You’d think the IT world would be one that’s used to change. Yet innovation isn’t happening here overnight any more than elsewhere. Red Hat sees that it is necessary to address all aspects of the enterprise ecosystem for improvement. What exactly does that look like? We discuss it with two experts from the company.
Karanbir Singh is a Senior Distinguished Engineer at Red Hat and helps us clarify what they call the ‘enterprise ecosystem’. “An ecosystem simply means that something is built on top of something else, and that goes on to grow.” Two examples from the open-source world are KVM and Xen, both now around two decades old. It would be too simplistic to say that those two technologies realized virtualization on the CPU; Singh emphasizes that, better yet, they drove the concept of virtualization itself. He sees a common thread that ultimately led from KVM and Xen to the public cloud, or the complete abstraction of the physical hardware in order to sell the infrastructure as a service. Today, developers don’t even need to know exactly where their workload is running when they use the available tools.
Something out of nothing
Singh has a reason for highlighting this example. He points out that the innovations in question have actually created an entirely new category: the cloud. To reiterate, we most often use the term nowadays to refer to simplicity and scalability based on abstraction, but with an accompanying loss of control. A point of conflict here is that users actually want to retain control, but they also keep demanding simplicity. That’s why everything is called a “cloud” these days, according to Singh. Even an air-gapped environment under your own control can simply be classified as a “private sovereign cloud.”
What’s Red Hat’s role in this? It’s clear that the public cloud can have its disadvantages. Using a single cloud is risky because of the high degree of dependency, the potential for costs to balloon, and its use may not meet compliance requirements. Red Hat’s goal is to provide control and simplicity for any type of ‘cloud’, regardless of where the computer is and who owns it. We will dive into specific examples of this later with Juan van der Breggen, Principal Associate Solutions Architect at Red Hat. First, we will talk further with Singh about Red Hat’s role in this simplification effort.
All kinds of headaches
Red Hat’s main goal is to alleviate customer concerns. That means it wants to make technologies enterprise-ready. To do that, a lot of fundamental work is needed in the form of open-source contributions. Think of running a container securely in a Kubernetes environment, protected from the kernel. Or authentication via a third party without this leading to security risks. Where the open-source community as a whole may have more priorities than making tech usable for the enterprise, Red Hat strives to form a foundation to guarantee this usefulness.
This involves more than just the latest technology. “Heritage,” the word Singh uses to describe legacy apps and hardware, must be taken into account within an enterprise environment. In other words, legacy must be a first-class citizen within IT. Singh indicates that incorporating legacy is more than just lift-and-shift. How do you arrange automation? Security? Lifecycle management? All these issues must come together in a single experience with new workloads based on modern paradigms. Once again, this is a priority for Red Hat. “This results in workloads that know where they are running, which network they are consulting, and what the underlying use case is.”
In doing so, Red Hat does not lose sight of open-source, according to Singh. “It’s the only way to be self-sufficient.” He advises us to view that self-reliance or autonomy in terms of degrees. If you are completely in the public cloud and use all kinds of abstraction layers from third parties, you are dependent to an extreme degree. The more autonomy you create, the more you limit the risks. That’s what Singh understands by the whole sovereignty story: (more) digital autonomy.
For Red Hat, this means that it must provide insight into how the company builds its software. Provenance management, or the ability to trace data (who owns it, are you allowed to use it, etc.), is central to this. A few years ago, Red Hat also started consistently publishing a Software Bill of Materials (SBOM) so that end users know where their applications, tools, and operating systems come from. Knowledge is control, and control allows for autonomy.
Whose responsibility?
You could argue that it is up to the end user to assess the value of such actions. However, the discussion surrounding responsibility for security, compliance, and more is broader than that. For example, Red Hat and IBM provided two of the three approved Post-Quantum Cryptography (PQC) algorithms implemented in RHEL 10, a preparation step for the arrival of quantum computers. It is up to the OS vendor to do this, otherwise a system is vulnerable all the way from the kernel, at essentially the lowest level.
