Kubernetes On-Prem
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
$
%
123
 
 
 
 
 
 
 
 
 
ABCDEFGHIJKLMNOPQRSTUVWXYZAA
1
OpenShift Container PlatformRancher RKEPKSDocker Enterprise Charmed KubernetesMicroK8sKubermaticSUSE CaaS PlatformMetalK8sMesosIBMDaoCloud EnterprisePlatform9Giant SwarmGKE On-PremNirmata
2
CompanyRed HatRancherPivotal / VMwareDockerCanonicalCanonicalLoodseSUSEScalityMesosphereIBMDaoCloud Inc.Platform9 Systems Giant SwarmGoogleNirmata, Inc
3
Supported K8s Version (latest)v1.11v1.12v1.11.2v1.8v1.13v1.13v1.121.10.11v1.11v1.12v1.11v1.10v1.10v1.12v1.13
4
Open SourceYes (see comment)YesNoNoYesYesNoYesYesNo (see comment)NoNoNoYesNo; Invite-OnlyNo
5
HAYesYesYesYesYesn/a - single-node, workstation, edge use cases onlyYesYesYesYesYesYesYesYesYesYes
6
Rolling UpgradesYesYesYesYesYesTransactional upgradesYesYesYesYesYesYesYesYesYesYes
7
Management UIYesYesYesYesYesYesYesYesNoDC/OSYesYesYesYesGKE ConsoleYes
8
AuthHTPasswd, Keystone, LDAP authentication, Basic authentication (remote), Request header, GitHub and GitHub Enterprise, GitLab, Google, OpenID connectMicrosoft/Azure AD/FS, Github, FreeIPA, OpenLDAP, PingIdentity, KeycloakLDAP, OpenIDLDAP, SAMLKeystone, Rancher, Additional authentication mechanisms available using OpenUnison None in 1.13. Client is anon and talks to api-server on insecure port. In 1.14 client will use x509 cert. Also WIP to include addon for enabling RBAC.OAuth, LDAPKeystone, Azure, LDAPBasicauthLDAP, SAMLLDAP, SAML (Okta, PingIdentity) OIDCSAML
9
SDNOpenShift SDNCanal, Flannel, CalicoNSX-TCalicoCanal, Flannel, Calico (and third-party CNI for ACI, BigSwitch, Tigera Calico, Weave)Host bridgeCanal, CalicoFlannelCalicoCalicoCalicoCalico, MacVlan, FlannelCalico, Weave, Flannel, OpenContrailCalico, FlannelFlannel, Calico, Cloud Provider
10
StorageCNS / including NFS, iSCSI, Fiber Channel, OpenStack Cinder, FlexVolume, GlusterFS, Ceph RBD, Azure Disk, Azure File, AWS EBS, GCE Persistent Disk, VMware vSphere VMDKCloud provider, iSCSIvSAN, VMFS, iSCSI, FCNFSCeph, NFS, iSCSI, FTP, hostpath. Third-party storage can also be used, like NetApp Trident (OnTAP, Santricity, etc), StorageOS and Pure. Cloud storage can be used on Openstack (Cinder), AWS (EFS/EBS), GCP, Azure. CSI plugins are supported. Host pathCustomSUSE Enterprise Storage (Ceph), NFS, hostpathNative LVM, NFS, customPortworx NFS,PortworxSupport all Cinder backed storage endpoints, PortworxNFS, iSCSICloud Provider, Rook, Portworx, Nutanix, NFS
11
Preferred Load BalancerF5 / NetscalerNginxNSX-TNginxF5 / Nginx, IstioBuilt-in LB, IstioF5 / NginxNginxNginxMarathonIstioHAProxy,NginxOctavia, AVINGINXF5HAProxy, Citrix CPX, Cloud Provider
12
Security FocusHighModerateModerateHighHighHighModerateModerateModerateHigh
13
Node OSRHEL AtomicRancherOSUbuntuCentOS, OEL, RHEL, SLES, Ubuntu, Windows (including s390x and ppc64le for RHEL and SLES)UbuntuUbuntu, Debian, Fedora, other LinuxUbuntu, CoreOS, Container LinuxSUSE MicroOSCentOSLinux - variousLinuxLinux - CentOS, RHEL, Ubuntu all supportedCoreOSESXi/vSphere VMWare 6.5 + Ubuntu 18.04OSCentOS, RHEL, Ubuntu
14
Vanilla KubernetesNoYesYesYesYesYesYesYesYesYesYesYesYes
15
ConfigAnsiblecluster.yamlBOSHCharmsSnapCRDSaltAnsibleCRDs + Ignition + PXE
16
Installation ComplexitysimplesimplemoderatesimplesimplesimplesimplesimplesimpleSimpleSimpleSimpleSimple - offered as a SaaS managed service 1-Click Managed Clusters, Control Plane is installed by Giant Swarm personnelSimple - SaaS
17
Documentationhttps://docs.openshift.com/, additionally, self-paced tutorials at http://learn.openshift.comhttps://rancher.com/docs/https://docs.pivotal.io/runtimes/pks/1-2/index.htmlhttps://docs.docker.com/ee/https://ubuntu.com/kubernetes/docs/https://microk8s.io/https://docs.kubermatic.io/https://www.suse.com/documentation/suse-caasp-3/https://metal-k8s.readthedocs.io/en/latest/index.htmlhttps://mesosphere.com/product/kubernetes-engine/https://www.ibm.com/cloud/privatehttp://guide.daocloud.io/dce-v3.0/latest/dce-3-0-lts-20974188.htmlhttps://docs.platform9.com/https://docs.giantswarm.iohttps://docs.nirmata.io/
18
Trial Available30 daysUnlimited30 days30 daysFree, supported with Ubuntu AdvantageFree, supported with Ubuntu Advantageonline demo system60 days with updatesFree with no supportYesPoC possibleInvitation OnlyYes (SaaS), PoC (On-prem)
19
