Red Hat OpenShift 4.20 Unifies VMs and AI Workloads

The latest iteration of Red Hat’s hybrid cloud platform, OpenShift 4.20, delivers a unified foundation for managing both traditional and modern applications. This release focuses on accelerating artificial intelligence initiatives, fortifying platform security, and refining virtualization strategies, creating a consistent operational experience from corporate data centers to public clouds and edge locations. Businesses grappling with intricate IT landscapes and stringent regulatory demands require a dependable platform to connect disparate applications and services across their entire infrastructure. A pressing need also exists for capabilities that bolster digital sovereignty, granting organizations comprehensive authority over their cloud strategy by determining which applications and data must remain on-premises.

Strengthened platform security and enhanced core manageability form a cornerstone of this update. OpenShift 4.20 hardens the platform’s defenses against contemporary threats, with a particular emphasis on meeting sovereignty requirements. A significant advancement is the initial support for post-quantum cryptography (PQC) algorithms for mTLS, which secures vital communications between control plane components with long-term cryptographic protection. The release also boosts operational flexibility and security for OpenShift Platform Plus subscribers. This includes the general availability of Red Hat Advanced Cluster Security 4.9, alongside improvements to Red Hat Trusted Artifact Signer and Red Hat Trusted Profile Analyzer, simplifying security data management and analysis. A zero trust workload identity manager, slated for a future release, will provide identity attestation for both machines and users across federated infrastructure.

Several new features are designed to provide greater control and identity management. The bring-your-own OpenID Connect capability allows customers to integrate their existing OIDC infrastructure, offering superior control over user data. Red Hat OpenShift Service Mesh now includes a “sidecar-less” ambient mode, which significantly lowers the cost of pod-to-pod mTLS encryption and enables identity-based traffic policies, reducing infrastructure expenses and operational complexity. A cluster-wide service, the External Secrets Operator (ESO), simplifies external secret management by handling the lifecycle of secrets retrieved from external systems. For infrastructure efficiency, a two-node OpenShift with arbiter configuration introduces a new high-availability form factor that cuts costs without compromising resilience. Enhanced network integration for on-premises deployments is achieved through Border Gateway Protocol (BGP) in OVN-Kubernetes, enabling continuous route exchange with external networks for faster adaptation during VM migrations or network failures.

A major focus of OpenShift 4.20 is scaling AI from experimentation to production. New capabilities are engineered to streamline the deployment and management of complex AI workloads, making them easier to scale with confidence. The LeaderWorkerSet (LWS) API for AI workloads simplifies the orchestration of large, distributed AI tasks with automated scaling. Deployment times are drastically reduced using an Image volume source, allowing new AI models to be integrated in minutes without the need to rebuild application containers. These features collectively support Red Hat OpenShift AI and other platforms in helping customers transition smoothly from testing to live production. Furthermore, the Model Context Protocol enables cluster management through popular developer tools like Visual Studio Code.

The platform also advances its production-ready virtualization capabilities. Red Hat OpenShift Virtualization is further optimized, allowing customers to manage virtual machines in tandem with containers and cloud-native applications from a single console. Performance and resource utilization for virtualized workloads are improved with the addition of CPU load-aware rebalancing and new Arm support. Expanded hybrid cloud support now extends OpenShift Virtualization to bare-metal deployments on Oracle Cloud Infrastructure, giving organizations more control over their data placement. Enhanced storage offloading functionality within the migration toolkit for virtualization dramatically speeds up the process of moving VMs from older virtualization solutions to OpenShift Virtualization by leveraging existing storage resources.

Red Hat OpenShift 4.20 is now generally available. According to Mike Barrett, VP and GM of Hybrid Cloud Platforms at Red Hat, the innovation pace in enterprise IT is accelerating due to AI demands and a shifting regulatory landscape. He stated that OpenShift 4.20 provides a foundation that not only keeps pace with these changes but helps customers lead them, offering tools to unify infrastructure from legacy VMs to modern virtualization while maintaining the enhanced security and control essential for future market shifts. Jim Mercer, program vice president at IDC, added that the real challenge for enterprises is securely bridging the AI lifecycle with existing hybrid cloud infrastructure. He emphasized that platforms like OpenShift provide the necessary consistency and control to manage applications, data, and security policies across diverse environments, ensuring businesses can meet digital sovereignty demands while accelerating innovation.

(Source: HelpNet Security)