OpenShift vs. OpenStack
OpenShift and OpenStack are used to build scalable cloud platforms. When combined, the systems cover the entire range – from provisioning virtualized hardware to developing and operating containerized applications. OpenShift and OpenStack are popular with large, global organizations to implement hybrid cloud strategies.
An overview of OpenShift vs. OpenStack
Historically, OpenStack has been around longer than OpenShift. The evolution of the two projects is representative of the transition from virtual machines to application containers. Container virtualization has become the dominant virtualization technology over the past decade.
What are the similarities and differences between OpenShift and OpenStack?
OpenShift and OpenStack are open-source projects that were created around 2010/2011. Both are used to build scalable systems in hybrid cloud environments. They are predominantly employed by large, global organizations and can be operated on a wide range of underlying computing infrastructures.
Both platforms could be seen as a type of “cloud operating system”. OpenShift is used to develop and operate containerized applications. Users can provide, operate, and monitor applications and services themselves, and focus on optimized development and DevOps workflows.
OpenStack, on the other hand, comes with a deeper level of abstraction. The platform is used to build a virtualized cloud infrastructure on the basis of distributed hardware. Virtual machines with CPU cores and RAM, as well as virtual networks and distributed mass storage are provisioned. Following the self-service model, users automatically request resources. Let’s take a look at how OpenShift vs. OpenStack are positioned in terms of their differences:
| Feature | OpenShift | OpenStack |
| Manufacturer | Red Hat | OpenInfra Foundation |
| Virtualization type | Container virtualization | Virtual machines or virtualized hardware |
| Virtualization technology | K8s | Hypervisor such as KVM, XEN, ESXi |
| Control level | Distributed | Centralized |
| Service model | Platform-as-a-Service (PaaS) | Infrastructure-as-a-Service (IaaS) |
| Use of cloud resources | Uses cloud resources to build the application layer | Provides cloud resources based on virtualized hardware |
How are OpenShift and OpenStack deployed?
With OpenStack, organizations can build their own cloud environments following the infrastructure-as-a-Service (IaaS) model. An internal cloud similar to AWS and alternatives can be created. OpenStack relies on distributed hardware available through various interfaces as a cloud resource.
In contrast, OpenShift handles the centralized management of application development and operations. The software is based on Kubernetes (K8s) and controls K8s clusters across cloud boundaries. Following the Platform-as-a-Service (PaaS) model, system functions can be operated via a web interface.
Although their names sound similar, OpenShift and OpenStack are not related. They can be used independently. However, it is also possible to combine them. As part of a hybrid cloud strategy, OpenStack could be used to build a private cloud. OpenShift could then draw upon the resources contained within it to provide and manage applications and services. It is also possible to deploy OpenStack components on K8s or OpenShift clusters.
Let’s take a detailed look at the advantages and disadvantages of the two technologies, common deployment scenarios and differences and similarities.
OpenStack — the open platform
OpenStack is an open platform to build scalable cloud environments. The software acts as a layer of abstraction on top of a decentralized hardware infrastructure. Its core functionality is the provision and allocation of computing, network, and mass storage capacities. Following the Infrastructure-as-a-Service (IaaS) model, users can request the resources they require. In addition to mandatory APIs, a web interface is available for managing the system.
Beyond resource provisioning, OpenStack offers other functions, including user identity management, DNS entry management, and a service to manage VM images. Conveniently, the individual functions are encapsulated as individual components. There are over three dozen components in the current OpenStack version; usually not all of them are used in a single project. We provide a brief overview of the most important components:
| OpenStack components | Functionality | Description |
| Nova | Compute service | Provision virtualized CPU cores and memory. |
| Swift | Object storage | Store S3-like objects based on virtualized, redundant mass storage. |
| Glance | Image service | Manage VM images for platform operation. |
| Horizon | Web dashboard | Users log in via the dashboard and manage the individual system components from there. |
| Keystone | Identity service | Provide cross-system, API-based authentication and authorization of users. |
| Cinder | Block storage | Highly available, fail-safe mass storage, which works like a scalable cloud hard drive. |
| Neutron | Network management | Manage the system’s Virtual Network Infrastructure (VNI). |
| Ironic | “Bare metal” provisioning | Manage bare metal infrastructure; encompasses the full lifecycle of bare metal machines, including acquisition, provisioning, maintenance, and decommissioning. |
| Trove | Database service | Provision and manage scalable, reliable cloud databases. |
| Magnum | Container orchestration | Deploy container engines such as K8s and alternatives based on virtual machines or bare metal infrastructure. |
What are the advantages of OpenStack?
OpenStack helps organizations to build their own cloud infrastructure based on existing technology. This results in huge cost savings because they do not need to start from scratch. OpenStack consists of individual components, which are configured according to a company’s needs. It is an open-source software that is freely available. Development and documentation of the platform are predominantly driven by the OpenStack community.
What are the disadvantages of OpenStack?
Due to the complex nature of the software, installing OpenStack is considered challenging. The overall package includes a large number of individual components, which have to be configured individually. Documentation contributed by its community can lag behind its rapid development. Both of these disadvantages can be addressed by working with specialists or tech partners. Such services will likely incur additional costs. Since OpenStack is almost exclusively used for large-scale projects, users should budget accordingly.
Which deployment scenarios is OpenStack best suited for?
OpenStack is best suited for building cloud infrastructure on decentralized computing hardware. The software performs extremely well when it comes to virtual machines (VM). In combination with OpenShift or comparable K8s management solutions, VM and container-based applications can be operated side by side. Container virtualization with the “Magnum” component now forms part of its range of native functions.
