OpenShift use cases and editions

Author: Shubha Narayanan

_topic_maps/_topic_map.yml

@@ -29,12 +29,16 @@ Distros: openshift-enterprise,openshift-webscale,openshift-origin,openshift-onli
 Topics:
 - Name: Welcome
   File: index
+- Name: Introduction to OpenShift Container Platform
+  File: ocp-overview
 - Name: Learn more about OpenShift Container Platform
   File: learn_more_about_openshift
 - Name: Kubernetes overview
   File: kubernetes-overview
 - Name: OpenShift editions
   File: openshift-editions
+- Name: Glossary
+  File: glossary
   Distros: openshift-enterprise
 - Name: OpenShift Kubernetes Engine overview
   File: oke_about

modules/openshift-use-cases.adoc

@@ -0,0 +1,57 @@
+// Module included in the following assemblies:
+//
+// * welcome/openshift-overview.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="openshift-use-cases_{context}"]
+== Use cases
+
+Red Hat OpenShift is widely adopted across industries to support various use cases, enabling organizations to modernize applications, optimize infrastructure, and enhance operational efficiency.
+
+OpenShift virtualization::
+
+* Provides a unified platform for managing virtual machines (VMs) and containers in parallel, which streamlines operations and reduces complexity.
+* Provides a robust infrastructure to scale VM workloads efficiently.
+* Provides enhanced security features to protect VM environments, ensuring compliance and data integrity.
++
+For detailed implementation guidelines and a sample architecture, refer to the link:https://access.redhat.com/articles/7067871[OpenShift Virtualization - Reference Implementation Guide]. This document offers best practices for deploying OpenShift as a hosting solution for virtualization workloads, designed for environments transitioning from platforms such as VMware Cloud Foundation, VMware vSphere Foundation, Red Hat Virtualization, and OpenStack to OpenShift Virtualization.
+
+Application modernization including artificial intelligence and machine learning (AI/ML) operations::
+
+* Enables containerization and refactoring of legacy applications.
+* Preserves business logic while making applications cloud-ready and maintainable.
+* Supports model training and inference workloads with standardized ML infrastructure.
+* Seamlessly integrates with data science workflows.
+
+Multi-cloud and hybrid cloud deployments::
+
+* Provides a consistent platform across on-premises data centers and multiple public clouds.
+* Helps avoid vendor lock-in and optimize workload placement.
+
+DevOps enablement::
+
+* Built-in continuous delivery and continuous integration (CI/CD) pipelines and GitOps workflows streamline software development.
+* Offers developer self-service capabilities to accelerate software delivery.
+
+Edge computing::
+
+* Enables distributed computing closer to data sources in industries such as telecommunications, retail, and manufacturing.
+* Supports lightweight deployment patterns, including three-node clusters, single-node clusters and Red Hat Device Edge or MicroShift.
+* Provides support for on-premises deployments.
+
+Regulatory compliance::
+
+Provides robust security features to meet compliance requirements for financial services, healthcare, and government agencies.
+
+Microservices architecture::
+
+Supports cloud-native application development using service mesh, API management, and serverless capabilities.
+
+Enterprise SaaS delivery::
+
+* Facilitates multi-tenant SaaS application deployment with consistent operations.
+* Includes features like Hosted Control Planes, cluster-as-a-service, and fleet-level management with Advanced Cluster Management (ACM) and Advanced Cluster Security (ACS).
+
+To explore more use cases, see link:https://www.redhat.com/en/technologies/cloud-computing/openshift#use-cases[Use cases].
+
+For additional recommended solutions tailored to various use cases, see link:https://www.solutionpatterns.io/patterns/[Solution Patterns from Red Hat].

modules/understanding-openshift.adoc

@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * getting-started/openshift-overview.adoc
+// * welcome/ocp-overview.adoc
 
