Kubernetes was originally developed and designed by Google but OpenShift is developed by Red Hat. OpenShift has added a lot of features that were missing in Kubernetes and made it as an out-of-the-box container platform.

Container as a Service (CaaS) vs Platform as a service (PaaS)

Kubernetes is a platform more similar to Container as a Service (CaaS), as Kubernetes itself does not provide any support for building the container image it runs. Users have to install additional tools and plugins to build container images, maintain container images, etc. On the other hand, OpenShift is a full-featured platform for deploying and managing your containerized applications and is therefore called Platform as a Service (PaaS). OpenShift has built-in tools for building the images, internal registry for storing images, OpenShift pipelines for cloud-native CI/CD operations, etc.

Web console

Yes, both OpenShift and Kubernetes have the web GUI, but we know the limitations, pros and cons.

The Kubernetes dashboard is not installed by default, you have to install it additionally according to your needs. The OpenShift web console is developer friendly and very easy to use. You can do almost all operations from the web console itself, including monitoring, viewing your pipelines, building images, application status overview, etc.

Workflow automation

We all know that we are going to have complex workflows to deploy containerized applications on Kubernetes platforms. We need to build the container images, integrate them with test workflows, deploy them to dev or production, and then monitor and feedback the application lifecycle. Most of these operations are manual in Kubernetes or additional tools need to be deployed and integrated for these automated tasks.

On the other hand, OpenShift has built-in features and tools to support end-to-end application deployment and lifecycle management. For example: pre-created templates are available in OpenShift and you can use them to get an application up and running very quickly. Thanks to Source to Image (S2I) technology, you can deploy an application from its source code without needing to know the container details; OpenShift will detect the source code language, choose a builder image to build the container image, and then deploy the application using the created container image. It also has built-in CI/CD tools to create your pipelines and workflows.

Application deployment and CI/CD

Deploying an application on Kubernetes is not that simple - I don't mean a simple nginx pod, but a complete application with multiple workflows. OpenShift features like S2i, built-in CI/CD, templates and catalogs, etc. will make application deployment a breeze.

Cloud Agnostic

Kubernetes can be deployed on most cloud platforms, but those managed Kubernetes are different from one another in terms of features and support. There are options such as Amazon Elastic Kubernetes Service (Amazon EKS), Azure Kubernetes Service or AKS, Google Kubernetes Engine or GKE, IBM Cloud Kubernetes Service or CKS and other managed Kubernetes services from DigitalOcean, Linode, etc. 

There is a similar Red Hat solution for OpenShift called Hosted or Managed OpenShift, but the OpenShift platform, user experience and features are the same across all cloud platforms and private clouds.

Supported operating systems

Ideally, Kubernetes should be deployed on most general-purpose Linux operating systems, such as CentOS, Red Hat Enterprise Linux, Ubuntu, Debian, Fedora, etc.

But for OpenShift you need Red Hat Enterprise Linux (RHEL) or Red Hat Enterprise Linux CoreOS (RHCOS). And if you are using OKD, then alternatives such as Fedora, CentOS, etc. You must use RHCOS machines for the OpenShift control plane, and you can use either RHCOS or RHEL for the processing machines.

Cluster installation

You can install Kubernetes on any platform of your choice. It can be public cloud, private cloud, bare-metal, your workstation or laptop or even a small Raspberry Pi board. And there are many tools and methods available to install Kubernetes like kubeadm, kubespray, kops or you can use managed Kubernetes services from the public cloud like GKE, EKS or AKS. 

On the other hand, OpenShift has some limitations in terms of platform, support, requirements, etc. You need a minimum amount of resources to deploy OpenShift clusters and it is not easy to deploy in home labs. Not to worry as we have other solutions for home labs and for practice. Installing OpenShift is fairly straightforward if you use the Installer Provisioned Infrastructure or IPI method. The installer will take care of creating all the virtual machines and other resources on the public cloud, private cloud or bare metal platform. You can also follow the User Provisioned Infrastructure or UPI method if you have the machines already provisioned with your own customizations and rules.

Development environment

When talking about the development environment, we can install and use minikube on a laptop or workstation very quickly. The installation is quite simple and you will have the same features of a kubernetes cluster. For an OpenShift development environment you have a similar option called CodeReady Containers or CRC and the installation is also quite simple. Note that minishift used to serve the same purpose, but from OpenShift version 4 onwards you have to use CRC. If you have difficulties setting up your own development environment, then you can use Red Hat's free service called Developer Sandbox for Red Hat OpenShift. 

Container image management

In Kubernetes, you are responsible for managing your container images for deployment. There is no internal registry in Kubernetes at the moment and you need to pull your images from an external registry; it can be an enterprise registry or your own private registry. However, an internal registry is available in OpenShift and OpenShift manages the lifecycle of container images. Image streams are named references to container images. The Imagestream feature in OpenShift helps manage multiple versions of your tagged container images. You can configure builds and deployments to watch an image stream for notifications when new images are added and react by performing a build or deployment, respectively. 

Security

Kubernetes security rules are flexible but strong enough to meet standard security requirements. On the other hand, OpenShift security policies are very strict compared to Kubernetes. You need to learn the security policies and apply them correctly to deploy your application. Yes, it's a bit tricky, but you are guaranteed to be more secure.

Networks

Networking is a big section but basically Kubernetes uses CNI plugins for its network and OpenShift uses a software-defined network (SDN) called OpenShift SDN, which configures an overlay network using Open vSwitch (OVS).

Entrance and routes

In Kubernetes there is multiple network traffic management. Ingress manages external access to services in a cluster with support for SSL, load balancing, virtual hosting, etc. In OpenShift the same purpose can be achieved using the resource called routes but with additional capabilities such as splitting traffic between multiple backends, sticky sessions and more.

Support for companies

As we all know, Kubernetes is an open source project and can be deployed for free on the platforms of your choice. Despite the fact that the active community is quite large, companies do not usually opt for an unsupported product.

This is where managed and supported kubernetes flavors are useful, but still bugs and fixes depend on the community.

A vendor-managed Kubernetes platform, such as Red Hat OpenShift, can provide business support, manage updates and patches, and increase the security of Kubernetes and native Kubernetes applications.

Why Red Hat?

For all that Kubernetes can do, users still need to integrate other components such as networking, inbound and load balancing, storage, monitoring, logging and more.

Red Hat OpenShift offers these components with Kubernetes at its core because by itself, Kubernetes is not enough.

As a global container platform, Red Hat OpenShift is more than a software product. It can be the key to adopting a DevOps culture, automating routine operational tasks and standardizing environments throughout an application's lifecycle.

Want to know more? Contact us and we can schedule a personalized presentation.