Preferred IaaS LayerOpenStack, AWS, GCP, Azure-VMware, AWS, GCPVMware, AWS, AzureBare metal, Openstack, AWS, Azure, Google Cloud, KVM, VMware. Native integration to cloud services like LBaaS.AnyOpenStack, VMware, AWS, Azure, DigitalOceanBare metal, KVM, Xen, VMware vSphere/ESXi, Microsoft HyperV, SUSE OpenStack Cloud, public cloud infrastructureBare metal, VMWare, OpenStack--Bare metal, VMWare, OpenStackBare metal, VMware, OpenStack, AWSBare Metal, VMware, AWS, Azure, AzureStackAWS, Azure, Bare Metal, VMware
20
Cost100%20%50%Docker EE for RHEL - Advanced $200/pm per Node20%20%FreeSubscription per data-center + compute resource per Year, contact sales: https://giantswarm.io/contact/Subscription per year based on deployment size
21
Cost is a % of OpenShift$1200 per virtual core per year (workers only are paid)?$1200 per physical server, or $400 per VM, per year$1200 per physical server, or $400 per VM0%20% at scale including 24/7 business critical management with high SLAs and expert support
22
23
OpenShift (container platform)Rancher RKEPKSDocker Enterprise Charmed KubernetesMicroK8sKubermaticSUSE CaaS PlatformMetalK8sMesosIBMDaoCloud EnterprisePlatform9Giant SwarmGKE On-PremNirmata
24
Why?Large stable company, massive ecosystem, security hardened, 10 years of support.Free software, inexpensive support contract, simple setup and maintenance, awesome team. Can provision K8s on many platforms.Integrates well with VMWare. Cheaper than OpenShift with a comparable ecosystem.Security: Unified RBAC across Kubernetes and registry. FIPS certified. Platform: Supports Windows containers and other architectures for Linux like Z and P.Supports more clouds, metal, virt. Free with support available. Multi-cluster management is easy. Multi-cloud integration is great. The support pricing is very attractive and a fully-managed service is also available. Robust, secure, single-node k8s for IoT, edge, developer workstation, CI/CDKubernetes in Kubernetes architecture means a smaller footprint and complete cluster isolation plus HA master control plane. This architecture is unique.Entire stack supported by one enterprise vendor with a large hardware and cloud provider ecosystem, at a lower cost than similar competitors.Free, open source, no commercial people pushing it and being annoyingMesos has some unique big data service automation. For example Kafka, Cassandra and Hadoop can all be single click installed and scale with self healing.Fully managed Kubernetes with 24/7 SLA of 99.9% uptime and availability for Kubernetes clusters promised by contract. Easy setup and upgrades. Auto detection and repair of issues.
Can provision Kubernetes on VMware, Linux/KVM, OpenStack, Bare metal and AWS. Comes with it's own IaaS layer provisioning if the customer does not have one.
Running K8s in production on-premise for large enterprises such as Adidas, AMAG and Vodafone since 2016. CI/CD pipeline into every installation that facilitates daily updates, hot-fixes, and security patches. Provided update on latest K8s security bug for all supported Kubernetes versions within 24h. Proactive Troubleshooting as Giant Swarm fixes any issue in one of their hundreds of managed Kubernetes clusters across all their customers preventing everyone else running into the same issue. Providing upgrades for all managed open source components including K8s within 30 days after latest release. Guaranteed uptime of 99.95% via SLAs. Providing lots of additional managed services within your K8s clusters. Their support via Slack is outstanding. Offered as cloud based service and dedicated on-prem. Also works with managed Kubernetes services as well (EKS, GKE, AKS). Easy to use. Built for teams providing centralized container-as-a-service to multiple teams. Multi-tenant, multi-cloud, multi-cluster
25
Why Not?Cost. Vendor lock in. IBM.....Smaller company (risk of acquisition), you'd need to setup an IaaS layer or manage bare metal.Can get complex (see NSX-T documention for an example). BOSH may scare some people.Current version uses non-native RBACNo PAAS, just upstream K8s.Single-node specialized distributionSmaller company (risk of acquisition), you'd need to setup an IaaS layer or manage bare metal.If you're just running stateless apps then perhaps you don't need the extra complexity of Mesos alongside K8sI'd expect this to get sunset after the Redhat acquisition.All of the docs are in ChineseYou need to setup IaaS layer (or bring your own cloud)
26
27
There's an opinionated blog about all of this here: https://kubedex.com/redhat-openshift-vs-pivotal-pks-vs-rancher/
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...
Main menu