Protect data in use: Bringing confidential computing to Red Hat OpenShift and Kubernetes on IBM Cloud

IBM announces the technology preview of Red Hat OpenShift sandboxed containers on IBM Cloud, bringing these added protections to Kubernetes and Red Hat OpenShift on IBM Cloud.

Enterprises can more securely run sensitive or regulated workloads benefiting from technical assurances for data-in-use in containerized environments with confidential containers enabled by this feature.

As hybrid and multi-cloud adoption accelerates, protecting data at rest and data in transit is well established. But the next frontier is securing data in use. Confidential containers isolate workloads inside trusted execution environments (TEEs), ensuring that even privileged infrastructure or platform administrators cannot observe or tamper with running container workloads.

For large enterprises and cloud infrastructure engineers, this means you can:

• Sensitive workloads: Run sensitive workloads—such as AI/ML model inference, financial processing, regulated data handling—with stronger isolation guarantees.
• Separation of duty: Maintain zero trust and separation-of-duty principles, where the platform or cloud operator cannot “peek inside” your container at runtime.
• Adding security: Leverage existing container (Kubernetes) tooling with minimal disruption, while adding a hardware-based security boundary.

Additionally, through the Red Hat OpenShift sandboxed containers capability, you can:

• Untrusted workloads: More safely run privileged or untrusted workloads that require elevated kernel capabilities or root privileges without risking cluster node security.
• Kernal isolation: Achieve kernel isolation for workloads needing custom kernel tuning, modules or low-level networking features.
• Multi-tenant environments: Support multi-tenant environments by isolating workloads from different organizations or vendors, avoiding “noisy neighbor” configuration conflicts.
• Resource containment: Enforce resource containment via VM boundaries, ensuring finer-grained access control over CPU, memory, storage and networking.

In this initial preview release on IBM Cloud, confidential containers is enabled by the Red Hat OpenShift sandboxed containers feature integrated with IBM Cloud.

Key features include:

• Hardware-backed isolation: Using with Intel Trusted Domain Extensions (TDX) protecting the container’s memory and state from any external observer (including hypervisor or host admins).
• Encrypted contracts, policies and attestation mechanisms: Verify runtime integrity and compliance.
• Seamless integration with the Red Hat OpenShift stack: Enable developers and operators to deploy into confidential pods using familiar workflows.
• Support for regulatory and compliance-sensitive use cases: Suppport AI/ML pipelines with IP protection and multi-tenant isolation.
• Privileged workload isolation: Run workloads needing special kernel capabilities or root privileges securely inside lightweight virtual machines.
• Kernel-level customization: Support workloads requiring custom kernel tuning or modules without impacting other cluster workloads.
• Default resource isolation: VM boundaries prevent errant workloads from consuming excessive resources or accessing unauthorized devices.

This is available as a technology preview, so there may be limits in region support, scaling, or feature completeness. Additionally, integration with your existing CI/CD, container registries, attestation services and identity systems will be needed to fully benefit from confidentiality features.

Some startup performance overhead compared to standard containers with tradeoffs in stronger protection boundary and a new layer of performance segmentation.

IBM does not charge additional for confidential containers: standard Red Hat OpenShift on IBM Cloud and IBM Cloud Virtual Server Instance rates apply for each confidential pod. You can build your own Confidential Virtual Machine (CVM) image, but IBM does not provide support for custom-built images. For production attestation, use the Intel Trust Authority with proper network permissions.

Red Hat OpenShift sandboxed containers on IBM Cloud is just the beginning. By experimenting with this tech preview, you can help shape the future of confidential computing for containerized workloads, thereby influencing the capabilities, integrations and performance optimizations that matter most to enterprises like yours.

Start today with 3 simple steps:

1. Deploy a sample confidential workload in your Red Hat OpenShift environment on IBM Cloud on a sandboxed container Operator in the Red Hat OperatorHub.
2. Explore deployment, attestation and isolation workflows to verify runtime integrity supported with the IBM Confidential Containers docs.
3. Share your feedback and ideas with the IBM Cloud team to guide the next phase of development.

This preview represents more than just a new feature; it’s a step toward a future where trust in the cloud is intrinsic, end-to-end and independent of infrastructure boundaries.

By extending confidential computing protections into runtime, we open the door to entirely new classes of applications, collaborative models, and innovation in environments once considered too sensitive for the cloud. The path ahead is one where every workload, no matter how critical, can operate securely in any location and this tech preview is an early glimpse of that future.

Together, we can build a cloud where every workload runs with uncompromising trust—no matter where it’s deployed.

Get started with Red Hat OpenShift sandboxed containers on IBM Cloud