We are continuing our series on how Red Hat Keeps the Lights on with Red Hat Virtualization. Please read our previous blog post if you missed any of the series. In this blog post, I will highlight how Red Hat IT uses JBoss Fuse and JBoss A-MQ to integrate our internal systems that support Accounting, Consulting, Engineering, Finance, Legal, Marketing, Operations, Sales and Training departments. Our internal Enterprise Service Bus (ESB) flows over 100,000 messages a day between these systems with wildly differing interchange and data formats. Our entire ESB deployment runs on virtual machines backed by Red Hat Virtualization. This deployment enables us to scale on demand to meet the changing needs of our business needs and integrated systems.
In my previous article I wrote about how it was possible to move from checkpoint/restore to container migration with CRIU. This time I want to write about how to actually migrate a running container from one system to another. In this article I will migrate a runC based container using runC’s built-in CRIU support to checkpoint and restore a container on different hosts.
I have two virtual machines (rhel01 and rhel02) which are hosting my container. My container is running Red Hat Enterprise Linux 7 and is located on a shared NFS, which both of my virtual machines have mounted. In addition, I am telling runC to mount the container
When building anything substantial, such as a house or bridge, you start by laying down a solid foundation. Nothing changes this aspect of building brick by brick when you move from traditional constructions to application development and architecting your supporting infrastructure. Throw in Cloud terminology and you might think that the principles of a solid foundation are a bit flighty, but nothing is further from the truth.
When looking to manage an organization’s journey into their digital future, CIOs are dealing with a lot of challenges. Challenges that they face on the road to digital transformation can be daunting as first glance, but must be embraced to properly navigate the road to success.
This post continues my series dedicated to the use of Identity Management (IdM) and related technologies to address the Payment Card Industry Data Security Standard (PCI DSS). This specific post is related to requirement eight (i.e. the requirement to identify and authenticate access to system components). The outline and mapping of individual articles to requirements can be found in the overarching post that started the series.
A few weeks ago, I wrote a blog on removing capabilities from a container. But what if you want to add capabilities?
While I recommend that people remove capabilities, in certain situations users need to add capabilities in order to get their container to run.
One example is when you have a app that needs a single capability, like an Network Time Protocol (NTP) daemon container that resets the system time on a machine. So if you wanted to run a container for an ntp daemon, you would need to do a
--cap-add SYS_TIME. Sadly, many users don’t think this through, or understand what it means to add a capability.
This is my sixth post dedicated to the use of Identity Management (IdM) and related technologies to address the Payment Card Industry Data Security Standard (PCI DSS). This specific post is related to requirement seven (i.e. the requirement to restrict access to cardholder data by business need to know). The outline and mapping of individual articles to the requirements can be found in the overarching post that started the series.
Section 7 of the PCI DSS standard talks about access control and limiting the privileges of administrative accounts. IdM can play a big role in addressing these requirements. IdM provides several key features that are related to access control and privileged account management. The first one is
On August 24th of this year Red Hat announced the newest release of Red Hat Virtualization (RHV) 4.0.
Just two months later the Red Hat Cloud Suite tooling (known as the Cloud Deployment Planner) was updated to provide you with
Red Hat IT makes extensive use of our own product offerings to effectively manage and to scale our large IT infrastructure. Red Hat Virtualization plays a key role in Red Hat’s overall IT infrastructure, as mentioned in a recent blog by the head of our IT Platform Operations team, Anderson Silva: Red Hat Keeps the Lights on with Red Hat Virtualization
Two weeks ago, I attended ARM TechCon, the annual developer conference showcasing the latest offerings from ARM and its partners. There were a lot of new products (new and improved processor cores, radios and other IP), announcements with key themes around IoT (Internet of Things), mobile, security, automotive functional safety, and embedded software development. This was the first TechCon after ARM was acquired by Softbank for $32B this summer, so there was great interest in hearing what Masayoshi Son (Chairman & CEO of Softbank) would say in his first public appearance with ARM. Masayoshi Son talked about
Today we are pleased to announce the release of Red Hat Certificate System 9.1 and Red Hat Directory Server 10.1, both supported on Red Hat Enterprise Linux 7.3.
Red Hat Certificate System, based on the open source PKI capabilities of the Dogtag Certificate System, is designed to provide Certificate Life Cycle Management (i.e. to issue, renew, suspend, revoke, archive/recover, and manage the single and dual-key X.509v3 certificates needed to handle strong authentication, single sign-on, and secure communications).
Red Hat Directory Server is an open source LDAP-compliant server that centralizes application settings, user profiles, group data, policies, and access control information in a network-based registry based on the 389 Directory Server project. The Red Hat Directory Server simplifies user management by eliminating data redundancy and automating data maintenance. Red Hat Directory Server also improves security, enabling administrators to store policies and access control information in the directory for a single authentication source across enterprise or extranet applications.
What’s New in Red Hat Certificate System 9.1