Openshift Platform Plus is the latest member of the OpenShift family. Red Hat’s PaaS solution for Kubernetes-based applications. It has been announced in conjunction with Red Hat Linux version 8.4. Thanks to Red Hat Openshift Plus, organizations can, for a slight additional cost (to be discussed later) manage not only applications but also their security policies and configurations, regardless of where their applications are located as it includes new built-in support for application lifecycle in multi-cluster environments, as well as the ability to create clusters of just 3 nodes or even with remote “worker” nodes allowing to expand Kubernetes clusters to almost any location, which includes facilities with low available power.
What is Included in OpenShift Platform Plus?
- Kubernetes Engine (base layer of OpenShift on Linux OS)
- Orchestration/ management control (Red Hat Advanced Cluster Manager for Kubernetes-ACM)
- Security protocols (Red Hat Advanced Cluster Security for Kubernetes-ACS)
- Registry software (Red Hat Quay)
OpenShift Platform Plus provides all the base, management, and security features in one package, which were available separately at their prices. Advanced Cluster Security (ACS) was added to Openshift after the acquisition of StackRox, a Kubernetes native security provider.
Multi-cloud and CI/CD ready
OpenShift provides a complete setup solution to either build an environment or run a container-based application on hybrid cloud or on-premises server infrastructure. Openshift offers two types are container application infrastructure, i.e., Managed and self-managed. Managed platforms are fully featured cloud-based services like Azure, IBM, AWS, and Google Cloud. At the same time, self-managed platforms are highly customizable but require a highly skilled team for each part of the deployment.
OpenShift evolved with time and included critical features for enhanced functionality. In the beginning, OpenShift Kubernetes Engines was introduced that includes Enterprise Kubernetes runtime, Red Hat Enterprise Linux CoreOS immutable container operating system, Administrator console, and Red Hat OpenShift Virtualization. Then comes OpenShift Container Platform augmented with Developer’s console, log/cost management, OpenShift Serverless (Knative), OpenShift Server Mesh (Istio), OpenShift Pipelines, and OpenShift GitOps (Tekton, ArgoCD). Comprising all of the features previously available, OpenShift Platform Plus comes with additional features.
OpenShift Platform Plus Features
Red Hat Advanced Cluster Management for Kubernetes
It is an advanced management control option from OpenShift. It provides the customers with full access to unified multi-cluster management (editing the clusters on public or private clouds, allocating resources for clusters, and troubleshoot issues on the entire domain from a single layout) through the Openshift Web console. Further, it provides policy-based management that includes standardizing policy parameters for security, application, and infrastructure framework.
Applications can be deployed across the network using advanced application life-cycle management. It also helps to control application flow over the nodes, Day-2 configuration management using Ansible. Advanced Cluster Management (ACM) aims to provide cluster health solutions related to storing, optimization, and troubleshooting. OpenShift Monitoring tools are well-designed to operate with ease and efficiency.
Red Hat Advanced Cluster Security for Kubernetes (ACS)
ACS was added to the OpenShift family after acquiring StackRox, powering the ACS as the core component of OpenShift Platform Plus. This security feature is different from previously deployed security measures. Previously, security protocols were applied after the application is developed. ACS offers the inclusion of security from the very beginning, i.e., in the codebase. Advanced security features augment every step of the application development life cycle.
Advanced cluster security follows international standards of container security like CIS and NIST benchmarks. The security protocols include data breach security, network protection, elimination of blind spots, reducing time and cost by efficiently implementing security policy codes, avoiding operational conflicts, data overlapping, and redundancy. ACS is a perfect execution of DevSecOps protocols.
Red Hat Quay
A container registry is a storage platform used to store containers for Kubernetes and other container-based application development like DevOps. When a container application is formed, its image is created. It is a kind of .exe file that contains all the files and components for a successful installation. When a container image is placed on other platforms, it is used to create the same container application. A container image is a template used to create more applications.
Red Hat Quay is a private container registry used to create, distribute, and store container images. When container image is shared across the network repository, specific vulnerabilities head up. RedHat Quay uses Clair security to cope with such vulnerabilities providing strict access controls, authentication protocols, and other distribution issues.
RedHat Quay Features
- Each image is tagged with the timestamp; RedHat Quay offers Time Machine to tag image version and rollback capability like downgrading or restore factory settings. It provides 2-week configurable history for image tags.
- Geographic distribution ensures quick and flawless images using Content Distribution Networks (CDNs) so that each access point has its nearby repository. RedHat Quay also uses BitTorrent technology to reduce waiting time for content availability.
- Runtime resource garbage collection helps identify useless or less used operations to optimize resource use and increase efficiency.
- RedHat Quay offers unlimited storage for multiple image collections.
- Automated triggering for continuous integration/continuous delivery (CI/CD) pipeline
- Log-based auditing by scanning APIs and user interfaces
- Authentication protocols using LDAP, OAuth, OIDC, and keystone assure secure logging and organizational hierarchical access control.
- Account automation provides the creation of credentials required to run the program.
- Multi-platform adaptability
RedHat OpenShift Platform Plus Pricing
Advanced features of OpenShift Platform Plus are deemed to be available between April 2021 to June 2021. The current price is not yet available. OpenShift.io is a free platform for cloud-based deployment. The cost for Platform Plus depends upon sizing and subscription. According to Capterra, each Plus Feature costs $20 per month for self-managed plans. A better way to read and choose a subscription model, and contact our sales department. You can also request a demo of OpenShift Plus for free.