Webcast Tomorrow: Top 6 Misconceptions about Linux Containers

Linux containers have been getting a lot of hype recently, and it’s easy to understand why. Delivering applications to meet the demands of the businesIcon_RH_Object_Clipboard-Checklist-A_RGB_Buttons is challenging and containers are disrupting traditional application development and deployment models, enabling businesses to explore new, better ways to deliver products and services.

New innovations like the Docker image format and Kubernetes give you a simpler way to quickly create, package, assemble, and distribute applications. But with hype comes misunderstandings and misconceptions.

Join Red Hat and Cisco tomorrow, May 5, 2015 at 11:00 AM ET / 8:00 AM PT for the webcast, Top 6 Misconceptions about Linux Containers, to gain clarity around these misconceptions. In the webcast, you will:

  • Gain a pragmatic look at Linux containers.
  • Understand what benefits containers can deliver for you.
  • Discover what security, implementation, and other considerations you should understand before your organization embraces this technology.

If you haven’t already done so, register today.

Understanding the Changes to ‘docker search’ and ‘docker pull’ in Red Hat Enterprise Linux 7.1

If you’re working with container images on Red Hat Enterprise Linux 7.1 or Red Hat Enterprise Linux Atomic Host, you might have noticed that the search and pull behavior of the included docker tool works slightly differently than it does if you’re working with that of the upstream project. This is intentional.

When we started the planning process for containers in RHEL 7.1, we had 3 goals in mind:

  1. Give control over the search path to the end-user administrator
  2. Enable a federated approach to search and discovery of docker-formatted container images
  3. Support the ability for Red Hat customers to consume container images and other content included as part of their Red Hat Subscription

The changes we implemented, which are documented on the Red Hat Customer Portal, affect three different areas of the tool:

Continue reading “Understanding the Changes to ‘docker search’ and ‘docker pull’ in Red Hat Enterprise Linux 7.1”

SSSD vs Winbind

In a previous post, I compared the features and capabilities of Samba winbind and SSSD. In this post, I will focus on formulating a set of criteria for how to choose between SSSD and winbind. In general, my recommendation is to choose SSSD… but there are some notable exceptions.

Continue reading “SSSD vs Winbind”

Red Hat Enterprise Linux Atomic Host: Updates Made Easy

Earlier in March we announced the general availability of Red Hat Enterprise Linux 7 Atomic Host, a small footprint, container host based on Red Hat Enterprise Linux 7. It provides a stable host platform, optimized for running application containers, and brings a number of application software packaging and deployment benefits to customers. In my previous container blog I gave the top seven reasons to deploy Red Hat Enterprise Linux 7 Atomic Host. One reason was the ability to do atomic updates and rollbacks. In this blog I provide an in-depth look into atomic updating and how it differs from a yum update. And, speaking of atomic updates

Continue reading “Red Hat Enterprise Linux Atomic Host: Updates Made Easy”

Live Kernel Patching Update

In the year since I first wrote about kpatch, Red Hat’s live kernel patching project for Linux, we’ve been very busy.  Here are some of the highlights from the last year of live kernel patching development, and some clues about where we may be headed in the future.

Red Hat Enterprise Linux 7 Special Interest Group

In 2014, we kicked off a kpatch Special Interest Group (SIG) for users who are interested in trying out kpatch in a Red Hat Enterprise Linux 7 environment.  We’ve delivered kpatch fixes for several kernel CVEs, allowing users to easily apply fixes to their kernels immediately with no disruption or reboots necessary.

If you’re a Red Hat Enterprise Linux customer and are interested in joining the kpatch SIG

Continue reading “Live Kernel Patching Update”

Virtual Machines or Containers? Maybe Both?

Over the last 18 months, especially since the general availability of Red Hat Enterprise Linux 7, “containers” have emerged as a hot topic. With the more recent introduction of Red Hat Enterprise Linux Atomic Host, an operating system optimized for running the next generation of applications with Linux containers, one might wonder… what about virtualization? In that the benefits of containerization seem to overlap those of traditional virtualization, how do organizations know when to pick one approach over the other?

Continue reading “Virtual Machines or Containers? Maybe Both?”

New SSSD Features in Red Hat Enterprise Linux 7.1

This post is dedicated to the new SSSD features in Red Hat Enterprise Linux 7.1 that have significance when SSSD is used by itself (i.e. without IdM integration) – for example, when connecting directly to Active Directory (AD) or some other Directory Server.

Control Access to Linux Machines with Active Directory GPO

A common use case for managing computer-based access control in an Active Directory environment is through the use of GPO policy settings related to Windows Logon Rights. The Administrator who maintains a heterogeneous AD and Red Hat Enterprise Linux network without an IdM server has traditionally had to face the challenging task of centrally controlling access to the Linux machines without being able to update the SSSD configuration on each and every client machine.

In Red Hat Enterprise Linux 7.1, the Administrator is (now) able to

Continue reading “New SSSD Features in Red Hat Enterprise Linux 7.1”

Red Hat Enterprise Linux Atomic Host Opens New Possibilities for Red Hat Storage Customers

Ready to adopt Red Hat Enterprise Linux Atomic Host? I recommend you visit the Red Hat Storage Blog to learn more about how Red Hat Storage with Ceph & Gluster are compelling storage options for containerized environments.

Red Hat Storage

By Sayan Saha, Sr. Manager, Product Management, Storage & Data Business, Red Hat.

This week Red Hat announced the general availability of Red Hat Enterprise Linux Atomic Host – a host environment optimized to run containerized applications with a minimal footprint. Red Hat Enterprise Linux Atomic Host simplifies maintenance using image-based update and rollback and includes orchestration toolsets such as kubernetes for managing containers across a cluster of hosts. The new Red Hat Enterprise Linux Atomic Host inherits the industry-leading hardware ecosystem, reliability, stability and security the industry has come to expect from Red Hat Enterprise Linux.

What this means for Red Hat Storage customers

This announcement is significant for Red Hat Storage customers on multiple fronts. Workloads running in containers require persistent storage for application code and data. Given the rapid growth in the number of containers within today’s IT shops, software-defined storage has an advantage over traditional storage…

View original post 432 more words

Active Directory and Identity Management (IdM) Trusts – Exactly Where Are My Users?

As this is my sixth post on Identity Management I thought it would (first) be wise to explain (and link back to) my previous efforts.  My first post kicked off the series by outlining challenges associated with interoperability in the modern enterprise.  My second post explored  how the integration gap between Linux systems and Active Directory emerged, how it was formerly addressed, and what options are available now.  My third post outlined the set of criteria with which one is able to examine various integration options.  And my most recent entries, post four and five, reviewed options for direct and indirect integration, respectively.

Delving deeper into the world of indirect integration (i.e. utilizing a trust-based approach) – two of the biggest questions are often: “Where are my users?” and “Where does authentication actually happen?” As opposed to a solution that relies upon synchronization

Continue reading “Active Directory and Identity Management (IdM) Trusts – Exactly Where Are My Users?”