Thompson River, Kamloops BC — Lawrence Manickam

Red Hat OpenShift Container Platform 4.6 is now available, Production Grade, GA.

What is Red Hat OpenShift?

There are application Servers such as Oracle WebLogic and IBM WebSphere in the market. The core of an application server is J2EE (Java EE) and its job is to host J2EE applications.

Similarly, Red Hat OpenShift hosts Container(ized Application)s. It is scalable, secure, cloud native, with minimal configuration and overhead.

Red Hat did not publicly release OpenShift Container Platform 4.6.0 as the GA version and, instead, is releasing OpenShift Container Platform 4.6.1 as the GA version.

I list out few major features of Red Hat OpenShift 4.6.1 in this blog. A detailed release notes information link is available at the end.

Supported Platforms

Red Hat Enterprise Linux CoreOS (RHCOS) 4.6

Kubernetes 1.19

CRI-O

The user must use RHCOS for the control plane (Master Nodes), and can use either RHCOS or RHEL for worker nodes.

Installation and Upgrade

Introduces user defined outbound routing for a Red Hat OpenShift Cluster running on Azure to connect to the internet. It allows to skip the creation of public IP addresses and public cloud load balancers.

Red Hat OpenShift introduces support for installing a cluster on bare metal using installer-provisioned infrastructure.

The user must ensure all Operators previously installed through OLM (Operator Lifecycle Manager) are updated to their latest versions in their latest channels before upgrading to OpenShift Container Platform 4.6.

With this release, IBM Power Systems are now compatible with OpenShift Container Platform 4.6.

Install support for vSphere version 7.0

OpenShift Container Platform version 4.6 requires RHV (Red Hat Virtualization) version 4.4.2 or later.

Security and Compliance

The File Integrity Operator feature that continually runs file integrity checks on the cluster nodes, is now available. It deploys a daemon set that initializes and runs privileged advanced intrusion detection environment (AIDE) containers on each node, providing a status object with a log of files that are modified during the initial run of the daemon set Pods.

The user can now configure OAuth tokens to expire after a certain amount of time that they have been inactive.

Red Hat OpenShift (Kubernetes) security has become critical in DevSecOps. The upcoming course CKS (Certified Kubernetes Security Specialist) from RedPeppy helps you to understand and learn the Security aspects of Kubernetes and Containers.

Machine API

MachineSets running on Azure now support Spot VMs.

MachineSets running on GCP now support preemptible VM instances.

Web Console

Improved Operator installation workflow with Operator Hub.

View related objects for cluster Operators.

Warning messages when editing managed resources.

Scale

The Performance Addon Operator helps the administrator with tuning worker nodes for low latency and real-time workloads.

Networking

The user can now configure PodNetworkConnectivityCheck resources to check each network connection from the Pods that are managed by the Operator.

The NodePort range is expandable beyond the default range of 30000–32767.

Ingress in Red Hat OpenShift Container Platform 4.6 now uses HAProxy version 2.0.16.

Configuration of an Ingress Controller Network Load Balancer (NLB) for new and existing AWS clusters is now supported.

AWS Route53 endpoint configuration is now supported on the Ingress Operator.

Storage

The Local Storage Operator now has the ability to automatically discover a list of available disks in a cluster and provision local persistent volumes from attached devices.

Registry

The user can now configure logLevel in the Image Registry Operator to debug logs.

Operator Lifecycle

The Operator API is now supported and enabled by default. It gives a simplified experience discovering and managing the lifecycle of Operators in a Red Hat OpenShift cluster.

The Node Maintenance Operator now validates maintenance requests for master nodes, preventing master (etcd) quorum violation.

The users can now set log levels separately for the Image Registry Operator and operand.

Builds

Nodes

New descheduler strategy is available (Technology Preview).

Descheduler filtering by namespace and priority (Technology Preview).

Cluster Logging

The Log Forwarding API allows the user to add free-text labels to log messages that are affixed to outbound log messages.

The (new) OpenShift Logging dashboard contains charts that show details about Elasticsearch instance at a cluster-level, including cluster resources, garbage collection, shards in the cluster, and Fluentd statistics.

The (new) Logging/Elasticsearch Nodes dashboard contains charts that show details about Elasticsearch instance, many at node-level, including details on indexing, shards, resources, and so forth.

Monitoring

The Red Hat OpenShift 4.6 introduces validation of Prometheus rules through a webhook that calls the validating admission plug-in.

Insights Operator

Notable technical changes

Both the OpenShift SDN and OVN-Kubernetes Container Network Interface (CNI) network providers now use the Open switch (OVS) version installed on the cluster nodes. Previously, OVS ran in a container on each node, managed by a DaemonSet.

Warnings when using deprecated APIs.

Red Hat OpenShift 4.6 supports Operator SDK v0.19.4.

All images in Red Hat OpenShift 4.6 now use universal base image (UBI) version 8 by default.

The default Jenkins Node.js agent has been upgraded to Node.js version 12.

Reference Link

https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html

Red Hat OpenShift market is growing well even during this pandemic. The pre-requisite is to develop a good knowledge and experience in Kubernetes and the Certified Kubernetes Administrator (CKA) course from RedPeppy helps you to become competitive in the new economy.

Lawrence Manickam is the Master Cloud Architect Trainer in RedPeppy, E-Learning division of Kuberiter.

Please visit https://redpeppy.com to register for my premium Cloud native courses such as Certified Kubernetes Administrator (CKA) and Certified Kubernetes Security Specialist (CKS).