OpenShift is Red Hat's Cloud Computing Platform as a Service (PaaS) offering. OpenShift is an application platform in the cloud where application developers and teams can build, test, deploy, and run their applications.
$0.08
per hour
SonarQube
Score 8.1 out of 10
N/A
SonarQube is an automated code review solution, serving as the verification layer for code quality and SDLC security. SonarQube is used to ensure that code is secure, reliable, and maintainable. It is available through SaaS or self-managed deployment.
Kubernetes is a part of OpenShift, but it can be deployed in a standalone state. On the plus side, it's significantly cheaper as there are no licensing costs. On the minus side, there's no simplified orchestrator. While Kubernetes is an orchestration platform itself, it's …
Red Hat OpenShift, despite its complexity and overhead, remains the most complete and enterprise-ready Kubernetes platform available. It excels in research projects like ours, where we need robust CI/CD, GPU scheduling, and tight integration with tools like Jupyter, OpenDataHub, and Quiskit. Its security, scalability, and operator ecosystem make it ideal for experimental and production-grade AI workloads. However, for simpler general hosting tasks—such as serving static websites or lightweight backend services—we find traditional VMs, Docker, or LXD more practical and resource-efficient. Red Hat OpenShift shines in complex, container-native workflows, but can be overkill for basic infrastructure needs.
SonarQube is excellent if you start using it at the beginning when developing a new system, in this situation you will be able to fix things before they become spread and expensive to correct. It’s a bit less suitable to use on existing code with bad design as it’s usually too expensive to fix everything and only allows you to ensure the situation doesn’t get worse.
We had a few microservices that dealt with notifications and alerts. We used OpenShift to deploy these microservices, which handle and deliver notifications using publish-subscribe models.
We had to expose an API to consumers via MTLS, which was implemented using Server secret integration in OpenShift. We were then able to deploy the APIs on OpenShift with API security.
We integrated Splunk with OpenShift to view the logs of our applications and gain real-time insights into usage, as well as provide high availability.
Detecting bugs and vulnerabilities: SonarQube can identify a wide range of bugs and vulnerabilities in code, such as null pointer exceptions, SQL injection, and cross-site scripting (XSS) attacks. It uses static analysis to analyze the code and identify potential issues, and it can also integrate with dynamic analysis tools to provide even more detailed analysis.
Measuring code quality: SonarQube can measure a wide range of code quality metrics, such as cyclomatic complexity, duplicated code, and code coverage. This can help teams understand the quality of their code and identify areas that need improvement.
Providing actionable insights: SonarQube provides detailed information about issues in the code, including the file and line number where the issue occurs and the severity of the issue. This makes it easy for developers to understand and address issues in the code.
Integrating with other tools: SonarQube can be integrated with a wide range of development tools and programming languages, such as Git, Maven, and Java. This allows teams to use SonarQube in their existing development workflow and take advantage of its powerful code analysis capabilities.
Managing technical debt: SonarQube provides metrics and insights on the technical debt on the codebase, enabling teams to better prioritize issues to improve the quality of the code.
Compliance with coding standards: SonarQube can check the code against industry standards like OWASP, CWE and more, making sure the code is compliant with security and coding standards.
I wouldn't necessarily say there is look everyday technology transform. I can see a trend wherein Red Hat OpenShift is adopting all the new technology trends and helping their customers align with their priorities and the emerging technology trends. I wouldn't call out various scope for development every day. There is scope for development. It is all how the organizations adopt it and how they deliver it to their customers. I don't want to call out there is scope for development. It's happening. It is a never ending process.
At the moment, I don't have anything to call out. We are experiencing Red Hat OpenShift and we can see every day they're coming up with new features as and when they come up with new features, we want to experience it more and more. We are looking for opportunities wherein this can be leveraged to help our users and partners.
Importing a new custom quality profile on SonarQube is a bit tricky, it can be made easier
Every second time when we want to rerun the server, we have to restart the whole system, otherwise, the server stops and closes automatically
When we generate a new report a second time and try to access the report, it shows details of the old report only and takes a lot of time to get updated with the details of the new and fresh report generated
OpenShift is really easy of use through its management console. OpenShift gives a very large flexibility through many inbuilt functionalities, all gathered in the same place (it's a very convenient tool to learn DevOps technics hands on) OpenShift is an ideal integrated development / deployment platform for containers
The virtualization part takes some getting used to it you are coming from a more traditional hypervisor. Customization options are not intuitive to these users. The process should be more clear. Perhaps a guide to Openshift Virtualization for users of RHV, VMware, etc. would ease this transition into the new platform
Redhat openshift is generally reliable and available platform, it ensures high availability for most the situations. in fact the product where we put openshift in a box, we ensure that the availability is also happening at node and network level and also at storage level, so some of the factors that are outside of Openshift realm are also working in HA manner.
Overall, this platform is beneficial. The only downsides we have encountered have been with pods that occasionally hang. This results in resources being dedicated to dead or zombie pods. Over time, these wasted resources occasionally cause us issues, and we have had difficulty monitoring these pods. However, this issue does not overshadow the benefits we get from Openshift.
Every time we need to get support all the Red Hat team move forward looking to solve the problem. Sometimes this was not easy and requires the scalation to product team, and we always get a response. Most of the minor issues were solved with the information from access.redhat.com
We we easily able to integrate the SonarQube steps into our TFS process via the Microsoft Marektplace, we didn't have the need to call SonarQube support. We've used their online documentation and community forum if we ran into any issues.
I was not involved in the in person training, so i can not answer this question, but the team in my org worked directly with Openshift and able to get the in person training done easily, i did not hear problem or complain in this space, so i hope things happen seamlessly without any issue.
We went thru the training material on RH webesite, i think its very descriptive and the handson lab sesssions are very useful. It would be good to create more short duration videos covering one single aspect of openshift, this wll keep the interest and also it breaks down the complexity to reasonable chunks.
The Tanzu Platform seemed overly complicated, and the frequent changes to the portfolio as well as the messaging made us uneasy. We also decided it would not be wise to tie our application platform to a specific infrastructure provider, as Tanzu cannot be deployed on anything other than vSphere. SUSE Rancher seemed good overall, but ultimately felt closer to a DIY approach versus the comprehensive package that Red Hat OpenShift provides.
SonarQube is an open-source. It's a scalable product. The costs for this application, for the kind of job it does, are pretty descent. Pipeline scan is more secured in SonarQube. Its a very good tool and its support multiple languages. Its main core competency is of static code analysis and that is why SonarQube exists and it does it exceedingly well. The quality of scan on code convention, best practices, coding standards, unit test coverage etc makes them one of the best competent tool in the market
It's easy to understand what are being billed and what's included in each type of subscription. Same with the support (Std or Premium) you know exactly what to expect when you need to use it. The "core" unit approach on the subscription made really simple to scale and carry the workloads from one site to another.
This is a great platform to deployment container applications designed for multiple use cases. Its reasonably scalable platform, that can host multiple instances of applications, which can seamlessly handle the node and pod failure, if they are configured properly. There should be some scalability best practices guide would be very useful
All of the above. Red Hat OpenShift going into a developer-type setting can be stood up very quickly. There's a very short period to have developers onboard to it and they're able to become productive much faster than a grow your own type solution.
Positive ROI from the standpoint of flagging several issues that would have otherwise likely been unaddressed and caused more time to be spent closer to launch
Slightly positive ROI from time-saving perspective (it's an automated check which is nice, but depending on the issues it finds, can take developers time to investigate and resolve)
