Ocean achieves Red Hat OpenShift Operator Certification


As container usage keeps expanding, Ocean by Spot keeps evolving. Today we are thrilled to announce that Ocean supports Red Hat OpenShift officially, along with a certified Operator. 

Ocean is a proven Kubernetes data plane service that provides a serverless infrastructure engine for running containers.  Ocean is designed to work in such a way that pods and workloads can take advantage of the underlying capabilities of cloud compute infrastructure such as pricing, lifecycle, performance, and availability without having to know anything about it. 

Ocean infrastructure provisioning works by watching events at the Kubernetes API Server, affording its levels of visibility and flexibility that cannot otherwise be achieved, ensuring dependable performance, fast scalability, and up to 90% lower cloud infrastructure costs.

Ocean is the de-facto data-plane manager and continuously manages the worker-nodes, adjusts the infrastructure capacity and size so that containers will always have the capacity to run, leveraging cost optimization models using Spot instances, RIs, and On-Demand instances for cost, performance, and availability.

Invisible Infrastructure, Serverless Experience for OpenShift

Today, we officially announce the support for OpenShift v3.11 and higher. 

Using the Ocean console, customers can now join an existing OpenShift cluster, and from the first moment, benefit from the value that Ocean brings to the table. Ocean by Spot is a proven Kubernetes data plane service that provides a serverless infrastructure engine for running containers

Using Ocean by Spot, users get fully managed data plane service to run pods and containers without the burden of having to deal with maintaining, scaling, and life-cycling the underlying worker nodes infrastructure. Ocean determines the optimal blend of instance types and sizes for the OpenShift worker-nodes in real-time, based on deployment/pods requirements. Ocean reschedules pods when needed, to drive cost and performance optimization

Ocean keeps improving the cluster utilization based on its changing behavior, smart scaling up when resources are needed, and even scale down to zero when there’s no resource needed at all, or after defined business hours.

When it comes to costs vs availability, Ocean leverages different pricing models & lifecycles in order to provide the most cost-effective infrastructure for the cluster. The cluster can be a mix of spot, reserved, and on-demand instances, without impacting the availability of the service: when spot instances are at risk of being interrupted, Ocean will spin up another Spot instance in a different capacity pool while keeping high-availability for the service. If there is no available Spot market, Ocean will maintain SLA using on-demand instances. In addition, Ocean will revert to Spot instances automatically once capacity is available to keep improving the cost savings.

How does it work?

We are excited to introduce the Ocean Toolkit, which is based on two main components: 

Ocean Controller
A Pod that lives within the OpenShift cluster, responsible for collecting metrics and events. The events are being pushed via one way secured link to the Ocean SaaS component for business logic and capacity scale up/down activities.

Ocean SaaS
The Ocean SaaS layer is responsible for aggregating the metrics from the Ocean Controller and for building the cluster topology. Using the aggregated metrics, the SaaS component applies other business logic algorithms such as Spot / Preemptible instance availability, prediction, and instance size/type optimization costs via workload density instance pricing models, across On-Demand / Reserved (RIs / CUD) and excess capacity nodes (Spot instances / Preemptible VMs).

CSR Approval Flow 

In the last two OpenShift major versions, when a new node tries to join an OpenShift cluster, a CSR (Certificate Signing Request) will be created, waiting in pending mode until an authorized entity will approve it. Once approved, the new worker node will join the cluster and start accepting new workloads. 

Ocean now integrates with the CSR approval flow. For every CSR in a pending state, Ocean will make sure the CSR was created by a node that Ocean launched. This Ocean mechanism by itself increases the security level of the OpenShift cluster since it approves the CSR selectively and in a secure manner, without using an auto-approver component. Ocean will approve only nodes that it has launched, there’s no more need to configure any approval logic.

Red Hat CSR approval - Ocean flow
Red Hat CSR Approval Flow

Certified Operator

The release of the Ocean certified Operator for OpenShift infrastructure provides a new way of controlling an Ocean cluster from the Kubernetes cluster. 

The Ocean Operator allows DevOps teams to create, configure, and manage Ocean clusters by working with standard Kubernetes API. By having a customized resource definition of Ocean cluster in the Kubernetes cluster, using a YAML configuration file, you can now create/update or delete an Ocean cluster from an existing Kubernetes cluster, using kubectl/oc apply/get/delete commands.

Using the Ocean Operator, you can always know the status of your Ocean cluster and can update the different group attributes (such as On-Demand/Spot ratio) and much more!

The Ocean Operator can be found in Red Hat Container Catalog, and it is officially certified by Red Hat. 

Getting Started

The Ocean Controller and Operator are now part of Red Hat’s Container Image Catalog and are certified by Red Hat. You can start the journey of Ocean and OpenShift by clicking on “join an existing cluster” in the Ocean Console.  Follow the documentation for additional info.

Create a new Ocean integrated OpenShift Cluster