RSA Security Conference 2015 in Review: Three Observations


As many specialists in the security world know – the RSA Security Conference is one of the biggest security conferences in North America. This year it was once again held in San Francisco at the Moscone Center. Every year the conference gets bigger and bigger, bringing in more and more people and companies from all over the world.

If you attended – you may have noticed that Red Hat had a booth this year. Located in the corner of the main expo floor (not far from some of the “big guys” like: IBM, Microsoft, EMC, CA Technologies, and Oracle) we were in a great location – receiving no shortage of traffic.  In fact, despite staffing the booth with six Red Hatters we didn’t have any “down time” –  everyone seemed to be interested in what Red Hat has to offer in security.

Over the course of the conference I made a few interesting observations… (more…)

The Atomic App Concept…”It All Starts When a Nulecule Comes Out of its Nest”


In a recent blog post on the appc spec, I mentioned Project Atomic’s evolving Nulecule [pronounced: noo-le-kyul] spec as an attempt to move beyond the current limitations of the container model. Let’s dig a bit deeper into that. (more…)

Stop Gambling with Upgrades, Murphy’s Law Always Wins


It Started with Developers

Developers were the first adopters of containers for application creation. Now that containers have made their way into production environments, operations teams are starting to look deeper at what benefit they bring. Deployments are a key focus not just because the container model is so different, but also because there are automation integration points that have been previously unavailable.

Release engineers are faced with a tough question: continue to do rolling style updates as they always have or move to a red/black deployment model. Both have their pros and cons but using containers with red/black deployment methods provides (more…)

Red Hat Delivers Leading Application Performance with the Latest Intel Xeon Processors


With every new Intel Xeon processor generation, the benefits typically span beyond simple increases in transistor counts or the number of cores within each processor. Things like increased memory capacity per chip or larger on-chip caches are tangible and measurable, and often have a direct effect on performance, resulting in record-breaking scores on various standard benchmarks.

There is, however, more to every new processor family launch than meets the eye. These new chips often send a ripple of innovation throughout our ecosystem of partners, forcing them to re-evaluate and re-visit existing performance results and break the status quo. The ability to support these partners is of paramount importance to Red Hat and, as a result, Red Hat Enterprise Linux is often being selected by our partners to support their ongoing benchmarking efforts.

Yesterday, Intel launched the Intel Xeon E7 v3 processor family with several new world record industry-standard benchmarks. Red Hat Enterprise Linux was used in nearly one-third of all results. The following table captures these leading results (more…)

rkt, appc, and Docker: A Take on the Linux Container Upstream


At this week’s CoreOS Fest in San Francisco, CoreOS is – unsurprisingly – pushing hard on the Application Container Spec (appc) and its first implementation, rkt, making it the topic of the first session after the keynote and a bold story about broad adoption.

When making technology decisions, Red Hat continuously evaluates all available options with the goal of selecting the best technologies that are supported by upstream communities. This is why Red Hat is engaging upstream in appc to actively contribute to the specification.

Red Hat engages in many upstream communities.  However, this engagement should not imply full support, or that we consider appc or rkt ready for (more…)

Webcast Tomorrow: Top 6 Misconceptions about Linux Containers


Linux containers have been getting a lot of hype recently, and it’s easy to understand why. Delivering applications to meet the demands of the businesIcon_RH_Object_Clipboard-Checklist-A_RGB_Buttons is challenging and containers are disrupting traditional application development and deployment models, enabling businesses to explore new, better ways to deliver products and services.

New innovations like the Docker image format and Kubernetes give you a simpler way to quickly create, package, assemble, and distribute applications. But with hype comes misunderstandings and misconceptions.

Join Red Hat and Cisco tomorrow, May 5, 2015 at 11:00 AM ET / 8:00 AM PT for the webcast, Top 6 Misconceptions about Linux Containers, to gain clarity around these misconceptions. In the webcast, you will:

  • Gain a pragmatic look at Linux containers.
  • Understand what benefits containers can deliver for you.
  • Discover what security, implementation, and other considerations you should understand before your organization embraces this technology.

If you haven’t already done so, register today.

Enterprise-Ready Container Orchestration with Kubernetes


Here on the Red Hat Enterprise Linux Blog we’ve dedicated a number of posts to containers and a variety of associated Red Hat solutions.  Whether you’re seeking to deploy Red Hat Enterprise Linux 6 applications on Red Hat Enterprise Linux 7 as containers, hoping to better understand how atomic updates work, or are simply out to learn all you can about Red Hat Enterprise Linux Atomic Host – there’s likely a post (here) with the information you need.  However, we’ve yet to really explore container orchestration.  To this end, I invite you to read this new post from Red Hat’s own Joe Fernandes.  Joe talks about Kubernetes, Google’s tool for managing clusters of Linux containers, its progenitor (i.e Google’s Borg), and how Red Hat is building on top of Kubernetes to bring web-scale container infrastructure to enterprise customers.

Understanding the Changes to ‘docker search’ and ‘docker pull’ in Red Hat Enterprise Linux 7.1


If you’re working with container images on Red Hat Enterprise Linux 7.1 or Red Hat Enterprise Linux Atomic Host, you might have noticed that the search and pull behavior of the included docker tool works slightly differently than it does if you’re working with that of the upstream project. This is intentional.

When we started the planning process for containers in RHEL 7.1, we had 3 goals in mind:

  1. Give control over the search path to the end-user administrator
  2. Enable a federated approach to search and discovery of docker-formatted container images
  3. Support the ability for Red Hat customers to consume container images and other content included as part of their Red Hat Subscription

The changes we implemented, which are documented on the Red Hat Customer Portal, affect three different areas of the tool: (more…)

Forrester’s Dave Bartoletti Reports on Container Usage at Red Hat Partner Conference


20150408_110418Yesterday, at Red Hat’s annual North America Partner Conference (in Orlando, FL), Dave Bartoletti, principal analyst with Forrester Research, told hundreds of attendees about a recently completed market research program undertaken by Forrester and sponsored by Red Hat. In this study, 194 developers and IT decision-makers at mid- to large-size companies were surveyed as to their plans and expectations for container technologies.

What they shared, indicates that (more…)

SSSD vs Winbind


In a previous post, I compared the features and capabilities of Samba winbind and SSSD. In this post, I will focus on formulating a set of criteria for how to choose between SSSD and winbind. In general, my recommendation is to choose SSSD… but there are some notable exceptions. (more…)