on modernization projects, but ~79% experience modernization project failures, due to complexity, cost, or risk. Source: idevnews ~92% ↓50% Application Modernization Rise of Generative AI Less time to required for AI Agents to exploit account exposures and an expected 40% of data breaches caused by AI misuse by 2027 Source: Gartner Source: Gartner ~76% of organizations say the cognitive load is so high that it is a source of low productivity. Gartner predicts 75% of companies will establish platform teams for application delivery. Source: Salesforce Source: Gartner Developer Productivity Average annual increase in software supply chain attacks over the past three years. 45% of organizations will experience attacks. It is a matter of when, not if. Source: Sonatype ↑742% Software Supply Chain Security
and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Red Hat. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Red Hat Red Hat is a Leader in the 2024 Gartner® Magic Quadrant™: Container Management and 2024 Gartner® Magic Quadrant™: Cloud Application Platforms Source: Gartner, “Magic Quadrant for Cloud Application Platforms,” By Tigran Egiazarov, Mukul Saha, Anne Thomas, Steve Schwent, 4 November 2024 Source: Gartner, “Magic Quadrant for Container Management,” Dennis Smith, Tony Iams, Wataru Katsurashima, Michael Warrilow, Richard Watson, 10 September 2024 6
Modernize Apps and Infrastructure AI / ML Lightspeed Zero Trust with Confidential Computing and Workload Identity Trusted Supply Chain Post Quantum Crypto Multicluster management and governance Cloud Services Edge Developer productivity OpenShift Virtualization Universal Connectivity The Road Ahead AI Ecosystem
11 11 Product Manager: Gaurav Singh, Duncan Hardie, Ju Lim Job queue management Bring Kueue into the OpenShift ecosystem providing best of breed Registry support for AI models Store, serve, and distribute AI models in Quay Improve GPU efficiency Dynamically allocate AI accelerator resources with Dynamic Accelerator Slicer based on workload needs Enhance Workload Orchestration Manage groups of interrelated workloads as a single unit with JobSet, with LeaderWorkerSet coordinating distributed execution across the cluster Provide choice and flexibility Broad ecosystem of hardware accelerators with NVIDIA GPU, AMD GPU, Intel Gaudi, Qualcomm AI 100, IBM Spye AIU, and more Device Management Dynamic Resource Allocation to manage and allocate specialized hardware devices (GPUs)
Manager: Erwan Gallen ▸ NVIDIA B200 GPU support NVIDIA B200 is supported with the NVIDIA GPU Operator 25.3.0. HGX B200 and DGX B200 systems are certified in the Red Hat catalog. ▸ NVIDIA Multi-node, Multi-GPU Red Hat has documented the full end-to-end configuration for GPUDirect RDMA. ▸ NVIDIA Grace-Blackwell support (roadmap) NVIDIA Grace Hopper Superchip is already supported with OpenShift, and Red Hat is preparing support for the Grace Blackwell GB200 NVL72. ▸ OpenShift Virtualization support for NVIDIA HGX servers with NVSwitch (roadmap) Support for deploying and managing Fabric Manager with OpenShift Virtualization on NVIDIA HGX OEM servers with NVSwitch will be available in a future release. All supported AI Accelerators ▸ Unified AI accelerator telemetry dashboard (roadmap) An upcoming dashboard in the OpenShift web console will provide built-in visibility into GPUs/AI accelerators performance and power usage. ▸ AMD GPU Health Monitoring The AMD GPU Operator performs real-time health checks using a metrics exporter. It also integrates with the Kubernetes Device Plugin to automatically remove unhealthy GPUs from the schedulable resources of compute nodes. ▸ OpenShift Virtualization support for AMD MI300X and MI325X GPUs (roadmap) Support for OpenShift Virtualization using the newly announced AMD ROCm GIM driver is planned for a future release.
Credential Management ▸ Zero Trust Workload Identity Manager (ZTWIM) based on SPIFFE/SPIRE ▸ Bring Trusted Execution Environments (TEEs) to OpenShift using Confidential Computing Zero-Trust Access ▸ Kube-KMS support ▸ External Secrets Operator support ▸ cert-manager integration with OpenShift Service Mesh via istio-csr (GA) Trusted and Secure Platform Secure by Default ▸ Bring Your Own external OIDC for seamless multi-cloud authentication ▸ Pod Security Admission Integration - Restricted Enforcement ▸ User namespace support (GA) ▸ SigStore toolchain to sign and verify signed artifacts in OpenShift Product Managers: Anjali Telang, Nick Png, Jochen Schröder, JP Jung, Marcos Entenza Garcia, Ramon Acedo Rodriguez
management ▸ IBM Z, s390 and Arm support ▸ Additional Cloud integration ▸ Console and usability enhancements for Single cluster and Multi-cluster Virtualization ▸ Multi-cluster Observability for VM management at scale ▸ Fine-Grained RBAC for Multi-cluster Virtualization ▸ Multi-cluster lifecycle operations enhancement ▸ IPv6 Single-stack for control plane and localnet ▸ Secondary UDN localnet: Routable L2 overlay with optional dynamic IP allocation ▸ BGP and EVPN for User Defined Networks OpenShift Virtualization Modern infrastructure with proven KVM virtualization ▸ Storage Class Migration ▸ Live migration capability in Migration Toolkit for Virtualization Load aware balancing ▸ Cross-cluster live migration ▸ Assisted Migration utility Near term Long term
Disconnected Installation, No Registry Required ▸ Install OpenShift Virtualization in fully air-gapped environments without needing a pre-existing image registry ▸ Leverages Agent-based installer UI-Driven Workflow ▸ Removes the need for manual YAML and CLI steps with a guided installer experience Opinionated Workflow with Pre-Configured Operators ▸ Pre-configure essential operators for OpenShift Virtualization Engine and minimize external day 1 dependencies Technology Preview in 4.19 Product Managers: Linh Nguyen, Ramon Acedo Rodriguez 15
Cloud ▸ IPv6 single stack support ▸ IPv6/IPv4 Dual stack support ▸ Dedicated Host support ▸ User managed External DNS support ▸ Additional disks at install time ▸ Support for new regions in Mexico, Taiwan, Saudi Arabia and Auckland ▸ IPv6 single stack support ▸ IPv6/IPv4 Dual stack support ▸ Dedicated Host support ▸ User managed External DNS support ▸ Additional disks at install time ▸ Azure Government Secret regions ▸ NVIDIA H100 and H200 machine series support ▸ IPv6 single stack support ▸ IPv6/IPv4 Dual stack support ▸ GCP private and restricted endpoints support ▸ Support for OpenShift Virtualization (GA) ▸ Additional disks at install time ▸ Oracle Cloud Roving Edge Infrastructure ▸ Support for OpenShift Virtualization (GA) ▸ Oracle Alloy Cloud Infrastructure ▸ Red Hat validated Oracle CSI driver Consistency Across the Hybrid Cloud
19 On-premises ▸ Day 2 firmware settings reconfiguration and firmware updates ▸ Bare Metal Multi-architecture Support ▸ Bare Metal as a Service (BMaaS) ▸ Bare Metal Cluster API Provider ▸ Bare Metal Spoke Cluster Provisioning for Hosted Control Planes from a KubeVirt Hosted Cluster ▸ Support for Network Controller Sideband Interface (NC-SI) ▸ Static IP assignments ▸ Agent-based Installer Support ▸ Multi-Prism Central Failure domains ▸ VM-VM Anti-Affinity Policies ▸ Add bare metal nodes to clusters on Nutanix ▸ OpenShift Zones support with Host Groups ▸ MachineSet support for more than one disk ▸ IPI support for multi-NIC VM ▸ Support Adding Bare Metal Nodes to OpenShift vSphere clusters ▸ RHOSO multi cluster resource orchestration ▸ RHOSO multi-Openstack deployments ▸ RHOSO OpenStack Workload Optimization based on OpenStack Watcher ▸ RHOSO Federated Authentication ▸ RHOSO Multi Cloud Connect via BGP EVPN ▸ RHOSO Confidential Computing (Memory Encrypted VMs on AMD) ▸ Secret Store CSI Driver on IBM Z ▸ IPv6 Single Stack support ▸ Dynamic Resource Allocation (DRA) ▸ Dual Stream RHCOS support ▸ Multi-Zone IPI PowerVS Bare Metal IBM Power Systems and IBM LinuxONE Product Managers: Linh Nguyen, Ramon Acedo Rodriguez, Gil Rosenberg, Duncan Hardie
Rodriguez, Mark Russell, Gaurav Singh, Subin Modeel, Gregory Charot Hosted Control Planes (HCP) ▸ Streamlined and simplified upgrades for control planes and NodePools ▸ Dynamic Control Planes Scaling ▸ 3rd-Party CNI Conformance Tests for Cilium and Calico CNIs ▸ Enhanced debugging for seamless installation and lifecycle ▸ Improvements and advancements in ROSA HCP and work towards ARO HCP ▸ User-Defined Networking support ▸ IPSec/networking config parity with standalone Storage ▸ Recover from expansion GA ▸ VolumeAttributeClass TP ▸ vSphere volume migration GA ▸ Disable vSphere CSI GA ▸ Azure File cross-subscriptions access GA Core ▸ Support for RHCOS 9 & 10 in a single cluster for updates ▸ Swap support for containers ▸ User Namespace ▸ PSa Restricted enforcement ▸ BYO External OAuth/OIDC ▸ Descheduler customization to get metrics from Prometheus ▸ Scale nodes with AutoNode on AWS with Hosted Control Planes ▸ In-place pod update ▸ In-place Vertical Pod Autoscaler update ▸ Machine API to Cluster API migration Hosted Control Planes and the Core Platform Near Term Long Term
setting event-ttl and goaway-chance in the Kube API Server Operator improving scalability of very large clusters ▸ Hitless automatic defrag of etcd nodes, for better etcd performance ▸ Hitless TLS Certificate Rotation for Kubernetes API ▸ Kubernetes Key Management Service (Kube KMS) integration ▸ A new Control Plane documentation section ▸ External CA Support for Platform Certificates ▸ Improved platform certificates rotation information for users 21 Product Manager: Ramon Acedo Rodriguez Near Term Long Term
