It s probably because of the swimming goggles target group for OpenShift product, but indeed default policies are more strict there than on Kubernetes. For example, most of container images available on forbids to run a container as root and even many of official images don t meet this requirement. That s why people are sometimes confused and angry because they cannot run simple apps like they used to on Kubernetes. There s an easy way to disable that policy, but still it shows a different approach to security.

Also, RBAC was an integral part of OpenShift since many releases while there are some people who swim goggles prescription use Kubernetes without RBAC security. That s okay for a small dev/test setup, but in real life, you want to have some level of permissions - even if it s sometimes hard to learn swimming goggles best and comprehend (because it is at first). In OpenShift you actually don t have a choice and you have to use it and learn it on the way as you deploy more and more apps on it.

No more manual actions for issuing and renewal of certificates and additionally you can use trusted CA for free thanks to integration with Letsencrypt !Similarly like with Ingress, OpenShift chose to have a swimming goggles target different way of managing deployments. In Kubernetes there are Deployment objects (you can also use them in OpenShift with all other Kubernetes objects as well) responsible for updating pods in a rolling update fashion and is implemented internally in controllers. OpenShift has a similar object called DeploymentConfig implemented not by controllers, but rather by sophisticated logic based on dedicated pods controlling whole process.

It is also often used with Kubernetes clusters to build container images, perform Continuous Integration tasks on them and deploy them as containers on multiple environments with Continuous Deployment pipelines. Since it s so popular then having it as a builtin part swimming goggles walmart of OpenShift makes the whole CI/CD a lot less painful. Here s a list of my favorite features of integrated Jenkins on OpenShift:

This a minor difference, but on OpenShift there are projects which are nothing more than just Kubernetes namespaces with additional features. Besides trivial things such as description and display name (trust me - they can be helpful when you have dozens of them), projects add some default objects. Currently a few roles ( RoleBinding objects to be precise) are created alongside with a project, but you can modify default project template and use it to provision other objects. default project template and use it to provision other objects.