DEVOPSdigest

Red Hat announced Azure Red Hat OpenShift on Microsoft Azure for US Government as a public preview.

Delivering an enterprise Kubernetes platform as a jointly-managed and supported cloud service, Azure Red Hat OpenShift on Microsoft Azure for US Government brings the innovation of Red Hat OpenShift and the scale of Azure to government agencies on a dedicated cloud with the intention to address crucial compliance and security regulations for highly-sensitive workloads at general availability.

Launched in 2019, Azure Red Hat OpenShift was the first co-developed, jointly-operated Red Hat OpenShift service on the public cloud, offering a powerful on-ramp to the hybrid cloud by extending the same enterprise-grade Kubernetes used in private datacenters to the scale of Microsoft Azure. The service combines Red Hat’s expertise in mission-critical Kubernetes with Microsoft Azure’s skill in cloud-scale operations, helping customers focus on hybrid cloud transformation rather than maintaining the complexities of growing cloud-native infrastructure.

Azure Red Hat OpenShift on Microsoft Azure for US Government extends the benefits of the service to public sector organizations that require stringent levels of IT security and data management. It helps agencies have greater confidence in the access controls around their data, that the location of the data meets regulatory controls and their ability to address known security vulnerabilities with applicable fixes. Once generally available, the service is expected to add key IT security and regulatory certifications and is intended to pass crucial compliance tests, such as:

- Department of Defense (DoD) Impact Level (IL) 4

- DoD IL 5

- FedRAMP High Authorization

The extended service also delivers new features and capabilities tailored to meet the information security requirements of sensitive workloads, including:

- Egress Lockdown, scheduled to be available in the coming weeks, will require mandatory cluster resources to be accessed via the private link service, removing the need for traffic to exit the cluster.

- Compute Isolation for isolating virtual machines (VMs) handling sensitive workloads to meet compliance and regulatory requirements. This feature provides for only a single VM to be running on a specific server instance and makes Compute Isolation worker nodes available for customers to deploy directly on their Azure environment.

- Spot nodes, enabling customers to buy unused Azure capacity at a discounted rate. With this release, customers can take advantage of the reduced costs by having spot instance worker nodes.

- L seriesVMs, VMs optimized for storage-intensive workloads, are also now available to be used as worker nodes.

Red Hat Advanced Cluster Security for Kubernetes adds support for workloads on Azure Red Hat OpenShift which helps to push broader application security best practices earlier into the development lifecycle, effectively shifting IT security left. In addition, Red Hat Advanced Cluster Security for Kubernetes helps agencies improve security posture of their Kubernetes infrastructure and running applications, further ingraining stringent security needs into the DNA of their workloads.

Azure Red Hat OpenShift on Microsoft Azure for US Government is currently available as a public preview.