Microsoft, Red Hat, and HPE Collaboration Delivers Choice & Value to Enterprise Customers

In the world of heterogeneous data centers – having multiple operating systems running on different hardware platforms (and architectures) is the norm.  Even traditional applications and databases are being migrated or abstracted using Java and other interpreted languages to minimize the impact on the end user, if they decide to run on a different platform.

Consider the common scenario where you have both Windows and Linux running in the data center and you need your Linux application to talk to Microsoft SQL Server and get some existing data from it. Your application would need to connect to the Windows server that is running the SQL Server database using one of many available APIs and request information.

While that may sound trivial, in reality you need to: know where that system is located, authenticate your application against it, and pay the penalty of traversing one or more networks to get the data back – all while the user is waiting. This, in fact, was “the way of the world” before Microsoft announced their intent to port MS SQL server to Linux in March of 2016.  Today, however, you have a choice of having your applications connect to a Microsoft SQL Server that runs on either Windows or Linux

Continue reading “Microsoft, Red Hat, and HPE Collaboration Delivers Choice & Value to Enterprise Customers”

Now Available: QuickStart Cloud Installer (QCI) 1.1

We’re pleased to announce the availability of QuickStart Cloud Installer (QCI) 1.1! This is the second release of QCI since its introduction on September 14, 2016.

Included with both Red Hat Cloud Suite and Red Hat Cloud Infrastructure entitlements, QCI is designed to simplify provisioning your private cloud infrastructure by orchestrating installation workflow across different products. Instead of installing each product in the suite separately, QCI provides an intuitive web-based graphical user interface for provisioning a fully functional cloud using any combination of components in

Continue reading “Now Available: QuickStart Cloud Installer (QCI) 1.1”

Red Hat Enterprise Linux Across Architectures: Everything Works Out of the Box

Since the Red Hat Enterprise Linux Server for ARM Development Preview 7.3 became available I’ve been wanting to try it out to see how the existing code for x86_64 systems works on the 64-bit ARM architecture (a.k.a. aarch64).

Going in, I was a bit apprehensive that some kind of heavy lifting would be needed to get things working on the ARM platform. My experience with cross-architecture ports with other distros (before I joined Red Hat) indicated

Continue reading “Red Hat Enterprise Linux Across Architectures: Everything Works Out of the Box”

PCI Series: Requirement 10 – Track and Monitor All Access to Network Resources and Cardholder Data

This is my last post dedicated to the use of Identity Management (IdM) and related technologies to address the Payment Card Industry Data Security Standard (PCI DSS). This specific post is related to requirement ten (i.e. the requirement to track and monitor all access to network resources and cardholder data). The outline and mapping of individual articles to the requirements can be found in the overarching post that started the series.

Requirement ten focuses on audit and monitoring. Many components of an IdM-based solution, including client components like

Continue reading “PCI Series: Requirement 10 – Track and Monitor All Access to Network Resources and Cardholder Data”

Container Live Migration Using runC and CRIU

In my previous article I wrote about how it was possible to move from checkpoint/restore to container migration with CRIU. This time I want to write about how to actually migrate a running container from one system to another. In this article I will migrate a runC based container using runC’s built-in CRIU support to checkpoint and restore a container on different hosts.

I have two virtual machines (rhel01 and rhel02) which are hosting my container. My container is running Red Hat Enterprise Linux 7 and is located on a shared NFS, which both of my virtual machines have mounted. In addition, I am telling runC to mount the container

Continue reading “Container Live Migration Using runC and CRIU”

PCI Series: Requirement 8 – Identify and Authenticate Access to System Components

This post continues my series dedicated to the use of Identity Management (IdM) and related technologies to address the Payment Card Industry Data Security Standard (PCI DSS).  This specific post is related to requirement eight (i.e. the requirement to identify and authenticate access to system components). The outline and mapping of individual articles to requirements can be found in the overarching post that started the series.

Requirement eight is directly related to IdM. IdM can be used to address most of the requirements in this section. IdM stores user accounts, provides user account life-cycle management

Continue reading “PCI Series: Requirement 8 – Identify and Authenticate Access to System Components”

PCI Series: Requirement 7 – Restrict Access to Cardholder Data by Business Need to Know

This is my sixth post dedicated to the use of Identity Management (IdM) and related technologies to address the Payment Card Industry Data Security Standard (PCI DSS).  This specific post is related to requirement seven (i.e. the requirement to restrict access to cardholder data by business need to know).  The outline and mapping of individual articles to the requirements can be found in the overarching post that started the series.

Section 7 of the PCI DSS standard talks about access control and limiting the privileges of administrative accounts.  IdM can play a big role in addressing these requirements.  IdM provides several key features that are related to access control and privileged account management.  The first one is

Continue reading “PCI Series: Requirement 7 – Restrict Access to Cardholder Data by Business Need to Know”

Now Available: Red Hat Certificate System 9.1 & Red Hat Directory Server 10.1

Today we are pleased to announce the release of Red Hat Certificate System 9.1 and Red Hat Directory Server 10.1, both supported on Red Hat Enterprise Linux 7.3.

Red Hat Certificate System, based on the open source PKI capabilities of the Dogtag Certificate System, is designed to provide Certificate Life Cycle Management (i.e. to issue, renew, suspend, revoke, archive/recover, and manage the single and dual-key X.509v3 certificates needed to handle strong authentication, single sign-on, and secure communications).

Red Hat Directory Server is an open source LDAP-compliant server that centralizes application settings, user profiles, group data, policies, and access control information in a network-based registry based on the 389 Directory Server project. The Red Hat Directory Server simplifies user management by eliminating data redundancy and automating data maintenance. Red Hat Directory Server also improves security, enabling administrators to store policies and access control information in the directory for a single authentication source across enterprise or extranet applications.

What’s New in Red Hat Certificate System 9.1

Certificate System 9.1 has introduced

Continue reading “Now Available: Red Hat Certificate System 9.1 & Red Hat Directory Server 10.1”

Container Tidbits: Understanding the docker-latest Package

Does your team want to move as quickly as possible? Are you and your development team looking for the latest features and not necessarily optimizing on stability? Are you just beginning with the docker runtime and not quite ready for container orchestration? Well, we have the answer, and it’s called the docker-latest package.

Background

About 6 months ago, Red Hat added a package called docker-latest. The idea is to have two packages in Red Hat Enterprise Linux and Red Hat Enterprise Linux Atomic Host. A very fast moving docker-latest package and a slower, but more stable package called, well of course, docker.

The reasoning is, the larger and more sophisticated your container infrastructure becomes, a more stable version is often what people want – but when split into small agile teams, or when just starting out, many teams will optimize on the latest features in a piece of software. Either way, we have you covered with Red Hat Enterprise Linux and Red Hat Enterprise Linux Atomic Host.

Continue reading “Container Tidbits: Understanding the docker-latest Package”