Yesterday, at Red Hat’s annual North America Partner Conference (in Orlando, FL), Dave Bartoletti, principal analyst with Forrester Research, told hundreds of attendees about a recently completed market research program undertaken by Forrester and sponsored by Red Hat. In this study, 194 developers and IT decision-makers at mid- to large-size companies were surveyed as to their plans and expectations for container technologies.
What they shared, indicates that
Continue reading “Forrester’s Dave Bartoletti Reports on Container Usage at Red Hat Partner Conference”
In a previous post, I compared the features and capabilities of Samba winbind and SSSD. In this post, I will focus on formulating a set of criteria for how to choose between SSSD and winbind. In general, my recommendation is to choose SSSD… but there are some notable exceptions.
Continue reading “SSSD vs Winbind”
Given the recent general availability of Red Hat Enterprise Linux 7.1 – this post is dedicated to reviewing what’s new in the world of IdM.
Table of Contents
Continue reading “Ten New Identity Management (IdM) Features in Red Hat Enterprise Linux 7.1”
In the year since I first wrote about kpatch, Red Hat’s live kernel patching project for Linux, we’ve been very busy. Here are some of the highlights from the last year of live kernel patching development, and some clues about where we may be headed in the future.
Red Hat Enterprise Linux 7 Special Interest Group
In 2014, we kicked off a kpatch Special Interest Group (SIG) for users who are interested in trying out kpatch in a Red Hat Enterprise Linux 7 environment. We’ve delivered kpatch fixes for several kernel CVEs, allowing users to easily apply fixes to their kernels immediately with no disruption or reboots necessary.
If you’re a Red Hat Enterprise Linux customer and are interested in joining the kpatch SIG
Continue reading “Live Kernel Patching Update”
Over the last 18 months, especially since the general availability of Red Hat Enterprise Linux 7, “containers” have emerged as a hot topic. With the more recent introduction of Red Hat Enterprise Linux Atomic Host, an operating system optimized for running the next generation of applications with Linux containers, one might wonder… what about virtualization? In that the benefits of containerization seem to overlap those of traditional virtualization, how do organizations know when to pick one approach over the other?
Continue reading “Virtual Machines or Containers? Maybe Both?”
This post is dedicated to the new SSSD features in Red Hat Enterprise Linux 7.1 that have significance when SSSD is used by itself (i.e. without IdM integration) – for example, when connecting directly to Active Directory (AD) or some other Directory Server.
Control Access to Linux Machines with Active Directory GPO
A common use case for managing computer-based access control in an Active Directory environment is through the use of GPO policy settings related to Windows Logon Rights. The Administrator who maintains a heterogeneous AD and Red Hat Enterprise Linux network without an IdM server has traditionally had to face the challenging task of centrally controlling access to the Linux machines without being able to update the SSSD configuration on each and every client machine.
In Red Hat Enterprise Linux 7.1, the Administrator is (now) able to
Continue reading “New SSSD Features in Red Hat Enterprise Linux 7.1”
Red Hat’s Performance Engineering team is responsible for the performance of many of Red Hat’s products. We cover existing products such as Red Hat Enterprise Linux, OpenStack Platform, OpenShift and Red Hat Enterprise Virtualization, as well as newer products like Ceph and CloudForms.
Although these days we contribute extensively to Red Hat’s cloud offerings, Red Hat Enterprise Linux remains a core responsibility as the building block for our ecosystem of customers and partners, plus much of Red Hat’s growing product portfolio.
Prior to beginning efforts on Red Hat Enterprise Linux 7 in earnest
Continue reading “Shaping the Performance of a Linux Distro: Inside Red Hat Enterprise Linux 7”
Having access to quality random numbers is essential for correct and secure operation of operating systems. Operating systems need random numbers from an entropy pool for a variety of tasks, like creating secure SSH or GPG/PGP keypairs, generating random PIDs for processes, generating TCP sequence numbers, and generating UUIDs.
With Red Hat Enterprise Linux 7 we introduced the virtio RNG (Random Number Generator) device that provides KVM virtual machines access to entropy from the host machine. Red Hat Enterprise Virtualization starting version 3.5 also has exposed this feature. We have since made improvements to Red Hat Enterprise Linux guests to make the feature easier and more straightforward to use.
A Brief Introduction to virtio and Paravirtualized Devices
virtio is the paravirtualized transport framework for KVM virtual machines. Using the virtio framework, new devices can be
Continue reading “Red Hat Enterprise Linux Virtual Machines: Access to Random Numbers Made Easy”
As this is my sixth post on Identity Management I thought it would (first) be wise to explain (and link back to) my previous efforts. My first post kicked off the series by outlining challenges associated with interoperability in the modern enterprise. My second post explored how the integration gap between Linux systems and Active Directory emerged, how it was formerly addressed, and what options are available now. My third post outlined the set of criteria with which one is able to examine various integration options. And my most recent entries, post four and five, reviewed options for direct and indirect integration, respectively.
Delving deeper into the world of indirect integration (i.e. utilizing a trust-based approach) – two of the biggest questions are often: “Where are my users?” and “Where does authentication actually happen?” As opposed to a solution that relies upon synchronization
Continue reading “Active Directory and Identity Management (IdM) Trusts – Exactly Where Are My Users?”