Public Egress required to Install/Operate HCP Clusters ▸ Shared-VPC deployment ▸ Dedicated Hosts for Virtualization (Enable Windows BYOL) ▸ Windows License-Included for Virtualization ▸ Capacity Reservation and Capacity Blocks for ML ▸ Machine pool auto-scale to/from zero ▸ Enable EUS channel for managed OpenShift clusters ▸ Integrated Karpenter / Auto-Node ▸ Support for up to 249 compute nodes ▸ Wide range of GPU-enabled instances with deployment flexibility ▸ OCP-Virt on OSD-GCP ▸ Windows BYOL for Virtualization ▸ Out of the box integration with Google Cloud NetApp Volumes ▸ Expanded regions - Azure Government Texas and Arizona, UAE Central ▸ Expanded instance type support ▸ Managed identities - General availability ▸ Azure Lockbox Enhancements ▸ Jumbo frames support ▸ Expanded regions - Mexico Central, Indonesia central, Austria ▸ Prometheus persistence ▸ Hosted Control Planes Managed OpenShift Services Red Hat OpenShift Service on AWS (ROSA) Azure Red Hat OpenShift (ARO) OpenShift Dedicated - Google Cloud Near term Long term
Harriet Lawrence, Ali Mobrem, Daniel Messer, Jamie Longmuir, Naina Singh, Ramon Roman Nissen Achieve complete control over the lifecycle of your applications Delivering an Enterprise Application Platform Simplified: merging Dev + Admin console Unified: helm, operators, devfiles in one catalog view Streamlined: guided ServiceAccount creation and CRD cleanup with operators Operate GitOps: everything as code with confidence via PR promotions and scaling in new ways More secure builds with isolation via user namespaces & multi-cluster support Quay completing supply chain coverage with artifacts and AI models Build Microservices with less overhead at scale with ambient mesh, user-defined networks across dual-stack clusters Post-quantum security for any service mesh app Augment apps with serverless AI agents, edge and event streaming Streamline legacy application onboarding with Gen AI Deploy Serverless ServiceMesh Console Operator Mgmt Migration Toolkit for Applications
Daniel Messer Centrally manage your infrastructure definition and software assets Develop: GitOps and Quay • OCI repo source • Argo agent (Tech Preview) GitOps • Environment promotion and rollback • Certificate management • UI performance and accessibility • Application-based sharding • AI Model Card indexing and discovery in Model Registry • Switch to PatternFly UI • Tag Immutability • Least-recently pulled auto pruning • Sparse Manifest Lists • Organization mirroring • Artifact support: npm, maven, python, gems • Offline HuggingFace API Near Term Long Term Quay
application workloads Run: Serverless and Service Mesh • Function template - Python for AI • Catalog of pre factored Event Source and Event Sinks (AWS S3, AWS SQS) Serverless • Serverless Workflow and Functions for No code AI Agent Composition • Support for AWS Lambda Migration • Support integration of AI Services • Function as Kubernetes Deployment • AI Model Drift Detection with Eventing • Istio ambient mode (sidecar-less) technology preview • Istio-csr (for cert-manager) generally available • Istio ambient mode (sidecar-less) general availability of stable features • Quantum-ready crypto • External (Off cluster) workload integration • Multi-cluster service mesh management Near Term Long Term Service Mesh Product Manager: Naina Singh, Jamie Longmuir
workloads through intuitive UI or automation Manage: Operator Framework and OpenShift Console • Support for Themes (PF6) • Merge & Simplify Admin + Dev Perspective OpenShift Console • Unified Software Catalog - OLM v1 support in Console • Dynamic Plugins: Multi-Cluster Support • Filter for individual operator versions and channels right from the UI • Unified catalog • RHDH Software Template Generator for OCP Applications • Support operators with webhooks and namespace scope in OLM v1 • Auto-suggest appropriate install ServiceAccount • Support Helm-packaged operators • Install and manage any helm chart declaratively • Configurable CRD clean-up Near Term Long Term Operator Framework Product Manager: Tony Wu, Ali Mobrem
BGP EVPN Integration Bring your own network to OpenShift, your fabric, your rules ▸ Unify VMs, containers, and custom networks — BGP EVPN brings virtualization and OpenShift onto a seamless data center fabric ▸ Full support in OVN-Kubernetes ・ UDN A default network for OVN-Kubernetes components + VRF support for additional isolated-by-default UDNs ・ BGP as a routing protocol for UDNs ・ EVPN, a common data center networking fabric that relies on BGP for dynamically exposing cluster scoped network entities into a provider’s network, as well as program BGP-learned routes from the provider’s network into OVN ▸ Use cases: ・ Extend UDN into provider networks, so a VM can be directly referenced by its (static) L2 network address, rather than requiring NAT translation at the cluster edge ・ Live migrate a VM between a provider network and an OCP cluster Product Managers: Marc Curry, Deepthi Dharwar 31
GA of Gateway API at OCP 4.19 with OSSM 3.0 ▸ Installed side-by-side with HAProxy ・ 10+ years of proven stability, performance ▸ OCP will support all methods of K8s ingress: ・ Route API ・ Ingress API ・ Gateway API ▸ OpenShift Ingress operator will support installation and management of Gateway API via OSSM ▸ Enabling Service Mesh is not required ▸ OCP platform will provide out-of-the-box DNS and LB support Ingress API Route API Gateway API (3rd-party) OCP Cluster Kubernetes’ next-generation standard for service networking 32 Analogs: Istio : OpenShift router Envoy : HAProxy Gateway : IngressController HTTPRoute : Route
• Already supported on On-prem, we look to extend to all public clouds in the coming releases • As public cloud platform end-to-end IPv6 support progresses, we are working with the cloud providers to make sure OpenShift networking will also support IPv6 dual-stack deployments on the public cloud to match their readiness • An eBPF program manager and gatekeeper that ensure the secure deployment of eBPF applications • Currently in CNCF Sandbox • Secure and manage all user and OpenShift eBPF implementations e.g. Ingress Node Firewall, Network Observability Operator • Installed from Operator Hub • Currently under Tech Preview, looking to GA this very soon Red Hat OpenShift Networking • Network Observability Operator is a free, easily-installed add-on option in the console • eBPF Manager integration • User Defined Networks (UDN) enablement • OpenShift AI deployment-specific metrics • Identify specific K8s Network Policy blocking traffic • korrel8r (correlation between Observability tools) • Packet tracing • Multi-cluster enablement • IPsec / mTLS 33
Hat Connectivity Link Core DNS Integration Today, Red Hat Connectivity Link integrates with the Cloud Service Providers (AWS, Google, Microsoft) allowing advanced management of DNS. With the Red Hat Connectivity Link plugin for Core DNS we bring all the same features of the Cloud DNS integrations to your local DNS Management solution. Now you can bring along your CoreDNS backends plugins: • InfoBlox • Redis • Cloudflare • Akamai • Blue Cat • And more… New Release v1.1 Coming in May Featuring: Red Hat Connectivity Link will be introducing support for Gateway API v1.2 which brings with it: • gRPC Routing • Web Sockets • Timeouts • Retries • And More… Preparation & logic to support inference serving integrations which will allow for: • Token Rate Limiting • Universal Authentication • Enforce Policies for AI Applications • Model Versioning & Deployment • Inference Serving Metrics • And More… Additional Capabilities 34
Insights • Custom reports builder in Cost Management • GenAI observability capabilities and partner integrations • Integrated analytics capabilities for OCP - incident detection, signal correlation • OpenShift Lightspeed troubleshooting integration • Workload efficiency with Rightsizing • Native and custom dashboards for single- and multi-cluster observability • Deploy, use & manage Observability w/ Cluster Observability Operator • Enriching AI with GPU/Accelerator metrics and dashboards, integrating Accelerator metrics with OCP dashboards and Cost Management • Application Monitoring dashboards, integration with Red Hat Developer hub for Cost Management • Incident navigation capabilities in ACM • OpenTelemetry integration with Red Hat Edge Management Near Term Long Term 36 Product Managers: Roger Floren, Vanessa Martini, Jamie Parker, Radek Vokal, Tomas Dosek & Pau Garcia Quiles Red Hat Observability Platform
incident detection with alert groupings ▷ Productization of right sizing for Namespaces & Virtual Machines - towards TP Long Term: Exploring Observability Signals with UI Plugins & Customizable Dashboards Improved Observe section in ACM console with: ▷ Leveraging Perses for customizable dashboards ▷ Consolidated Multi-Cluster Alerting UI ▷ Introducing a Multi-Cluster Logging UI Improving Observability for OpenShift Virtualization & Red Hat Advanced Cluster Management Near Term: Making Use of Analytics Features Mid Term: Easily Defining & Installing Observability Components Consolidating the Multi-Cluster Observability Add-On (MCOA) in ACM with: ▷ Cluster logging operator ▷ Cluster observability operator ▷ Loki operator ▷ Tempo operator 37 Red Hat Observability Platform Product Managers: Roger Floren, Vanessa Martini, Jamie Parker & Radek Vokal redhat.com/observability
▷ Signal correlation/Korrel8r ▷ Incident detection ▷ Cluster & components health with kube-health Near Term: Distribute & Integrate OpenTelemetry ▷ Establish OpenTelemetry (OTEL) schema for AI workloads ▷ Integration with Dynatrace platform AI & Observability for Red Hat OpenShift Long Term: Integration with OpenShift Lightspeed & AI Interfaces Mid Term: Accelerators Metrics & Partner Enablement Partner accelerators enablement: ▷ Leveraging Perses ▷ One dashboard to rule it all 38 OpenShift AI AI Workloads OpenShift Lightspeed Product Managers: Roger Floren, Vanessa Martini, Jamie Parker & Radek Vokal redhat.com/observability Red Hat Observability Platform
