Red Hat deepens AI and security focus

Open-source technology company Red Hat has launched the latest version of its hybrid cloud application platform Red Hat OpenShift 4.20.

Powered by Kubernetes, the platform includes capabilities for accelerating AI workloads, strengthening core platform security and enhancing virtualisation strategies consistently from the data centre, to public clouds, and the edge.

As organisations navigate increasing complexity and expanding regulatory requirements, Red Hat says they need a more consistent and reliable platform to bridge diverse applications and services across their entire IT footprint.

According to the company, there is a growing need for capabilities that support digital sovereignty, which requires organisations to maintain expansive control over their cloud destiny – deciding precisely which applications and data must run in-house and which exist outside that domain.

Red Hat OpenShift 4.20 is designed to provide a unified and more efficient foundation with systems security at its core. It supports sovereign deployments while accelerating the development and deployment of applications and AI workloads across hybrid cloud environments.

“The pace of innovation in enterprise IT is accelerating, driven by the demands of AI and a shifting landscape caused by new regulations and corporations needing to mix sovereignty into their technology investments,” says Mike Barrett, Red Hat VP and GM for hybrid cloud platforms.

“With Red Hat OpenShift 4.20, we are delivering a foundation that not only keeps pace with these changes but helps our customers lead them. We’re providing the tools to unify their infrastructure, from legacy virtual machines to modern approaches for virtualisation, all while maintaining the enhanced security posture, confidence and production control that is essential for market changes coming in 2026.”

Security and core manageability

The release features several updates aimed at enhancing the platform’s security capabilities for current and emerging enterprise requirements. Red Hat OpenShift 4.20 includes measures tailored for sovereignty-focused environments and adds initial support for post-quantum cryptography (PQC) algorithms for mTLS, offering long-term cryptographic protection for communication between control plane components.

The update expands operational flexibility within the core platform and adds new security features for Red Hat OpenShift Platform Plus users. This includes the general availability of Red Hat Advanced Cluster Security 4.9, as well as updates to Red Hat Trusted Artifact Signer and Red Hat Trusted Profile Analyzer to support easier management and analysis of security data.

A zero trust workload identity manager is planned for release later this year to provide identity attestation for both machines and users across federated environments.

Additional features focused on control and identity include:

• Gain identity management flexibility and control: Bring-your-own OpenID Connect enables customers to use their existing OpenID Connect (OIDC) infrastructure, supporting greater control over user data.
• Significantly lower cost pod-to-pod mTLS encryption, identity-based traffic policies, observability and more with “sidecar-less” ambient mode with Red Hat OpenShift Service Mesh, helping reduce infrastructure costs, operational complexity, and resource overhead.
• Simplify external secret management with a cluster-wide service: The External Secrets Operator (ESO) provides lifecycle management for secrets fetched from external secret management systems, helping improve security.
• Reduce infrastructure costs with high availability on smaller footprints: Two-node OpenShift with arbiter supports a new high-availability form factor, reducing infrastructure costs without sacrificing resiliency.
• Enhance network integration and performance for on-premises deployments: Border Gateway Protocol (BGP) in OVN-Kubernetes delivers new networking capabilities to on-premises environments by providing continuous route exchange between OpenShift and external network fabrics, which means faster adaptation to network changes, VM migration or failover events.

Scaling AI

Red Hat OpenShift 4.20 can accelerate AI projects to run in production faster, more reliably, and with more confidence. New capabilities are designed to streamline the deployment and management of complex AI workloads, making them easier to scale and manage.

For example, the LeaderWorkerSet (LWS) API for AI workloads can simplify the management of large, distributed AI workloads with automated orchestration and scaling.

Deployment time can be reduced using Image volume source for AI workloads, which allows new models to be integrated without rebuilding application containers. These features provide functionality for Red Hat OpenShift AI or other AI platforms to help customers move from experimentation to production. Model Context Protocol (DP) enables cluster management via developer tools like Visual Studio Code.

Virtualisation

Red Hat continues to optimise Red Hat OpenShift Virtualisation, enabling customers to manage virtual machines (VMs) alongside containers and cloud-native applications from a single platform.

The addition of CPU load-aware rebalancing and Arm support can improve performance and resource utilisation for virtualised workloads, while expanded hybrid cloud support extends Red Hat OpenShift Virtualisation to bare-metal deployments on Oracle Cloud, giving organisations control over their infrastructure and the placement of their data.

With enhanced storage offloading functionality, the migration toolkit for virtualisation can significantly accelerates VM migration from legacy virtualisation solutions to OpenShift Virtualisation through existing storage resources.