AI System Card - "Red Hat OpenShift Lightspeed"
This AI model/system card is created in accordance with the research at: https://arxiv.org/pdf/2411.12275
It serves as an introduction to the AI model/system. Also as an extension it contains information about the intent, scope and training/fine-tuning data sources, evaluation methodology and governance details of the AI system
| AI System Name | Red Hat OpenShift LightSpeed |
| Version | 1.0.0 |
| AI system developed by | Red Hat, Inc. |
| Contact for security concerns | security@redhat.com |
| Date of system card creation | September 18, 2025 |
| Publish date | November 5, 2025 |
License: Creative Commons Attribution 4.0 International (CC BY 4.0)
Purpose
OpenShift Lightspeed is an AI-powered assistant integrated into the OpenShift Web Console. It is designed to assist users in executing OpenShift tasks and investigating cluster resources, using official product documentation as a source of information and responding to natural language queries. OpenShift Lightspeed aims to accelerate learning, simplify troubleshooting and problem-solving tasks, while enhancing productivity, accessibility and the overall OpenShift user experience.
Technical Information
| Running platform | Red Hat OpenShift Container Platform 4 |
| Supported cloud providers | OpenAI, Azure OpenAI, watsonx.ai |
| Development stack | FastAPI, Langchain, Llamaindex, FAISS, PostgreSQL |
| Supported self-managed platforms | Red Hat OpenShift AI, RHEL AI |
Data Provenance and Pedigree
OpenShift Lightspeed does not use a fixed AI model. Instead, it offers flexibility by supporting various AI model providers like OpenAI, Azure OpenAI and watsonx.ai for cloud-based deployments. Additionally, in air-gapped environments, users can self-host their LLMs via RHEL AI or OpenShift AI. Users are encouraged to consult each provider’s published model cards and the documentation of the specific AI model selected for detailed information on the provenance and their training data.
OpenShift Lightspeed embeds official Red Hat OpenShift documentation, which is used for augmentation. The embedded content is automatically aligned with the version of the running cluster.
Regarding data collection, OpenShift Lightspeed includes optional features for sending conversation transcripts and user feedback back to Red Hat to improve the quality of interactions. Conversation transcripts record the content of exchanges between users and the system, while feedback captures user evaluations of responses (thumbs up/down). Red Hat stores the data securely, with access restricted to authorized personnel, and is used solely for system monitoring, debugging, and system improvement purposes. Sensitive information is handled in accordance with security policies, ensuring that no confidential cluster data are included or exposed in these records.
Security and Safety of the AI System
Intent and use:
OpenShift Lightspeed is an AI-powered assistant designed to help OpenShift users navigate, perform, and troubleshoot tasks within the OpenShift Web Console. By combining official OpenShift product documentation with cluster resource information, it delivers guidance, accelerates learning, and streamlines operational tasks. Its target audience includes OpenShift administrators, developers, and other users seeking faster, more intuitive access to environment-specific information, ensuring responses are consistent and tailored to their specific OpenShift deployment.
Scope:
The scope of OpenShift Lightspeed explicitly excludes answering questions unrelated to OpenShift. While off-topic questions may occasionally receive responses, such interactions are not supported and may produce unreliable or problematic outputs, particularly when presented with specially crafted prompts. OpenShift Lightspeed does not permit modification of system-level instructions via prompt injection and will reject or neutralize any such attempts.
Security considerations:
When the Cluster Interaction feature is enabled, OpenShift Lightspeed deploys an MCP server that provides tools to gather information from cluster resources. For security reasons, certain sensitive information, such as Secrets, cannot be accessed or extracted. Additionally, the MCP server operates in a read-only mode, which means that Lightspeed cannot take any actions such as creating or modifying resources within the cluster. While measures such as quota rate-limiting are implemented to prevent system abuse, these types of systems inherently carry certain security and safety risks.
Known security vulnerabilities are documented at: https://access.redhat.com/security/security-updates/security-advisories
Governance
Any security or safety issues related to the AI system should be reported to security@redhat.com.