Product Managers: Christophe Fargette, Ben Wilcock Core Plugins Adoption ▸ Plugins Installation from RHDH ▸ RHDH Local (TP) ▸ Adoption Insights (TP) ▸ Plugins Certification ▸ OpenShift AI Integration Near term Long term ▸ FIPS Support ▸ Templates Lifecycle Management ▸ Bulk Import (GA) ▸ Developer Lightspeed (DP) ▸ Scorecard Plugin ▸ First time onboarding experience ▸ Localization Support ▸ Customizable Homepage ▸ MCP Server ▸ Continuous Learning
Foundation (CNCF) project. 5.7k ! Red Hat Tooling Containers & Kubernetes UX & Configuration ▸ Mirror Registries ▸ More Kubernetes Object Supported ▸ Kubernetes Namespace selection ▸ Bridge to remote Podman Hosts ▸ GPU Acceleration Support ▸ Test Bootable Containers in BootC Extension ▸ RHEL Extension ▸ RHEL LightSpeed Extension ▸ Run Microshift in a Container ▸ Red Hat Container Catalog ▸ Vulnerability Scanning Near term Long term ▸ Status bar Improvements ▸ Faster and Simpler Onboarding ▸ Dashboard Revamp ▸ Logs UI ▸ Integrated CLI Product Managers: Stevan Le Meur, Matthew Demyttenaere
GPU Acceleration Support ▸ Support for OpenVino ▸ Support for vLLM ▸ Easy start of LLama Stack ▸ Explore Llama Stack API ▸ Agents Recipes ▸ MCP Server Support ▸ Podman MCP Server ▸ A2A Near term Long term ▸ Leveraging Ramalama ▸ Expand Catalog of Recipes ▸ Access to Open AI API ▸ Ollama API compatibility ▸ MCP Support in Playground Product Managers: Stevan Le Meur 42
Multi-Factor Authentication for Workloads Product Manager: Anjali Telang ▸ Enable MFA for your workloads with Red Hat’s Zero Trust Workload Identity Manager Operator ▸ Day 2 Operator Based on SPIFFE/SPIRE ▸ Single identity schema across multi-cluster deployments with federation support. ▸ Short-lived, cryptographically verifiable identities issued after node and workload attestation enabling zero-trust architecture ▸ Identities for VM and Container Workloads ▸ Available as TechPreview in 1H 2025
45 Red Hat Advanced Cluster Security Security across the entire application lifecycle Product Manager: Maria Simon ▸ Adding context for CVE prioritization ▸ Integration with other VM tools ▸ Vulnerability Management for VMs ▸ New OCP CO profiles ▸ Compliance as policy ▸ OCPVirt compliance ▸ Visualize and schedule tailored profiles ▸ RBAC insights ▸ Action Driven Risk Near term Long term
Runtime 46 Red Hat Advanced Cluster Security Security across the entire application lifecycle Product Manager: Maria Simon ▸ Policy as code improvements ▸ Integration with other policy engines ▸ Violation reporting ▸ FIPS 140 support ▸ BYODB ▸ External Entity IP visualization and threat detection ▸ Improved isolation insights with BANP/ANP Platform Near term Long term
OpenShift Q2CY2025 What’s Next in Multicluster Management With Red Hat Advanced Cluster Management Product management team: Scott Berens, Sho Weimer, Christian Stark, Bradd Weidenbenner, August Simonelli
Roadmap Highlights Virtualization Cluster Lifecycle Governance • Fine-grained RBAC for OpenShift Virtualization and Search (TP) • Ability to customise the name of the hub cluster • ROSA HCP lifecycle via Cluster API (AWS) • Test automation tooling for OCM.io policies (GA) • Live migration of VMs (TP) • Launch to VNC console (Virtual Network Computing) • ARO HCP lifecycle via Cluster API (Azure) • Enable easier RHACM certificate management across your fleet (TP) • ACS Policy integration in Governance UI Near term Long term 48
ApplicationSets in RHACM (TP) • ACM on-demand offering in AWS marketplace - going live! • OpenShift Gitops add-on for tighter integration (GA) • Argo CD agent integration (TP) • ACM on-demand offering in Azure & Google Cloud What’s Next in OpenShift Q2Y2025 Red Hat Advanced Cluster Management Roadmap Highlights 49 Near term Long term
and MicroShift Maintain the Base Support RHEL Image Mode GA RHEL 9.6 and 10.x Edgy AI Workload Model Serving with OpenShift AI - GA Extend Capabilities Generic Device Plugin Cert-manager Optimized image pulling with zsdt:chunked Product Manager: Daniel Fröhlich - Version 04/25 Stability and Continuity Innovative use cases Simplify day2 EDGE Near term Long term
with Arbiter (TNA) Product Manager: Daniel Fröhlich - Version: 04/2025 Approach: • Two node solution for cost sensitive customers • Small arbiter node, running only 3d etcd instance • Technically a three node cluster • OCP Virtualization fully supported • Hyperconverged Storage / SDS via Partners • X86 and Arm, bare metal only Node 2 Node 1 Infrastructure Services Kubernetes Services etcd 3 instances with regular quorum mechanisms like 3 node compact clusters Workload Timeline Targets: • V4.19 Technology Preview • V4.20 General Availability 52
(TNF) Product Manager: Daniel Fröhlich - Version: 04/2025 Approach: • True two node solution for cost sensitive customers • Relies on proven RHEL-HA technologies (corosync, pacemaker) to provide etcd HA • Uses fencing to protect against split brain situations: the surviving node power downs the failed node to guarantee consistency • Requires a Base Management Controller (BMC) that supporters RedFish for fencing • Node local storage supported (e.g. LVMS) • X86, bare metal only Timeline Targets:: • V4.19 Developer Preview • V4.20 Tech Preview Infrastructure Services Kubernetes Services etcd (Lead) Node 1 Workload BMC used for fencing etcd (Follow) RHEL HA (Corosync, Pacemaker) Node 2 53
O-RAN WG6 (O-Cloud) and W11 (Security) O2-IMS interface implementation (*) and O-Cloud Manager deployment Metal3 as an open-source HW Manager Cooperation with partners to deploy and provision the O-Cloud Alignment with O-RAN Standard Intel GNR-D with integrated NIC and Connorsville NIC family (**) RAN DU deployments on ARM (nVIDIA Grace Hopper) (**) RAN Acceleration based on nVIDIA (Hopper and CX-7 Bluefield) AMD 4th Generation CPU and Turin leveraging LLC Aware CPU pinning New Hardware Enablement Standardised Telco Cloud for RAN HW Refresh and New Functionality Production rollout of Image Based Install, Image Based Upgrades and Image Based Break+Fix Utilization of full Red Hat portfolio to solve diverse operational challenges Advise and assist the ecosystem to adopt cloud native principles and best practices Broad Operationalization of Red Hat OpenShift Platform Plus Simplify and Accelerate Day-1/2 Operations (*) - Depending on the O-RAN standard readiness and excluding O2ims monitoring (metrics) API and logs (**) - Depends on HW vendor roadmap/availability, upstream readiness and/or 3rd party software
actively engaged in O-RAN WG6 (O-Cloud) and WG11 (Security) activities. ◦ extending a Hub Cluster functionality to manage CaaS and Hardware (Day-0/1/2) and meet requirements defined by O-RAN for O-Cloud ◦ working on SMO&RAN workload agnostic O-Cloud components • Key investment areas in upcoming 6-12 months: ◦ Metal3 as an open-source Hardware Manager ◦ CaaS and HW Day-2 operations ▪ incl. IBU, IBI, and IBBF for SNO ◦ O-Cloud Observability at scale based on the cloud-native best practices ◦ RAN use cases: ▪ SNO with DU Profile ▪ SNO with CU&DU Profile ▪ MNO with RAN workload • Accelerate the building of the O-Cloud partner ecosystem • Drive O-RAN standard (WG6, WG11) and O-RAN SC 55 Product Manager: Michal Zasepa O-RAN (O-Cloud Components) Telco Near term Long term
with the same experience as with OpenShift on x86 today GraceHopper DP 4.19 = Solution analysis and ARM builds of Operators for both use cases (SNO DU and MNO), No ZTP or LCM (IBI, IBU, TALM, etc) TP 4.20 = DU on SNO: ZTP and LCM (IBI, IBU), CX-7/BF3 NIC, CX6 NIC, Full regression testing, KPI testing GA 4.21 = DU on SNO support in RDS TP 4.21 = CU on MNO ZTP and LCM, CX-6&CX-7/BF3 NIC AMD based CPU AMD based CPU Genoa and Bergamo supported (NPS ==1) TP 4.18: Node Per Socket =1 GA 4.20+: Turin support WIP 4.20+ : LLC Aware CPU pinning as a better way to leverage CCX than Node Per Socket =4 Engaging with AMD for upstream support - Long term goal (NRI) ARM based CPU Sierra Forest / Granite Rapid -D / Connersville Family Sierra Forest: 5G Core RDS inclusion WIP Granite Rapid -D: OCP Milestones dependent on 3rd party upstream deliverables DP 4.19 = Quality Sample HW, Integrated NIC, Carter Flat NIC, VBR2, PTP OC/BC, Limited Regression Testing TP 4.19 = Quality Sample HW, Integrated NIC, Carter Flat NIC, VBR2, PTP OC/BC, T-GM [DP], Limited Regression Testing, KPI Evaluation GA 4.20.z (Q1’26) = Commercial HW, Integrated NIC, Carter Flat NIC, Reed Channel NIC, VBR2, PTP OC/BC, T-GM, Full Regression Testing, Full KPI Testing New Hardware Support - Validated for Telco Use cases Near term Long term
on a real cluster learn.openshift.com OpenShift info, documentation and more try.openshift.com OpenShift Commons: Where users, partners, and contributors come together commons.openshift.org What’s New and What’s Next red.ht/whatsnew
Robert Love Image Based Install (IBI) Benefit: Significant reduction in installation time for DU configured SNO at far edge site. GA in 4.17 Image Based Break Fix (IBBF) Benefit: Redeploy DU configured SNO at far edge site after catastrophic hardware failure. DP in 4.18 via (to-be-published) KB Article Image Based Upgrades (IBU) Benefit: Significant reduction in upgrade time and service downtime for DU configured SNO at far edge site. GA in 4.16 (for 4.14-4.16 upgrade)
