# openshift/origin **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/openshift-origin).** 8,662 stars · 4,783 forks · Go · Apache-2.0 ## Links - GitHub: https://github.com/openshift/origin - Homepage: http://www.openshift.org - awesome-repositories: https://awesome-repositories.com/repository/openshift-origin.md ## Topics `caas` `ci-cd` `containers` `continuous-delivery` `continuous-deployment` `continuous-integration` `devops` `go` `kubernetes` `openshift` `openshift-origin` `paas` ## Description OpenShift Origin is a Kubernetes distribution platform that extends Kubernetes with integrated security, multi-tenancy, and application lifecycle management for enterprise container orchestration. It functions as a multi-tenant container orchestrator that enforces per-project security policies, resource quotas, and SELinux isolation for shared cluster environments. The platform includes a Source-to-Image builder that creates container images directly from application source code using Dockerfiles or buildpacks without external build servers, and an Operator Lifecycle Manager that installs and manages platform operators from a curated catalog. It provides an OpenShift Conformance Test Suite that validates Kubernetes and OpenShift API compliance across cluster deployments and upgrades. The system supports building container images from source, managing image lifecycles with streams, deploying Kubernetes clusters, running local development clusters, and installing operators from a catalog. It includes capabilities for monitoring cluster and application health, provisioning isolated projects with predefined controls, exposing services via public routes, controlling container privileges with security contexts, and enforcing multi-tenant security policies. ## Tags ### Security & Cryptography - [Kubernetes Platforms](https://awesome-repositories.com/f/security-cryptography/multi-tenant-isolation/kubernetes-platforms.md) — Extends Kubernetes with integrated security, multi-tenancy, and application lifecycle management for enterprise container orchestration. - [Multi-tenant Security](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/security-infrastructure/multi-tenant-security.md) — Runs containers as non-root users with SELinux labels, resource limits, and per-project quotas to isolate workloads. ([source](https://cdn.jsdelivr.net/gh/openshift/origin@main/README.md)) - [Per-Project Security Controllers](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/security-infrastructure/multi-tenant-security/per-project-security-controllers.md) — Enforces per-project security policies through admission controllers that apply SELinux and quotas at creation. - [Container Workload Isolators](https://awesome-repositories.com/f/security-cryptography/multi-tenant-isolation/container-workload-isolators.md) — Enforces per-project SELinux labels, resource quotas, and security boundaries to isolate container workloads across tenants. - [Multi-Tenant Security](https://awesome-repositories.com/f/security-cryptography/multi-tenant-security.md) — Extends Kubernetes with integrated security concepts to isolate and protect workloads across multiple tenants. ([source](http://www.openshift.org/docs/project/)) - [Container Security Hardening](https://awesome-repositories.com/f/security-cryptography/security/infrastructure-and-hardware/infrastructure-system-hardening/deployment-security-hardening/container-security-hardening.md) — Configures security contexts and pod permissions to restrict container privileges and enforce fine-grained security per project. ([source](https://cdn.jsdelivr.net/gh/openshift/origin@main/README.md)) ### Development Tools & Productivity - [Application Lifecycle Management](https://awesome-repositories.com/f/development-tools-productivity/application-lifecycle-management.md) — Provides full lifecycle management for containerized applications across development and production environments. ([source](http://www.openshift.org/docs/project/)) - [Kubernetes Operator Catalogs](https://awesome-repositories.com/f/development-tools-productivity/tooling-catalogs/operational-catalogs/kubernetes-operator-catalogs.md) — Provides an Operator Lifecycle Manager that installs and manages platform operators from a curated catalog. ### DevOps & Infrastructure - [Container Build Orchestrators](https://awesome-repositories.com/f/devops-infrastructure/container-build-orchestrators.md) — Builds container images directly from source code using Dockerfiles or buildpacks without a separate