vivekratan88
commented
5 months ago Whats new in Openshift 4.14
-Security and Compliance: SCC Preemption Prevention & Secrets Store CSI Driver Operator - Tech Preview SCC Preemption Prevention :
Issue - Sometimes SCC is of higher priority and is preempted by another workload Resolved by :Pinning the workload to specific SCC to prevent preemption of SCC with annotations
Secrets Store CSI Driver Operator - Tech Preview -Helps auto mount secrets from external secret storage solutions like Azure Key Vault/AWS secret manager. This mounted to ephemeral vol so when pod is deleted the secret is also deleted. -It auto rotates secret every 2 minutes and automatically rotates if the secret is changed. -Sensitive data like passwords, bearer tokens, and certificates can be stored and managed in a centralized secret storage that is external to the cluster. -Operator can sync secrets and create kubernetes secrets if its required for workflow.
-Control Plane and Infrastructure: Hosted Control Planes - Tech Preview
Hosted Control Planes : One single control plane cluster will act as control plane cluster for pods in another cluster. Generally we have stand alone control plane which is hosted by group nodes which are VMs. In HCP you create control planes as pods on a hosting cluster without the need for dedicated virtual or physical machines for each control plane. This helps decouple the control plane(includes an API endpoint, a storage endpoint, a workload scheduler, and an actuator that ensures state) and data plane (data plane includes compute, storage, and networking where workloads and applications run.)
New changes for HCP -HCP can be hosted on Baremetal with Agent provider -Allows HCP to be deployed in nested openshift virtualization VMs -Enhancements for AWS.
ARM Arch support - Tech Preview
Increased ARM support for different cloud providers such GCP, IBM Power or IBM Z
Data Management and Storage: OpenShift Data Foundation Enhancements -New features include regional disaster recovery, IPv6 auto-detection, log-based bucket replication, and autoscaling for Multicloud Object Gateway endpoints. These improvements enhance the resilience and scalability of storage solutions
Developer Productivity:Red Hat build of Quarkus 3.2 & OpenShift Pipelines Enhancements
Quarkus is a Java framework tailored for deployment on Kubernetes -New Dev UI with improved navigation, metrics tracking and endpoint management.
- IntelliJ Quarkus plugin. -Redis as Quarkus cache extension. -Simplified Azure functions support. -MTA v1.2 support for Java 17 also more metrics to do assessment for applications to see if it can be refactored.
OpenShift Pipelines Enhancements 1.12 (Tekton 0.50)
-Tekton Results, which helps users logically group CI/CD workload history and separate longterm result storage away from the Pipeline controller, is in Technology Preview. You can bring in your own external Postgres database for storing records and external storage like Google Storage Buck or Amazon S3 for storing logs and events. -With Pipelines as code, you can expand a custom parameter within your PipelineRun resource by using the params field, extend the scope of the GitHub token at the following levels: repository-level and global-level, and set policies that allow certain actions only to members of a team and reject the actions when other users request them. -With the OpenShift Pipelines operator, you can configure the default SCC for pods that OpenShift Pipelines creates for pipeline runs and task runs. You can also set the SCC separately for different namespaces and configure the maximum (least restrictive) SCC that can be set for any namespace. We also support “options” field to enable additional configs for Tekton that are not currently added or supported by Red Hat.
Source:
https://docs.openshift.com/pipelines/1.12/about/op-release-notes.html
Openshift Monitoring: -Expire silences in Bulk : In Developer mode we can under Observe-> Alerts section we can click on the dailog button under notification to silence alerts for specific amount of time. The silenced alerts are in the Silences tab next to alerts tab, choose multiple alerts with checkmark and expire the silences and remove them from silenced alerts. https://www.youtube.com/watch?v=G6-lg2F_k7o -LokiStack Console Plugin allows searching for patterns across all namespaces -Insights advisor for openshift : Free service it asses cluster conditions and gives recommendations to improve it. New features for storage performance added for CephFS & VMware -Free Insights cost management to monitor per-resource(namespace,cluster,node,tag) usage and spending on vCPU count, RAM and Storage capacity -Removed the MultipleContainersOOMKilled alert for not being actionable. Nodes under memory pressure are covered by other alert
Source:
https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html#ocp-4-14-monitoring https://www.redhat.com/en/blog/whats-new-in-red-hat-openshift-monitoring-4.14-logging-5.8-and-distributed-tracing-2.9 https://docs.openshift.com/container-platform/4.14/support/remote_health_monitoring/using-insights-operator.html
Operators management:
- Operator API streamlines management of installed Operators by consolidating user-facing APIs into a single object this uses GitOps principles
- Catalog API unpacking catalogs for on-cluster clients so that users can discover installable content, such as Operators and Kubernetes extensions. This provides increased visibility into all available Operator bundle versions, including their details, channels, and update edges.
Source:
Deprecated features:
-The operators.openshift.io/infrastructure-features group of annotations are deprecated by the group of annotations with the features.operators.openshift.io namespace. -Using the REGISTRY_AUTH_PREFERENCE environment variable to specify your preferred location to obtain registry credentials for OpenShift CLI (oc) commands is now deprecated -Installer-provisioned infrastructure (IPI) deployment of OpenShift on Red Hat Virtualization Platform (RHV) is no longer supported. -DeploymentConfig API is being deprecated and we user ReplicaSet instead of it.
Source:
https://docs.openshift.com/container-platform/4.14/operators/operator_sdk/osdk-generating-csvs.html#osdk-csv-manual-annotations-deprecated_osdk-generating-csvs https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html?extIdCarryOver=true&sc_cid=7015Y00000486dvQAA#ocp-4-14-rhv-deprecations https://access.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.14/html/4.14_release_notes/deprecated_features https://access.redhat.com/articles/7041372
Describe the issue Review the OCP 4.14 Release Notes for any changes that will impact the product teams, ops team, or platform services team. Also look for any exciting new features that community should know about.
What is the Value/Impact? Ensure the product teams are kept informed about changes.
What is the plan? How will this get completed? Read the release notes. Add any bits you find interesting and needing of discussion as comments here.
Identify any dependencies None
Definition of done