Ford Motor Company seeks to provide mobility solutions at accessible prices to its customers, including dealerships and parts distributors who sell to a variety of retail and commercial consumers. To speed delivery and simplify maintenance, the company sought to create a container-based application platform to modernize its legacy stateful applications and optimize its hardware use. With this platform, based on Red Hat OpenShift and supported by Red Hat and Sysdig technology, Ford has improved developer productivity, enhanced its security and compliance approach, and optimized its hardware use to improve operating costs. Now, the company can focus on exploring new ways to innovate, from big data to machine learning and artificial intelligence.
- Improved productivity with standardized development environment and self-service provisioning
- Enhanced security with enterprise technology from Red Hat and continuous monitoring provided by Sysdig
- Significantly reduced hardware costs by running OpenShift on bare metal
Automotive innovation requires modern platform to enhance legacy applications
Ford Motor Company is a leader in creating reliable, technologically advanced vehicles worldwide. Its mission is to provide mobility solutions at accessible prices to its customers, including dealerships and parts distributors who sell to a variety of retail and commercial consumers.
”We’re a well-known brand. Everybody knows the Ford oval,” said Jason Presnell, CaaS [Containers-as-a-Service] Product Service Owner, at Ford Motor Company. “Our mission in becoming a mobility company is to not only find new ways to help people get from place to place, but also to get them the information and tools they need to support their travel, like mobile apps that let you start or unlock your car. We need to support and deliver these capabilities at a global scale.”
Each of Ford’s business units hosts a robust, engaged development community that is focused on building products and services that take advantage of the latest technological innovations, from machine learning for crash analysis and autonomous driving to high-performance computing (HPC) for prototype creation and testing. But this engagement across hundreds of thousands of employees and thousands of internal applications and sites created complexity that Ford’s traditional IT environment and development approaches could not accommodate. Even with hypervisors and virtual machines, the company struggled with inefficient resource use and high staffing costs to maintain this environment.
“We needed faster delivery for our stateful applications,” said Satish Puranam, Technical Specialist, Cloud Platforms, at Ford Motor Company. “Pivotal Cloud Foundry worked fine for newer, stateless applications that were built for portability, but we’re a hundred-year-old company with a lot of stateful, data-heavy, legacy applications. For things like inventory systems, dealer-facing applications, and CI/CD [continuous integration and delivery] that needed data persistence, getting the right infrastructure could take as long as 6 months.”
Ford sought to use Kubernetes container technology, application programming interfaces (APIs), and automation within its datacenters to give its legacy stateful applications the benefits of public cloud: faster delivery, easier maintenance, and automated scalability. Consolidating its hardware and software environments with container orchestration would also help the company use its resources more effectively.
”Containers are an extremely portable way to deliver an application, because you can build in all the dependencies and libraries that allow anyone to run that container and get the same performance in any environment,” said Presnell. “But we wanted to focus on the value we could deliver, not maintaining the container platform. We needed container orchestration that would provide not only application delivery, but also service capabilities to maintain that environment.”
New container-based application platform uses enterprise and community open source technology
After running tests and proofs of concept (POCs) of container technology, Ford began looking for an enterprise partner offering commercially supported open source solutions to help run containers in production and support innovative experimentation.
“We have several open source technologies in our IT environment and products. We want to move toward being able to use and contribute to open source more—to help somebody else in the community take what we’ve done and improve on it,” said Presnell. “But we needed a container platform that had an enterprise offering, one that was well-known in the industry and was well-engineered.”
Past experience with Kubernetes led Ford to adopt CoreOS Tectonic. When CoreOS was acquired by Red Hat, Ford migrated to Red Hat OpenShift Container Platform, a solution that enhanced the strengths of CoreOS’s offering with new automation and security capabilities. Based on Red Hat Enterprise Linux®, OpenShift Container Platform offers a scalable, centralized Kubernetes application platform to help teams quickly and more reliably develop, deploy, and manage container applications across cloud infrastructure.
The company also implemented Red Hat Quay to create a centralized container registry to host and secure all of its container images while offering protected, API-based access to partners and other third parties.
“Red Hat is one of the top engineering-focused Linux companies in the world and produces one of the most significant Linux distributions,” said Presnell. “They are the second biggest contributor to the Kubernetes community. Red Hat is really focused on providing enterprise-quality service alongside engineering excellence.”
Ford has also adopted several open source technologies that Red Hat contributes to, from Open Data Hub—a data and artificial intelligence (AI) platform for hybrid cloud—to Dex, an OpenID-based identity authentication service.
During migration, Ford worked closely with Red Hat Consulting to create an environment that supports more than 100 back-end and dealer-facing stateful applications, including databases and messaging systems, inventory systems, and API managers. After launching OpenShift in production, Ford also adopted Sysdig Secure and Sysdig Monitor, a Kubernetes security solution certified by Red Hat, to add extra visibility and protection for its development and production OpenShift environments.
For its success using OpenShift for modern automotive development and using digital technology to serve customers, Ford was recognized with a 2020 Red Hat Innovation Award.
Performance and security improvements help Ford deliver services and work with partners more efficiently
Significantly increased developer productivity
Using OpenShift Container Platform, Ford has accelerated time to market by centralizing and standardizing its application development environment and compliance analysis for a consistent multicloud experience. For example, OpenShift’s automation capabilities help Ford deploy new clusters more rapidly.
These improvements are enhanced by the company’s shift from a traditional, waterfall approach to iterative DevOps processes and a continuous integration and delivery (CI/CD) workflow.
Now, some of the same processes for stateful workloads take minutes instead of months, and developers no longer need to focus on underlying infrastructure with self-service provisioning. These improvements extend to Ford’s IT hosting, where the company has seen a significant productivity improvement for CaaS support. Dealers and plant operators gain access to new features, fixes, and updates faster through Ford’s multitenant OpenShift environment.
“With OpenShift, we have a common framework that can be reused for deploying applications or services within our datacenter or to any major cloud provider,” said Presnell. “We can now deliver features in a more secure, reliable manner.”
Enhanced security and compliance with enterprise container and monitoring technology
Companies in the automotive industry must comply with various security standards and regulations, such as Payment Card Industry Data Security Standard (PCI DSS) and personal data protection standards. When creating its new container platform, Ford sought to balance providing access to partners and developers with ensuring vulnerabilities and updates were addressed and working toward future adoption of a DevSecOps approach.
“In a container environment, moving applications and code continuously, security needs to be automated and built in from when a container is created,” said Payal Chakravarty, Vice President, Products, Sysdig. “Sysdig provides real-time vulnerability management in CI/CD pipelines. Security checks are in place to analyze code and identify issues before production.”
To support this approach, Ford standardized on Red Hat container images and registries using Red Hat Quay. OpenShift provides a unified management interface across Ford’s entire infrastructure, as well as built-in Security Enhanced Linux (SELinux) capabilities.
Sysdig Secure and Sysdig Monitor help Ford enhance this protection with improved, data-based insight into container infrastructure to run OpenShift in a compliant way. “Sysdig can tell us about a container’s network activity, can help us protect multiple containers running on a single host, and provide continuous monitoring and alerts,” said Puranam.