server. ([source](https://cdn.jsdelivr.net/gh/openshift/origin@main/README.md)) - [Source-to-Image Builders](https://awesome-repositories.com/f/devops-infrastructure/container-image-builders/source-to-image-builders.md) — Transforms application source code directly into runnable container images using builder images. - [Multi-Tenant Orchestrators](https://awesome-repositories.com/f/devops-infrastructure/container-orchestration-environments/multi-tenant-orchestrators.md) — Enforces per-project security policies, resource quotas, and SELinux isolation for shared cluster environments. - [Operator-Based Lifecycles](https://awesome-repositories.com/f/devops-infrastructure/deployment-lifecycle-managers/operator-based-lifecycles.md) — Uses Kubernetes operators to automate installation, upgrade, and management of platform components. - [Kubernetes Cluster Provisioning](https://awesome-repositories.com/f/devops-infrastructure/kubernetes-cluster-provisioning.md) — Provisions multi-node Kubernetes clusters on infrastructure with a single CLI command. ([source](http://www.openshift.org/docs/project/)) - [Local Kubernetes Clusters](https://awesome-repositories.com/f/devops-infrastructure/local-kubernetes-clusters.md) — Ships a CLI command to spin up a minimal OpenShift cluster on a laptop for local development. ([source](http://www.openshift.org/docs/project/)) - [Image Stream Lifecycles](https://awesome-repositories.com/f/devops-infrastructure/container-image-management/image-stream-lifecycles.md) — Manages image lifecycles through streams that automatically trigger builds and deployments on tag updates. ([source](https://cdn.jsdelivr.net/gh/openshift/origin@main/README.md)) - [Image Stream Triggers](https://awesome-repositories.com/f/devops-infrastructure/event-driven-triggers/build-pipeline-triggers/image-stream-triggers.md) — Implements an image stream trigger system that enables continuous delivery pipelines from registry updates. - [Ingress Controllers](https://awesome-repositories.com/f/devops-infrastructure/ingress-controllers.md) — Implements a custom HAProxy-based ingress controller with TLS termination and path-based routing. - [Conformance Test Suites](https://awesome-repositories.com/f/devops-infrastructure/kubernetes-deployments/openshift-deployments/conformance-test-suites.md) — Ships a conformance test suite that validates Kubernetes and OpenShift API compliance across cluster deployments and upgrades. ### Software Engineering & Architecture - [Kubernetes API Aggregations](https://awesome-repositories.com/f/software-engineering-architecture/api-aggregators/kubernetes-api-aggregations.md) — Extends the Kubernetes API server with custom resources and controllers for OpenShift-specific objects. - [Plugin Catalog Installers](https://awesome-repositories.com/f/software-engineering-architecture/integration-extensibility/extensibility/plugin-architectures/plugin-installation-utilities/plugin-installation-and-management/plugin-catalog-installers.md) — Installs platform extensions from a curated catalog of community operators that run on the cluster. ([source](http://www.openshift.org/docs/operators/)) ### System Administration & Monitoring - [Workload Isolation with Projects](https://awesome-repositories.com/f/system-administration-monitoring/observability-tracing/project-based-isolation/workload-isolation-with-projects.md) — Creates new projects that automatically include roles, resource quotas, and security boundaries for fair multi-tenant access. ([source](https://cdn.jsdelivr.net/gh/openshift/origin@main/README.md)) - [Cluster Health Monitoring](https://awesome-repositories.com/f/system-administration-monitoring/cluster-health-monitoring.md) — Collects metrics from configured targets, evaluates rules, and triggers alerts for cluster and application health. ([source](http://www.openshift.org/docs/project/)) - [Cluster Monitoring Dashboards](https://awesome-repositories.com/f/system-administration-monitoring/cluster-monitoring-dashboards.md) — Ships a preconfigured Prometheus, Alertmanager, and Grafana stack for cluster health monitoring. ### Networking & Communication - [Public Service Exposure](https://awesome-repositories.com/f/networking-communication/public-service-exposure.md) — Maps external DNS names to internal Kubernetes services using HAProxy with TLS termination and path-based routing. ([source](https://cdn.jsdelivr.net/gh/openshift/origin@main/README.md)) ### Part of an Awesome List - [Container Management](https://awesome-repositories.com/f/awesome-lists/devops/container-management.md) — Containerized software platform.