OpenShift — the most powerful application and development platform
OpenShift is used to building distributed, scaling application and development environments based on the Platform-as-a-Service (PaaS) model. The software provides a complete execution environment in which containers are deployed, executed, managed, and orchestrated. The integrated tools simplify modern development and deployment workflows.
As a substructure, OpenShift uses a special Kubernetes (K8s) distribution. This can be deployed across cloud and infrastructure boundaries, achieving a consistent user experience. The K8s core functionality is complemented by security and monitoring features and is based on centralized policy management. This ensures a high-quality standard across the software landscape of an entire organization. For the most part, OpenShift operators are used for implementation:
| OpenShift components | Explanation |
| OpenShift API Server | The OpenShift API Server checks and configures OpenShift resources, such as projects, routes, and templates. |
| OpenShift Controller Manager | The OpenShift Controller Manager monitors etcd for changes to OpenShift objects, such as Projects, Routes, and Template Controller objects, and uses the API to achieve the desired state. |
| OpenShift OAuth API Server | The OpenShift OAuth API Server validates and configures the data for authentication on the OpenShift Container Platform. This includes users, groups, and OAuth tokens. |
| OpenShift OAuth Server | Users request a token from the OpenShift OAuth server to authenticate against the API. |
What are the advantages of OpenShift?
OpenShift eases the operational complexity associated with administering self-managed K8s clusters. Multiple K8s clusters can be centrally managed across public and private cloud infrastructures. Following the PaaS approach, developers can request resources for their projects via a web interface. Integrated tools and workflows for continuous integration and continuous delivery (CI/CD) also form part of its portfolio of functions. This results in drastically reduced delivery times.
OpenShift convinces with its integrated security measures. “Quay” is its specially secured container registry. End-to-end authorization and authentication limits user access to the individual areas of the system. The ability to host individual clusters in different geographic regions makes for better compliance in terms of data protection and data sovereignty.
What are the disadvantages of OpenShift?
OpenShift only runs on special operating systems from Red Hat, such as “Red Hat Enterprise Linux CoreOS” (RHCOS) and “Red Hat Enterprise Linux” (RHEL). The installation is considered extremely complex. For example, the setup for larger projects can take several weeks. Due to the strict security precautions, specially secured container images from Red Hat’s “Quay” container registry are used.
Which deployment scenarios is OpenShift best suited for?
On the basis of OpenShift, a business’s Platform-as-a-Service (PaaS), Software-as-a-Service (SaaS) and Container-as-a-Service (CaaS) solutions can be implemented. Clearly, OpenShift is geared toward large organizations and is too complex for individual developers to deal with.
OpenShift vs. OpenStack — direct comparison
| Feature | OpenShift | OpenStack |
| Source of software supply | In addition to the enterprise versions offered by Red Hat, OKD is a freely available community edition. | The development of OpenStack is subject to the community, led by the OpenInfra Foundation. In addition to the official, freely available version, major IT houses offer paid distributions. |
| Deployment model | Multi- and hybrid cloud deployments are possible, but may be complex to build. Using standardized deployment mechanisms is worthwhile. | OpenStack is often operated “on-premises” using a company’s computing infrastructure. Since deployments are complex, customized distributions from large providers are available, including dedicated support. There are also various cloud-based approaches and managed solutions. |
| Supported cloud platforms | When run as a self-managed solution, OpenShift can be used on virtually any infrastructure. As a managed solution, the software runs on cloud platforms AWS, Azure, Google Cloud, and IBM Cloud. | OpenStack runs on all cloud platforms in virtual machines, as well as on “bare metal” machines via hypervisor. Furthermore, the components can be installed in container environments of all major providers. |
| Installation | Requires cluster or cloud environment for installation. | OpenStack controllers are installed either on-premises, or on an infrastructure provided by a vendor. |
| Releases | Up to three releases per year. | Two releases annually. |
| Update management | Updates are simplified by the “Cluster Version Operator”. | Updates are complex and there’s a risk of damaging the system. Updates of the individual components must be performed in a specific order. |
| Image management | Red Hat’s “Quay” container registry contains container images scanned for vulnerabilities. | The “Glance” component manages the VM images used in provisioning the system. |
| Use of templates | In addition to OpenShift’s templates, powerful “operators” are used to standardize the deployment and operation of applications. | Deployment of OpenStack is facilitated and made reproducible by industry tools such as Chef, Puppet, and Ansible. Furthermore, helmet or charms-based tools exist for deployment in containers. |
| Network management | OpenShift supports software-defined networking (SDN), including overlay networks via Open vSwitch (OVS). | OpenStack’s “Neutron” component provides SDN using the networking-as-a-service (NaaS) model. |
| Web interface | OpenShift’s sophisticated, convenient web interface is considered one of the best in the industry. | With the “Horizon” dashboard, a proven web interface for managing OpenStack is available ex works. |
| Integrated CI/CD pipeline | While older versions still used “Jenkins”, newer version use “Tekton” by default. | Because the focus of OpenStack is primarily on provisioning virtualized resources, no dedicated CI/CD solution is integrated out of the box. |
| Learning curve | OpenShift is considered easier to handle than “naked” K8s. If a managed solution is used, the software can be used relatively smoothly. | Due to the complexity of OpenStack, the learning curve is steep. The large number of individual components or addition of features may require additional training. |
| Security features | One of the main benefits of OpenShift are its extensive security features. | The “Keystone” component provides basic user authentication and authorization functions. |
| Enterprise use | The software is used by over two thousand organizations worldwide. Many large IT companies have special OpenShift solutions on offer. | Major IT companies offer specific distributions and support for OpenStack. These include Red Hat, VMware, IBM, SUSE, Canonical, OVH, Rackspace, Mirantis, and Dell. |