Red Hat updates Openshift; Kubernetes gets container security & compliance features
Red Hat’s enterprise-grade Kubernetes container application platform — Openshift Container Platform has received an update and the latest version 3.6 gets new container security and compliance features.
The latest update tries to address application security, compliance and service consistency challenges faced by companies that are turning towards cloud-native applications as a pathway to digital transformation.
Version 3.6 is based on based on Kubernetes 1.6, Red Hat Enterprise Linux and uses a new PCI-DSS (Payment Card Industry Data Security Standard) applicability guide and fine-grained network policy and control.
Some features like secrets encryption and image signing — the former allows encryption of secrets at rest in backend storage — will be available shortly. The latest version also offers enhancements to NetworkPolicy (Technology Preview) for greater and more nuanced control for how applications can talk to each other and what network resources they expose.
It also offers a Service Broker and Service Catalog (Technology Preview) to help users search for, provision and bind application services to their OpenShift applications, whether those services run in their data center or public cloud.
OpenShift Template Broker (Technology Preview) enables users to select OpenShift Templates through the new Service Catalog user interface, to deploy multi-container application services in OpenShift.
Ashesh Badani, vice president and general manager, OpenShift, Red Hat, said, “Cloud-native applications are not immune from the ‘mundane’ needs of traditional applications, including greater security and compliance, and face an additional challenge in providing a consistent developer experience across cloud footprints. The latest version of Red Hat OpenShift Container Platform adds new tools and resources to help meet security and compliance needs, including network controls for detailed control of networked resources, along with the emerging capability to deliver services across cloud offerings consistently.”