Welcome back to the OpenShift Bootcamp series. In this article we will see the difference between Kubernetes and OpenShift. Please note, during the course, when I say OpenShift it means OpenShift or OKD in general and do not get confused.
This content is independent of and does not represent Red Hat, Inc. in any way. Red Hat does not officially sponsor, approve, or endorse this content. There is no promotional content in this video either.
So what are the major differences between Kubernetes and OpenShift ?
Basically comparing OpenShift and Kubernetes is very simple as Kubernetes is an opensource project and OpenShift is an enterprise opensource product. But again, OpenShift is a fully certified Kubernetes in the backend. OKD is the opensource version which is the upstream project for Red Hat OpenShift.
We can imagine the difference between an engine and a car. OpenShift is not an alternative to Kubernetes but OpenShift is built on top of Kubernetes. Kubernetes was originally developed and designed by Google but OpenShift is developed by Red Hat. OpenShift has added a lot of missing features in Kubernetes and made it like a ready to use container platform.
Also check Free Ansible Course – 30 Days of Ansible
Kubernetes is more like a Container as a Service (CaaS) platform as Kubernetes alone does not provide any support for building the container image it runs. Users need to install additional tools and plugins to build container images, keep the container images etc. On the other hand, OpenShift is a fully featured platform to deploy and manage your containerized applications and hence called Platform as a Service (PaaS). OpenShift has built-in tools to build the images, internal registry to store images, OpenShift pipelines for cloud native CI/CD operations etc.
Yes, both OpenShift and Kubernetes have the Web GUI but we know the limitations, pros and cons.
Kubernetes dashboard will not be installed by default, you need to install it additionally as needed. And this is a general purpose dashboard and you have many other choices of dashboards and management tools to manage Kubernetes. OpenShift web console is developer friendly and very easy to use. You can do almost all operations from the Web Console itself including monitoring, observing your pipelines, images builds, application status overview etc.
Both kubernetes and OpenShift have super strong command line utilities. When we use kubectl for managing Kubernetes cluster, the oc utility complements the kubectl with extra features and simplicity.
We all know that we will have complex workflows to deploy containerized applications in Kubernetes platforms. We need to build the container images, integrate with testing workflows, deploy to dev or production, then monitor and feedback the application lifecycle. Most of these operations are manual in Kubernetes or you need to deploy and integrate additional tools for such automated tasks.
On the other hand, OpeShift has inbuilt features and tools to support end to end application deployment and lifecycle management. Eg: there are pre-created templates available in OpenShift and you can use those for spinning up an application very quickly. Using Source to Image (S2I) technology, you can deploy an application from your source code without telling about the container details; OpenShift will detect the source code language, then choose a builder image to build the container image and then deploy the application using the created container image. Also you have built-in CI/CD tools to create your pipelines and workflows.
As I mentioned just now, deploying an application in Kubernetes is not that pretty straight forward – I am not talking about a simple nginx pod but a full stack application with multiple workflows. Features in OpenShift such as S2i, in-built CI/CD, templates and catalogues etc will make the application deployment very easy.
You can deploy Kubernetes on most of the cloud platforms but those managed Kubernetes are different from one to another in terms of features and support. You have options like Amazon Elastic Kubernetes Service (Amazon EKS), Azure Kubernetes Service or AKS, Google Kubernetes Engine or GKE, IBM Cloud Kubernetes Service or CKS and other managed Kubernetes services from DigitalOcean, Linode etc.
You have a similar offering from Red Hat for OpenShift called Hosted or Managed OpenShift but the OpenShift platform, user experience and features are the same on all supported Cloud Platforms and private clouds. We have a detailed video on Managed OpenShift clusters and offerings, please check the video description to watch it.
Ideally you can deploy Kubernetes on most of the general-purpose Linux Operating Systems such as CentOS, Red Hat Enterprise Linux, Ubuntu, Debian, Fedora etc.
