Today, I am pleased to announce the general availability of Red Hat OpenShift 4.7.
Based on Kubernetes 1.20 (and CRI-O 1.20), OpenShift 4.7 has made progress on a few new features and functionality across our supported infrastructures, core platform, and workloads, while making stability a major theme for this release. We made a number of changes across the stack to improve the stability and quality of the product.
The Assisted Installer (Technology Preview) takes a big step towards simplifying the full-stack automation of OpenShift on bare metal. Modern workloads such as AI/ML, Telco/5G, and HPC are compute power hungry and benefit from bare metal deployments of Kubernetes and OpenShift.
Additionally, Red Hat OpenShift 4.7 expands Windows Containers support, first announced in late 2020. In addition to Windows Container support in AWS and Azure, OpenShift will now include support for Windows Containers on vSphere (available early next month) using Installer Provided Infrastructure (IPI). This provides a pathway for organizations to move Windows Containers to Red Hat OpenShift regardless of where they live and without needing to completely re-architect or write new code.
Horizontal Pod Autoscaler (HPA) based on memory utilization is GA in 4.7. With this, as a developer, you can specify that the platform automatically scales a replication controller or deployment of your application, based on memory metrics.
As an OpenShift administrator, Scheduling Profiles (Technology Preview) can be used to customize behavior of the default out-of-box scheduler to optimize the cluster for a number of factors such as resource utilization, high performance, and high availability for their business needs.
Descheduler allows for the administrator to evict pods based on predefined policies so that the pods can be rescheduled based on the latest cluster (scheduling) policies. The descheduler operator manages the life cycle of the descheduler. The descheduler (and the operator) is GA in 4.7.
OVN-IPsec allows for encrypting all OpenShift traffic with IPsec when using Open Virtual Network (OVN). Enabling IPsec encryption can prevent the cluster traffic data from being monitored and manipulated.
OpenShift GitOps (Technology Preview) empowers Application architecture and DevOps to deliver applications across one or more OpenShift clusters in a consistent and repeatable way. Based on ArgoCD and Tekton Pipelines, OpenShift GitOps allows for one-step installs of cluster configuration and application deployment from a single source of truth (in Git).
OCP 4.7 has a lot of great improvements in the OpenShift Console. Localization is available, with support for Chineses, Japanese & Korean. Now, anyone can create an in-cluster quick start! This means partners can now deploy quick starts with their operator for their services. Customer can create quick starts for their own internal teams to help with onboarding and educating best practices. The developer experience in OpenShift Console continues to evolve, with exciting changes to the Topology View, an improved Catalog experience, new Quick Starts for the Developer, enhanced flows for Pipelines and Serverless and much more!
Finally, OpenShift 4.7 brings a number of stability improvements, including better installer checks and diagnostics; improvements to x.509 error output; new metrics and better monitoring for Pipelines, storage, and networking; and improved maintainability and usability of the operators in disconnected environments.
There are many more improvements in Red Hat OpenShift 4.7, and the full release notes, including details on all the new technologies in tech preview and on deprecations, can be found in the release notes. My fellow product managers delivered an amazing "What's New" presentation with details of what you see here and more. And if you have time to sit through all of these changes explained in person, you can check out this deep dive into the changes in 4.7, which we originally recorded on OpenShift.tv.
If you want to try out Red Hat OpenShift 4.7, there are several ways to do it, from online learning tutorials and demos on your laptop to how-to’s for the public cloud or your own data center.
This is a guest post written by Milan Patel, Product Manager, IBM Security Verify. IBM Security Verify SaaS is a purpose-built Identity-as-a-Service (IDaaS) to help clients optimize how they protect ...