IBM Brings OpenShift Cluster Management Native On Power Iron
March 14, 2022 Timothy Prickett Morgan
If you went out to GitHub and grabbed the source code for the Kubernetes cloud controller, you could compile it in C/C++ or set up the runtimes for the Python chunks of it, and you would probably find some Go buried in there and you could the toolchain and get the raw Kubernetes to work on Linux partitions; you might even be able to get it to run natively on AIX, and if you were really clever, you might even be able to get it to run on IBM i.
But you wouldn’t have very much that was useful given that Kubernetes is really just a kernel, like the Linux kernel is not the Linux operating system. The Linux operating is really thousands of other programs that interact with and share that Linux kernel, so it is with Kubernetes. And even when you get a commercial distribution of Kubernetes, such as Red Hat’s OpenShift, that is not really a container system as such. You need a flexible and container-friendly Linux underneath it – like the CoreOS variant of Linux that Red Hat acquired just for this purpose – and other things like cluster management and cluster security to layer on top of that OpenShift.
For security, Red Hat bought a company called StackRox in January 2021 and turned its eponymous security platform into Red Hat Advanced Cluster Security; there are other Kubernetes container platform security tools, such as Sysdig and Styra, and there are arguments out there on the Internet about why any particular tool is better than the other. ACS is part of the DevOps process and makes sure that security policies are enforced by programmers.
For the management part of the Kubernetes system, Red Hat announced Advanced Cluster Management tool in August 2020, and while you won’t find any documentation to this effect, we think that ACM is heavily based on the CloudForms cloud management framework that Red Hat announced in 2014 just as Google was open sourcing Kubernetes to work a layer higher in the infrastructure stack. The funny thing is that CloudForms is based on the open source ManageIQ cloud management tools that the company created way back in 2006 to manage virtual machines running atop the KVM hypervisor, and this was at the same time as Amazon Web Services was coming into being with its EC2 compute and S3 storage services. ManageIQ is written in Ruby, and Kubernetes and OpenShift are mostly written mostly in Go, and these two approaches are kinda allergic to each other.
Just like Kubernetes is a reworked version of the Borg cloud and container controller used internally by Google and ported to Go, we think Advanced Cluster Manager is probably written in a mix of Go and Python and is a substantially reworked implementation of CloudForms that has been rearchitected to manage Kubernetes clusters. It’s a hunch because Red Hat doesn’t talk about the genesis of its tools since it has been acquired by IBM. Interestingly, after five versions of CloudForms, this tool and the whole virtual machine cloud abstraction layer that Red Hat has been talking about for a decade comes to end of life in March 2023. As far as we know, there is no CloudForms 6.0 under development and no plans to support CloudForms 5.0 beyond that date. Full support for CloudForms 5.0 ended in December 2020, and it is on extended support.
If you didn’t get the memo, OpenShift is the next platform for IBM.
In any event, ACM is designed to create, manage, and import and export Kubernetes clusters – meaning collections of pods, which are in turn collections of interrelated containers that in turn run microservices applications – across on premises and cloud infrastructure. Kubernetes does not necessarily run on virtualized infrastructure, and is increasingly used on bare metal as the container management platform has become more secure and given richer function. It is very tightly integrated with the OpenShift implementation of Kubernetes, which has long since been ported to Linux on Power. And last week, in announcement letter 222-089, the ACM tool was made available on Linux on Power platforms.
IBM doesn’t want to say that OpenShift is only available on Linux partitions on Power iron, and only says that OpenShift Container Platform is required to run ACM. But OpenShift does not run natively on IBM i or AIX, although with a relatively new feature called KubeVirt, which is written in Go and developed from 2016 through 2019, OpenShift can manage VMs like containers, side by side, meaning that companies do not have to use the OpenStack cloud controller separately to do this. So there is the possibility that KubeVirt, which is commercialized as a feature called OpenShift Virtualization, will be able to manage AIX and IBM i partitions on Power iron. It works on VMware or KVM virtual machines, so why not?
At any rate, now the OpenShift controller and the Advanced Cluster Management tool are native on Power. Presumably they require a Red Hat Enterprise Linux installation (it is not specified) and is only supported on Power8, Power9, and Power10 machines. It looks like you need to be running Red Hat Enterprise Linux 8, and specifically the CoreOS variant that was created by the company of the same name and that has been gutted to do a very good job running containers. (We liked CoreOS and wrote about it often at The Next Platform before Red Hat acquired it in January 2018.)
We presume OpenShift Advanced Cluster Security will also be available soon (we find no evidence that it has been within the IBM documentation and announcement library) and further that both will be available under the OpenShift Plus bundle on the Power platform as they are on X86 systems running Linux.