Senior Manager, OpenShift Product Management and Distinguished Engineer
Red Hat OpenShift 4.22 delivers a platform designed to meet the necessary balance of agility, security, and efficiency for your IT team. This release introduces significant advancements across the board, from hardening zero-trust security and streamlining hybrid cloud virtualization to automating complex cluster operations and providing a robust, production-ready foundation for AI/ML workloads. By shifting the focus from manual management to intelligent, platform-native automation, OpenShift 4.22 empowers organizations to modernize their infrastructure without the operational friction, ensuring your business applications and next-generation AI initiatives can thrive on the same trusted, scalable foundation.What is OpenShift?Red Hat OpenShift is an application platform that can run either on your own private infrastructure or on the public cloud, or on both as a hybrid cloud solution.Security and complianceIn the 4.22 release, Red Hat OpenShift continues to harden its platform foundation to meet growing security standards, helping reduce the manual effort of compliance and risk mitigation. By shrinking the attack surface at the base layer and modernizing identity management, the platform makes it easier for organizations to adopt a rigorous zero-trust architecture without introducing operational friction. These foundational architectural advancements translate directly into benefits for customers:Minimized vulnerability overhead: By migrating core Red Hat OpenShift payload components to a minimal Red Hat Universal Base Image (UBI), the platform strips away non-essential packages to reduce the overall attack surface. This means fewer CVE disclosures, reduced patching cadence, and less time spent on emergency maintenance.Accelerated audit and compliance sign-offs: Platform operators are transitioning to dedicated, least-privilege identities. Now infrastructure is aligned with security best practices, reducing common audit findings and accelerating compliance timelines.Elimination of static credential risk: With SPIRE and Red Hat OpenShift Service Mesh leveraging the zero trust workload identity manager, the platform introduces dynamic, cryptographic identity verification. This removes reliance on vulnerable static secrets, helping cloud-native environments to be more secure against credential theft or leakage without manual intervention.Hardware-isolated protection for sensitive data and AI: With Red Hat OpenShift sandboxed containers 1.12, support for confidential containers on bare metal is now generally available. This release also introduces confidential AI as technology preview. Organizations can isolate and run highly sensitive workloads and proprietary AI algorithms inside a cryptographically isolated slice of memory and CPU, providing data privacy even during runtime execution.Simplifying hybrid cloud virtualizationTo achieve hybrid cloud flexibility, organizations must eliminate the barriers between legacy architectures and modern cloud-native platforms. In this latest release, Red Hat OpenShift Virtualization makes it easier to migrate and manage virtual machines (VMs) across your environments. Organizations can modernize their infrastructure without disrupting operations using the platform's enterprise-grade data protection, and optimized edge footprints. These enhancements deliver advantages for enterprise customers:Network integration and continuity: The new ethernet virtual private network (EVPN) integration with user-defined networks allows teams to connect containerized and virtualized workloads to external infrastructure. Additionally, because static IPs are automatically persisted during VM migrations, organizations can transition critical workloads without risking downtime or requiring complex network reconfiguration.Streamlined enterprise data protection: Customers can now leverage volume groups to execute multi-volume snapshots for VMs. This provides a crash-consistent backup mechanism that simplifies disaster recovery workflows and helps meet strict compliance with enterprise data protection policies.Cost-effective, high-availability edge deployments: The introduction of two-node OpenShift with fencing provides a highly resilient, resource-efficient option tailored for constrained edge environments. This allows organizations to extend their hybrid cloud footprint to remote locations more safely, minimizing hardware overhead while maintaining fault tolerance and automated recovery.Automating cluster lifecycle and operationsScaling cloud operations requires a shift from manual cluster management to intelligent, automated infrastructure. In this release, OpenShift expands its built-in platform intelligence designed to optimize resource usage and lower operational overhead. By introducing production-ready, workload-aware scaling alongside heightened multi-tenant security boundaries, the platform helps to keep costs low and environments compliant:Just-in-time compute right-sizing: Red Hat build of Karpenter, now generally available for Red Hat OpenShift Service on AWS with hosted control planes (HCP), delivers a high-performance, fully-managed autoscaler. Instead of relying on rigid, over-provisioned machine pools, it dynamically evaluates active workload needs to spin up the instance sizes required, boosting resource utilization and cutting unnecessary compute spend.Automated cloud cost optimization: Customers running Red Hat OpenShift Service on AWS with hosted control planes (HCP) can now integrate AWS EC2 Spot Instances into their scaling strategies. The platform can leverage these deeply discounted, short-term instances for fault-tolerant workloads and gracefully falls back to on-demand capacity when needed, realizing cost optimization without sacrificing overall application availability.Sovereignty-ready multi-tenant isolation: To support strict regulatory and data privacy frameworks, this release delivers enhanced isolation for HCP. By establishing network and administrative boundaries between tenant control planes, the platform ensures that multi-cluster environments maintain the highest levels of structural separation, preventing cross-tenant data exposure and streamlining compliance validation.Orchestrating enterprise AI/ML workloadsScaling AI from experimental pilots to production systems requires orchestration and strict governance. In this release, Red Hat OpenShift focuses on reducing the operational barriers that stall AI initiatives by introducing standardized distributed training and integration frameworks. By embedding these capabilities directly into the OpenShift fabric, organizations can accelerate their time-to-value for machine learning initiatives while providing security and structural control. This creates a robust, scalable foundation that integrates with Red Hat OpenShift AI for end-to-end model and agent lifecycle management:Streamlined distributed training at scale: The general availability of the JobSet operator allows teams to coordinate multiple related Kubernetes jobs as a single, cohesive unit. For data science and ML engineering teams, this simplifies the complex orchestration required for large-scale distributed training runs and LLM fine-tuning, ensuring that tightly coupled workloads fail or succeed together and maximizing the use of expensive GPU compute.Unified, cluster-aware AI integration: Introduced as a technology preview, the model context protocol (MCP) server for Red Hat OpenShift gives AI agents controlled, Role Based Access Control (RBAC) enforced access to cluster-level operations and insights, from Kubernetes resources and Helm releases to Prometheus metrics and Red Hat OpenShift Virtualization workloads. The companion MCP gateway, also in technology preview, provides a managed entry point that federates multiple MCP servers behind a single endpoint with authentication, authorization, and horizontal scaling. Together, they help AI-driven cluster interactions remain secure, auditable, and governed. When combined with Red Hat OpenShift AI, organizations gain additional capabilities including a governed catalog of approved MCP servers and end-to-end agent traceability.With OpenShift 4.22 updates to security, virtualization, cloud operations, and AI orchestration reveal a focus on making infrastructure easier to manage. Red Hat OpenShift is lightening the day to day burden of compliance, cost management, and system tuning of infrastructure teams. By building automation, security boundaries, and smarter scaling tools directly into the platform foundation, this release allows organizations to more safely run their everyday business applications and new AI workloads on the same reliable infrastructure.Try Red Hat OpenShift 4.22 todayGet started today with the Red Hat Hybrid Cloud Console and take advantage of the latest features and enhancements in OpenShift. To find out what's next, check out the following resources:What's new and what's next in Red Hat OpenShiftRed Hat interactive experiencesIn the cloudsRed Hat OpenShift YouTube channelRed Hat OpenShift blogsRed Hat OpenShift commonsRed Hat Developer blogsRed Hat Portfolio Architecture CenterValidated patternsThe complete list of the Red Hat OpenShift 4.22 updates are in the Red Hat OpenShift 4.22 release notes. Send us feedback through your Red Hat contacts, or create an issue on GitHub.






