IBM Cloud Private with OpenShift
IBM® and Red Hat have partnered to provide a joint solution that uses IBM Cloud Private and OpenShift. You can deploy IBM certified software containers running on IBM Cloud Private onto Red Hat OpenShift.
When you install IBM Cloud Private with OpenShift, IBM Cloud Private provides the IBM Cloud Private experience, management, and operations for applications and uses OpenShift's Kubernetes and Docker registry that is already installed by Red Hat.
Similar to IBM Cloud Private, OpenShift is a container platform that is built on top of Kubernetes. You can install IBM Cloud Private with OpenShift by using the IBM Cloud Private installer for OpenShift.
- Supports Linux® x86_64 platform in offline only installation mode
- Single-master configuration
- Integrated IBM Cloud Private cluster management console and Catalog
- Integrated core Platform services, such as monitoring, metering, and logging
- IBM Cloud Private uses the OpenShift image registry
This integration defaults to using the Open Service Broker in OpenShift. Brokers that are registered in OpenShift are still recognized and can contribute to the IBM Cloud Private Catalog. IBM Cloud Private is also configured to use the OpenShift Kube API Server.
- IBM Cloud Private Platform images are not Red Hat OpenShift certified
- IBM Cloud Private Vulnerability Advisor (VA) and audit logging are not available on OpenShift
- Not all CLI command options, for example all
cloudctl cmcommands, are supported
Authentication and authorization administration happens from only IBM Cloud Private to OpenShift. If a user is created in OpenShift, the user is not available in IBM Cloud Private. Authorization is handled by IBM Cloud Private IAM services that integrate with OpenShift RBAC.
If you need support, contact either IBM or Red Hat depending on where you encountered the issue. IBM and Red Hat have defined a collaborative support model and will work together for complex issues that involve both support teams.
The IBM Cloud Private cluster administrator is created in OpenShift during installation. All other users and user-groups from IBM Cloud Private LDAP are dynamically created in OpenShift when the users invoke any Kube API for the first time. The roles for all IBM Cloud Private users and user-groups are mapped to equivalent OpenShift roles. The tokens that are generated by IBM Cloud Private are accepted by the OpenShift Kube API server, OpenShift UI, and OpenShift CLI.