2.2. New and changed features
- You can now install OpenShift Virtualization by using the CLI to apply manifests to your OpenShift Container Platform cluster.
OpenShift Virtualization is certified in Microsoft’s Windows Server Virtualization Validation Program (SVVP) to run Windows Server workloads.
The SVVP Certification applies to:
- Red Hat Enterprise Linux CoreOS 8 workers. In the Microsoft SVVP Catalog, they are named Red Hat OpenShift Container Platform 4 on RHEL CoreOS 8.
- Intel and AMD CPUs.
- OpenShift Virtualization rotates and renews TLS certificates at regular intervals. This automatic process does not disrupt any operations.
- This release features significant security enhancements. OpenShift Virtualization now supports SELinux with Mandatory Access Control (MAC) for isolating virtual machines (VMs). Previously, all VMs were managed by using privileged Security Context Constraints (SCC). Now, you can use less privileged custom SCCs for VMs and limit the use of privileged SCCs to infrastructure containers in the cluster.
-
You can now enable access to your Red Hat Enterprise Linux entitlement for RHEL virtual machines. Configure the
virt-who
daemon to report the running VMs in your OpenShift Container Platform cluster. This gives the Red Hat Subscription Manager in the RHEL VM access to your entitlements.
2.2.1. Supported guest operating systems
OpenShift Virtualization guests can use the following operating systems:
- Red Hat Enterprise Linux 6, 7, and 8.
- Microsoft Windows Server 2012 R2, 2016, and 2019.
- Microsoft Windows 10.
Other operating system templates shipped with OpenShift Virtualization are not supported.
2.2.2. Networking
- OpenShift Virtualization is now integrated with the OpenShift Container Platform Single Root I/O Virtualization (SR-IOV) Operator. You can now attach virtual machines to SR-IOV networks in your cluster.
- MAC address pool is now supported in OpenShift Virtualization. It is disabled by default in the cluster and can be enabled per namespace.
2.2.3. Storage
- You can now configure the Volume Mode and Access Mode for a virtual disk when you add a disk to a virtual machine in the web console. This is also possible when adding a disk to a new virtual machine using the wizard.
- Using OpenShift Container Storage (OCS) with OpenShift Virtualization gives you the benefits of fault-tolerant storage and the ability to live migrate between nodes.
-
You can now use the Containerized Data Importer (CDI) to import, upload, and clone virtual machine disks into namespaces that are subject to CPU and memory resource restrictions. The default compute resource limits are set to
0
but administrators can configure the resource limits applied to CDI worker Pods.
-
The
virtctl
tool can now use aDataVolume
when uploading virtual machine disks to the cluster. This helps prevent virtual machines from being inadvertently started before an upload has completed.
- OpenShift Container Storage DataVolumes have been enhanced with conditions and events that make it easier to understand the state of virtual disk imports, clones, and upload operations. Conditions and events also simplify troubleshooting.
2.2.4. Web console
- In the web console, the sidebar items Virtual Machines and Virtual Machine Templates have been replaced by a single sidebar menu item labeled Virtualization. When you click Virtualization, you have access to two tabs: Virtual Machines and Virtual Machine Templates.
- You can now configure the scheduling properties of virtual machines by accessing the Scheduling and resources requirements section of the Virtual Machine Details page. For example, you can view and manage affinity rules, dedicated resources, and tolerations for tainted nodes. You can also search for nodes with labels that match specific key/value pairs by using the Node Selector.
-
You can now add secrets, ConfigMaps, and service accounts to a virtual machine on the Virtual Machine Overview
Environment page of the OpenShift Container Platform web console. You can also remove these resources on the same page.