Welcome to the official OKD 4 documentation, where you can learn about OKD and start exploring its features.
To navigate the OKD 4 documentation, you can use one of the following methods:
Use the left navigation bar to browse the documentation.
Select the task that interests you from the contents of this Welcome page.
Start with Architecture and Security and compliance.
Explore these OKD installation tasks.
OKD installation overview: You can install OKD on installer-provisioned or user-provisioned infrastructure. The OKD installation program provides the flexibility to deploy OKD on a range of different platforms.
Install a cluster on Alibaba: You can install OKD on Alibaba Cloud on installer-provisioned infrastructure. This is currently a Technology Preview feature only.
Install a cluster on AWS: You have many installation options when you deploy a cluster on Amazon Web Services (AWS). You can deploy clusters with default settings or custom AWS settings. You can also deploy a cluster on AWS infrastructure that you provisioned yourself. You can modify the provided AWS CloudFormation templates to meet your needs.
Install a cluster on Azure: You can deploy clusters with default settings, custom Azure settings, or custom networking settings in Microsoft Azure. You can also provision OKD into an Azure Virtual Network or use Azure Resource Manager Templates to provision your own infrastructure.
Install a cluster on Azure Stack Hub: You can install OKD on Azure Stack Hub on installer-provisioned infrastructure.
Install a cluster on GCP: You can deploy clusters with default settings or custom GCP settings on Google Cloud Platform (GCP). You can also perform a GCP installation where you provision your own infrastructure.
Install a cluster on VMware vSphere: You can install OKD on supported versions of vSphere.
Install a cluster on VMware Cloud: You can install OpenShift Container Platform on supported versions of VMware Cloud (VMC) on AWS.
Install an installer-provisioned cluster on bare metal: You can install OKD on bare metal with an installer-provisioned architecture.
Install a user-provisioned cluster on bare metal: If none of the available platform and cloud provider deployment options meet your needs, you can install OKD on user-provisioned bare metal infrastructure.
Install a cluster on OpenStack: You can install a cluster on OpenStack with customizations, with network customizations, or on a restricted network on installer-provisioned infrastructure.
You can install a cluster on OpenStack with customizations or with network customizations on user-provisioned infrastructure.
Install a cluster on oVirt: You can deploy clusters on oVirt with a quick install or an install with customizations.
Install a cluster in a restricted network: If your cluster that uses user-provisioned infrastructure on AWS, GCP, or bare metal does not have full access to the internet, then mirror the OKD installation images and install a cluster in a restricted network.
Install a cluster in an existing network: If you use an existing Virtual Private Cloud (VPC) in AWS or GCP or an existing VNet on Azure, you can install a cluster.
Install a private cluster: If your cluster does not require external internet access, you can install a private cluster on AWS, Azure, GCP, or IBM Cloud VPC Internet access is still required to access the cloud APIs and installation media.
Check installation logs: Access installation logs to evaluate issues that occur during OKD installation.
Access OKD: Use credentials output at the end of the installation process to log in to the OKD cluster from the command line or web console.
Install Red Hat OpenShift Data Foundation: You can install Red Hat OpenShift Data Foundation as an Operator to provide highly integrated and simplified persistent storage management for containers.
Install a cluster on Nutanix: You can install a cluster on your Nutanix instance that uses installer-provisioned infrastructure. This type of installation lets you use the installation program to deploy a cluster on infrastructure that the installation program provisions and the cluster maintains.
Red Hat Enterprise Linux CoreOS (RHCOS) image layering allows you to add new images on top of the base RHCOS image. This layering does not modify the base RHCOS image. Instead, it creates a custom layered image that includes all RHCOS functionality and adds additional functionality to specific nodes in the cluster.
Develop and deploy containerized applications with OKD. OKD is a platform for developing and deploying containerized applications. OKD documentation helps you:
Understand OKD development: Learn the different types of containerized applications, from simple containers to advanced Kubernetes deployments and Operators.
Work with projects: Create projects from the OKD web console or OpenShift CLI (
oc) to organize and share the software you develop.
Use the Developer perspective in the OKD web console to create and deploy applications.
Use the Topology view to see your applications, monitor status, connect and group components, and modify your code base.
Connect your workloads to backing services: The Service Binding Operator enables application developers to easily bind workloads with Operator-managed backing services by automatically collecting and sharing binding data with the workloads. The Service Binding Operator improves the development lifecycle with a consistent and declarative service binding method that prevents discrepancies in cluster environments.
Use the developer CLI tool (
odo CLI tool lets developers create single or multi-component applications easily and automates deployment, build, and service route configurations. It abstracts complex Kubernetes and OKD concepts, allowing you to focus on developing your applications.
Create CI/CD Pipelines: Pipelines are serverless, cloud-native, continuous integration and continuous deployment systems that run in isolated containers. They use standard Tekton custom resources to automate deployments and are designed for decentralized teams that work on microservice-based architecture.
Manage your infrastructure and application configurations: GitOps is a declarative way to implement continuous deployment for cloud native applications. GitOps defines infrastructure and application definitions as code. Then, it uses this code to manage multiple workspaces and clusters to simplify the creation of infrastructure and application configurations. GitOps also handles and automates complex deployments at a fast pace, saving time during deployment and release cycles.
