February 2017

How CloudForms Performs OpenScap Image Scans

  • by

In May 2015 banyan published that they found over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities. In August 2015, FlawCheck surveyed enterprises asking which piece of the security equation was their top concern about running containers in production environments. At 42%, Vulnerabilities & Malware in container workloads was the top… Read More »How CloudForms Performs OpenScap Image Scans

Ansible for Juniper EX2200-c

  • by

In my home lab I have 4 Juniper in a virtual chassis. I currently use fedora 24 as my host system so I had to install some binaries and fix some code before I got this running. First you have to install the latest stable ansible version. Then you need junos-eznc. For fedora run the… Read More »Ansible for Juniper EX2200-c

OpenShift 3.4 Standalone Registry (Atomic Registry)

  • by

I realized today that the current OpenShift 3.4 documentation around installing the standalone registry is missing an important parameter. Here is the link to the bug openshift_master_default_subdomain missing . Its a small error but has some impact as the route registry-console-default.yourdomain will not be exposed externally. Remember the standalone OpenShift registry is a full OpenShift… Read More »OpenShift 3.4 Standalone Registry (Atomic Registry)

Deny container image execution via CloudForms 4.2 / OpenShift 3.4

I’ve been waiting for this feature since quite a while and its finally here and working. CloudForms 4.2 and OpenShift 3.4 have the ability combined of scanning docker images and define if the images are compliant or not. If the image is not compliant CloudForms annotates the image in OpenShift with images.openshift.io/deny-execution: true and if… Read More »Deny container image execution via CloudForms 4.2 / OpenShift 3.4