Azure Red Hat OpenShift Red Hat OpenShift on IBM Cloud Managed Red Hat OpenShift Services - Fully managed, start quickly Red Hat OpenShift Dedicated Self-Managed Red Hat OpenShift - Customer managed, for control and flexibility On public cloud, on-premises on physical or virtual infrastructure, or at the edge 61 as a fully managed cloud service or self-managed platform
| Policy | Governance | Observability Scan | Attest Build, deploy and run secure modern applications at scale Trusted Application Pipeline with OpenShift CI: Pipelines CD: GitOps Deploy model Canary Rollout Deploy Canary Rollout Import Data Experim ent Train Model Build Model Code Build Test Security AI/ML Application 62
Profile Analyzer Q2 Q3 CY24 Major Milestones Q1 Q2 Q3 Q4 • Tech Preview 2 : TAS (2/5) • Tech preview : TPA (3/8) • GA: Trusted Artifact Signer (TAS);(3/12) • TAS 1.1 • including Enterprise Contract, Simplified Install, Install on RHEL, Multi-CI integration, Ansible Tower • GA : Trusted Profile Analyzer (TPA) (Dates still being worked, slip from Q1) • AI Chat Bot - TP • TAS 1.2 : UX/UI with OCP/RHEL Management Console, • TPA ◦ RHEL ◦ Disconnected Env ◦ On-prem vuln source ◦ Gen AI as interface • TAS 1.3 • Usage with RH products • *KS • TPA - Red hat Product SBOM and VEX, *KS Gen AI in CRDA to fix Q4
Near Term (Q2/Q3 2025) Mid Term (Q3/Q4 2025) CORE PLATFORM • AutoNode (based on Karpenter) for AWS with HCP (Dev Preview) • Nutanix RHCOS VM Image Support for Bootstrapping Cluster • Support multiple NICs in Nutanix • Support additional NTP servers in install-config for bare metal • Bare Metal day 2 firmware settings reconfiguration and firmware updates (TP) • Support UEFI HTTP Boot in OCP • Hosted Control planes alongside standalone control planes (Compact) • Hosted control planes for OpenShift Container Platform on RHOSP (Dev Preview) • Support Heterogeneous NodePools (Power/Z + x86) in HCP • Multi-arch optimized disconnected support • Gateway API [Tech Preview] • Custom routes for OVN • Ingress traffic mirroring/splitting • Multiple Networks/VRFs - User Defined Native Network Isolation • OCP Virtualization and User Defined Networks integration • OVN Kubernetes BGP Support • SPOE support • HAProxy Dynamic Configuration Manager • CRIO support for sigstore • Advanced network config with Ignition • Automated certificate recovery after cluster hibernation • BYO External OIDC support for OCP (TechPreview) • Disconnected Cluster Update without local image registry • More flexible and resilient update rollouts • Descheduler custom profile based on utilization of nodes (DP) • VMware multi-vCenter without shared storage support • VMware vSphere multi-NIC VM creation support in the IPI installer (TP) • Customer-managed DNS for GCP (GA) and WS (TP) • Custom IPv4 subnets on OVN for Azure, AWS and GCP BYO VPC deployments • OpenShift on GCP – N4, C4, C4A and C3 machine types support • OpenShift on Oracle Cloud Infrastructure with Bare Metal GA • OpenShift Virtualization on Oracle Cloud (TP) and GCP (TP) • OpenShift on Oracle Compute Cloud @ Customer • OpenShift on Oracle Private Cloud Appliance • Volume Group Snapshots (GA) • Secret Store CSI (GA) • Cert-manager support router to load secrets, istio-csr, OSSM integration • SMB CSI (GA) • Openshift CLI Manager (A preferred way to deliver openshift CLI) TP • ShiftOnStack hosting ctlplanes • Arm support for Custom Metrics Autoscaler • Crun default in 4.18 • Sigstore image re-verification for namespace (TP -4.18) • oc-mirror v2 with Helm charts support and Proxy support • Next-gen OLM (OLM v1) GA • API: Support Kube KMS Integration in OCP (User-Provided)TP • ETCD: Enhance recovery procedure for full control plane failure • Oc update recommend command CORE PLATFORM Long Term (2026+) CORE PLATFORM • OpenShift Zones support for vSphere Host Groups (GA) • BareMetalHost with self-signed CA certs for BMCs • Bare Metal day 2 firmware settings reconfiguration and firmware updates [GA] • ARO HCP • Enhanced NodeHealthChecks for Hosted clusters with better upgrade signals • Configurability for Cluster Autoscalers Expanders options on Hosted Clusters • Enable boot diagnostics option at installation time in Azure • Support Private Google Access to GCP endpoints • User managed key for OpenShift Registry • Deploy without an external registry • Dedicated disks for etcd at installation • User Namespaces in stateless pods • SPIRE Operator GA • Automatic cert rotation on boot or resume of internal platform expired (GA) • Hitless API server certificate rotation • Machine API to Cluster API migration GA • Cluster API GA • Cluster API-based clusters • OCP WAF support • IPsec Offload • OVN Kubernetes User Defined Networks multi-cluster support • Automatic Intelligent Sharding • Karpenter support in ROSA-HCP (GA) • Karpenter support in ARO-HCP (TP) • Multi dimension pod autoscaler • N+3 skew in OCP Updates • Update precheck • OCI Volume Source for AI Workloads • Dynamic Resource Allocation • LeaderWorkerSet • JobSet • Gang scheduling • OCP on Azure Gov Secret regions • EFS-dir provisioning (GA) • CNS volume migration (GA) • SELinux context mounts (TP) • External Secrets Operator (GA) • Multi-cluster Identity and Authentication with Keycloak as OIDC provider in BYO External OIDC enabled OCP • OpenShift on Oracle Roving Edge Device • Checkpoint/Restore In Userspace • Pre-check command • Support Nutanix in Agent-based Installer • Nutanix IPI Static IP assignments • vSphere - MachineSet - Support of more than one disk • OpenShift Zones support for vSphere Host Groups • Bare Metal Spoke Cluster Provisioning for Hosted Control Planes • Bare Metal as a Service Support for OpenShift (TP) • Metal3 Support for Network Controller Sideband Interface (NC-SI) • Bare Metal Cluster API Provider (CAPI) (TP) • Dynamic Management of External DNS Names and KubeConfig • User Defined Networking (UDN) for/with Hosted Control Planes • Cross Management Clusters backup/restore for Hosted Clusters for Self-Managed HCP • Enhanced network config on Hosted Clusters for Self-Managed HCP • Generation in Hosted Clusters • Azure Confidential Clusters • GCP Confidential Clusters • IPv6 Dual Stack enablement for OCP on AWS and on Azure • NAT Gateway as outboundType for Azure • Disable SNAT for outbound traffic on Azure • Enable boot diagnostics option at installation time in Azure • Azure preview for self-managed Hosted Control Planes • OpenShift Virtualization on GCP (GA) and Oracle Cloud Infra (GA) • User managed key for OpenShift Registry • Deploy without an external registry • Dedicated disks for etcd at installation • User Namespaces in stateless pods (GA) • Swap • BYO OIDC for standalone OpenShift (GA) • SPIRE Operator (TechPreview) • Auto cert rotation on boot or resume of internal platform expired (GA) • Hitless API server certificate rotation • Gateway API (GA) • OVN Kubernetes BGP+EVPN Support and VPC Support • eBPF Manager GA • Admin Network Policy FQDN Support • Routable IPs for Pods • HTTP/3 HAProxy Support • ETCD database size Profiles (GA) • On cluster CoreOS Layering (GA) • EFS-dir provisioning (TP) • Karpenter support in ROSA-HCP (TP) • Dynamic Accelerator Slicer and Kueue • Customer-managed DNS for AWS (GA) and Azure (GA) • OCP on EC2 Dedicated Hosts on AWS • OCP on Dedicated Hosts on Azure • Support Lsv4, Lasv4, NDs, NVs and Dvx6 machine series in Azure • CNS volume migration (TP) • API: Support Kube KMS Integration in OCP (User-Provided) GA • API: Improve validation of TLS Modern Profile for Control-Plane components • ETCD Tuning Profiles • ETCD :Network Policies for OpenShift Core Components • ETCD: Hitless automatic defrag of etcd • ETCD: BackupAPI TP Last Updated 9-Dec-2024 To be Updated
Stark, Bradd Weidenbenner, Sho Weimer, August Simonelli UPDATED April 9, 2025 Note: bullets have links to work items RHACM Roadmap Near Term (3 months / 2.14) Mid Term (6 months / 2.15) Long Term (9+ months / 2.16+) ACM ACM • Enhanced management with Hosted Control Planes • Cluster Lifecycle for ARO (GA) • On-Prem/Disconnected Insights in RHACM • AI-Integrations • Workload-Identity Scaling Spire with RHACM • ACM cluster credentials integration with Vault • Automate the cluster registration cert renewal (GA) • Advanced observability analytics features (TP) • OpenShift Virtualization cross cluster live migrate (GA) • ACM on-demand offering on Azure marketplace ACM DP = Developer Preview TP = Technology Preview GA = Generally Available • Cluster Lifecycle for ROSA HCP (GA) • Cluster Lifecycle for ARO (TP) • Unified observability dashboards in console • Alert Management UI (GA) • Incident Detection based on Alert Grouping (TP) • Multicluster log storage (DP) • ACM Progressive Sync of ApplicationSets (GA) • Enhanced UI support for placement API • OpenShift Virtualization cross cluster live migration (TP) • Automate cluster registration cert renewal (TP) • Enhance cluster autoimport for restore scenarios • ApplicationSets in any namespaces with OpenShift Gitops (GA) • Fine grained RBAC for virtual machines (GA) • Right-sizing recommendations for namespaces (TP) • Visualize RHDE power consumption (DP) • Cluster Lifecycle for ROSA HCP (TP) • Hosted Control Planes (HyperShift) - Non-BareMetal Agent provider (TP) • ACM Progressive Sync of ApplicationSets (TP) • Argo CD Agent Integration (DP) • Sync action for ApplicationSets in UI • Fine grained RBAC for virtual machines (TP) • Enhanced Observability with OpenShift Virtualization (network traffic, snapshots) • Test automation tooling for OCM.io Policies (GA) • Customize hub naming (rename local cluster) • Automate cluster registration cert renewal (DP) • Set limits on mem and cpu for management addons • Performance improvements for ODF application DR • ACM on-demand offering on AWS marketplace