 :_mod-docs-content-type: CONCEPT
 [id="understanding-openshift_{context}"]

welcome/glossary.adoc

@@ -0,0 +1,252 @@
+:_mod-docs-content-type: ASSEMBLY
+[id="getting-started-openshift-common-terms_{context}"]
+= Glossary of common terms for {product-title}
+
+include::_attributes/common-attributes.adoc[]
+:context: glossary
+
+toc::[]
+
+This glossary defines common Kubernetes and {product-title} terms.
+
+access policies::
+A set of roles that dictate how users, applications, and entities within a cluster interact with one another. An access policy increases cluster security.
+
+admission plugins::
+Admission plugins enforce security policies, resource limitations, or configuration requirements.
+
+authentication::
+// The following variations have only minor differences, but are separated for maintainability.
+ifndef::openshift-dedicated,openshift-rosa[]
+To control access to an {product-title} cluster, a cluster administrator can configure user authentication to ensure only approved users access the cluster. To interact with an {product-title} cluster, you must authenticate with the {product-title} API. You can authenticate by providing an OAuth access token or an X.509 client certificate in your requests to the {product-title} API.
+endif::openshift-dedicated,openshift-rosa[]
+ifdef::openshift-rosa[]
+To control access to a {product-title} cluster, an administrator with the `dedicated-admin` role can configure user authentication to ensure only approved users access the cluster. To interact with a {product-title} cluster, you must authenticate with the {product-title} API. You can authenticate by providing an OAuth access token or an X.509 client certificate in your requests to the {product-title} API.
+endif::openshift-rosa[]
+ifdef::openshift-dedicated[]
+To control access to an {product-title} cluster, an administrator with the `dedicated-admin` role can configure user authentication to ensure only approved users access the cluster. To interact with an {product-title} cluster, you must authenticate with the {product-title} API. You can authenticate by providing an OAuth access token or an X.509 client certificate in your requests to the {product-title} API.
+endif::openshift-dedicated[]
+
+bootstrap::
+A temporary machine that runs minimal Kubernetes and deploys the {product-title} control plane.
+
+build::
+A build is the process of transforming input parameters, such as source code, into a runnable container image. This process is defined by a BuildConfig object, which specifies the entire build workflow. {product-title} utilizes Kubernetes to create containers from the build images and push them to the integrated container registry.
+
+certificate signing requests (CSRs)::
+A resource requests a denoted signer to sign a certificate. This request might get approved or denied.
+
+Cluster Version Operator (CVO)::
+An Operator that checks with the {product-title} Update Service to see the valid updates and update paths based on current component versions and information in the graph.
+
+compute nodes::
+Nodes that are responsible for executing workloads for cluster users.
+
+configuration drift::
+A situation where the configuration on a node does not match what the machine config specifies.
+
+container::
+Container is a lightweight, portable application instance that runs in OCI-compliant environments on compute nodes. Each container is a runtime instance of an Open Container Initiative (OCI)-compliant image, which is a binary package containing the application and its dependencies. A single compute node can host multiple containers, with its capacity determined by the memory and CPU resources available, whether on cloud infrastructure, physical hardware, or virtualized environments.
+
+container orchestration engine::
+Software that automates the deployment, management, scaling, and networking of containers.
+
+container workloads::
+Applications that are packaged and deployed in containers.
+
+control groups (cgroups)::
+Partitions sets of processes into groups to manage and limit the resources processes consume.
+
+control plane::
+A container orchestration layer that exposes the API and interfaces to define, deploy, and manage the life cycle of containers. Control planes are also known as control plane machines.
+
+CRI-O::
+A Kubernetes native container runtime implementation that integrates with the operating system to deliver an efficient Kubernetes experience.
+
+Deployment and DeploymentConfig::
+{product-title} supports both Kubernetes Deployment objects and {product-title} DeploymentConfig objects for managing application rollout and scaling.
++
+A Deployment object defines how an application is deployed as pods. It specifies the container image to pull from the registry, the number of replicas to maintain, and the labels that guide scheduling onto compute nodes. The Deployment creates and manages a ReplicaSet, which ensures the specified number of pods are running. Additionally, Deployment objects support various rollout strategies to update pods while maintaining application availability.
++
+A DeploymentConfig object extends Deployment functionality by introducing change triggers, which automatically create new deployment versions when a new container image version becomes available or when other defined changes occur. This enables automated rollout management within {product-title}.
+
+Dockerfile::
+A text file that contains the user commands to perform on a terminal to assemble the image.
