Should you use OpenShift to Run Payara in the Cloud?

Photo of Rudy De Busscher by Rudy De Busscher

The world is moving to containerized workflows. As a result, tools to handle containerization become more and more important.

Kubernetes is the most widely used platform for managing and orchestrating containers. But since it contains only the basic building blocks, you need additional tools if you want to set up your environment for running applications on it.

In this blog, we take a closer look at Red Hat OpenShift and the comparison with Kubernetes.

What is Red Hat OpenShift?

OpenShiftis a platform that is built on top ofKubernetes. However, while Kubernetes is a software product that you need to install within your current environment, or use with a Cloud provider of your choice, OpenShift is a complete platform itself. Besides Kubernetes, it contains components for integrated networking, storage, monitoring, logging, installation, upgrades, and so much more.

Besides a Kubernetes cluster itself, OpenShift contains several other components already integrated within the environment. For example, it has a custom component for routing to the containers running your application. In this case, you don't need to install a Kubernetes Ingress module but a solution is already installed together with your OpenShift environment.

The same goes for other components, for example, security. The OpenShift documentation indicates that you can stay longer on older Kubernetes versions sinceRed Hatparticipates in updating older versions for security vulnerabilities. And the platform also has some tools to maintain the roles and permissions for different users, so that they each can perform a certain task without the need to access the entire capabilities of the platform.

Is OpenShift Better?

Since we indicated that the OpenShift platform contains all the tools that you need already, is it better than pure Kubernetes? Having all the parts integrated and ready after an installation is of course a major benefit. But the complexity of using and maintaining your applications on the platform stays more or less the same.

You still have to perform the same steps on the OpenShift platform as you would do in an environment that is based on Kubernetes. You still need to configure the routing to your application, define the scalability properties, etc...

To help you with these tasks and to make it easier for the OpenShift users, there are several "opinionated" or vendor-specific aids. These aids can get your applications up and running on the platform faster and more easily, but they are opinionated in the sense that only a small subset of applications or scenarios are supported.

An example of this is theSource-to-image feature (S2I). This can bring your application from source code in an accessibleGitHubrepository into the platform, and therefore accessible for your end-user, with a few simple commands. It takes care of the compilation, testing if you have set up a CI pipeline within the OpenShift platform, and creating and spinning up the containers.

However, as mentioned, only a small subset of possibilities are supported in this way. Running your Quarkusapplication or your Enterprise application withWildFlyandOpenLiberty is supported through that S2I feature, but applications supported by otherJakarta EE vendors - including Payara Platform applications - are not.

Also, not all new features of Kubernetes are immediately available through the OpenShift Platform. However, you can always access the underlying Kubernetes system directly and in most cases, these new features that are not yet included can be combined with the OpenShift functionality. 

Although the setup is easier, due to OpenShift's many features and configuration options it stays a complex product. And you need to be an expert to get the most out of the platform, just as you need to be an expert to use Kubernetes. With OpenShift however, you tie yourself into the specific platform and the way they like you to work. For example, with the S2I feature, the limitation extends to the editor that you should use, asEclipseChe is included.

Can you use it with Payara products?

There are several manual options for how you can run your application on Payara Server or Payara Micro within OpenShift.

As mentioned, the standard S2I support does not work if you would like to run your application on Payara with OpenShift. You can create your own S2I image that performs all the steps and can bring the source code to the platform in the way you would like. This is also the route you have to take if you want to tweak one of the default S2I solutions within the platform. With the S2I command-line tool, you can create the directory structure and required files for such a custom S2I builder image. You have an _assemble_ part and a _run_ part. This way you can define the steps to build your application and define the Container image for it.

Another option that you can use for running your application with Payara on OpenShift is to define a multi-stage buildDockerfilewithin your code repository. OpenShift can use this to get your application up and running from the source. It is similar to the S2I solution but the steps are now described within the application repository itself and not outside of the repository as with S2I.

And a third option is that you can push the image with your application directly to the Docker Registry of your OpenShift environment. Each OpenShift installation makes use of its own Docker Registry to keep all container definitions for the platform itself and for the applications that are running on it.

So depending on the degree that you want to tie the building of your application into OpenShift itself, you have several options to combine OpenShift and Payara products.


OpenShift is an entire platform built on top of Kubernetes. At installation, it brings all necessary components integrated into the environment. This makes it easier to get started, but using and configuring them requires that you learn all the concepts, tools, and configuration options to configure the environment to your needs.

For some basic functionality, they have the option to bring the source code from a Git repository into the platform through the Source-to-image (S2I) functionality. This only works by default for Quarkus or an Enterprise application that you run on WildFly or OpenLiberty. However, this S2I solution can also be created for Payara-based deployments. You can also push the application using a multistage Docker build file or a Container image to the platform.

Unless you want to go the opinionated way of the platform - which leaves you locked in to certain vendors -  you might consider learning and using pure Kubernetes-based solutions. Sticking with a pure Kubernetes solution requires probably a bit more effort but gives you the freedom of choice.

If you don't want to be confronted with Kubernetes at all, considerPayara Cloud, where you can deploy your Enterprise application with a simple click.

Register Your Interest - Payara Cloud