But for OpenShift you need Red Hat Enterprise Linux (RHEL) or Red Hat Enterprise Linux CoreOS (RHCOS). And if you are using OKD, then alternatives like Fedora, CentOS etc. You must use RHCOS machines for the OpenShift control plane, and you can use either RHCOS or RHEL for compute machines.
You can install Kubernetes on any platform of your choice. It can be public cloud, private cloud, bare-metal, your workstation or laptop or even a small Raspberry Pi board. And there are many tools and methods available to install Kubernetes such as kubeadm, kubespray, kops or you can use managed Kubernetes services from Public cloud like GKE, EKS or AKS.
On the other hand, OpenShift has some limitations in terms of platform, support, requirements etc. You need some minimum amount of resources to deploy OpenShift clusters and it’s not easy to deploy in home labs ! Do not need to worry as we have other solutions for home labs and practicing. The OpenShift installation is pretty simple if you are using the Installer Provisioned Infrastructure or IPI method. The installer will take care of creating all the virtual machines and other resources in the public cloud, private cloud or bare metal platform. You can also follow the User Provisioned Infrastructure or UPI method if you have the machines already provisioned with your own customizations and standards.
When we talk about the development environment, we can install and use minikube on a laptop or workstation very quickly. The Installation is pretty straightforward and you will have the same features of a kubernetes cluster. For an OpenShift development environment you have a similar option called CodeReady Containers or CRC and installation is also pretty straightforward. Please note, the minishift was serving the same purpose earlier but from OpenShift 4 version onwards, you need to use CRC. If you have difficulty setting up your own development environment, then you can use the free service from Red Hat which is called Developer Sandbox for Red Hat OpenShift. We have detailed video on how to request and use Developer Sandbox for Red Hat OpenShift, Please check the video description.
Kubernetes namespace is a method to divide and isolate Kubernetes cluster resources between different users of the cluster. You can create multiple namespaces based on projects or the application environment. In OpenShift, a project is a Kubernetes namespace with additional annotations that means with added features and functionalities.
# kubernetes kubectl get namespace # openshift oc get projects
In Kubernetes, you have the responsibilities to handle your container images for the deployment. There is no internal registry in Kubernetes at the moment and you need to pull your images from an external registry; it can be an enterprise registry or your own private registry. But in OpenShift, you have an internal registry and OpenShift manages the lifecycle of your container images. Image streams are named references to container images. The Imagestream feature in OpenShift helps to handle multiple versions of your container images with tags. You can configure Builds and Deployments to watch an imagestream for notifications when new images are added and react by performing a Build or Deployment, respectively.
Kubernetes security rules are flexible but strong enough to meet the standard security requirements. On the other hand, OpenShift security policies are very strict compared to Kubernetes. You have to learn the security policies and apply it properly to deploy your application. Yes it is a bit difficult but you know it is more secure.
Networking is a big topic but basically Kubernetes use CNI plugins for its networking and we use third party plugins to achieve this. OpenShift uses a software defined network (SDN) called OpenShift SDN, which configures an overlay network using Open vSwitch (OVS).
You have multiple network traffic management in Kubernetes and let’s talk about Ingress here. Ingress manages the external access to the services in a cluster with support for SSL, load balancing, virtual hosting etc. In OpenShift the same purpose can be achieved using the resource called routes but with additional capabilities such as splitting traffic between multiple backends, sticky sessions and more.
As we all know, Kubernetes is an opensource project and you can deploy it for free on your choices of platforms. Even though the active community is quite large, enterprises will not go for an unsupported product as we all know. This is where the managed kubernetes and supported kubernetes flavors are useful but still the bugs and fixes are depending on the community stream. For OpenShift, still the support is more or less the same but Red Hat OpenShift is coming with enterprise support and organizations tend to go for such solutions for their critical application platforms.
That’s all for the Kubernetes vs OpenShift comparison and you will learn more about OpenShift in the upcoming articles and videos during this OpenShift bootcamp series.