OpenShift Container Platform

OpenShift Container Platform
Unknown authorUnknown author · Public domain · source
Name	OpenShift Container Platform
Developer	Red Hat
Released	2015
Latest release version	4.x
Programming language	Go, Java, JavaScript
Operating system	Linux
License	Commercial, open source components

OpenShift Container Platform OpenShift Container Platform is a commercial enterprise Kubernetes distribution developed by Red Hat for orchestrating containerized applications. It builds on upstream Kubernetes and incorporates technologies from Docker (software), CRI-O, and etcd while integrating management tooling drawn from Ansible (software), Prometheus, and Grafana to support cloud-native application lifecycles. Used by organizations including IBM and SAP SE, it targets production environments across on-premises data centers and public clouds such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform.

Overview

OpenShift Container Platform packages container runtime and orchestration with developer and operator workflows derived from Kubernetes distributions, aiming to simplify application delivery for enterprises like Deutsche Bank and HSBC. The product originated within Red Hat following acquisitions and strategic projects involving CoreOS, Inc. and contributions from the Cloud Native Computing Foundation community, aligning with standards endorsed by Linux Foundation. It contrasts with managed offerings such as Amazon EKS and Google Kubernetes Engine while sharing upstream compatibility that enables migration to platforms used by companies like Spotify and Airbnb.

Architecture

The architecture centers on a control plane and worker nodes built upon Kubernetes primitives, using etcd as the distributed key-value store and CRI-O or container runtimes compatible with the Open Container Initiative specifications. The control plane includes components interacting with Kubelet, API server (Kubernetes), and Controller Manager (Kubernetes), while cluster networking leverages plugins from projects like Open vSwitch and OVN. Storage integrations support drivers based on Container Storage Interface implementations used by vendors such as NetApp, Pure Storage, and Ceph. Authentication and authorization integrate with identity providers and standards such as LDAP, SAML, and OAuth 2.0, enabling enterprise single sign-on with systems from Okta and Microsoft Active Directory.

Installation and Deployment

Installation supports installer-provisioned infrastructure for public clouds including Amazon Web Services, Microsoft Azure, and Google Cloud Platform, as well as user-provisioned on-premises deployments with virtualization platforms like VMware ESXi and bare-metal solutions used by Dell EMC and Hewlett Packard Enterprise. Bootstrapping and lifecycle management rely on operators and declarative manifests influenced by Operator Framework and Helm (software), while automation can be driven by Ansible (software) and CI/CD pipelines built with tools such as Jenkins and GitLab. Network provisioning interfaces with BGP and integrations common in environments operated by Cisco Systems and Juniper Networks.

Features and Components

Key components include an integrated container registry inspired by Quay (software), developer consoles and web consoles providing source-to-image workflows influenced by Source-to-Image (S2I), and the Operator ecosystem from Operator Framework for packaging operational knowledge similar to patterns used by Kubernetes Operators developed by vendors like MongoDB and PostgreSQL. Observability features use Prometheus for metrics, Grafana for dashboards, and Elasticsearch/Kibana stacks for logging, paralleling deployments at enterprises such as Netflix and Twitter. The platform also bundles CI/CD capabilities that integrate with Tekton pipelines and artifact repositories akin to Artifactory.

Security and Compliance

Security architecture incorporates role-based access control modeled on Kubernetes RBAC and integrates with compliance frameworks adopted by institutions like Bank of America and Goldman Sachs; audit logging uses standards similar to those from NIST and ISO/IEC. Image security workflows integrate vulnerability scanning tools used by projects like Clair (software) and OpenSCAP, and network policies enforce segmentation using Calico (software) or OVN mechanisms favored in telecom environments operated by AT&T and Verizon Communications. Cryptographic operations rely on PKI best practices and can interface with hardware security modules from providers such as Thales Group and Yubico.

Upgrades and Lifecycle Management

Upgrade processes follow semantic-compatible strategies and are coordinated via operators and Cluster Version Operator patterns, mirroring lifecycle automation approaches employed by Red Hat Satellite and IBM BigFix. Rolling updates and blue-green deployment strategies are supported through Kubernetes primitives and CI/CD integrations with tools such as Argo CD and Spinnaker (software), enabling zero-downtime upgrades in environments used by Netflix and Spotify. Subscription and support models are provided through Red Hat channels aligned with enterprise service-level agreements similar to offerings from Oracle Corporation and Microsoft.

Use Cases and Integrations

Common use cases include cloud-native application modernization in enterprises like Siemens, General Electric, and Boeing; data platform deployments integrating Apache Kafka and Apache Spark for streaming and analytics workloads found at LinkedIn and Uber Technologies; and edge computing scenarios leveraging lightweight installs in telecommunications providers such as Verizon Communications and Vodafone Group. Ecosystem integrations include service meshes like Istio and Linkerd, observability stacks from Prometheus and Grafana, and CI/CD toolchains incorporating Jenkins, GitLab, and Tekton favored by organizations including Capital One and Stripe.

Category:Red Hat Category:Kubernetes distributions