Red Hat SummitChapter 4. Technology Previews
This section provides a list of all Technology Previews available in OpenShift sandboxed containers 1.12.
See Technology Preview Features Support Scope for more information.
- Confidential containers with GPU
You can deploy confidential containers along with graphics processing unit (GPU) hardware on bare-metal clusters by utilizing NVIDIA H100 GPUs and NVIDIA confidential computing functionalities. This feature extends hardware-based Trusted Execution Environment (TEE) protections to GPU-accelerated workloads by safeguarding sensitive data and models during GPU computation. It offers GPU memory encryption, attestation, and isolation for sensitive compute workloads.
These functionalities reduce the risk of data breaches and ensure compliance with data protection regulations during GPU-accelerated inference and training workloads. This feature is available as a Technology Preview and tested for NVIDIA H100 GPUs with Confidential Computing capabilities on bare-metal OpenShift Container Platform clusters.
- Deploying Red Hat build of Trustee on bare metal
The current release supports deploying Red Hat build of Trustee on bare-metal servers.
Deploying Red Hat build of Trustee on bare metal in disconnected environment
The current release supports deploying Red Hat build of Trustee on bare-metal servers in a disconnected network environment. This feature is a security enhancement, enabling you to run confidential containers workloads without connecting to the internet.
- Intel® TDX remote attestation on bare-metal servers
The current release supports the remote attestation infrastructure used by Intel® Trust Domain Extensions (TDX) on bare-metal servers. The infrastructure includes the following components:
- Data Center Attestation Primitives (DCAP): Software framework that provides the core libraries for the attestation process.
- Quote Generation Service (QGS): Service responsible for generating and signing the cryptographic proof.
- Provisioning Certification Caching Service (PCCS): Service responsible for local caching of cryptographic credentials.
- OpenShift sandboxed containers and confidential containers on IBM Z and IBM LinuxONE with peer pods
This release supports OpenShift sandboxed containers and confidential containers workloads on IBM Z® and IBM® LinuxONE (s390x architecture) by using peer pods.
Jira:KATA-2030
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}