Mid Term Long Term FEATURES FEATURES FEATURES • Self managed ODF for ROSA HCP • vSphere 8 • Replica 2 for CephFS • Capacity usage trend information • Security ◦ Key rotation support for PV encryption ◦ Azure Key Vault support (GA) • Supportability ◦ Multiple MDS ◦ Improved CLI • Multicloud Object Gateway ◦ Support for client STS ◦ Support for account replication across clusters • Disaster Recovery ◦ Support for ACM-discovered applications • Disaster Recovery ◦ RDR Recipes for complex applications ◦ Enhanced visibility for data replication • Support multi device classes for storage tiering, data isolation and mixture of SAN and local devices. • Key rotation support for cluster wide encryption • Multicloud Object Gateway ◦ Object browser ◦ Bucket notifications ◦ Support versioning in bucket replication • Multus support for assigned subnets • ARM support • Support for COSI - Object API for K8s • IPV6 support for external mode • External mode with replica1 • Disaster recovery ◦ DR solutions for HCP ◦ Automated DR testing ◦ Consistency groups ◦ DR for replica 1/2 • QoS • Maintenance automation 71 Product Manager: Eran Tamir (lead), Venkat Kolli, Chris Blum Updated 3-Dec-2024 (2H 2024) ODF 4.17 (1H 2025) ODF 4.18 (2H 2025+) To be Updated
Doron Caspin Near Term (H1 CY 2025) Mid Term (H2 CY 2025) Long Term (2026) Operators Profiles PORTFOLIO Profiles ` PORTFOLIO Operators Profiles PORTFOLIO • CO support on ARM • NIST 800-53 rev 5 • DISA STIG profile update • Zero Trust Workload Identity Manager (ZTWIM) Operator (TP) • • Profile to harden KVM (OCP Virt) • ZTWIM Integrations with Service Mesh, OCP Virtualization, RHACM, Kuadrant, • • CIS OpenShift profile update • New BSI profile for On Prem OCP 73 • Decouple storage requirements to process a scan Updated <Date> Operators • ZTWIM Operator (GA) To be Updated
Term Mid Term Long Term 75 (3 months) (6 months) (9 months+) Product Managers: Roger Floren, Jamie Parker, Vanessa Martini & Jose Gomez-Selles Log Storage and Collection In-cluster Monitoring November 2025 Tracing & Open TElemetry Log Storage and Collection In-cluster Monitoring Tracing & Open TElemetry Log Storage and Collection In-cluster Monitoring Tracing & Open TElemetry OpenTelemetry • New collector capabilities and integrations - AMQP, file exporter, .. • Instrumentation - multi-container auto instrumentation, TLS • Improvements - FIPS, must-gather support, troubleshooting docs/CRDs Distributed Tracing • UI - APM view for tracing, Gantt charts, signal correlation • Storage - short lived token auth, OTLP as internal proto. In Tempo • Improvements - FIPS, multi tenancy and reencrtypt ingess route • Ease of use - demo.redhat.com, tempo sizing recommendations Observability UI Observability UI Observability UI • Figure out Instrumentation language automatically • OpenTelemetry profiles into COO • Observability Integrations PoC • GA OpenTelemetry components • RBAC for distributed tracing data • COO integrations • Jaeger UI deprecation • OpenTelemetry configuration UI • Instrumentation quality checks • OpenTelemetry collector auto scaling • Observability costs and recommendations • Service graphs from traces • Observability service map • OpAMP for Edge management • Support insights agent as an OTel extension • RBAC for distributed tracing data on OpenShift • Logging 6.1 GA • GCP WIF support • Multicluster Loki in ACM 2.12 • LoggingStack GA in COO • Multicluster Loki storage via MCOA in ACM 2,.21 (Dev Preview) • Optional built-in monitoring • Prometheus upstream work towards OTLP remote write support • Scrape Profiles (GA) • Optional built-in monitoring • Prometheus upstream work towards OTLP remote write support • Cluster Observability Operator 1.2.0 • Support OTLP in Logs UI • Connect Perses authentication with OpenShift authentication • Export CSV files / Perses • Traces UI plugin GA • APM Dashboards • Accelerators Dashboards • Cluster Observability Operator 1.3.0 • Customizable dashboards in web console OCP/ACM - Milestone I • Troubleshooting UI plugin GA • Cluster Observability Operator 1.4.0+ ◦ Customizable dashboards in web console OCP/ACM - Milestone II To be Updated
Term Mid Term Long Term 76 Product Managers: Roger Floren, Jamie Parker, Vanessa Martini & Jose Gomez-Selles November 2025 STF & OpenStack Intelligence & Analytics Multicluster Observability Power Monitoring STF & OpenStack Intelligence & Analytics Multicluster Observability Power Monitoring STF & OpenStack Intelligence & Analytics Multicluster Observability Power Monitoring (3 months) (6 months) (9 months+) • Power monitoring compatibility matrix • Productize model server and models • Validate power monitoring in Bare Metal • Validate power monitoring in VMs • Detect if the platform is supported by power monitoring • Red Hat Secure Development Lifecycle Schedule onboarding • API stabilization for GA • Explore the ability to run own models (customize power measurements) • Stabilize the Model Validation calculation method • Model Validation with low MAPE (Mean absolute percentage error) < 20% • Productization work (OBSDA-731) • Handling Idle Power • Reduce number of metrics • Metrics scalability • Stabilize Resource Utilization calculation method • GA release • GPU Resource Utilization • Online Training/Demo + GA marketing • ACM ◦ Adanced AlertManagement for User-Workload-Monitoring ◦ Multi-cluster Observability Add-on TP (Logging, Metrics) ◦ Alert management via ACM UI (Dev-Preview) ◦ Incident Detection based on Observability Alert Grouping (DP) ◦ Microshift ACM enablement (TP) ◦ MCO T-shirt Sizing (Tech-Preview) ◦ Dashboards for OpenShift Virtualization (capacity-planning) • RHOBS ◦ RHOBS Merged Instance migrations ◦ Dynamic OCP Telemetry whitelisting ◦ Self-service OCP Telemetry for Internal teams ◦ Resource Optimization Tenant ◦ RHOBS instance ELB • ACM ◦ Grafana → Perses Migration ◦ MCOA GA ◦ Rightsizing for OpenShift Virtualization GA ◦ Observability for Microshift GA • RHOBS ◦ Maintenance • STF 1.5.5 GA ◦ Rebase on OCP 4.16 ◦ Potential Move to COO MonitoringStack ◦ Utilize COO GA • RHOSO FP1 ◦ Enhance Visualizations ◦ OpenTelemetry Metrics and Tracing ◦ OVN Metrics Collection Single Cluster • Observability Troubleshooting Journey w/ COO 1.2.0 ◦ Incident detection (eTP) Multi Cluster • Right sizing - namespace (TP) w/ ACM 2.14 • Incident detection (DP) w/ ACM 2.14 Single Cluster • Observability Troubleshooting Journey w/ COO 1.3.0 ◦ Signal correlation (GA) Multi Cluster • Right sizing - VMs (TP) w/ ACM 2.15 Single Cluster • Observability Troubleshooting Journey w/ COO 1.4+ ◦ Incident detection (GA) Multi Cluster • Incident detection (TP) • Right sizing - namespaces (GA) • Right sizing - VMs (GA) To be Updated
w/ offloading • 802.1x (RU->SNO/DU) • Intel GNR-D (full support) • nVIDIA Grace Hopper on SNO/DU [GA] • nVIDIA Grace Hopper on MNO/DU [TP/GA] • AMD • … • Intel GNR-D [TP] (GA in a 4.20.z) • nVIDIA Grace Hopper on SNO/DU [TP] • SiteConfig v1 Removal • Dual NIC T-BC w/ SMA (1PPS interconnect) • Variable Rate PTP Log Reduction • O-Cloud registration in SMO [TP] • O2-IMS inventory API (w/o unused HW resources) [TP] • Inventory for unused HW [DP] • O-Cloud Cluster Template [TP] • SNO with DU profile provisioning [TP] • O2-IMS monitoring (alerts) API (w/o suppression and purging) for CaaS [TP] • mTLS and OAuth 2.0 for O2IMS (Hub Cluster) [PoC/DP] • … Platform & Ops Security • Auto Generated Communications Flow Matrix (OCP Only w/ DU Profile) • IPSec N/S CaaS Traffic w/o offloading for MNO • Load Balancer for bare-metal (metalLB) ◦ BGP Graceful Restart - GA ◦ Linux VRF - GA ◦ Egress IP as service IP (!node IP) - GA ◦ Unnumbered BGP peering - GA • Propagate LACP status as SR-IOV VF status - TP • Hosted Control Plane: telco Operators Common O-RAN and Timing • Intel GNR-D (feature parity with SPR-EE) • nVIDIA Grace Hopper [DP] • Image-based break/fix [TP] • SiteConfig v1 Deprecated [Removal in 4.20] • PTP Event Sidecar removal (PTP Direct Access Only) • 3 NIC T-GM w/ WPC • O-Cloud registration in SMO [DP] • O2-IMS inventory API (w/o unused HW resources) [DP] • O-Cloud Cluster Template [DP] • SNO with DU profile provisioning [DP] • O2-IMS monitoring (alerts) API (w/o suppression and purging) for CaaS [DP] • Multiple Time Sources - Best Master Selection (BMCA) • SyncE [GA] • Inventory scenario (inc. O2-IMS API) • Provisioning and Lifecycle Management scenarios (inc. O2-IMS API) • Fault Management scenarios (inc. O2-IMS API) • Performance Management scenarios PMs: Robert Love (RAN), Franck Baudin (Core) Near Term (H1CY2025 - 4.19) Long Term (2025+ - 4.21+) Mid Term (H2CY2025 - 4.20) 78 Updated Q4 2024 (*) - API hasn’t been standardized by O-RAN. Red Hat will update the roadmap when the interface is in Stage 3 Platform & Ops Security Common O-RAN and Timing Platform & Ops Security Common O-RAN and Timing • Bandwidth Aware Scheduler: Operator (helper) • LLC Aware CPU pinning - GA • QoS: OVN DSCP marking - GA • Change OVN-K gateway interface on day-2 • Propagate LACP status as SR-IOV VF status - GA • CPU Manager: mix of exclusive and shared CPU for a container - GA • NUMA aware scheduler - refactoring • CPUs: ARM, new x86 CPUs • SmartNIC/DPU enablement • Hosted Control Plane: RDS • Power Saving To be Updated 78
(6-9 months - V4.20) Long Term (9++ months) OPENSHIFT EDGE 79 Product Manager: Daniel Fröhlich - Version 04/25 • Two node Openshift with Arbiter (TNA) - TP X86/Arm on Bare Metal • Two node OpenShift with Fencing (TNF) - DP X86/Arm on Bare Metal Multi Node OpenShift • Two node OpenShift with fencing (TNA) - GA • Two node OpenShift with Fencing (TNF) - TP Multi Node OpenShift Multi Node OpenShift 79
