OpenShift

OpenShift 4 Developer Preview

  • by

OCP 4.0 is not out yet but you have the chance to get your hands dirty by going to the following URL https://try.openshift.com. Log in with your redhat account and you should be good to go. You will notice that we are using a new installer called openshift-installer. The installer uses terraform to build the… Read More »OpenShift 4 Developer Preview

Best practices for securing the container life cycle

IT organizations are using container technology and DevOps processes to bring new-found agility to delivering applications that create business value. However, enterprise use requires strong security at every stage of the life cycle. Nothing is secure by default—security takes work. You need defense in depth. Red Hat delivers multiple layers of security controls throughout your… Read More »Best practices for securing the container life cycle

OpenShift on RHV Automated, Secure and Transparent

  • by

Red Hat Virtualization and the OpenShift Container Platform go far back. Both products are very well integrated and share security features like svirt and cgroups which are a core security component of Red Hat Enterprise Linux. Svirt allows you to run your virtual instances as well as containers in full tenant isolation mode whereas cgroups… Read More »OpenShift on RHV Automated, Secure and Transparent

Building RocketChat as an ansible playbook bundle on OpenShift Container platform (fix for ocp 3.7)

  • by

The current apb-1.0.4-1.el7.noarch in OpenShift 3.7 enterprise from the rhel-7-server-ose-3.7-rpms channel is currently broken. When you try to list apb’s you will get the following error: apb push Exception occurred! unsupported operand type(s) for +: ‘NoneType’ and ‘str’ Now I will show you how you can fix this. It is important to follow the steps… Read More »Building RocketChat as an ansible playbook bundle on OpenShift Container platform (fix for ocp 3.7)

How CloudForms Performs OpenScap Image Scans

  • by

In May 2015 banyan published that they found over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities. In August 2015, FlawCheck surveyed enterprises asking which piece of the security equation was their top concern about running containers in production environments. At 42%, Vulnerabilities & Malware in container workloads was the top… Read More »How CloudForms Performs OpenScap Image Scans

OpenShift 3.4 Standalone Registry (Atomic Registry)

  • by

I realized today that the current OpenShift 3.4 documentation around installing the standalone registry is missing an important parameter. Here is the link to the bug openshift_master_default_subdomain missing . Its a small error but has some impact as the route registry-console-default.yourdomain will not be exposed externally. Remember the standalone OpenShift registry is a full OpenShift… Read More »OpenShift 3.4 Standalone Registry (Atomic Registry)

Deny container image execution via CloudForms 4.2 / OpenShift 3.4

I’ve been waiting for this feature since quite a while and its finally here and working. CloudForms 4.2 and OpenShift 3.4 have the ability combined of scanning docker images and define if the images are compliant or not. If the image is not compliant CloudForms annotates the image in OpenShift with images.openshift.io/deny-execution: true and if… Read More »Deny container image execution via CloudForms 4.2 / OpenShift 3.4