Best practices for securing the container life cycle

IT organizations are using container technology and DevOps processes to bring new-found agility to delivering applications that create business value. However, enterprise use requires strong security at every stage of the life cycle. Nothing is secure by default—security takes work. You need defense in depth. Red Hat delivers multiple layers of security controls throughout your Read more about Best practices for securing the container life cycle[…]

OpenShift on RHV Automated, Secure and Transparent

Red Hat Virtualization and the OpenShift Container Platform go far back. Both products are very well integrated and share security features like svirt and cgroups which are a core security component of Red Hat Enterprise Linux. Svirt allows you to run your virtual instances as well as containers in full tenant isolation mode whereas cgroups Read more about OpenShift on RHV Automated, Secure and Transparent[…]

VTUG 2018 Automating Container Deployment on Virtualization with Ansible: OpenShift on Red Hat Virtualization

Attached find the deck I presented at the VTUG in the New England Patriots stadium. It was a great experience. Thank you very much for attending my talk!

Building RocketChat as an ansible playbook bundle on OpenShift Container platform (fix for ocp 3.7)

The current apb-1.0.4-1.el7.noarch in OpenShift 3.7 enterprise from the rhel-7-server-ose-3.7-rpms channel is currently broken. When you try to list apb’s you will get the following error:

Now I will show you how you can fix this. It is important to follow the steps in the order. If not you will get another “missing configuration Read more about Building RocketChat as an ansible playbook bundle on OpenShift Container platform (fix for ocp 3.7)[…]

OpenShift Seccomp – Securing Containers by Stripping Capabilities

Let say you want to prove to your security team that running a pod in Red Hat OpenShift is really removing capabilities from the running container.  There is not much documentation out there which explains how to find what capabilities get stripped so I will walk you through how you can make the case. Step Read more about OpenShift Seccomp – Securing Containers by Stripping Capabilities[…]

How CloudForms Performs OpenScap Image Scans

In May 2015 banyan published that they found over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities. In August 2015, FlawCheck surveyed enterprises asking which piece of the security equation was their top concern about running containers in production environments. At 42%, Vulnerabilities & Malware in container workloads was the top Read more about How CloudForms Performs OpenScap Image Scans[…]

Deny container image execution via CloudForms 4.2 / OpenShift 3.4

I’ve been waiting for this feature since quite a while and its finally here and working. CloudForms 4.2 and OpenShift 3.4 have the ability combined of scanning docker images and define if the images are compliant or not. If the image is not compliant CloudForms annotates the image in OpenShift with images.openshift.io/deny-execution: true and if Read more about Deny container image execution via CloudForms 4.2 / OpenShift 3.4[…]

Deploy and build containers on Red Hat OpenShift Container Platform 3.4 via CloudForms 4.2 self service

I had multiple requests if CloudForms is able to provision containers via self service to the Red Hat OpenShift container platform. I liked the idea as you can not expect from every developer in your company to know how to create templates or build configs. I will walk you through, step by step how this Read more about Deploy and build containers on Red Hat OpenShift Container Platform 3.4 via CloudForms 4.2 self service[…]


Hit Counter provided by laptop reviews