With extended support for RHEL 10 lasting until 2038, the system must be quantum-safe if quantum computers become available sometime in the 2030s, as many (including IBM) estimate. Quantum computing on cloud instances could mean “a key to every lock” for criminals, but RHEL 10 is prepared for this.
Singh also has a nuanced view of the popular “shift left” concept. “I find shift left a very interesting concept, because I don’t think it’s right to shift everything to the left, but I think you need to provide meaningful context to people who can do something about it in all kinds of ways.” A developer writing a Ruby application is unlikely to tinker with the storage infrastructure, but will benefit from understanding the status of the application in production. The interaction between application and storage plays a major role in this.
It’s all about building software in environments and with processes that are relevant to the production environment. “For example, if you have security policies, you should have one set of security policies across the company, not different sets for development, testing, and production,” says Singh.
Practical implementation
Juan van der Breggen, Principal Associate Solutions Architect at Red Hat, explains how this philosophy is put into practice. Red Hat OpenShift plays a central role in this due to its scalability: it runs from a single node on what is effectively a digital island to a complete developer experience and HPC environments, with the management layer remaining the same.
One of the most innovative developments in RHEL 10 is bootc in image mode, where VMs run like a container and are part of the CI/CD pipeline. By using immutable images, all changes are controlled from the development environment. Van der Breggen illustrates this with a retail scenario: “I can have one POS system for the payment kiosk, but I can also have another POS system for my cashiers. They use the same base image. If I then upgrade that base image to later releases of RHEL, I create one new base image, tag it in the environments, and then all 500 systems can be updated at once.”
Red Hat Enterprise Linux Lightspeed acts as a command-line assistant that brings AI directly into the terminal. This assistant is like having a Linux expert with over 20 years of experience at your side, helping you with commands, reading log files, and solving Linux-related problems.
In addition, Red Hat Insights Image Builder improves another familiar workflow. It makes building images significantly faster: an image build takes 10 minutes, followed by another 10 minutes for the conversion from image to package, after which deployment on a cloud provider platform van follow. Even with a small team, everything can be managed in the hybrid cloud via a single pane of glass.
Resilience and future-proofing
Last year’s infamous CrowdStrike incident perfectly illustrates the value of image mode. If all those systems had been running on RHEL and had encountered a similar problem, an immediate automated rollback would have been possible. For edge devices, Red Hat uses a solution called Greenboot, which does not immediately proceed to a rollback but can wait for one if a certain condition are met. After, for example, three reboots without a working system, it reverts to the previous working release.
However, not everything has been worked out perfectly yet. Lightspeed currently only works online, while many customers would like to use it offline because their RHEL systems are tucked away behind firewalls. Red Hat is still looking into possibilities for an expansion here, although making the knowledge base available offline poses risks to intellectual property.
Red Hat also remains true to its “tried and tested” philosophy, but that does not mean that the latest kernel versions will be missing in action altogether. Fedora and CentOS Stream already use them as upstream versions. Further rollout will follow when Red Hat considers them ready for use within the stability-focused RHEL.
Failure domains
Singh emphasizes that determining risks is not only important in a cloud setup. Failure domains are just as present in a compact infrastructure. “Is all your hardware connected to a single switch? Do you manage all your VMs via a single controller?” He advises considering an alternative in both cases.
It’s about isolating your experience so you can document risks. You need to be able to note what your infrastructure looks like and map it out for the entire environment, including CapEx and OpEx. Singh goes beyond certain slogans such as “no more than 30 percent of your IT infrastructure should come from a single vendor.” His question: “How do you know that the other two-thirds will still work if that 30 percent fails?”
Conclusion
Red Hat’s approach to the enterprise ecosystem revolves around optimizing for the customer outcome, where that customer is often a colleague. Through open-source foundations, enterprise-ready technology, and innovative deployment methods, Red Hat offers a path to digital autonomy without sacrificing simplicity. In a world where complexity seems to be increasing, Red Hat demonstrates that it is possible to maintain control while leveraging the benefits of modern cloud technologies.
Also read: Nutanix CTO reveals multi-cloud strategy and VMware alternative