Convert Figma logo to code with AI

okd-project logookd

The self-managing, auto-upgrading, Kubernetes distribution for everyone

1,708
294
1,708
10

Top Related Projects

8,481

Conformance test suite for OpenShift

109,710

Production-Grade Container Scheduling and Management

23,337

Complete container management platform

27,529

Lightweight Kubernetes

Quick Overview

OKD is the community distribution of Kubernetes that powers Red Hat OpenShift. It is a Kubernetes distribution optimized for continuous application development and multi-tenant deployment. OKD adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams.

Pros

  • Free and open-source alternative to Red Hat OpenShift
  • Includes additional features and tools for developers and operators
  • Regular updates and community-driven development
  • Seamless integration with various cloud providers and on-premises infrastructure

Cons

  • Steeper learning curve compared to vanilla Kubernetes
  • May require more resources to run than a basic Kubernetes cluster
  • Less enterprise support compared to commercial OpenShift offerings
  • Some features may be less stable or mature compared to OpenShift

Getting Started

To get started with OKD, follow these steps:

  1. Ensure you have the necessary prerequisites installed (e.g., Docker, virtualization software).
  2. Download the latest OKD release from the official GitHub repository.
  3. Use the provided installation scripts or follow the documentation to set up an OKD cluster.
  4. Once installed, access the OKD web console or use the oc command-line tool to interact with your cluster.

For detailed installation instructions and configuration options, refer to the official OKD documentation at https://docs.okd.io/.

Competitor Comparisons

8,481

Conformance test suite for OpenShift

Pros of Origin

  • More extensive documentation and community support
  • Closer alignment with Red Hat's enterprise OpenShift product
  • Regular updates and contributions from Red Hat developers

Cons of Origin

  • Less focus on community-driven development
  • Stricter licensing terms compared to OKD
  • Potentially slower adoption of new features from upstream Kubernetes

Code Comparison

OKD:

apiVersion: config.openshift.io/v1
kind: ClusterVersion
metadata:
  name: version
spec:
  channel: stable-4.x

Origin:

apiVersion: config.openshift.io/v1
kind: ClusterVersion
metadata:
  name: version
spec:
  channel: candidate-4.x

The main difference in the code snippets is the channel field, where OKD uses the "stable" channel, while Origin uses the "candidate" channel, reflecting their different release cycles and stability targets.

Both projects aim to provide an open-source Kubernetes distribution with additional features and tooling. OKD is more community-focused and allows for greater flexibility, while Origin serves as the upstream project for Red Hat's OpenShift product, offering closer alignment with the enterprise version but with more restrictive licensing.

109,710

Production-Grade Container Scheduling and Management

Pros of kubernetes

  • Larger community and more extensive ecosystem
  • More frequent updates and releases
  • Broader platform support and compatibility

Cons of kubernetes

  • Steeper learning curve for beginners
  • Requires more manual configuration and setup
  • Less integrated with enterprise features out-of-the-box

Code Comparison

kubernetes:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx

okd:

apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
  name: nginx-deployment
spec:
  replicas: 3
  selector:
    app: nginx

The main difference in the code examples is the use of DeploymentConfig in okd, which is an OpenShift-specific resource, compared to the standard Kubernetes Deployment resource. okd also uses a different API version and group for its resources.

okd, being based on OpenShift, provides additional features like integrated CI/CD pipelines, built-in image registry, and enhanced security policies. However, kubernetes offers more flexibility and is widely adopted across various cloud providers and on-premises environments.

Both projects are open-source and actively maintained, with kubernetes having a larger contributor base and more frequent updates. okd benefits from Red Hat's enterprise support and integration with other Red Hat products.

