This blog post is about some basic thoughts when you going to use a Red Hat OpenShift cluster as a service on IBM Cloud or on any other cloud provider.
When you run a Red Hat OpenShift cluster as a service on IBM Cloud, you should get a basic understanding of the shared responsibilities for that service offering on IBM Cloud or for any other cloud provider.
From my point of view, a very good entry point provides the official IBM Cloud documentation in this section:
Your responsibilities with using Red Hat OpenShift on IBM Cloud.
Here is an extract from the official documentation resource.
Note: Date of source 09.11.2021. Please visit the link above to view details of the current official IBM documentation.
With the knowledge of the shared responsibilities in mind, I would say, you will get a faster understanding how the user management for the OpenShift users works, when you use an IBM Cloud Red Hat OpenShift cluster.
In this case the user access is controlled in a combination of
IBM Cloud IAM to access the cluster and with
Kubernetes RBAC (Role Based Access Control) capabilities to access specific areas inside your cluster.
Restart master node
And for example, when you want to restart/refresh your master node of your cluster, you use following command that is available in the IBM Cloud documentation.
ibmcloud oc cluster master refresh --cluster CLUSTER [-q]
Use of operators
When you plan to use the wide range of operators, which are available for example in an open community, at the Red Hat catalog, some IBM operators on OperatorHub.io or even on many more GitHub projects, in addition you can also develop your own operator, you notice that the usage of an operator depends on the operator implementation.
So the operator implementation counts, maybe you can check before you use an operator, how deep the operator implementation does depend on specific cloud provider, hypervisor or other custom specifications.
My suggestion is, you should verify the capability level of the operator and verify the prerequisites, before you plan to use the operator.
The image below shows the capability model; (Date of the resource 2021/02 visit the current Operator Framework for more details)
From my perspective, most of the available operators can run on any OpenShift installation. For any cloud provider I suggest to take a look in the guidance provided by the cloud provider.
Here is the IBM Cloud documentation for Adding services by using Operators.
It is always good to get a basic understanding of the shared responsibilities related to the service offerings of your cloud provider and this is not only related to run a Red Hat OpenShift cluster.
I hope this was useful for you and let’s see what’s next?
#operator, #ibmcloud, #usermanagement, #openshift, #roks, #container, #ibmcloudiam