MicroShift Near Term (3-6 months - V4.19 - 06/2025) Mid Term (6-9 months - V420 - 10/2025) Long Term (9++ months - V4.21 and beyond) OPENSHIFT EDGE • Support for RHEL image mode GA • Switch to RHEL 9.6 • OpenShift AI model serving with MicroShift TP • TLS and Cypher configuration • Enhance Community experience Part 2 • Observability with Open Telemetry (TP) • Telemetry Data Device Edge / MicroShift • Generic Device Plugin for MicroShift • Cert-manager on MicroShift • OpenShift AI model serving with MicroShift GA • MicroShift image mode Improvements • Enhance Community experience • Compliance: ISA 62443 • Lightweight Gitops in pull mode (GA) • Observability with Open Telemetry (GA) Device Edge / MicroShift • MicroShift on RHEL10: • V4.21 TP - Q1/2026 • V4.22 GA - Mid/2026 • Support the k8s Gateway API (TP) • Support MicroShift on CIS Level 2 hardened RHEL • KubeVirt • Networking on WiFi • Compliance: SCAP profiles • ACS Integration (TP) • Support wasm runtime/workload • Confidental Containers • Serverless • Service Mesh Device Edge / MicroShift Note: No plans for HA / Multi Node MicroShift 80
Required Updated <Date> Near Term (~3-5 months) HOSTED OSD-GCP • Support for A3 instances with NVIDIA H100 • Ability to deploy instances in specific availability zones and subnets for new machine pools ROSA ARO • Region expansion (Spain, Austria, UEA, MAG) • Additional instance types (D,DC, LSv4) • Confidential containers GA • Region expansion (Calgary, Tel Aviv, Malaysia) • Additional instance types (8th gen & p5) • AWS Windows-License-Included Mid Term (~6-8 months) HOSTED Long Term (9+ months) HOSTED OSD-GCP • Use of pre-purchased GCP Capacity Reservation • New compute types with x86 & Arm architectures, and Intel & AMD CPUs ROSA ARO • Azure Boost VMs • E, Eb, EC and M-Series • EC2 capacity reservations • EC2 Spot instances OSD-GCP • Support for GCP Spot VM instances • GCP regions - Johannesburg, Paris, Tel Aviv, Warsaw ROSA ARO • Other GPU types • B series • SE Asia region expansion • Region expansion To be Updated 82
Required Updated <Date> OSD-GCP • GCP regions - Johannesburg, Paris, Tel Aviv, Warsaw • Network Verifier for early detection of egress network configuration ROSA ARO • • • • • • OSD-GCP • Hosted Control Plane for OSD on GCP • Terraform support for OSD-GCP • ROSA ARO • • • • • • Near Term (~3-5 months) HOSTED OSD-GCP • Support upto 249 compute nodes • OCP-Virt support on OSD-GCP • Out-of-the-box integration with Google Cloud NetApp Volumes (GCNV) ROSA ARO • SDN to OVN migration • Enabling persistent storage for prometheus • Cluster wide proxy • Shared-VPC deployment • SDN to OVN migration tools • Advanced autoscaling Mid Term (~6-8 months) HOSTED Long Term (9+ months) HOSTED OSD-GCP • Network Verifier for early detection of egress network misconfigurations • Terraform support ROSA ARO • Further integration with Signals • Enhanced notifications • Enhanced console wizard • Autoscaling with expanders OSD-GCP • Hosted Control Plane with OSD-GCP ROSA ARO • Hosted Control Plane with ARO • Deprecate classic architecture To be Updated 83
Roadmap NDA Required Updated <Date> Near Term (~3-5 months) HOSTED OSD-GCP • OSD CLI ROSA ARO • Managed identities support preview • Lockbox to include SSH access • • PCI-DSS 4.0 • Zero-Egress • Ongoing GovCloud enhancements Mid Term (~6-8 months) HOSTED Long Term (9+ months) HOSTED OSD-GCP • GCP tags based enforcement • Integration with GCP Secret Manager ROSA ARO • Managed identities GA • IL5 • CCCS/Protected-B OSD-GCP • Integration with GCP Certificate Authority Service ROSA ARO • • To be Updated 84
PROVIDERS PMs: Marcos Entenza (AWS, Azure, GCP, IBM Cloud), Peter Lauterbach (RHV), Ramon Acedo Rodriguez (BM, Nutanix, VMware, Agent-based installer, etcd, API), Ju Lim (Alibaba, Oracle), Gil Rosenberg (OSP), Duncan Hardie (IBM Z & Power), Adel Zaalouk (HCP), Subin Modeel (Updates) PROVIDERS GENERAL PROVIDERS GENERAL GENERAL Near Term (Q2 2025) Mid Term (Q3/Q4 2025) • vSphere: OpenShift Zones support for vSphere Host Groups (GA) • Confidential Clusters in GCP • BYO IAM instance profile on AWS • External DNS support for AWS and Azure • Machine API Support for Azure Reserved Capacity • OCP in GCP with BYO shared VPC with BYO hosted zone • New regions and instance types in AWS, Azure, GCP • OpenShift on Oracle Cloud with bare metal GA • OpenShift Virtualization on Oracle Cloud • OpenShift on Oracle Compute Cloud @ Customer • OpenShift on Oracle Private Cloud Appliance • Hosted Control Planes for self-managed OpenShift on AWS • Arm control-plane with x86 data plane for Hosted Control Planes for AWS • vSphere: Multi-vCenter without shared storage • vSphere: vSphere multi-NIC VM creation support in the IPI installer (TP) • Nutanix: Support Nutanix Flow Virtual Networking • Nutanix: Static IP assignments • Metal: Support additional NTP servers in install-config for bare metal • Metal: Support UEFI HTTP Boot to install • RH OpenStack multi cluster resource orchestration • ShiftOnStack Metrics into Observability Stack TP • Image signature support in OSUS • Disconnected Cluster Update without local image registry • Z-stream rollback -4.16+ • `oc adm update status` (GA) • Enable additional integrations with external platform • Agent installer: support minimal ISOs • Agent installer: 5-node control planes in day 1 • Agent Installer: iSCSI boot support • cc-mirror v2 GA • oc-mirror enclave support (GA) • API: Support Kube KMS Integration in OCP (User-Provided) TP • ETCD: Enhance recovery procedure for full control plane failure • OpenShift Control Plane Documentation Section • ETCD :Network Policies for OpenShift Core Components • ETCD: Hitless automatic defrag of etcd • ETCD: BackupAPI TP • ETCD: Automatic backup with etcd BackupAPI (TP) • Custom reboot/drain suppression rules • User managed key for OpenShift Registry • Deploy without an external registry • Dedicated disks for etcd at installation • Dynamic config manager • User Namespaces in stateless pods • BYO OIDC for standalone OpenShift • Machine API to Cluster API migration GA • Cluster API GA • Cluster API-based clusters • Enable additional integrations with external platform • Single Update Channel with monthly update policy • Automatic OCP updates • API: Support Kube KMS Integration in OCP (User-Provided) GA • API: Support TLS v1.3: Improve validation of TLS Modern Profile for Control-Plane components • API: Hitless TLS Certificate Rotation for Kubernetes API • Agent Installer: Agent Installer interface to install Operators • Agent Installer: Retain existing partitions • Agent Installer: Support external load balancer • Dual Stack enablement for OCP on Azure • Dual Stack enablement for OCP on AWS • NAT Gateway as outboundType for Azure • Disable SNAT for outbound traffic on Azure • Custom IPv4 subnets on OVN for Azure BYO VPC deployments • Enable boot diagnostics option at installation time in Azure • Additional integrations for AWS Outposts • Support Private Google Access to GCP endpoints • vSphere: vSphere multi-NIC VM creation support in the IPI installer (GA) • vSphere: OpenShift Zones support for vSphere Host Groups (TP) • Nutanix: Support Nutanix in Agent-based Installer • Nutanix: IPI Static IP assignments • Nutanix: Agent-based Installer support Install & Updates Roadmap Last Updated 13-Dec-2024 • Agent Installer: Allow 2-node control planes in day 1 To be Updated
Visite the Dashboard (component = Hosted Control Planes) Product Manager: Adel Zaalouk Last Updated: 7-Apr-2024 https://issues.redhat.com/secure/Dashboard.jspa?selectPageId=12347121 ◦ Filter by Hosted Control Planes, Self-managed / ARO / ROSA, Provider ◦ Left column: Current (Q1 2025) ◦ Middle column: Next (Q2/Q3 2025) ◦ Right column: n+2 and beyond 87
(H1 2025) Mid Term (H2 2025) Long Term (H1 2026) Installer & Infrastructure • SingleStack IPv6 GA • ShiftOnStack Hosted control planes in TP • CAPO Stabilization and further integration • Support for RHOSO18 OpenStack observability correlation • ORC multi cluster openstack orchestration tool (DevPreview) Installer & Infrastructure • ORC multi cluster openstack orchestration tool - TP • ShiftOnStack Hosted control planes - GA • AZ aware deployment - TP • External LB integration - GA 88 Product Manager: Gil Rosenberg Installer & Infrastructure • AZ aware deployment - GA • ORC multi cluster openstack orchestration tool - GA • CAPO Full installer integration ◦ Machine creation support NDA Required Last Updated: Dec 2 2024 88
Containers Sandboxed Containers • Peer Pods GA (AWS and Azure) - Flexible VM sizes - FIPS support - Pre-built PodVM images - Persistent volume support • Confidential Containers Tech Preview (Azure) • QEMU and cri-o support for Kata Rust Components • ARO Integration Tech Preview Mid Term (1- 6 month) Long Term (> 6 month) Product Manager: Jochen Schröder Disclaimer: This roadmap is subject to change without notice • Support for IBM z • Confidential Containers GA • Metrics and additional dashboards • Policies with ACM to install sandboxed containers on fleet • ARO integration with support for Confidential Containers • Hypershift support Last Updated <date> 89 UPDATED NEEDED
Looking Ahead Confidential - do not distribute 91 1 H 2025 2 H 2025 ▸ Dynamic Accelerator Slicer ▸ Red Hat Build of Kueue (based on Kueue) ▸ LeaderWorkset ▸ JobSet ▸ Gang Scheduling ▸ Dynamic Resource Allocation ▸ OCI Image Source for AI Workloads ▸ Enhanced networking (low-latency/high performance) for AI workloads ▸ Granite Trained Model for OpenShift ▸ Gateway API Inference Extensions ▸ Registry support for AI models This is a forward looking roadmap, which is subject to change.