23,337

Complete container management platform

Pros of Rancher

  • User-friendly web interface for managing multiple Kubernetes clusters
  • Supports multiple cloud providers and on-premises deployments
  • Includes built-in monitoring, logging, and alerting features

Cons of Rancher

  • Less tightly integrated with Red Hat ecosystem
  • May require additional setup for advanced OpenShift-specific features
  • Potentially higher resource requirements for management plane

Code Comparison

OKD (OpenShift):

apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
  name: example-app
spec:
  replicas: 3
  template:
    spec:
      containers:
      - name: app-container
        image: example-image:latest

Rancher:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: example-app
spec:
  replicas: 3
  template:
    spec:
      containers:
      - name: app-container
        image: example-image:latest

The main difference in the code examples is that OKD uses a DeploymentConfig resource, which is specific to OpenShift, while Rancher uses the standard Kubernetes Deployment resource. This highlights OKD's tighter integration with OpenShift-specific features, while Rancher focuses on managing standard Kubernetes resources across multiple clusters and providers.

27,529

Lightweight Kubernetes

Pros of k3s

  • Lightweight and resource-efficient, ideal for edge computing and IoT devices
  • Simple installation process with a single binary
  • Includes built-in storage and load balancing solutions

Cons of k3s

  • Limited scalability for large enterprise deployments
  • Fewer advanced features compared to full Kubernetes distributions
  • Smaller community and ecosystem compared to OKD

Code Comparison

k3s installation:

curl -sfL https://get.k3s.io | sh -

OKD installation (simplified):

ansible-playbook -i inventory.yml openshift-ansible/playbooks/deploy_cluster.yml

k3s is designed for simplicity, with a single-line installation process. OKD, being a full-featured distribution, requires more complex setup steps, typically using Ansible playbooks.

Both projects aim to provide Kubernetes-based container orchestration, but with different focuses. k3s prioritizes lightweight deployments and ease of use, while OKD offers a more comprehensive enterprise-grade solution based on OpenShift.

k3s is better suited for small-scale deployments, edge computing, and environments with limited resources. OKD, on the other hand, excels in large-scale enterprise environments, offering advanced features and robust security measures.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

OKD: The Community Distribution of Kubernetes that powers Red Hat's OpenShift

Licensed under Apache License version 2.0

OKD is the community distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. OKD adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams. OKD is also referred to as Origin in github and in the documentation. OKD makes launching Kubernetes on any cloud or bare metal a snap, simplifies running and updating clusters, and provides all of the tools to make your containerized-applications succeed.

This repository covers OKD4 and newer.

Open issues and ideas are tracked in the okd/community repo.

The meeting calendar shows regular working group meetings, currently on Tuesdays.

Getting Started

To obtain the openshift installer and client, visit /releases for stable versions. For information on testing pre-release builds, please see the community testing page

Extract the downloaded tarballs and copy the binaries into your PATH. Then run the following from an empty directory:

$ openshift-install create cluster

You'll be prompted to choose a platform to install to - AWS is currently the best place to start with OKD4 while we get Fedora CoreOS machine images set up in the other clouds.

You will need to have cloud credentials set in your shell properly before installation. You must have permission to configure the appropriate cloud resources from that account (such as VPCs, instances, and DNS records). You must have already configured a public DNS zone on your chosen cloud before the install starts.

You will also be prompted for a pull-secret that will be made available to all of of your machines - for OKD4 you should either paste the pull-secret you use for your registry, or paste {"auths":{"fake":{"auth":"aWQ6cGFzcwo="}}} to bypass the required value check (see bug #182).

Once the install completes successfully (usually 30m on AWS) the console URL and an admin username and password will be printed. If your DNS records were correct, you should be able to log in to your new OKD4 cluster!

To undo the installation and delete any cloud resources created by the installer, run

$ openshift-install destroy cluster

Learn more about the installer

The OpenShift client tools for your cluster can be downloaded from the web console.

