Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News Q&A with Microsoft's Brendan Burns about GA of OpenShift on Azure

Q&A with Microsoft's Brendan Burns about GA of OpenShift on Azure

Leia em Português


The general availability (GA) of OpenShift on Azure was included alongside several other Kubernetes-related announcements at Microsoft Build 2019 and Red Hat Summit 2019, which recently concluded in Seattle and Boston, concurrently.

OpenShift on Azure is a fully-managed service that offers the power of the Kubernetes-based OpenShift platform running within the Azure cloud. The offering includes: fully managed clusters by Microsoft and Red Hat, regulatory compliance, hybrid development, and being able to plug in other Azure services, which is claimed to boost productivity. Furthermore, enterprises will be able to use the same support and billing channels for Azure, streamlining their experience.

With the Open Service Broker for Azure (OSBA) that works on OpenShift for Azure, it is possible to discover and enumerate Azure services, such as Cosmos DB, Azure KeyVault, and more.

InfoQ caught up with Brendan Burns, a co-founder of the Kubernetes platform and a distinguished engineer at Microsoft for further details of OpenShift on Azure.

InfoQ: Can you provide more technical details on OpenShift on Azure? Why should developers and architects in the enterprise take notice?

Brendan Burns: Azure Red Hat OpenShift (ARO) is a managed service offered jointly by Microsoft and Red Hat. Developers and architects get a cloud-native managed service that is integrated with all other parts of Azure including CLI, web portal and functionality like RBAC and Policy. They also get the same top of the line Red Hat support for OpenShift that they can experience on-premise. Azure Red Hat OpenShift enables hybrid cloud users to have exactly the same experience with containers on-premise as well as in the cloud.

InfoQ: Besides the joint managed service by Red Hat and Microsoft on Azure, are the other forms of using OpenShift on Azure (container platform and OKD) still relevant?

Burns: Definitely, different users want different kinds of experiences from a managed service like ARO through to a do-it-yourself open source project like OKD. We want to meet our customers where they are and ensure they have a great time no matter how they want to run OpenShift (or anything else) on Azure.

InfoQ: Is it fair to say that Kubernetes does not provide isolation required for multi-tenancy per se? Does OpenShift on Azure provide multi-tenancy? Any other enterprise features are enhanced by OpenShift on Azure that you would like to summarize?

Burns: Everybody’s security profile is different, but in my opinion general containers that aren’t secured by a hypervisor like KVM or Hyper-V don’t offer multi-tenant security. But container security is a complex topic. See Red Hat’s Dan Walsh's (author of SELinux and general Linux security expert) recent talk on the subject at KubeCon.

InfoQ: Can you talk about the Kubernetes-based Event Driven Autoscaling (KEDA) that was featured in the Build event keynote? Was this related to the OpenShift on Azure announcement?

Burns: KEDA is a great partnership between the Azure and Red Hat on a new open source project for scaling Kubernetes containers in response to events like a Kafka Queue, uploads to a storage account, and many more. It’s related to the OpenShift in the sense that it runs great on OpenShift and it enables Azure Functions to run on top of OpenShift as well. But it’s not restricted to OpenShift. KEDA works with any Kubernetes cluster anywhere. The shared goal with Red Hat is to build a modular component for all Kubernetes users, including those on OpenShift.

InfoQ: As one of the founders on Kubernetes, are you surprised by how it’s emerged as a basis for development platforms like OpenShift, Helm and Draft, Skaffold amongst others? Is it the technology itself or the ecosystem that is spurring the growth?

Burns: I’m actually not surprised. The ecosystem was always going to be how the platform measured its success. In the platform business, you're only as successful as a function of the number of other partners you make successful. They’re the people who will amplify your platform in places that you could never reach. Likewise, I think we always understood that the Kubernetes APIs are low-level, assembly-language like APIs. To truly empower developers I always knew that we had to look to ways to build higher level abstractions.

The very first thing that I did shortly before Kubernetes went 1.0 was to hack together the very first proof of concept for Custom Resource Definitions (CRDs) -- and they were called Third Party Resources (TPR) at the time -- and that was because I knew we had to bake extensibility deep into the core of Kubernetes. I think that decision, as well as some folks like CoreOS who really dove into TPRs early were critical in spurring this incredible ecosystem we see today. OpenShift was a critical inspiration for this, because they’d been with us since nearly the beginning, and it was clear that they’d benefit from better extensibility in the core.

InfoQ: Can you comment on traditional PaaS competitors to OpenShift, like Heroku and Cloud Foundry? Does this announcement endorse OpenShift over the others?

Burns: I don’t see this announcement as an endorsement of any particular platform, but rather it is all about our great relationship with Red Hat, and the awesome support story that we can build together for our joint customers with this partnership. Many of our most important enterprise customers are joint customers of both Microsoft and Red Hat so it made tremendous sense to build on the partnership we had built around RHEL and extend it to OpenShift.

InfoQ: What about Azure Kubernetes Service (AKS) versus OpenShift? Any recommendations to developers and architects on picking one over the other?

Burns: The Azure Kubernetes Service is great for people looking for a managed service that provides pure upstream Kubernetes integrated with the Azure platform. With AKS we track the open source project closely and deliver high-quality management of that open source codebase. Likewise, we integrate with Azure services like Azure DevOps, DevSpaces and the Azure Container Registry.

Azure Red Hat OpenShift is a great choice for customers who already have a great relationship with Red Hat and/or are already using OpenShift. Likewise, it’s a great choice for users who are looking for a consistent container solution for hybrid environments that span Azure and on-premise resources.

It’s fantastic for our users that we can offer both of these enterprise-grade options so they can tailor their container solutions on Azure to meet their needs. Developers and architects really can’t go wrong with either choice.

In summary, OpenShift on Azure combines the best of breed capabilities of OpenShift and Azure. More detailed information on OpenShift on Azure is in docs.

Rate this Article


Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p