Operator (MTO) Near Term (2H 2025) Mid Term (1H 2026) Long Term (2H 2026+) • OpenShift Virtualization for Arm • User Experience and Console improvements for Multi-arch • Trusted Application Pipelines for Multi-arch • Multi payload default for all clusters created via console.redhat.com MULTI-ARCH • Improve reporting of exec failures • Preferred Affinity support MA TUNING OPERATOR • OpenShift Data Foundation for Arm • OpenShift Quay for Arm • Telemetry improvements • Azure automated install for Multi-arch envs • Assisted and Agent installer for day 0 multi-arch installs • ACM day 0 multi-arch installation support MULTI-ARCH • Per namespace scheduling scoring plugins • Integration with Cluster Autoscaler and Descheduler • Affinity based eviction integration • Integration with observability stack MA TUNING OPERATOR • Mixed Arch Control planes • Bare Metal Automated Installation support for Multi-arch envs MULTI-ARCH MA TUNING OPERATOR • Smart scheduling • Integration with Karpenter • Integration with KEDA • Integration with Cost Operator Last Updated 02-Dec-2024 92
Near Term (2H 2025) Mid Term (1H 2026) Long Term (2H 2026+) • Security Profiles Operator • NFD support for Nodes • PCI-DSS v4 support IBM POWER • Installer support for SMT power levels • Power Management for OpenShift • Secret Store CSI Driver • IPI for PowerVC IBM POWER • Disaster recovery and high availability IBM POWER • Security Profiles Operator • Exploitation of hardware based root volume LUKS encryption • Secure Execution support in Agent Based Installer • FCP Multipath support via Assisted Installer • PCI-DSS v4 support • System identification IBM Z • Power Management for OpenShift • Secret Store CSI Driver • IPI for IBM Cloud Infrastructure Center IBM Z • Disaster recovery and high availability IBM Z Last Updated 02-Dec-2024 93
2025) Long term (1H 2026+) API and Auth • Update Control Plane to latest upstream • No auto-generated secrets for SA • BYO External OIDC support for OCP (TechPreview) • Secret Store CSI Driver - GA • Cert-manager - Istio-csr integration, Routes support GA, Disconnected Environment support • Continue work on certificate ownership and signer registry • Support for 6 month cluster hibernation (self-managed clusters) • Automated recovery of control plane expired certificates • [GA] Selectable etcd database size • Zero Trust Workload Identity manager (TP) • API and Auth • Pod Security Admission restricted enforcement • BYO External OIDC (GA) • Zero Trust Workload Identity manager (GA) • External Secrets Operator - TP • Cert-Manager - Trust distribution support, Microshift support • External OIDC enabled OCP GA • Pod Security Admission - “Required” Enforcement • Graduation of Kube API streamin improvements reducing memory utilization of resource LIST actions • Kube KMSv2 for self-managed OpenShift (GA) API and Auth • ZTWIM with UI, RHACM support, Trustee integration • PSa Restricted enforcement by default • BYO External OIDC support with Multiple Identity providers, validated OIDC workflows beyond AuthCode flow • Cert-Manager Operator SPIRE integration, approver policies • External Secrets Operator - GA • Automatic cert rotation on boot or resume of internal platform expired (GA) • Hitless API server certificate rotation 94 etcd • etcd bump to v3.5.13 • etcd Backup API (GA) • Etcd automated backups (GA) • Selectable etcd latency profiles (GA) • Recovery etcd from expired certificates (GA) • Bring etcd to identical Go version as the rest of OpenShift components • Improvements on etcd cluster scaling for baremetal nodes etcd • Improvement to etcd defragmentation logic • Etcd automated recovery of failed control plane node • Ability to remove failed etcd members as quorum recovery path for baremetal clusters etcd • Continue upstream work towards etcd 3.6 release • Etcd bump to v3.6.x • Hitless defragmentation • Hitless certificate rotation Near term (1H 2025) Last Updated 13-NOV-2024 Product Manager: Nick Png, Ramon Acedo To be Updated
from Machine API to CAPI • MAPI/CAPI upgrade safety (TP) • Cluster API (Tech Preview) ◦ MachineDeployments using CAPI (Tech Preview) ◦ CAPI support in Control Plane Machine Set (Tech Preview) • AWS native Karpenter support (TP) PROVIDERS • AWS: CAPI controller (TP) • Baremetal: CAPI controller (TP) API • Capacity blocks and Capacity reservation in MAPI/CAPI • Migration from Machine API to CAPI (AWS) • PROVIDERS API • Cluster API in Standalone OCP(GA) • Machine Pools using CAPI • Machine API deprecation • Cluster Autoscaler CAPI support • ROSA+HCP native Karpenter support • ARO+HCP native Karpenter support PROVIDERS • Baremetal: CAPI controller (GA) • Azure: CAPI controller (TP) • GCP: CAPI controller (GA) • vSphere: CAPI controller(GA) 95 Last Updated 6-Dec-2024 To be Updated Long Term (Q1 2026+) Near Term (Q2 2025) Mid Term (Q3/Q4 2025) • AWS: CAPI controller (GA) 95
(Dev Preview) ▸ AutoNode (based on Karpenter) for ROSA-HCP (Preview) ▸ Priority based expander for cluster-autoscaler in ROSA-HCP ▸ Cluster autoscaler and Karpenter integration with DRA ▸ AutoNode (based on Karpenter) for ARO-HCP (Preview) Next What’s Next This is a forward looking roadmap, which is subject to change. Autoscaling Product Manager: Subin Modeel, Ju Lim Last Updated: 11-Apr-2025 (Q2 2025) (Beyond Q2 2025)
2025) Long Term (1H 2026+) Builds • FIPs support • Buildpacks TP Builds • Multi-arch builds • Buildpacks GA • BuildConfig to Shipwright migration guide Builds • Additional build strategies • Caching • Image signing • Triggers • SBOM 97 Product Managers: Siamak Sadeghianfar, Koustav Saha, Harriet Lawrence Pipelines • Red Hat tekton catalog • Manual Approval • Multi auth support in Git resolver • ClusterTasks migration to Tekton Ecosystem • Results UX and observability dynamic plugin • Tekton support for windows node Pipelines • Caching support for resolver • Tekton Results enhancements • Chatops support in PAC • Tekton Results GA • Red Hat Tekton Catalog GA • Build dependencies cache across pipelineruns Pipelines • Multi Cluster loadbalancing with PAC • Advanced usecases with PAC inteceptor • Pipeline Resource Quota • Productize Pipelines in Pipelines • Advanced Pipeline concurrency control • GitOps • FIPS support • Argo agent (Developer Preview) • Argo agent ACM integration • AppSet progressive rollout GA • OCI repository sources • Gateway API support in Rollouts GitOps • Application dependencies within an AppProject • Source Verification Policies • Image Updater TP • GitOps UX in Console • Argo CD UI performance and accessibility updates GitOps • Environment promotion and rollback • Source verification policy • Health checks for Red Hat CRDs • Image Updater GA Last Updated <date> UPDATED NEEDED
Preview) • Manage existing content with Own/ SingleNamespace installMode (Tech Preview) • Resource orphaning: preserve resources upon removal • OLM v1 runs on the HyperShift control plane • Manage Helm chart-packaged Operators (Tech Preview) • Resource orphaning: preserve resources upon removal • OLM v1 runs on the HyperShift control plane • Manage Helm chart-packaged Operators (Tech Preview) • Custom conditions for content upgrade blocking • ClusterExtension: Enhanced health condition • Safe CRD upgrades • Clear ownership: no reconciliation conflicts • Least privilege principle: a ServiceAccount is required for lifecycling content • Protect catalog data with HTTPS encryption for web server responses • Laying the groundwork for native Helm chart support: OLM v1 embeds Helm • RukPak API fundamentals • Deppy API fundamentals • Global Catalog API • Declarative install and removal 2024 98 4.14 and earlier 4.15 4.16 4.17 4.18 4.19 4.20 4.21 and beyond OLM v1 Roadmap Tech Preview - Phase 1 GA - Phase 1 • Declarative install, updates, & cascading removal with ClusterExtension API • Disconnected environment support • Enforce platform-wide signature trust policies defined by OpenShift Tech Preview - Phase 4 GA - Phase 3 GA - Phase 2 • Create a ServiceAccount with necessary permissions for managing cluster content (Tech Preview) • Manage existing catalog content with webhooks • Manage existing content with Own/ SingleNamespace installMode (Tech Preview) Tech Preview - Phase 2 • Z-stream only automatic updates • Performance improvements in Global Catalog API: A new HTTPS web server Tech Preview - Phase 3 • Full custom upgrade edge support • Content Deprecation • User-facing API rename with enhanced status reporting: ClusterExtension GA - Phase 4 Roadmap to next-gen OLM (OLM v1) Phased implementation while OLM v0 APIs remain available * The roadmap is subject to change. Milestones presented here are provisional and based on current estimates. 2024 2023 2025+