Deploy Helm charts: Helm is a software package manager that simplifies deployment of applications and services to OpenShift Container Platform clusters. Helm uses a packaging format called charts. A Helm chart is a collection of files that describes the OpenShift Container Platform resources.
Understand image builds: Choose from different build strategies (Docker, S2I, custom, and pipeline) that can include different kinds of source materials (from places like Git repositories, local binary inputs, and external artifacts). Then, follow examples of build types from basic builds to advanced builds.
Create container images: A container image is the most basic building block in OKD (and Kubernetes) applications. Defining image streams lets you gather multiple versions of an image in one place as you continue its development. S2I containers let you insert your source code into a base container that is set up to run code of a particular type, such as Ruby, Node.js, or Python.
Create deployments: Use
DeploymentConfig objects to exert fine-grained management over applications.
Manage deployments using the Workloads page or OpenShift CLI (
oc). Learn rolling, recreate, and custom deployment strategies.
Create templates: Use existing templates or create your own templates that describe how an application is built or deployed. A template can combine images with descriptions, parameters, replicas, exposed ports and other content that defines how an application can be run or built.
Understand Operators: Operators are the preferred method for creating on-cluster applications for OKD 4. Learn about the Operator Framework and how to deploy applications using installed Operators into your projects.
Develop Operators: Operators are the preferred method for creating on-cluster applications for OKD 4. Learn the workflow for building, testing, and deploying Operators. Then, create your own Operators based on Ansible or Helm, or configure built-in Prometheus monitoring using the Operator SDK.
REST API reference: Learn about OKD application programming interface endpoints.
As a cluster administrator for OKD, this documentation helps you:
Understand OKD management: Learn about components of the OKD 4 control plane. See how OKD control plane and worker nodes are managed and updated through the Machine API and Operators.
Enable cluster capabilities that were disabled prior to installation Cluster administrators can enable cluster capabilities that were disabled prior to installation. For more information, see Enabling cluster capabilities.
Manage machines: Manage machines in your cluster on AWS, Azure, or GCP by deploying health checks and applying autoscaling to machines.
Manage container registries: Each OKD cluster includes a built-in container registry for storing its images. You can also configure a separate Red Hat Quay registry to use with OKD. The Quay.io web site provides a public container registry that stores OKD containers and Operators.
Manage users and groups: Add users and groups with different levels of permissions to use or modify clusters.
Manage authentication: Learn how user, group, and API authentication works in OKD. OKD supports multiple identity providers.
Manage ingress, API server, and service certificates: OKD creates certificates by default for the Ingress Operator, the API server, and for services needed by complex middleware applications that require encryption. You might need to change, add, or rotate these certificates.
Manage networking: The cluster network in OKD is managed by the Cluster Network Operator (CNO). The CNO uses iptables rules in kube-proxy to direct traffic between nodes and pods running on those nodes. The Multus Container Network Interface adds the capability to attach multiple network interfaces to a pod. Using network policy features, you can isolate your pods or permit selected traffic.
Manage storage: OKD allows cluster administrators to configure persistent storage using Red Hat OpenShift Data Foundation, AWS Elastic Block Store, NFS, iSCSI, Container Storage Interface (CSI), and more. You can expand persistent volumes, configure dynamic provisioning, and use CSI to configure, clone, and use snapshots of persistent storage.
Manage Operators: Lists of Red Hat, ISV, and community Operators can be reviewed by cluster administrators and installed on their clusters. After you install them, you can run, upgrade, back up, or otherwise manage the Operator on your cluster.
Use custom resource definitions (CRDs) to modify the cluster: Cluster features implemented with Operators can be modified with CRDs. Learn to create a CRD and manage resources from CRDs.
Set resource quotas: Choose from CPU, memory, and other system resources to set quotas.
Prune and reclaim resources: Reclaim space by pruning unneeded Operators, groups, deployments, builds, images, registries, and cron jobs.
Scale and tune clusters: Set cluster limits, tune nodes, scale cluster monitoring, and optimize networking, storage, and routes for your environment.
Update a cluster:
Use the Cluster Version Operator (CVO) to upgrade your OKD cluster. If an update is available from the OpenShift Update Service (OSUS), you apply that cluster update from either the OKD web console or the OpenShift CLI (
Understanding the OpenShift Update Service: Learn about installing and managing a local OpenShift Update Service for recommending OKD updates in disconnected environments.
Improving cluster stability in high latency environments using worker latency profiles: If your network has latency issues, you can use one of three worker latency profiles to help ensure that your control plane does not accidentally evict pods in case it cannot reach a worker node. You can configure or modify the profile at any time during the life of the cluster.
Work with OpenShift Logging: Learn about OpenShift Logging and configure different OpenShift Logging types, such as Elasticsearch, Fluentd, and Kibana.
Monitor: Learn to configure the monitoring stack. After configuring monitoring, use the web console to access monitoring dashboards. In addition to infrastructure metrics, you can also scrape and view metrics for your own services.
Remote health monitoring: OKD collects anonymized aggregated information about your cluster. Using Telemetry and the Insights Operator, this data is received by Red Hat and used to improve OKD. You can view the data collected by remote health monitoring.