IBM Cloud Docs
Red Hat OpenShift Container Platform on VPC landing zone - QuickStart variation

Red Hat OpenShift Container Platform on VPC landing zone - QuickStart variation

The QuickStart variation of the Red Hat OpenShift Container Platform on VPC landing zone deployable architecture creates a fully customizable Virtual Private Cloud (VPC) environment in a single region. The solution provides a single Red Hat OpenShift cluster in a secure VPC for your workloads. The QuickStart variation is designed to deploy quickly for demonstration and development.

Architecture diagram

Architecture diagram for the QuickStart variation of Red Hat OpenShift Container Platform on VPC landing zone
Figure 1. QuickStart variation of Red Hat OpenShift Container Platform on VPC landing zone

Design concepts

Design requirements for Red Hat OpenShift Container Platform on VPC landing zone
Figure 2. Scope of the design concepts

Requirements

The following table outlines the requirements that are addressed in this architecture.

Table 1. Requirements
Aspect Requirements
Compute Kubernetes cluster with minimal machine size and nodes, suitable for low-cost demonstration and development
Storage Kubernetes cluster registry backup (required)
Networking
  • Multiple VPCs for network isolation.
  • All public inbound and outbound traffic allowed to VPCs.
  • Administration of cluster allowed from public endpoint and web console.
  • Load balancer for cluster workload services.
  • Outbound internet access from cluster.
  • Private network connection between VPCs.
Security
  • Encryption of all application data in transit and at rest to protect it from unauthorized disclosure.
  • Storage and management of all encryption keys.
  • Protect cluster administration access through IBM Cloud security protocols.
Service Management Automated deployment of infrastructure with IBM Cloud catalog

Components

The following table outlines the products or services used in the architecture for each aspect.

Table 2. Components
Aspects Architecture components How the component is used
Compute Red Hat OpenShift Container Platform Container execution
Storage IBM Cloud Object Storage Registry backup for Red Hat OpenShift
Networking
  • VPC Load Balancer
  • Public Gateway
  • Transit Gateway
  • Application load balancing for cluster workloads (automatically created by Red Hat OpenShift service for multi-zone cluster)
  • Cluster access to the internet
  • Private network connectivity between management and workload VPCs
Security
  • IAM
  • Key Protect
  • IBM Cloud Identity and Access Management
  • Management of encryption keys used by Red Hat OpenShift Container Platform