IBM Support

Cloud Pak for Security: What does IPI and UPI stand for?

Question & Answer


Question

Both IPI and UPI are referenced throughout documentation. What does IPI and UPI stand for?

Cause

IPI and UPI are an important primer to understand and conceptualize the requirements for deploying a successful Red Hat OpenShift cluster in a cloud orchestration model. Red Hat OpenShift is the cloud orchestration cluster that CP4S installs within and is heavily reliant on a supporting cast of data center infrastructure services to properly function. Control planes manage the Red Hat OpenShift Container Platform and control the workloads on the compute nodes. Control planes are integral for securely storing the cluster secrets, role-based access control (RBAC) settings, and other Operators.

Answer

There are two installation models of Red Hat OpenShift, UPI for enterprise deployments and IPI for small deployments:
  • User Provisioned Infrastructure (UPI): The UPI installation is highly customizable and tunable. The infrastructure is not configured within the installation of Red Hat OpenShift, and the cluster heavily relies on the proper configuration of the following services:
    - DHCP
    - DNS
    - Proxy
    - Router
    - NAT
    - Firewall
    - web hosting
    - LDAP (Active Directory or equivalent)
    - TFTP/SFTP server
    - NFS (NAS or equivalent tuned Linux server)
    NOTE: Given the customization and flexibility of an UPI installation, this methodology would be the most representative for an on-premises enterprise deployment.
  • Installer Provisioned Infrastructure (IPI): The IPI installation provides a turn-key solution and includes all the necessary infrastructure services within the Red Hat OpenShift cluster. Significant planning must be done before deployment to ensure your team calculated and sized correctly the capacity, size of the deployment, and number of control planes. Furthermore, the load balancer that is built into the Red Hat OpenShift cluster that fronts the installed applications, cannot be replaced. This load balancer could easily become a bottleneck if the application workloads suddenly require an enterprise load balancer.

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTDPP","label":"IBM Cloud Pak for Security"},"ARM Category":[{"code":"a8m3p0000000rbnAAA","label":"Administration Task"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
02 November 2022

UID

ibm16603739

Page Feedback