Blog article category for blog articles on this site covering the areas of DevOps, Cloud Infrastructure, Site Reliability, Technical Writing, Project Management and Commerical Writing along with Event Management and associated areas. 

Kubernetes V Openshift

Kubernetes V Openshift

Kubeadm V Openshift, who's the build winner?

In any contest of orchestration layers in the cloud, there are many contenders and many winners. After completing the Openshift 4.2 course as a Certified Kubernetes Administrator, I can say I was impressed with IBM Redhat's iteration of Kubernetes. The organisation of the Openshift layer is automated providing a uniform and streamlined user experience for all working on it. For example, the automated deployment of controller operators (abstracted kubeadm 'namespaces' designed for cluster management functions) contains different Kubernetes objects needed to run your cluster. This approach standardises many processes creating a more stable and less error-prone orchestration layer.

So, before I present some comparisons in our build-off, it's worth noting that the Openshift build is a direct abstraction from the original kubeadm build. Let's now compare some key points between them both.

  • Kubeadm is a basic Kubernetes build that is totally mutable. I have seen opportunities missed around high availability due to a single Kubernetes controller node (control plane) being deployed. Openshift streamlines this choice in its deployment configuration but by default goes with a highly available option using a bootstrap node, 3 master nodes and 3 worker nodes in a 'H/A' spread. So +1 to Openshift for the proceduralism around architecture where its lower level parent leaves it to the engineer or architect to determine.
  • I've seen kubeadm builds go wrong on subnet assignments due to human error mainly around miscommunication of requirements. Openshift automatically determines subnet assignments for nodes in all major cloud platforms and bare metal integrations via its ovs-subnet plugin. This immutable approach by Openshift reduces errors and prescribes safer upper-level pod communications when deployed. +1 to Openshift again on its procedure-based approach using plugins.
  • Openshift SDN configures nodes uniformly for operations. br0 is used by the OVS Bridge for pod operations and has configuration rules for this purpose. Port 2 on br0 has tun0, the internal OVS port. It uses Netfilter (Linux module essential to Kubernetes) for cluster communications with the outside via NAT along with rules implementation and subnet interactions. Kubadm requires Netfilter and overlay for bridge comms to be installed by node and configuration is manually implemented via command line or IaC. Finally, on comms, vxlan_sys_4789 is used by Openshift's OVS VXLAN to provide remote node communication via port 1 on br0. This makes remote node communication possible. So Openshift's automation of node comms versus manual configuration for kubeadm makes Openshift the winner in this segment.
  • Openshift has a clear advantage on multi-tenant isolation via 'projects' (kubeadm version of namespaces). Openshift's ovs-multitenant plugin provides network isolation for projects. The automated plugin provides VNID headers for all packets associated with non-default projects (namespaces) that go through the OVS bridge at the (management) node level. This is a huge boon for network isolation and allows one cluster to safely render multiple instances, which are logically separated by project. +1 to Openshift on this one too. The kubeadm journey is by far more involved for that level of network isolation in a multi-tenant scenario.
  • Openshift requires considerable resources in node count, node size, CPU potential and more when compared to the kubeadm build. Kubeadm builds are lighter and more customizable given their mutability so I guess +1 to kubeadm as it offers more control for the skilled engineer.
  • Openshift's administration is far more versatile. For example, Openshift can accept 'oc' or 'kubectl' commands so you can imagine the extra resources required making it heavier when compared to a kubeadm build having the 'kubectl' module only. This choice and considerable automation of many areas for the sysadmin makes Openshift the clear winner.

So, Openshift wins 5 to 1 against a raw kubeadm build when deploying and using Kubernetes. The core technology is very stable and incredibly useful in container orchestration, availability and administration. However, IBM Redhat plus other providers have shown that it can always be improved upon. Stay tuned for more on Cloud Infrastructure in this blog along with articles on other areas of interest in the Writing and DevOps arenas. To not miss out on any updates on my availability, tips on related areas or anything of interest to all, sign up for one of my newsletters in the footer of any page on Maolte. I look forward to us becoming pen pals!



Investing in Process Management

Investing in Process Management

An effective process infrastructure strengthens the bridge with your customer...

On my return journey to Dublin Airport last Wednesday, I landed to discover my luggage was lost. Baggage does indeed get lost, which is a fact of life for baggage handling at scale. However, when processes don’t get the investment they need in a dynamic marketplace, the resulting problems become notable to those who engage with it. In my case, I had to report my single hard case lost so I went to the Swissport desk. There I found the atmosphere to be very tense, which hit me hard as a weary traveller. I found the environment to be highly uncomfortable noting the first process improvement opportunity was training. A basic precept of good negotiation is always to respond to aggression with assertion. I witnessed this process gap whilst waiting for my turn and saw one case escalate unnecessarily due to the rep most likely being untrained in negotiation techniques.

