This document describes the integrations that Cluster Services for OpenShift implements for OpenShift clusters that run on Google Cloud. These integrations let you use Google services to create solutions for the applications that you deploy on OpenShift clusters that run on Google Cloud.
All integrations
The following table describes the Google services that Cluster Services for OpenShift lets you use with OpenShift clusters that run on Google Cloud:
Use case
Google service
Integration layer components of Cluster Services for OpenShift
Block storage
Google Cloud Hyperdisk
Block storage
Persistent Disk
Managed file storage
Filestore
Monitoring
Google Cloud Managed Service for Prometheus
Monitoring
Cloud Monitoring
Sensitive data management
Secret Manager
Private certificate authorities (CA) management
Certificate Authority Service
Identity management
Workload Identity Federation
Identity management
Google Identity
Block storage integrations
To provision block storage for your applications that run on self-managed OpenShift clusters on Google Cloud, Cluster Services for OpenShift provides built-in integrations with the following services: Hyperdisk and Persistent Disk.
Integration layer components: To enable the integrations with these services, Cluster Services for OpenShift uses the following components in its integration layer:
Customizations for OpenShift: To help you better use these services with your OpenShift clusters that run on Google Cloud, Cluster Services for OpenShift implements the following customizations:
- With Hyperdisk, support for OpenShift Virtualization by providing multi-writer support on bare metal Compute Engine instances. This feature is in Preview.
- With Persistent Disk, support for storage pools in the CSI driver.
For information about how to configure and use Hyperdisk and Persistent Disk with OpenShift clusters that run on Google Cloud, see the Red Hat document Persistent storage using Persistent Disk.
File storage integrations
To provision file storage for your applications that run on self-managed OpenShift clusters on Google Cloud, Cluster Services for OpenShift provides built-in integration with Filestore.
Integration layer components: To enable the integration with Filestore, Cluster Services for OpenShift uses the following components in its integration layer:
Customizations for OpenShift: To help you better use Filestore with your OpenShift clusters that run on Google Cloud, Cluster Services for OpenShift lets you deploy Filestore instances that are smaller than 1 TB. This feature is in Preview.
For information about how to configure and use Filestore with OpenShift clusters that run on Google Cloud, see the Red Hat document Google Cloud Filestore CSI driver operator.
Monitoring integrations
To set up monitoring for your applications that run on self-managed OpenShift clusters on Google Cloud, Cluster Services for OpenShift provides built-in integrations with the following services: Google Cloud Managed Service for Prometheus and Cloud Monitoring.
As part of your OpenShift deployment, if you have any dependency on the Prometheus ecosystem, such as using PromQL clients or Grafana dashboards, then we recommend that you set up monitoring by using Google Cloud Managed Service for Prometheus.
Integration layer components: To enable integrations with these services, Cluster Services for OpenShift uses the following components in its integration layer:
Customizations for OpenShift: To help you better use Google Cloud Managed Service for Prometheus with your OpenShift clusters that run on Google Cloud, Cluster Services for OpenShift lets you set up the ingestion of OpenTelemetry prometheus metrics. This feature is in Preview.
For information about how to configure metrics forwarding to Cloud Monitoring from OpenShift clusters that run on Google Cloud, see Forwarding telemetry data to Google Cloud.
For information about how to configure metrics forwarding to Google Cloud Managed Service for Prometheus from OpenShift clusters that run on Google Cloud, see Forwarding telemetry data to Google-managed Prometheus.
Sensitive data management integrations
To manage sensitive data for your applications that run on self-managed OpenShift clusters on Google Cloud, Cluster Services for OpenShift provides built-in integration with Secret Manager.
Integration layer components: To enable integrations with Secret Manager, Cluster Services for OpenShift uses the following components in its integration layer:
Customizations for OpenShift: To help you better use Secret Manager with your OpenShift clusters that run on Google Cloud, Cluster Services for OpenShift lets you use Secret Manager with private OpenShift clusters.
For more information about how to use the secrets store CSI driver to configure and use Secret Manager with OpenShift clusters that run on Google Cloud, see the Red Hat document Secrets store container storage interface driver operator.
For more information about how to use the external secrets operator interface to configure and use Secret Manager with OpenShift clusters that run on Google Cloud, see the Red Hat document External secrets operator for Red Hat OpenShift.
Private certificate authorities management integrations
To simplify the deployment, managament, and security of private certificate authorities (CAs) for use with applications that run on self-managed OpenShift clusters on Google Cloud, Cluster Services for OpenShift provides built-in integration with CA Service.
Integration layer components: To enable the integration with CA Service, Cluster Services for OpenShift uses the following components in its integration layer:
Customizations for OpenShift: To help you better use CA Service with your OpenShift clusters that run on Google Cloud, Cluster Services for OpenShift implements the Secret Manager plugin in the
cert-managerplugin.
For information about how to configure and use CA Service
with OpenShift clusters that run on Google Cloud, see
the Red Hat document
cert-manager operator for Red Hat OpenShift.
Identity management integrations
To enable identity management for your applications that run on self-managed OpenShift clusters on Google Cloud, Cluster Services for OpenShift provides built-in integrations with the following services: Workload Identity Federation and Google Identity.
Integration layer components: To enable integrations with these services, Cluster Services for OpenShift uses the following components in its integration layer:
- To enable integration with Workload Identity Federation, Cluster Services for OpenShift uses the following components in its integration layer:
- To integrate with Google Identity, Cluster Services for OpenShift uses Cluster authentication operator in its integration layer.
Customizations for OpenShift: To help you better use Workload Identity Federation with your OpenShift clusters that run on Google Cloud, Cluster Services for OpenShift lets you configure Workload Identity Federation without a publicly accessible Cloud Storage bucket. This feature is in Preview.
For information about how to configure and use Workload Identity Federation with OpenShift clusters that run on Google Cloud, see the Red Hat document Configuring a Google Cloud cluster to use short-term credentials.
For information about how to configure and use Google Identity with OpenShift clusters that run on Google Cloud, see the Red Hat document Configuring a Google identity provider.