+
+ifdef::openshift-rosa[]
+hosted control planes::
+A {product-title} feature that enables hosting a control plane on the {product-title} cluster from its data plane and workers. This model performs the following actions:
++
+* Optimize infrastructure costs required for the control planes.
+* Improve the cluster creation time.
+* Enable hosting the control plane using the Kubernetes native high level primitives. For example, deployments and stateful sets.
+* Allow a strong network segmentation between the control plane and workloads.
+endif::openshift-rosa[]
+ifndef::openshift-dedicated,openshift-rosa[]
+hosted control planes::
+A {product-title} feature that enables hosting a control plane on the {product-title} cluster from its data plane and workers. This model performs the following actions:
+
+* Optimize infrastructure costs required for the control planes.
+* Improve the cluster creation time.
+* Enable hosting the control plane using the Kubernetes native high level primitives. For example, deployments and stateful sets.
+* Allow a strong network segmentation between the control plane and workloads.
+endif::openshift-dedicated,openshift-rosa[]
+
+hybrid cloud deployments::
+Deployments that deliver a consistent platform across bare metal, virtual, private, and public cloud environments. This offers speed, agility, and portability.
+
+Ignition::
+A utility that {op-system} uses to manipulate disks during initial configuration. It completes common disk tasks, including partitioning disks, formatting partitions, writing files, and configuring users.
+
+installer-provisioned infrastructure::
+The installation program deploys and configures the infrastructure that the cluster runs on.
+
+kubelet::
+A primary node agent that runs on each node in the cluster to ensure that containers are running in a pod.
+
+Kubernetes::
+Kubernetes is an open source container orchestration engine for automating deployment, scaling, and management of containerized applications.
+
+kubernetes manifest::
+Specifications of a Kubernetes API object in a JSON or YAML format. A configuration file can include deployments, config maps, secrets, daemon sets.
+
+Machine Config Daemon (MCD)::
+A daemon that regularly checks the nodes for configuration drift.
+
+Machine Config Operator (MCO)::
+An Operator that applies the new configuration to your cluster machines.
+
+machine config pools (MCP)::
+A group of machines, such as control plane components or user workloads, that are based on the resources that they handle.
+
+metadata::
+Additional information about cluster deployment artifacts.
+
+microservices::
+An approach to writing software. Applications can be separated into the smallest components, independent from each other by using microservices.
+
+mirror registry::
+A registry that holds the mirror of {product-title} images.
+
+monolithic applications::
+Applications that are self-contained, built, and packaged as a single piece.
+
+namespaces::
+A namespace isolates specific system resources that are visible to all processes. Inside a namespace, only processes that are members of that namespace can see those resources.
+
+networking::
+Network information of {product-title} cluster.
+
+node::
+A compute machine in the {product-title} cluster. A node is either a virtual machine (VM) or a physical machine.
+
+OpenShift CLI (`oc`)::
+A command line tool to run {product-title} commands on the terminal.
+
+ifndef::openshift-dedicated,openshift-rosa[]
+OpenShift Dedicated::
+A managed {op-system-base} {product-title} offering on Amazon Web Services (AWS) and Google Cloud Platform (GCP). OpenShift Dedicated focuses on building and scaling applications.
+endif::openshift-dedicated,openshift-rosa[]
+
+OpenShift Update Service (OSUS)::
+For clusters with internet access, {op-system-base-full} provides over-the-air updates by using an OpenShift update service as a hosted service located behind public APIs.
+
+{product-registry}::
+A registry provided by {product-title} to manage images.
+
+Operator::
+The preferred method of packaging, deploying, and managing a Kubernetes application in
+ifdef::openshift-rosa[]
+a
+endif::openshift-rosa[]
+ifndef::openshift-rosa[]
+an
+endif::openshift-rosa[]
+{product-title} cluster. An Operator is a Kubernetes-native application designed to translate operational knowledge into a software that is packaged and shared with customers. Traditionally, tasks such as installation, configuration, scaling, updates, and failover were managed manually by administrators by using scripts or automation tools like Ansible. Operators bring these capabilities into Kubernetes, making them natively integrated and automated within the cluster.
++
+Operators manage both Day 1 operations such as installation and configuration, and Day 2 operations such as scaling, updates, backups, failover and restores. By leveraging Kubernetes APIs and concepts, Operators provide an automated and consistent way to manage complex applications.
+
+OperatorHub::
+A platform that contains various {product-title} Operators to install.
+
+Operator Lifecycle Manager (OLM)::
+OLM helps you to install, update, and manage the lifecycle of Kubernetes native applications. OLM is an open source toolkit designed to manage Operators in an effective, automated, and scalable way.
+
+OSTree::