Term (Q2 2025) Mid Term (Q3 2025) Long Term ( 2025 H2+) Service Mesh • Service Mesh 2.6 with Istio 1.20 • GA of Gateway API support • Technology Preview of Service Mesh 3: ◦ Support for Istio’s revision and tag (Canary) deployments ◦ Multi-Primary multi-cluster support ◦ Istio Ambient “sidecar-less” Mesh - Dev Preview Service Mesh • Service Mesh 3.0 general availability • Multi-primary multi-cluster support • Istioctl support • Istio-csr support (for cert-manager) Service Mesh • Ongoing Istio updates • GA of Dual Stack IPv6/IPv4 supportIstio Ambient “sidecar-less” Mesh - GA • Service Mesh on external hosts/vms • Additional multi-cluster support and integrations with Red Hat Advanced Cluster Management (ACM) 99 Product Manager: Jamie Longmuir / Naina Singh Serverless • Functions ◦ Python for AI template (TP) • Event Transformation • Internal Encryption for knative services • Serverless for Arm architecture GA • Serverless logic on Dev Console • Serverless logic disconnected environment Serverless • Functions ◦ Python for AI template GA ◦ Instanced Functions with Lifecycle Hooks • Event sources for AWS S3, SQS - TP • EventMesh DP • BackStage Plugin- DP • AWS Lambda Migration • Serverless workflow for AI composition Serverless • Function ◦ Kubernetes deployment ◦ Batch Functions • • Stateful functions • Event Streaming support • Predictive Tuning • Serverless logic FIPS compliance • Last Updated <date> To be Updated
Storage Multi-cluster and Hybrid Cloud • Regional-DR and Metro-DR with ACM and ODF • Multi-cluster virtualization monitoring (with ACM) • Oracle Cloud Infrastructure Bare Metal • Additional Cloud integrations • Improve GPU utilization with GPU workload support in hosted clusters • Manage static IPs and outbound connections with IPAM and Egress OVN-K secondary overlay networks. • Optimize storage lifecycle with storage class migration (TP) OpenShift Virtualization Modern infrastructure with proven KVM virtualization • Seamless VM changes with CPU and memory hot-add • Increased workloads density using memory overscribe • Optimize and balance clusters with descheduler To be Updated
Term (Q2 2025) Mid Term (Q3 2025) Long Term (~Q1 2026) • Migration Toolkit for Applications 7.3 (ETA May 2025) ◦ Tech Preview support for Python and Node.js ◦ Dev Preview support for Assets Generation in the MTA CLI (Cloud Foundry to OpenShift). ◦ Migration from RHSSO to RHBK. FEATURES • Migration Toolkit for Applications 8 (ETA September 2025) ◦ GenAI extensions (Downstream of Konveyor AI): Automated source code changes, adaptable to custom corporate technologies leveraging RAG patterns and a model agnostic approach. ◦ Assets Generation GA: Enable MTA to produce deployment manifests and configuration files to deploy applications in OpenShift. ◦ Platform Awareness: Enable MTA to retrieve deployment and runtime configuration from the platform an application is deployed on. FEATURES • Centralized configuration profiles management: IDE configuration for developers can be centralized in the MTA hub, including custom rules • Enhanced integration with Red Hat Developer Hub: Enable organizations to enforce sanctioned migration motions while providing a self service window for application onboarding in OpenShift. FEATURES 102 Last Updated <date> UPDATED NEEDED 102
SUBJECT TO CHANGE *** SOME PLUGINS ARE RELEASED INDEPENDENTLY OF RHDH Plugins Near Term (3-6 months) Mid Term (6-9 months) Long Term (9+ months) • App/Infra Scorecard Plugin (DP) • RHDH LightSpeed AI Chatbot (DP) • Orchestrator is bundled with RHDH • GitLab support for Bulk Import • Adoption Insights on by default (GA) • Red Hat/Partner plugins certification program • MCP for RHDH • Install Dynamic Plugins from Extensions (GA) • Orchestrator (GA) • ServiceNow Tickets (Visibility) • AI Registry/Model Catalog Bridge (Openshift AI) • Adoption Insights is bundled with RHDH (TP) • FIPS compliance • Localization • Support for MSSQL database • RHDH Local (GA) • Dynamic Plugins (GA) • On Behalf-of authentication for Scaffolder • Be able to customize all entity pages • RBAC plugin to support several teams • Day 2 templates lifecycle management • Feedback Plugin • Learning Plugin • DYI Homepage • Aggregated values on Scorecard Plugin Templates / Actions • Openshift AI Templates Update • Platform • • Deploy multiple RHDH Backends • Gamification • Support for other SQL databases • Performance improvement • Search enhancements For CUSTOMERS/PROSPECTS
Kubernetes Tooling • More Kubernetes objects in UI • Mirror Registries • Refactoring of Kubernetes Informers • Continue supporting Podman releases ∙ Kubernetes Namespace Selection ∙ Create Kubernetes objects ∙ Bridge to remote Podman Hosts UI ∙ Image sharing with local K8s clusters ∙ Run multiple YAMLs ∙ Multi-arch container build with podman build farm ∙ Clair Vulnerability Image Scanner ∙ Move 2 Kube from Compose ∙ YAML object decypher (AI based) ∙ WASM ∙ SBOM Generation UX • Onboarding improvements • Status Bar Improvements • Tasks/Notifications System • Gather Feedback on Exp. Features ∙ Refine Docker Compatibility dedicated screen ∙ Improvements of the “Provider”/”Resource” screen ∙ Improve Logs Screens ∙ Dashboard Status Widgets ∙ Integrated CLI ∙ Better onboarding when user is starting from Ubuntu env in WSL ∙ Exploration on Tab based UI Containers Engine • On going effort GPU Acceleration Support ・ Support for libkrun podman machine (enable GPU acceleration for Mac) ・ GPU Acceleration Windows and Linux ∙ Performances benchmark tooling ∙ Unification of the Virtualization stack (podman machine, crc) ∙ Microshift as a container usable as local Kube engine ∙ Performances improvement with I/O and networking ∙ Extensibility Foundations ∙ Enablement Materials ∙ Webinars Now Near Future 104
Catalog UX to handle more categories and languages • Agent and function callings samples • Continue adding to the list of Models • Keep releasing new Granite versions ∙ Import recipe ∙ BeeFramework Agent Recipe ∙ Extend to architecture patterns with LLMs MCP • Podman Desktop to Support MCP Server ∙ Experiment dedicated MCP Client extension ∙ MCP Catalog Llama-stack (under analyze) ∙ Llama-stack Local ∙ Expend recipes with llama-stack samples Core • Replace Playground with OpenSource Component • Ongoing GPU acceleration support ∙ Ramalama Integration ∙ Compatibility vLLM ∙ Compatibility with OpenVino ∙ Compatibility with Modelfile, llamafile Models / Fine Tuning / RAG • Instruct Lab Intro Page • Instruct Lab access to container ∙ Instruct Lab UI ->IBM Cloud ∙ RAG UI with Docling integration bridged to Ramalama RAG • InstructLab Local • InstructLab RHEL AI Platform Enablement ∙ Connect to OpenShift AI model registry ∙ Deploy recipes to OpenShift AI ∙ AI-Application Services Catalog (pre-processing, post-processing, monitoring, model evaluation…) ∙ AI/ML packaging Now Near Future Podman AI Lab 105
months) Mid Term (6-9 months) Long Term (9+ months) Product Manager: Tony Wu ` oc-mirror oc-mirror v2 • Multi-arch filtering via Sparse Manifests OpenShift upgrade path tool: • Discover required mirror images for OpenShift upgrades Catalog inspection tool: • Improved operator catalog content inspection oc-mirror oc-mirror Roadmap * The roadmap is subject to change. Milestones presented here are provisional and based on current estimates. ` oc-mirror oc-mirror v2 • Detect and mirror SigStore signatures • Public key mirroring for offline verification (rekorKey) • Customizable CatalogSource name • Improved environment variable parsing for `ImagePaths` oc-mirror v2 • Improved dry-run output and manifest generation • Certificate authentication support • Windows support • Arm support 107
Support Cadence Red Hat Advanced Cluster Security for Kubernetes Version GA Full support ends Maintenance support ends 4.4 Mar 28, 2024 Sep 28, 2024 Jan 28, 2025 4.3 Nov 15, 2023 Jun 15, 2024 n/a 4.2 Sep 18, 2023 Mar 18, 2024 n/a 4.1 Jun 29, 2023 Dec 29, 2023 n/a 4.0 May 3, 2023 Nov 3, 2023 n/a 10 Month Version Support : 6M Full, 4M Maintenance As of 2024 ▸ 3 major versions per year ▸ Roughly aligned with OpenShift release cycle ▸ 10 Month Support Plan (*) ▸ ACS 4.5 - Early Q3 2024 (target) ▸ ACS 4.6 - Late Q4 2024 (target) ▸ ACS 4.7 - Q1 2025 (target) (*) Plan is subject to change without notice Apr ‘23 Apr ‘24 Jul ‘23 Oct ‘23 Jan ‘24 Jul ‘24 Oct ‘24 Jan ‘25 4.0 4.2 4.1 4.3 (**) (**) 4.3 Full support extended to 7 months 4.4 Product Manager: Boaz Michaely
redhatlivestreaming
maggiecrowley
keithpitt
destraynor
tammyeverts
mclloyd
denniskardys
aki_iinuma
trallard
garrettdimon
bkeepers
gr2m
sergeychernyshev
