Reist uses containers and VMs together

Swiss IT managed services company Reist Telecom AG (Reist) wanted to adopt an enterprise-level Kubernetes platform to build its Identity and Access Management solution. Its customers were also looking to modernize their technology with an approach based on microservices and containers. Reist selected Red Hat OpenShift for its openness and on premise application platform. Adopting Red Hat OpenShift Virtualization was then simple when the company needed to migrate from its legacy virtualization environment to a modern infrastructure platform that would satisfy immediate and future needs. OpenShift Virtualization halves licensing costs, integrates virtualization and container worlds, and allows for a DevOps approach.

Benefits: 

• Halved virtual machine licensing costs
• Unified VM and container worlds
• Strengthened security with version control and a single source of truth
• Prevented code releases from interrupting end-user experience

Founded in 2001, Reist Telecom AG initially provided consultancy in the field of telecommunication, gradually expanding its areas of expertise. From the beginning, the Swiss company has provided a professionally managed, secure private cloud for internet-based customers, mainly in the airline and manufacturing industries and customers that require all data to remain in Switzerland. Their service operates from 2 geo-redundant datacenters and a separate datacenter for backups, all in Switzerland. Its managed services span a mix of server environments—including both Windows and Linux—running on virtual machines (VMs) and dedicated servers.

The company has also built an Identity and Access Management (IAM) solution, called MAYI ID©, which is on the market both as a managed service and a standalone ‘software-as-a-service’ offering. Reist’s IAM solution uses Red Hat’s single sign-on (SSO) technology, and its datacenters have been using Red Hat Enterprise Linux® as their primary operating system for many years.

“We initially built MAYI ID© on a virtualized infrastructure but quickly realized containerized microservices were the future, so we set up a vanilla Kubernetes environment,” said Patric Siegrist, Chief Architect, Reist Telecom AG.

With customers also seeking to become cloud-ready by moving to a containerized environment, Reist began searching for a supported enterprise-level Kubernetes solution, initially looking at the Kubernetes solution offered by its virtualization provider. “Extending our virtualization infrastructure to include containers made perfect sense, but licensing discussions became complicated, so we looked for other options,” said Siegrist.

Reist joined the Red Hat Certified Cloud and Service Provider (CCSP) Program for companies delivering hosted or managed services based on Red Hat’s industry-leading Kubernetes and Linux open source technologies. Since Reist and its customers liked the Red Hat products already in place, the company turned to Red Hat OpenShift for its on premise application platform. “The openness of OpenShift would allow us to implement best-practice security measures,” said Siegrist. “And we liked the OpenShift tools as they would give us a quick start on a single platform. OpenShift really is a good, stable application platform.”

To get started quickly, Reist engaged Red Hat partner Puzzle ITC for 2 days of consultancy each month. “Puzzle ITC collaborated closely with our IT team who, although being well-versed in our previous Red Hat technologies, appreciated learning OpenShift best practices.” The Red Hat CCSP Program provided access to OpenShift online training for Reist’s core OpenShift team, which is also currently working towards certification, with 2 administrators certified to date.

Working closely with Reist’s networking, Linux, and storage teams, the engineering team initially implemented OpenShift on bare metal in its datacenters. At Reist, OpenShift integrates with critical infrastructure services; for example, the NetApp Trident controller integrates directly with OpenShift, allowing for interoperable compatibility with NetApp storage.

Reist began by containerizing infrastructure services, both internal infrastructure services and infrastructure provided to customers as VMs or on dedicated servers. “We started by containerizing mail servers, proxy servers, web servers, and DNS servers,” said Siegrist. “We re-engineered, containerized, and then migrated them to OpenShift.”

With OpenShift on bare metal, it has been easier for Reist to implement OpenShift Virtualization, an operator included with any OpenShift subscription. “You just install OpenShift Virtualization on top of OpenShift on bare metal, and you’re ready to use OpenShift as a VM platform,” said Siegrist.

The migration from the legacy VMs to OpenShift Virtualization has a fixed deadline and must be completed within 6 months. Reist is, at the same time, moving its OpenShift clusters to a new datacenter. “Red Hat’s migration toolkit for virtualization is working really well for the migration of our VMs to OpenShift,” said Siegrist; the included operator allows for consistent, at-scale migration of VMs to OpenShift Virtualization in a few steps.

The new platform and DevOps approach have brought Reist’s IT teams together. Working in isolated team structures is a thing of the past. For instance, developers working on MAYI ID© now collaborate more closely with the operational teams. “OpenShift Virtualization provides a shared platform for our different technologies and is increasing collaboration internally,” said Siegrist. “I expect the collaboration to intensify once we have migrated all our VMs to OpenShift and started containerizing more and more applications.”

Prevented code releases from interrupting end-user experience

Moving to a containerized and integrated world with CI/CD processes means Reist can roll out releases without interrupting the services it provides to customers, which is a huge benefit. Developers previously employed manual processes when releasing code for a customer or the shared platform. They would have to stop services, replace components, restart services, and do regression testing, leading to significant downtime for customers.

“For customers that need our solution on premise or hosted in their datacenter, such as private banks or international customers with specific governance requirements, the transition to OpenShift was particularly essential,” said Siegrist. “With OpenShift, we can create Helm charts and ensure an identical deployment with no interruption—whether in our datacenter, theirs, or even in an Azure cloud—and still have the same deployment. This was not possible before.”

Building on Reist’s successes with OpenShift Virtualization, the company is now offering customers new services, such as namespace-as-a-Service (NSaaS). “We create an OpenShift namespace to provide an OpenShift environment for our customers to manage themselves,” said Siegrist. “And if they require assistance, we can offer consulting services.”

Reist has also recently upgraded to Red Hat OpenShift Platform Plus to take advantage of included feature Red Hat Advanced Cluster Security for Kubernetes in the most cost-effective way for its vulnerability scanning capabilities. “Vulnerability scanning is essential for ISO20000 and ISO27000 certification,” said Siegrist. “Our new container world has completely new requirements for vulnerability management. Red Hat Advanced Cluster Security will provide that for us.”

The vulnerability management capabilities in Red Hat Advanced Cluster Security allow companies to identify and prioritize vulnerabilities for quick remediation. Reist is also investigating standardizing and centralizing its container registry using Red Hat Quay – the scalable central registry that is also included with OpenShift Platform Plus.

“Our customers are increasingly looking to adopt modern technologies such as microservices and containers,” said Siegrist. “We look forward to continuing our modernization journey with Red Hat so we can in turn support our customers on their modernization journeys.”