Features

  • A fully automated distribution of Kubernetes on all major clouds and bare metal, OpenStack, and other virtualization providers
    • Easily build applications with integrated service discovery and persistent storage.
    • Quickly and easily scale applications to handle periods of increased demand.
      • Support for automatic high availability, load balancing, health checking, and failover.
    • Access to the Operator Hub for extending Kubernetes with new, automated lifecycle capabilities
  • Developer centric tooling and console for building containerized applications on Kubernetes
    • Push source code to your Git repository and automatically deploy containerized applications.
    • Web console and command-line client for building and monitoring applications.
  • Centralized administration and management of an entire stack, team, or organization.
    • Create reusable templates for components of your system, and iteratively deploy them over time.
    • Roll out modifications to software stacks to your entire organization in a controlled fashion.
    • Integration with your existing authentication mechanisms, including LDAP, Active Directory, and public OAuth providers such as GitHub.
  • Multi-tenancy support, including team and user isolation of containers, builds, and network communication.
    • Allow developers to run containers securely with fine-grained controls in production.
    • Limit, track, and manage the developers and teams on the platform.
  • Integrated container image registry, automatic edge load balancing, and full spectrum monitoring with Prometheus.

Learn More

For questions or feedback, reach us on Kubernetes Slack on #openshift-users or post to our mailing list.

What can I run on OKD?

OKD is designed to run any Kubernetes workload. It also assists in building and developing containerized applications through the developer console.

For an easier experience running your source code, Source-to-Image (S2I) allows developers to simply provide an application source repository containing code to build and run. It works by combining an existing S2I-enabled container image with application source to produce a new runnable image for your application.

You can see the full list of Source-to-Image builder images and it's straightforward to create your own. Some of our available images include:

What sorts of security controls does OpenShift provide for containers?

OKD runs with the following security policy by default:

  • Containers run as a non-root unique user that is separate from other system users
    • They cannot access host resources, run privileged, or become root
    • They are given CPU and memory limits defined by the system administrator
    • Any persistent storage they access will be under a unique SELinux label, which prevents others from seeing their content
    • These settings are per project, so containers in different projects cannot see each other by default
  • Regular users can run Docker, source, and custom builds
    • By default, Docker builds can (and often do) run as root. You can control who can create Docker builds through the builds/docker and builds/custom policy resource.
  • Regular users and project admins cannot change their security quotas.

Many containers expect to run as root (and therefore edit all the contents of the filesystem). The Image Author's guide gives recommendations on making your image more secure by default:

  • Don't run as root
  • Make directories you want to write to group-writable and owned by group id 0
  • Set the net-bind capability on your executables if they need to bind to ports < 1024

If you are running your own cluster and want to run a container as root, you can grant that permission to the containers in your current project with the following command:

# Gives the default service account in the current project access to run as UID 0 (root)
oc adm policy add-scc-to-user anyuid -z default

See the security documentation more on confining applications.

Contributing

OKD is built from many different open source projects - Fedora CoreOS, the CentOS and UBI RPM ecosystems, cri-o, Kubernetes, and many different extensions to Kubernetes. The openshift organization on GitHub holds active development of components on top of Kubernetes and references projects built elsewhere. Generally, you'll want to find the component that interests you and review their README.md for the processes for contributing.

Community process and questions can be raised in our community repo and issues opened in this repository (Bugzilla locations coming soon).

Our unified continuous integration system tests pull requests to the ecosystem and core images, then builds and promotes them after merge. To see the latest development releases of OKD visit our continuous release page. These releases are built continuously and expire after a few days. Long lived versions are pinned and then listed on our stable release page.

All contributions are welcome - OKD uses the Apache 2 license and does not require any contributor agreement to submit patches. Please open issues for any bugs or problems you encounter, ask questions on the OpenShift IRC channel (#openshift-dev on freenode), or get involved in the Kubernetes project at the container runtime layer.

See Contributing Guide for more technical examples.

Security Response

If you've found a security issue that you'd like to disclose confidentially please contact Red Hat's Product Security team. Details at https://access.redhat.com/security/team/contact

Frequently asked questions

We collect frequently asked questions and their answers on this page: Frequently Asked Questions

Known Issues

Known issues and possible workarounds are documented on this page: Known Issues

License

OKD is licensed under the Apache License, Version 2.0. Some components may be licensed differently - consult individual repositories for more.