Landing zone for containerized applications with OpenShift - QuickStart (Basic and simple)

The QuickStart variation of the Landing zone for containerized applications with OpenShift deployable architecture creates a fully customizable Virtual Private Cloud (VPC) environment in a single region. The solution provides a single Red Hat OpenShift cluster in a secure VPC for your workloads. The QuickStart variation is designed to deploy quickly for demonstration and development.

Architecture diagram

Design concepts

Requirements

The following table outlines the requirements that are addressed in this architecture.

Requirements
Requirement	Component	Reasons for choice	Alternative choice
Provide low-cost compute for demonstration and development workloads	Kubernetes cluster with minimal machine size and nodes	Keeps cost low while still supporting containerized workloads	Use a larger production-grade cluster configuration
Ensure registry backup is available for the cluster	Kubernetes cluster registry backup	Provides backup of images and configurations required by Red Hat OpenShift	Use external object storage for registry backup
* Support network isolation with multiple VPCs * Allow inbound and outbound traffic * Enable cluster administration from public endpoints * Provide load balancing for workloads * Enable outbound internet access * Allow private connectivity between VPCs	Multiple VPCs, Public Gateway, Load Balancer, VPC peering	Delivers connectivity, isolation, and access for cluster workloads and administration	Use a single VPC with simplified connectivity and no private interconnect
* Encrypt application data in transit and at rest * Manage encryption keys securely * Protect cluster administration access	IBM Cloud IAM, Key Protect	Ensures security of data, keys, and cluster access through IBM Cloud protocols	Use Secrets Manager or OS-level access controls
Automate infrastructure provisioning	IBM Cloud Catalog	Provides automated deployment of infrastructure services	Manual configuration of infrastructure components

Components

The following table outlines the products or services used in the architecture for each aspect.

Components
Aspects	Architecture components	How the component is used
Compute	Red Hat OpenShift Container Platform	Container execution
Storage	IBM Cloud Object Storage	Registry backup for Red Hat OpenShift
Networking	VPC Load Balancer Public Gateway Transit Gateway	Application load balancing for cluster workloads (automatically created by Red Hat OpenShift service for multi-zone cluster) Cluster access to the internet Private network connectivity between management and workload VPCs
Security	IAM Key Protect	IBM Cloud Identity and Access Management Management of encryption keys used by Red Hat OpenShift Container Platform