IBM Cloud Docs
Landing zone for containerized applications with OpenShift - QuickStart (Financial Services edition)

Landing zone for containerized applications with OpenShift - QuickStart (Financial Services edition)

The QuickStart (Financial Services edition) variation of the Landing zone for containerized applications with OpenShift deployable architecture creates a fully customizable Virtual Private Cloud (VPC) environment in a single region. The solution provides a single Red Hat OpenShift cluster in a secure VPC for your workloads. This variation is designed to deploy quickly for demonstration and development.

Architecture diagram

Architecture diagram for the QuickStart (Financial Services edition) variation of Landing zone for containerized applications with OpenShift
QuickStart variation of Landing zone for containerized applications with OpenShift

Design concepts

Design requirements for Landing zone for containerized applications with OpenShift
Scope of the design concepts

Requirements

The following table outlines the requirements that are addressed in this architecture.

Requirements
Aspect Requirements
Compute Kubernetes cluster with minimal machine size and nodes, suitable for low-cost demonstration and development
Storage Kubernetes cluster registry backup (required)
Networking
  • Multiple VPCs for network isolation.
  • All public inbound and outbound traffic that is allowed to VPCs.
  • Administration of cluster that is allowed from public endpoint and web console.
  • Load balancer for cluster workload services.
  • Outbound internet access from cluster.
  • Private network connection between VPCs.
Security
  • Encryption of all application data in transit and at rest to protect it from unauthorized disclosure.
  • Storage and management of all encryption keys.
  • Protect cluster administration access through IBM Cloud security protocols.
Service Management Automated deployment of infrastructure with IBM Cloud catalog

Components

The following table outlines the products or services that are used in the architecture for each aspect.

Components
Aspects Architecture components How the component is used
Compute Red Hat OpenShift Container Platform Container execution
Storage IBM Cloud Object Storage Registry backup for Red Hat OpenShift
Networking
  • VPC Load Balancer
  • Public Gateway
  • Transit Gateway
  • Load balancing for cluster workloads (automatically created by Red Hat OpenShift service for multi-zone cluster)
  • Cluster access to the internet
  • Private network connectivity between management and workload VPCs
Security
  • IAM
  • Key Protect
  • IBM Cloud Identity and Access Management
  • Management of encryption keys used by Red Hat OpenShift Container Platform