+An upgrade system for Linux-based operating systems that performs atomic upgrades of complete file system trees. OSTree tracks meaningful changes to the file system tree using an addressable object store, and is designed to complement existing package management systems.
+
+over-the-air (OTA) updates::
+The {product-title} Update Service (OSUS) provides over-the-air updates to {product-title}, including {op-system-first}.
+
+pod::
+A pod is one or more containers deployed together on one host. It consists of a colocated group of containers with shared resources such as volumes and IP addresses. A pod is also the smallest compute unit defined, deployed, and managed.
+In {product-title}, pods replace individual application containers as the smallest deployable unit.
+Pods are the orchestrated unit in {product-title}. {product-title} schedules and runs all containers in a pod on the same node. Complex applications are made up of multiple pods, each with their own containers. They interact externally and also with another inside the {product-title} environment.
+
+private registry::
+{product-title} can use any server implementing the container image registry API as a source of the image which helps the developers to push and pull their private container images.
+
+project::
+{product-title} uses projects to enable groups of users or developers to work together. A project defines the scope of resources, manages user access, and enforces resource quotas and limits.
++
+A project is a Kubernetes namespace with additional annotations that provide role-based access control (RBAC) and management capabilities. It serves as the central mechanism for organizing resources, ensuring isolation between different user groups.
+
+public registry::
+{product-title} can use any server implementing the container image registry API as a source of the image which allows the developers to push and pull their public container images.
+
+{op-system-base} {product-title} Cluster Manager::
+A managed service where you can install, modify, operate, and upgrade your {product-title} clusters.
+
+{op-system-base} Quay Container Registry::
+A Quay.io container registry that serves most of the container images and Operators to {product-title} clusters.
+
+replication controllers::
+An asset that indicates how many pod replicas are required to run at a time.
+
+ReplicaSet and ReplicationController::
+The Kubernetes `ReplicaSet` and `ReplicationController` objects ensure that the desired number of pod replicas are running at all times. If a pod fails, exits, or is deleted, these controllers automatically create new pods to maintain the specified replica count. Conversely, if there are more pods than required, the ReplicaSet or ReplicationController scales down by terminating excess pods to match the defined replica count.
+
+role-based access control (RBAC)::
+A key security control to ensure that cluster users and workloads have only access to resources required to execute their roles.
+
+route::
+A route is a way to expose a service by giving it an externally reachable hostname, such as www.example.com. Each route consists of a route name, a service selector, and optionally, a security configuration.
+
+router::
+A router processes defined routes and their associated service endpoints, enabling external clients to access applications. While deploying a multi-tier application in {product-title} is straightforward, external traffic cannot reach the application without the routing layer.
+
+scaling::
+The increasing or decreasing of resource capacity.
+
+service::
+A service in {product-title} defines a logical set of pods and the access policies for reaching them. It provides a stable internal IP address and hostname, ensuring seamless communication between application components as pods are created and destroyed.
+
+Source-to-Image (S2I) image::
+An image created based on the programming language of the application source code in {product-title} to deploy applications.
+
+storage::
+// OSD and ROSA definitions are separated here due to different indefinite
+// articles.
+ifndef::openshift-dedicated,openshift-rosa[]
+{product-title} supports many types of storage, both for on-premise and cloud providers. You can manage container storage for persistent and non-persistent data in an {product-title} cluster.
+endif::openshift-dedicated,openshift-rosa[]
+ifdef::openshift-rosa[]
+{product-title} supports many types of storage for cloud providers. You can manage container storage for persistent and non-persistent data in a {product-title} cluster.
+endif::openshift-rosa[]
+ifdef::openshift-dedicated[]
+{product-title} supports many types of storage for cloud providers. You can manage container storage for persistent and non-persistent data in an {product-title} cluster.
+endif::openshift-dedicated[]
+
+telemetry::
+A component to collect information such as size, health, and status of {product-title}.
+
+template::
+A template describes a set of objects that can be parameterized and processed to produce a list of objects for creation by {product-title}.
+
+ifndef::openshift-dedicated,openshift-rosa[]
+user-provisioned infrastructure::
+You can install {product-title} on the infrastructure that you provide. You can use the installation program to generate the assets required to provision the cluster infrastructure, create the cluster infrastructure, and then deploy the cluster to the infrastructure that you provided.
+endif::openshift-dedicated,openshift-rosa[]
+
+web console::
+A user interface (UI) to manage {product-title}.