OpenShift - FAQs
Q. Does AWS have a managed OpenShift offering?
Customers looking for a managed control plan should consider OpenShift Dedicated. This is a fully managed OpenShift solution, managed 24/7 by the Red Hat SRE team running on AWS.
OpenShift Dedicated comes in either a Standard or cloud choice (bring your own cloud) offering. In the Standard offering, the OpenShift cluster is deployed into an AWS account controlled by Red Hat. Red Hat will bill the customer for OpenShift, management, and AWS costs. In the bring-your-own-cloud offering, the OpenShift cluster is deployed into an AWS account controlled by the customer. The Red Hat SRE team manages OpenShift via an IAM role. Red Hat bills for the OpenShift subscription and management; AWS bills for the AWS costs.
Q. Is there a reference architecture.
The current OpenShift AWS reference architecture is defined in the AWS Quick Start.
Q. Does the AWS Quick Start account for evaluation subscriptions?
Yes, customers would need to log in to the Red Hat subscription manager and sign up for an OpenShift evaluation. The AWS OpenShift Quick Start will require the PoolID of the evaluation subscription as a launch parameter.
Q. The AWS OpenShift Quick Start uses AWS autoscaling. Does this scale and auto heal application, master, or infrastructure nodes?
The autoscaling implementation within the AWS Quick Start is implemented at both the master / infrastructure layer and the application node layer, therefore it scales and auto heals all nodes.
Q. OpenShift 4x supports scaling and healing through MachineSets. Does this heal and scale with master nodes?
OpenShift 4.3 supports scaling and healing of worker or application nodes. Red Hat is working to extend this for master nodes, which will be available in later versions of OpenShift.
Q. In OpenShift 4x, do MachineSets support Spot Instances?
No, at this stage, MachineSets do not support AWS Spot workloads. Red Hat and AWS are working to support this in future versions of OpenShift (https://github.com/openshift/enhancements/blob/master/enhancements/machine-api/spot-instances.md)
Q. Can I use AWS Reserved Instances with OpenShift on AWS?
Yes, this is an effective means of managing costs for pervasive workloads, such as the OpenShift master and infrastructure nodes.
Q. Can I use Reserved Instances with a bring-your-own OpenShift subscription?
Reserved Instances can be used with both bring-your-own subscriptions and the license included with Amazon Machine Images.
When selecting the OS platform in the Reserved Instance purchase, note the following requirements:
Reserved Instances used with the license included with the platform: These should match Red Hat, meaning that the instance running time and OS subscription cost are bundled.
Reserved Instances for the bring-your-own Red Hat Enterprise Linux subscription using the Red Hat access AMI: The reserved instance platform should be Linux.
Q. Can the AWS Service Broker and AWS Service Operator be used in an on-premises implementation of OpenShift to expose AWS services in the cloud to my applications on premises?
Yes, any native AWS services supported by the broker or operator will be provisioned into your AWS account. Application workloads running in OpenShift clusters on premises will typically consume these AWS services over VPN or AWS Direct Connect.
Q. How is security managed within the AWS Service Broker and AWS Service Operator?
IAM roles are used to provide the broker and operator with the required permissions to manage the AWS services. Development and operations staff using the broker and operator are provided access through the role based access control within OpenShift.
Licensing and subscriptions:
Q. Does AWS provide OpenShift subscriptions?
No, customers would need to have an existing OpenShift subscription. The subscription PoolID is used to match the software running on AWS to the required subscription.