Since the advent of virtualisation, organisations have relied on hypervisors and virtual machines (VMs) to deliver business applications and services in every sector and corner of the world. Virtualisation birthed modern data centres and revolutionised how IT teams could use their resources in a flexible and optimised manner. From this came public cloud and virtualisation at a huge new scale.
Against this backdrop, Red Hat has been ever-present, as key contributors and developers of GNU/Linux and the open source landscape, plus on topic for this post, KVM and Kubernetes. As the world’s leading provider of open source solutions, Red Hat has long been known for delivering reliable, enterprise-grade open source innovations with security-optimised capabilities suitable for business requirements.
Central to Red Hat’s open hybrid cloud vision is Red Hat OpenShift, the industry’s leading hybrid cloud application platform powered by Kubernetes. Red Hat OpenShift combines the innovation and performance of Kubernetes with the reliability and consistency of Red Hat’s expertise in the enterprise. Red Hat Advanced Cluster Security for Kubernetes and Red Hat Advanced Cluster Management for Kubernetes modules bring a DevSecOps approach to infrastructure management and application development, and that extends to Red Hat OpenShift Virtualisation, which is included as part of Red Hat OpenShift, as a component available to users.
With Red Hat OpenShift Virtualisation, users can deploy Linux or Windows VMs within Kubernetes pods, and manage and scale them within Red Hat OpenShift, or migrate VMs from other hypervisors with the included Migration Toolkit for Virtualisation. This flexibility means customers can run VMs alongside containers on a single platform, providing enterprise-class security capabilities and enhanced performance throughout their infrastructure, and maintaining existing virtualisation investments.
A solid foundation in security is essential here. Applying updates and fixes at scale, plus the risks of bad code in app development and deployment, and modern software-defined networking all require rigorous security policies – not simply implemented by IT but baked into the technology. Security can often be a challenge for organisations to properly address and maintain while also delivering the necessary speed of innovation. Red Hat brings over 30 years of experience in providing hardened, enterprise-grade open source solutions and taking a serious approach to security thanks to Red Hat OpenShift’s core functionality. Add to this the capabilities of Red Hat Insights, Red Hat Advanced Cluster Management for Kubernetes and Red Hat Advanced Cluster Security for Kubernetes, to name but a few components, and the result is a security-optimised, performant, cutting-edge platform for development, modernisation and deployment of applications at scale.
Provide self-service options for deploying virtual machines
Thinking specifically about traditional virtualisation, manual deployment and management of VMs involves a lot of toil for IT personnel. This opens the door for operator error – config drift, poor internal service and higher risk of security vulnerabilities. Self-service capabilities mean efficiency and automation, eliminating toil and removing risk. Red Hat OpenShift allows admins to grant role-based access control (RBAC), meaning users have access to security-optimised VM images on-demand.
Take advantage of production-ready virtualisation hypervisor technologies
Hypervisor performance, stability, and security are critical for efficient, dependable virtualisation infrastructures.
Red Hat OpenShift Virtualisation leverages QEMU and KVM, the Kernel-based Virtual Machine (KVM) included in Red Hat Enterprise Linux, to create VMs within containers. KVM is a security-focused, high performance, open source hypervisor. First released in 2007, KVM provides a stable, efficient virtualisation foundation for organisations worldwide. Today, Linux virtualisation powers critical IT infrastructure for many global financial services firms, airlines, manufacturers, public sector organisations, and telecommunications companies and is a popular choice for public cloud deployments.
Decrease risk with advanced security features and best practices
Previously mentioned, Red Hat Advanced Cluster Management for Kubernetes and Red Hat Advanced Cluster Security for Kubernetes go further in positioning Red Hat OpenShift as the industry’s leading enterprise Kubernetes platform.
Red Hat Advanced Cluster Management for Kubernetes provides functionality to control Kubernetes clusters and applications from a single console, and to enforce security policies at once across all clusters – meaning efficient application of best practices at scale. Policies are set centrally, before the state of active containers is enforced to meet the requirements of the new policy. From Red Hat Advanced Cluster Management for Kubernetes, cluster states can be observed and managed.
Red Hat Advanced Cluster Security for Kubernetes takes a true DevSecOps approach to enterprise application lifecycles. Security and compliance policies are enforced throughout the development, deployment and running of applications, with build-time, deploy-time and run-time policies applied at each stage of the application lifecycle. Red Hat Advanced Cluster Security for Kubernetes empowers Kubernetes and Red Hat OpenShift users with enhanced risk profiling, threat detection and incident response while surfacing vulnerabilities or compliance issues.
Enterprise-grade security by design
Red Hat OpenShift Virtualisation follows the restricted Kubernetes pod security standards profile and runs virtual machine workloads without root privileges, helping you comply with current, industry-standard security practices and protect your organisation.
Red Hat Enterprise Linux forms the foundation of Red Hat OpenShift, as the operating system (OS) upon which services are deployed. Linux is known as a secure OS, and with Red Hat Enterprise Linux, Red Hat brings the security of native Linux in features such as SELinux, OpenSSH and OpenSCAP integration.
In addition, Red Hat Enterprise Linux Insights – an analytics tool included with Red Hat Enterprise Linux – can be deployed as an operator within Red Hat OpenShift, as well as being available within Red Hat Enterprise Linux infrastructure deployed atop Red Hat OpenShift. Red Hat Enterprise Linux Insights provides reporting on configuration management and drift, known CVEs and potential compliance issues. When combined with Red Hat Satellite, one-button remediation is available for many such risks identified by Insights.
You can also take advantage of Red Hat Services, consulting engagements, and learning programs to gain container and Kubernetes skills and experience. You can also apply modern application development principles to your virtual machines and run all of your applications and workloads consistently across on-site datacentre, edge, and cloud environments. Increase developer productivity, simplify operations, and streamline infrastructure and application delivery to better support your business. With Red Hat OpenShift Virtualisation, you can meet today’s business needs while preparing for future modernisation and change.
Red Hat OpenShift Virtualisation brings together the security of Linux, the enterprise expertise of Red Hat and the scale and performance of Kubernetes, delivering a virtualisation experience IT users are familiar with, but including potential and future-proofing to operate resiliently at scale for years to come.