When I was eventually asked to come forward to have my case processed, I just had to fill out a paper-based form. I filled out a form on a sheet of paper and not on a tablet or a laptop creating duplication of work and a higher risk of errors by manual entry of details into a system. The rep inputted the details and did not wait for me to check them, which is another missed process validation point. I got my paper receipt and an email address I can use with no number, or other contact details available to me when I asked. The reluctance in engagement on this point was striking, which speaks to a process breakdown around communication channels. At this point, there was no apology for losing my case, but 1 to 3 days of a tracing turnaround was disclosed before she left to attend to another traveller. If I was a traveller from far-off lands with no clothes or access to shops, I would be very upset if it was very late. I would have expected some query and support on how I will cope without my luggage until its return or cost reimbursed for replacements. This is a process of its own that was lacking in the cases I overheard whilst waiting my turn to have my case processed.

I collaborated with the Swissport rep in my own conversation by advising here that I was first to belt 4 and did not see my case so nobody could have mistakenly taken it. I also noted that 2 other flight passengers were at the desk and we were moved by Iberia staff at Madrid Airport to another luggage check-in desk instead of the scheduled one. The information I provided was material for a successful trace but I did not have the opportunity to enter it in the outdated case form that I got and the rep did not update her file whilst I was there. Empowering the traveller with write access to the lost baggage case file via a technological interface is a key process improvement opportunity. The rep should act as a guide when needed by the traveller. This would be transformational to the traveller’s experience at Swissport’s lost baggage desk.

I made other process improvement observations whilst there and afterwards, but what matters is trust. The process should be understandable and coherent to a point where the Swissport rep in this case can guide the traveller through a technological interface with an automated process that does the following:

  • Empowers the traveller to create and update their own file with new information.
  • Empowers the traveller to see what stage the investigation is at via web interface with their last name and case number as access credentials.
  • Empowers the traveller to see what the next step is to a resolution.
  • Does so in a manner that delivers trust to the traveller in the process that is serving them to a successful outcome whatever that may be.

A process that keeps pace with technological advancements, which makes the customer's life easier is key to a good user experience. Any company that rules such process investment out for any reason falls behind process-wise and the resulting conflict with customers aggregates to damage the company’s brand and that of its clients who depend on it for the provision of service.  Stay tuned for more on Writing in this blog along with articles on other areas of interest in the DevOps and Cloud Infrastructure arenas. To not miss out on any updates on my availability, tips on related areas or anything of interest to all, sign up for one of my newsletters in the footer of any page on Maolte. I look forward to us becoming pen pals!

StartupOLE Conference

StartupOLE Conference

Gonna cover the StartupOLE conference for Irish Tech News in Salamanca, Spain

I thought I would take a break from my own post-launch tasking around Maolte Technical Solutions Limited and share some very topical news about this awesome-looking conference, which is centred around innovation, entrepreneurship and startups.

The StartupOLE team has organised a large conference geared towards innovation and entrepreneurship. The great news is that it's free to attend for the public. You can register for a free ticket at For those travelling internationally, do note if you cannot get a flight directly into Salamanca, you can fly to Madrid Airport. There you can take an intercity train from Chamartin train station (2 metro hops from the Airport's light rail station). This would see you arriving in Salamanca some 2 to 3 hours later. It's an ideal opportunity for all to meet and share thoughts and ideas with other entrepreneurs in various stages of their startup journey. You can also attend panel discussions around innovation and startups by public officials, investors, entrepreneurs and those in the media plus more. I shall be participating as a Journalist with Irish Tech News in a panel discussion on Monday 5th September at 19:00hrs local time to talk about how media can help start-ups succeed. We will be sharing our thoughts, opinions and experience around this key area and hope you can attend or catch us online via one of the many distributions recording the live panel discussions. 

The high calibre of attendees in the 'Confirmed Key Players' section are numerous and come from technology, public services, governance, media, science, investment and finance plus more. What deepens the quality of this conference is the large contingent of senior executives from other startup networks and actual entrepreneurs with stories to tell about their experiences getting their own startup launched.  Key attendees from the European Commission will also be there denoting the EU-wide interest in StartupOLE. Mariya Gabriel, Commissioner for Innovation, Research, Education, Culture and Youth will be there. Also in attendance will be Toma Sutic, Member of the Cabinet of the Vice President Suica, European Commission. This senior-level EU interest tells well for the calibre of the conference and what story I can tell in my Irish Tech News article to follow it.

It's a long way to Spain from here, making for some great social media posting and a chance to share my journey with you. To that end, do stay tuned to my Twitter feed, LinkedIn, Instagram and Tiktok for posts about my journey and the conference itself. Exciting times are certainly ahead!  Stay tuned for more on Writing in this blog along with articles on other areas of interest in the DevOps and Cloud Infrastructure arenas. To not miss out on any updates on my availability, tips on related areas or anything of interest to all, sign up for one of my newsletters in the footer of any page on Maolte. I look forward to us becoming pen pals!