Applications are moving from a monolithic to a cloud-native approach — built with multiple components spanning multiple clusters and cloud providers. As application workloads move from development to production, IT often requires multiple fit-for-purpose Kubernetes clusters to support continuous integration/continuous delivery (CI/CD) of DevOps pipelines. Cluster sprawl continues with the addition of new clusters configured for specific purposes, such as edge deployments, faster response time, reduced latency, reduced capital expenditures (CapEx), and compliance with data residency requirements.
Whether your organization is just getting started with a single cluster or already operating in a multi-cluster environment, you likely face some difficult decisions:
- How can I manage the life cycle of multiple clusters regardless of where they reside (on-premise or across public clouds) using a single control plane?
- How do I get a simplified understanding of my cluster health and the impact it may have on my application availability?
- How do I automate provisioning and deprovisioning of my clusters?
- How do I ensure that all of my clusters are compliant with standard and custom policies?
- How do I get alerted about configuration drift — and remediate it?
- How can I automate the placement of workloads based on capacity and policy?
Red Hat Advanced Cluster Management for Kubernetes
Red Hat® Advanced Cluster Management for Kubernetes offers end-to-end management visibility and control to manage your cluster and application life cycle, along with security and compliance of your entire Kubernetes domain across multiple datacenters and public clouds.
It provides a single view to manage your Kubernetes clusters. Easily provision new Red Hat OpenShift® clusters across: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), bare metal, and vSphere. In addition, existing Red Hat OpenShift clusters can be imported and managed, like Red Hat OpenShift on IBM Cloud (ROKS), Azure Red Hat OpenShift (ARO), OpenShift Dedicated (OSD), Openshift on Openstack®, and Openshift on IBM Z, as well as public cloud Kubernetes clusters like Amazon Elastic Kubernetes Service (EKS), IBM Cloud Kubernetes Service (IKS), Azure Kubernetes Service (AKS), and Google Kubernetes Service (GKE).
Red Hat OpenShift is the clear choice for container orchestration, offering a platform for deploying and managing containers in a standard, consistent control plane. Red Hat OpenShift and Red Hat Advanced Cluster Management provide the platform and capabilities that address common challenges faced by administrators and site reliability engineers (SREs) as they work across a range of environments, including multiple datacenters, private clouds, and public clouds that run Kubernetes clusters.
Features and benefits
Multicluster observability for health and optimization
Deliver an enhanced SRE experience with out-of-the box multicluster dashboards that have the ability to store long-term historical data and provide an overview of multicluster health and optimization.
Table 1. Features and benefits of multicluster observability
|Sort, filter, and scan individual clusters as well as aggregated multiclusters with Grafana. Use the open source Thanos project for scalable metrics collection with long-term data retention.|
|Customized metrics and dashboards||Customize Grafana dashboards based on metrics you define, along with the predefined metrics. View what is important to you.|
|Dynamic search||Use the graphical console to identify, isolate, and resolve issues impacting distributed workloads.|
|Visual web terminal (tech preview)||Run operations from dashboards with a single command-line interface for multiclusters. Uses the open source KUI and works with helm, kubectl, and oc, and allows the use of bash and grep commands.|
Unified multicluster life-cycle management
Create, upgrade, and destroy Kubernetes clusters reliably, consistently, and at scale using an open source programming model that supports and encourages Infrastructure as Code (IaC) best practices and design principles.
Table 2. Features and benefits of unified multicluster life-cycle management
|Gain day 1 experience with cluster life-cycle management using the open source Hive (https://github.com/openshift/hive) application programming interface (API) . Create and upgrade new Red Hat OpenShift Container Platform clusters, or import existing OpenShift Container Platform and managed Kubernetes clusters to bring under management using the Red Hat Advanced Cluster Management console.|
|Red Hat Advanced Cluster Management supports the creation of OpenShift Container Platform clusters on AWS, GCP, Azure, bare metal, and VMware vSphere.|
Policy-based governance, risk, and compliance
AApply a policy-based governance approach to automatically monitor and ensure security and configuration controls are operated to industry compliance standards or self-imposed corporate standards in a desired state model.
Table 3. Features and benefits of policy-based governance, risk, and compliance
|Out-of-the-box policy templates for security and configuration controls||Use prebuilt security and configuration controllers to enforce policy on Kubernetes configuration, identity and access management (IAM) and certificate management across your clusters. Define policy-driven compliance via GitOps using the open source policy collection repository.|
|Governance and risk dashboard||Use the governance and risk dashboard to view and manage security risks and policy violations in all of your clusters and applications. Get details on violation history.|
|Customize policies for various compliance standards, governance dashboard views, and views for most impacted controls for specific standards.|
|Open source extensible policy framework||Develop custom policy controllers and seamlessly integrate them for centralized management into the governance and risk dashboard.|
|Integration with Open Policy Agent (OPA)||Make decisions based on policies you define using Open Policy Agent (OPA). You can enforce OPA policies at runtime and receive notification of any OPA policy violations.|
Advanced application life-cycle management
Use open standards and deploy applications using placement rules that are integrated into existing CI/CD pipelines and governance controls.
Table 4. Features and benefits of advanced application life-cycle management
|Quickly view the health of service endpoints and pods associated with your application topology — with all the connected dependencies like image versions, associated placement rules, Kubernetes resources, and ConfigMaps.|
|Automatically deploy applications to specific clusters by subscribing to different workload (resource) channels, such as GitHub, Helm repository, and ObjectStore types.|
|Placement rules||Deploy workloads to clusters based on placement rule definitions to ensure that they only run on specific clusters with matching labels.|
|Red Hat Ansible Automation Platform integration (tech preview)||Automate everything outside of Kubernetes with your application deployments: configure networking, databases, load balancers, and firewalls with Red Hat Ansible Automation Platform integration.|
|Application builder||Smooth application creation experience using an intuitive form with contextual help to guide you in defining your application components without dealing with YAML.|
|Argo CD integration||Use Red Hat Advanced Cluster Management to allow Argo CD to automatically deliver content as clusters come online or get imported. Red Hat Advanced Cluster Management policies work in tandem with Argo CD to make sure compliance and configuration are managed and maintained at scale for tighter CI/CD alignment.|
- Operator-based installation
- Available on OperatorHub.io
- Requires Red Hat OpenShift Container Platform 4.5.x and above
- Full life-cycle management: OpenShift Container Platform 4.5.x and above. Import and manage: OpenShift Container Platform 3.11.
- Limited life-cycle support for managed Kubernetes clusters:
- Red Hat OpenShift on IBM Cloud (ROKS)
- Azure Red Hat OpenShift (ARO)
- OpenShift Dedicated (OSD)
- OpenShift on IBM system Z
- OpenShift on OpenStack
- Amazon Elastic Kubernetes Service (EKS)
- Azure Kubernetes Service (AKS)
- IBM Cloud Kubernetes Service (IKS)
- Google Kubernetes Service (GKE)
Red Hat Advanced Cluster Management provides observability, application life-cycle management, and policy- based management of imported clusters.
In addition, Red Hat Advanced Cluster Management provides full cluster life-cycle management (create, upgrade, destroy) with additional security compliance capability for OpenShift Container Platform clusters.
- OpenShift Container Platform availability zone supported
- Limitation for search component based on RedisGraph
- 3 masters, 3 infrastructure nodes, 6vCPU and 16GB RAM