Developments in Blockchain Security & Privacy

OpenShift Quickly Advances

OpenShift is a family of containerization software developed by RedHat. The flagship product for this ‘suite’ is the OpenShift Container Platform (OCP), built around Docker containers and managed as a platform by Kubernetes in a Linux enterprise environment.

Linux users may find themselves scrambling to keep up with RedHat’s OCP advances. Although the Linux Academy appears to finally have OCP 3.9 release notes, OCP 4 is right around the corner.

How is OCP 3.9 different from OCP 3.5? The web console is now separated from the api and serves as a separate pod. Statefulsets are also new.. How does Kubernetes define statefulsets?

Manages the deployment and scaling of a set of Pods, and provides guarantees about the ordering and uniqueness of these Pods. Like a Deployment, a StatefulSet manages Pods that are based on an identical container spec. Unlike a Deployment, a StatefulSet maintains a sticky identity for each of their Pods. These pods are created from the same spec, but are not interchangeable: each has a persistent identifier that it maintains across any rescheduling. A StatefulSet operates under the same pattern as any other Controller. You define your desired state in a StatefulSet object, and the StatefulSet controller makes any necessary updates to get there from the current state.

Applications that do not require stable identifiers or ordered deployment, deletion, or scaling, need not use statefulsets.


OpenShift Origin (also known as OKD) is the upstream code base upon which Red Hat OpenShift Online and Red Hat OpenShift Container Platform are built.

To review: In OKD 3.10, the master is the host or hosts that contain the master components, including the API server, controller manager server, and etcd pods. The master manages nodes in its Kubernetes cluster and schedules pods to run on nodes. Thus, they schedule the workload to keep everything running smoothly.

The infrastructure nodes host the haproxy pods. These pods are responsible for routing traffic from outside of the cluster to application pods running on app nodes. Every server in a cluster is a node.

IPI-enabled Hosting

The Installer Provisioned Infrastructure (IPI) enables OpenShift Container Platform (OCP) 4.1 to be installed on Amazon Web Services fairly quickly. (less than an hour, with only 30 minutes for the actual automated install). Apparently, the setup time is a vast improvement over OCP 3.x. As the Red Hat Blog explains

OpenShift 4 aims to deliver the automation experience of a native public cloud container platform while retaining the flexibility of a multi-cloud, enterprise-class solution. On supported platforms, the installer is capable of provisioning the underlying infrastructure for the cluster.  The installer programmatically creates all portions of the networking, machines, and operating systems required to support the cluster.  This is called the Installer Provisioned Infrastructure (IPI) pattern.  Think of it as best-practice reference architecture implemented in code.  It is recommended that most users make use of this functionality to avoid having to provision their own infrastructure.  The installer will create and destroy the infrastructure components it needs to be successful over the life of the cluster

Anyone interested in self-hosting OCP should consider either minishift or the container development kit (cdk) from (with enterprise-ready capabilities). If you have a linux machine, try to run oc cluster up ( a technique that starts up a local all-in-one cluster
based on OpenShift Origin).

Suggested Resource:

DevOps with OpenShift (free pdf)

“Three OpenShift experts at Red Hat explain how to configure Docker application containers and the Kubernetes cluster manager with OpenShift’s developer- and operational-centric tools. Discover how this infrastructure-agnostic container management platform can help companies navigate the murky area where infrastructure-as-code ends and application automation begins.” from

see also