Overall Satisfaction with Red Hat OpenShift
We use OpenShift (OCP) to host a number of user facing applications that support the ability to rapidly deploy virtual range environment for testing and training. OCP specifically hosts the pods that comprise these applications to include a portal, chat, lobby, and dashboard. OCP allows us to orchestrate the containers (we have upwards of 150 containers that comprise the user facing portion of our platform) in a way that embeds many non-K8 native features, such as network policies and basic security features (such as root-less containers.)
- Native integration of security features such as network policies and root-less deployments
- Centralized dashboards for management of the cluster, namespaces, and pods
- Log aggregation of cluster resources and deployments
- Relatively stable after cluster is deployed
- LDAP integration needs a lot more polishing; getting the LDAP sync operator to function properly turned into a lot larger of an effort than I'd like to see. To date, it also does not appear to support LDAPS
- Improved management of cluster-level resources; specifically certificates for the cluster. The industry is moving away from wildcard certificates and long term client (non-CA) certificates. Changing certificates and updating certificate trusts is extremely difficult and time consuming.
- Deterministic health monitoring is another feature that I think can be improved. While OCP is better than a bare-metal K8s deployment, we've had multiple master (infrastructure) nodes that go into a degraded state, with no clear indiction of the root cause. Working with RH support did not yield any answers, and resulted in re-deployment of the nodes to get the cluster healthy again.
- OCP has allowed our platform to move towards a highly available infrastructure, and push our developers to provide more cloud-native applications and services
- The initial deployment of OCP was a large costly investment, both in terms of monetary and man-hour resources. Once deployed however, the overhead has been more than manageable.
- VMware Tanzu and Amazon Elastic Kubernetes Service (EKS)
The biggest thing that OCP provides out of the box, that I've yet to find in the offerings above, is native security integrations with things such as Network Policies and root-less deployments. Their acquisition of StackRox (Advanced Cluster Security) also provides a much more tightly integrated security posture for the cluster, than you might find with the offerings above, without the need for sourcing third party tools.
Do you think Red Hat OpenShift delivers good value for the price?
Yes
Are you happy with Red Hat OpenShift's feature set?
Yes
Did Red Hat OpenShift live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Red Hat OpenShift go as expected?
No
Would you buy Red Hat OpenShift again?
No