This was updated on 2-6-2023
OpenShift 4.x is 100% open source and comprises several key CNCF open source projects:
Linux
- Linux - OpenShift runs on the RHELCoreOs Linux distribution and enjoys the support of the Red Hat Enterprise Linux ecosystem. Included in CoreOs are the following.
- Cri-o - an implementation of the Kubernetes CRI (Container Runtime Interface) to use OCI (Open Container Initiative) compatible runtimes. CRI-O is a lightweight alternative to using Docker as the runtime for kubernetes.
- Podman - is a daemonless container engine for developing, managing, and running OCI Containers on Linux.
- Skopeo - a tool for moving container images between different types of container storages. For example to copy container images between container registries docker.io, quay.io, and an internal container registry or different types of local storage.
- Buildah - a tool to build OCI container images.
Container engine tools -
- Docker - helps developers bring their ideas to life by conquering the complexity of app development.
- Libcontainer - provides a native Go implementation for creating containers with namespaces, cgroups, capabilities, and filesystem access controls.
- runc - CLI tool for spawning and running containers according to the OCI specification.
- Selinux - is flexible Mandatory Access Control (MAC) for Linux.
- Cgroups - Go package for creating, managing, inspecting, and destroying cgroups.
Automated Operations /Operators
- Operators the Day 1 & Day 2 automation of application lifecycle. Many partners build operators for use in the hub and which can be deployed on OpenShift.
- Operator framework - The Operator Framework is a set of developer tools and Kubernetes components, that aid in Operator development and central management on a multi-tenant cluster.
- Kudo - KUDO is a toolkit that makes it easy to build Kubernetes Operators, in most cases just using YAML.
Kubernetes
OpenShift is built on Kubernetes and 100% certified.
In addition these open source projects are included:
- API server - SIG API Machinery
- Workload management - SIG apps , SIG scheduling, SIG cli
- EtcD - etcd
- Keda - fine-grained autoscaling (including to/from zero) for event driven Kubernetes workloads. KEDA serves as a Kubernetes Metrics Server and allows users to define autoscaling rules using a dedicated Kubernetes custom resource definition.
- Volcano is a batch system built on Kubernetes. It provides a suite of mechanisms that are commonly required by many classes of batch & elastic workload including: machine learning/deep learning, bioinformatics/genomics and other "big data" applications
- Meshery - is the cloud native management plane offering lifecycle, configuration, and performance management of Kubernetes, service meshes, and your workloads
- OpenKruise - is an extended component suite for Kubernetes, which mainly focuses on application automations, such as deployment, upgrade, ops and availability protection.
Kubernetes Cluster Services
Kubernetes cluster services augment Kubernetes by providing
Storage
OpenShift Container Storage comprises these open source projects
- CSI plugins - plugins for storage options
- Ceph (storage) - object based storage
- Infinispan
- Nooba
- Rook (Ceph Operator) - makes distributed storage systems into self-managing, self-scaling, self-healing storage services. Automates the tasks of a storage administrator: deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management.
- TiKV
Red Hat is researching in this area using the VolSync - Data Replication open source project
Networking
OpenShift networking comprises these open source projects:
- OVS - OpenvSwitch - to enable network automation through programmatic extension, while still supporting standard management interfaces and protocols
- OVN - Open Virtual Network daemons that translate virtual network configuration into OpenFlow, and installs them into Open vSwitch. Provides a higher-layer abstraction then Open vSwitch, working with logical routers and logical switches, rather than flows.
- CNI plugins- various L2/L3 linux networking
- Contour - Contour is an open source Kubernetes ingress controller providing the control plane for the Envoy edge and service proxy
- CoreDNS - DNS server
- Flannel - is a network fabric for containers, designed for Kubernetes
- gRPC - connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication
- K8GB - cloud native Kubernetes Global Balancer
- KubeOVN - network fabric
- Submariner - enables direct networking between Pods and Services in different Kubernetes clusters, either on-premises or in the cloud.
Monitoring
Monitoring comprises these open source projects:
Metrics is based on
- Prometheus monitoring and time series DB
- Thanos - highly available Prometheus configuration
- Logging, log forwarding, data pipelines are based on -
- Vector
- Grafana - Query, visualize, alert on and understand metrics.
Tracing is built on
- OpenTelemetry,
- Jaeger,
- ElasticSearch - a distributed RESTful search engine
- FluentD - Unified logging infrastructure by collecting events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop.
- Kibana - a browser-based analytics and search dashboard for Elasticsearch.
Virtualization
Virtual Machines are hosted on the OpenShift Container Platform using the KubeVirt project.
Helm
- Helm - a package manager for Kubernetes.
Authentication
Authentication - SIG auth
Platform services
The following open source projects comprise the Platform services within OpenShift.
Service Mesh
Service Mesh is built on Istio, Envoy and Kiali and https://github.com/cilium/cilium and https://github.com/linkerd/linkerd2 and https://github.com/networkservicemesh/ https://github.com/service-mesh-performance/service-mesh-performance
Serverless
OpenShift Serverless is built on Knative, Serverless workflow.
Builds
OpenShift Builds are built on Shipwright.
Pipelines
OpenShift Pipelines is built on Tekton.
GitOps
OpenShift GitOps is built on Argo CD, Argo Rollouts.
Distributed Tracing
- Kiali - A management console for Istio-based service mesh, provides dashboards, observability to operate servicemesh with configuration and validation capabilities; provides detailed metrics, powerful validation, Grafana access, andintegration for distributed tracing with Jaeger.
Cost Management
Cost management is based on the upstream project Koku.
Application services
Application services include:
- 3Scale API Management based on the upstream project 3scale
- Integration (Red Hat Fuse) based on the upstream project Apache Camel and Apache ActiveMQ
- Messaging (Red Hat AMQ) - based on the upstream project Apache ActiveMQ and Apache Kafka
Runtimes
Application services comprise Red Hat Runtimes which have these open source projects as their basis:
Developer Services
Red Hat Developer Services are built on the following open source projects:
- Devfile, ORAS, NATS, Strimzi, Distribution, Tinkerbell, Backstage, Visual Studio Kubernetes Tools,
- https://thoth-station.ninja/
- https://dapr.io/
Data Services
OpenShift AIML is called Red Hat OpenShift Data Science and is built on OpenDataHub.
Security
- Advanced cluster security is based on StackRox.
- Other security components are TUF, Kubewarden, Open policy agent, OpenSCAP, keycloak, in-toto, Dex, Falco.
- Future innovations included sigstore.
Multicluster & multicloud
- HyperShift which are Hosted Control Planes and built on CAPI
- Multicluster engine, ACM, for Kubernetes and is built on OCM
- Multicloud management is build on Karmada, Open Cluster Management, OpenClusterManagement, External Secrets Operator, Kyverno, OPA Gatekeeper, Stolostron (mid & upstream) and VolSync
Edge
OpenShift at the Edge is built on KubeEdge and Microshift
Future innovations include WasmEdge Runtime
Application Modernization
Applications can modernize and migrate to Kubernetes orchestrated containers by using the Konveyor project.
Container registry
Red Hat’s container registry Quay is built on the open source project Quay , to build, Store, and Distribute your Applications and Containers.
It includes Clair for Vulnerability Static Analysis for Containers.
Future innovations are based on LinuxKit and Transmission.
Categories