Open Sourcerers
How can we ensure the security of our supply chain and verify that all container images deployed in our Kubernetes clusters are both signed and protected, preventing the deployment of malicious ones? What methods can we adopt to sign and verify container images within our CI/CD pipelines, thereby bolstering the security of our DevOps workflows? […]
Photo by Robynne Hu on Unsplash In the perilous realm of digital security, trust is fragile. Transport Layer Security (TLS) web server authentication relies on trust anchors, but a flaw in the design puts web entities at risk of malicious impersonation. This article explores the origin of certificates in the RHEL root trust store and […]
In most Kubernetes installations, a well-maintained etcd is one of the key conditions for having a peaceful administrator life. Most Kubernetes distributions imply limitations on etcd and its size. For Openshift there’s a quota limit of 8GB. Typically that limitation should not hit you unless you run really large clusters and or utilize the cluster […]
The Problem with Security and Compliance Mixture When talking to customers or colleagues, I often see two distinct topics being conflated: Compliance and (IT-) Security. Some customers have requirements they say MUST be fulfilled. When asked what their goal with this requirement is, they cannot elaborate the intention. They often fall back into saying that […]
Photo by Daniel van den Berg on Unsplash On a warm summer day, I visited the Kubernetes Community Days Munich and enjoyed Adrian Reber’s talk about “Forensic container checkpointing and analysis”. Now I want to try that with OpenShift 4.13! This blog post will mainly cover how to enable and use checkpointing on OpenShift 4.13. […]
Photo by Timelab on Unsplash In this tutorial I will show you how to configure automatic updates for containers in rootless Podman environments and how systemd manages these containers as services. The tutorial is divided into the following sections: If you are not interested in the possible use cases and would rather start right away, […]
This article shows how MuleSoft’s Runtime Fabric (RTF) deployed to Red Hat OpenShift delivers a modern containerized API solution.
Introduction As a Solution Architect for Red Hat’s ecosystem, I talk to many independent software vendors (ISVs) about modernizing their applications to enable hybrid cloud and edge strategies. Linux, containers, Kubernetes and micro-services architecture are a default choice nowadays in many new application development projects. But sometimes you can not get rid of some dependencies […]
By Robert Baumgartner, Red Hat Austria, August 2023 Tested with OpenShift 4.13, AMQ Streams 2.4, Camel K 1.10, and OpenShift Serverless 1.29 Camel K helps us integrate systems in an easy, simple, and cost-effective way. Do more with less. Do more with less. That’s the goal for everyone right now. But every company also has […]
ˈpætɚns Probably almost every time we are starting to understand and to solve a general problem, we will ask ourselves, am I the first one who is facing that problem, or have there been others who in the end either failed or succeeded. This is particularly true, if I am highly uncertain whether my own […]