Red Hat Virtualization and the OpenShift Container Platform go far back. Both products are very well integrated and share security features like svirt and cgroups which are a core security component of Red Hat Enterprise Linux. Svirt allows you to run your virtual instances as well as containers in full tenant isolation mode whereas cgroups Read more about OpenShift on RHV Automated, Secure and Transparent[…]
Attached find the deck I presented at the VTUG in the New England Patriots stadium. It was a great experience. Thank you very much for attending my talk!
The current apb-1.0.4-1.el7.noarch in OpenShift 3.7 enterprise from the rhel-7-server-ose-3.7-rpms channel is currently broken. When you try to list apb’s you will get the following error:
apb push Exception occurred! unsupported operand type(s) for +: 'NoneType' and 'str'
Now I will show you how you can fix this. It is important to follow the steps in the order. If not you will get another “missing configuration Read more about Building RocketChat as an ansible playbook bundle on OpenShift Container platform (fix for ocp 3.7)[…]
It has to be noted that ansible-container is not a supported redhat product. So everything you see here is unsupported. If you want to use ansible to package containers look at the Ansible Playbook Bundle in OpenShift. I thought it would be a good idea to see where ansible container is. My goal was to create a Read more about ansible-container fix mysql_config not found issue[…]
If you are a ServiceNow user you can now go to https://github.com/ServiceNowITOM/ansible-sn-inventory use the dynamic inventory available to sync CI items from Service Now to ansible tower. This tutorial will show what you need to do to make this happen on ansible tower 3.2.1. A big thanks to Reuben Stump, Alex Mittell for writing this integration. Read more about ServiceNow (snow) inventory for Ansible Tower 3.2.1[…]
Out of the box Ansible Tower 3.1.2 does not come with the Red Hat Virtualization 4.0 provider. You will find the instructions here to get it working: Step 1: SSH into the ansible tower [dobby@dobby ~]$ ssh email@example.com Step 2: Install ovirt-engine-sdk-python [root@towerldo ~]# yum install ovirt-engine-sdk-python Step 3: cd into /opt/rh and get the Read more about RHV 4.1 / RHEV 4.1 Dynamic Inventory For Ansible Tower[…]
Unfortunately the latest version of Ansible Tower 3.2.1 is not able to connect to CloudForms due to a bug in the inventory file cloudforms.py If you need a fix for it until it is fixed downstream in the next tower release you can use mine (not supported of course) The PR is here: https://github.com/ansible/ansible/pull/31760 fix Read more about CloudForms Ansible Tower Inventory fix[…]
In the last few month I got quite a few requests on deploying RHV as a single hyper-converged non extendable node with local storage (not gluster). This blog post is going to show you how you can install RHVM on baremetal and add the same host which hosts the baremetal engine to RHVM. As always, Read more about RHV single node with local storage domain[…]
As you probably read we did opensource ansible tower https://github.com/ansible/awx . This was a big and necessary step to follow the red hat way of being truly opensource. Thanks to Jeff Geerling we also have a role https://galaxy.ansible.com/geerlingguy/awx/ to install awx. To install AWX on RHEL (remember this is not supported by GSS) you need to Read more about awx ansible on rhel[…]
Let say you want to prove to your security team that running a pod in Red Hat OpenShift is really removing capabilities from the running container. There is not much documentation out there which explains how to find what capabilities get stripped so I will walk you through how you can make the case. Step Read more about OpenShift Seccomp – Securing Containers by Stripping Capabilities[…]