OpenShift Review

We can operate client’s platform without downtime during security patch management


What is our primary use case?

Used for multiple environments and clients. Providing details is not possible due to NDA constraints. This main purpose of this kind of Platform is a Production grade Environment where Data Protection and Release Management is managed by the Service Provider.

How has it helped my organization?

We are able to operate client’s platform without downtime during security patch management each month and provide a good SLA (as scalability for applications is processed during heavy client website load, automatically).

What is most valuable?

All security features. Our company is focused on sensible information management and security is the most important part.

The other feature we don't find elsewhere is the ImageStream feature which helps to manage Environments or Release promotion.

What needs improvement?

We submitted over 25 requests for enhancement to Red Hat from the beginning of the OpenShift version 3.1, and they were implemented in the last version of the product 3.11.

The main drawback was the upgrade from Openshift Enterprise 3.11 to Openshift Enterprise 4 up to now.

But the new release Openshift Enterprise 4.2 add a way to migrate from old cluster to the new one easily based on Appranix solution. Namespaces with all data-protection mechanism is taken into account.


For how long have I used the solution?

One to four years.

What do I think about the stability of the solution?

This product is Production Ready. The Common Red Hat ERRATAs (security, enhancement, bug fixing) + Platform ImagesStreams provide a way to be updated with Security Constraints without backward compatibility issue.

Platform agility provides the Blue Green deployment workflow which makes available a new Business Unit version easily. ITOps Engineer defined resource capping, this help to gain stability.

What do I think about the scalability of the solution?

ITOps Engineer manage scalability easily aligned with Client's resources and its SLA's thanks to native features found in this product.

Which solution did I use previously and why did I switch?

Based on Kubernetes vanilla, or Rancher or other PaaS, security is quite heavy to integrate with RBAC, network policies or namespaces isolation.

With Openshift Origin or Enterprise we avoid security management which is managed automatically at namespace level.



Which other solutions did I evaluate?

Rancher was in the loop and kubernetes vanilla in ~2015.

What other advice do I have?

Developers maturity is a key point.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email