In Defense of the Pet Container, Part 3: Puppies, Kittens and… Containers

In our third and final installment (see: part one & part two), let’s take a look at some high-level use cases for Linux containers as well as finally (finally) defending what I like to call “pet” containers. From a general perspective, we see three repeated high-level use cases for containerizing applications:

  1. The fully orchestrated, multi-container application as you would create in OpenShift via the Red Hat Container Development Kit;
  2. Loosely orchestrated containers that don’t use advanced features like application templates and Kubernetes; and
  3. Pet containers.

Continue reading “In Defense of the Pet Container, Part 3: Puppies, Kittens and… Containers”

When to Migrate: Red Hat Identity Management vs. Third-Party Solutions

Over last several months, in meetings with many Red Hat customers, I have been asked about best practices related to migration from an existing third-party identity management solution to Red Hat’s Identity Management (IdM) solution. In today’s post I will share some of my thoughts on this matter…

Continue reading “When to Migrate: Red Hat Identity Management vs. Third-Party Solutions”

Architecting Containers Part 3: How the User Space Affects Your Application

In Architecting Containers Part 1 we explored the difference between the user space and kernel space.  In Architecting Containers Part 2 we explored why the user space matters to developers, administrators, and architects. In today’s post we will highlight a handful of important ways the choice of the user space can affect application deployment and maintenance.

While there are many ways for a given container architecture to affect and/or influence your application, the user space provides tooling that is often overlooked, namely

Continue reading “Architecting Containers Part 3: How the User Space Affects Your Application”

Live Kernel Patching Update

In the year since I first wrote about kpatch, Red Hat’s live kernel patching project for Linux, we’ve been very busy.  Here are some of the highlights from the last year of live kernel patching development, and some clues about where we may be headed in the future.

Red Hat Enterprise Linux 7 Special Interest Group

In 2014, we kicked off a kpatch Special Interest Group (SIG) for users who are interested in trying out kpatch in a Red Hat Enterprise Linux 7 environment.  We’ve delivered kpatch fixes for several kernel CVEs, allowing users to easily apply fixes to their kernels immediately with no disruption or reboots necessary.

If you’re a Red Hat Enterprise Linux customer and are interested in joining the kpatch SIG

Continue reading “Live Kernel Patching Update”

Introducing kpatch: Dynamic Kernel Patching

In upstream development news, the kernel team here at Red Hat has been working on a dynamic kernel patching project called kpatch for several months.   At long last, the project has reached a point where we feel it’s ready for a wider audience and are very excited to announce that we’ve released the kpatch code under GPLv2.

kpatch allows you to patch a Linux kernel without rebooting or restarting any processes.  This enables sysadmins to apply critical security patches to the kernel immediately, without having to wait for long-running tasks to complete, users to log off, or scheduled reboot windows.  It gives more control over uptime without sacrificing security or stability.

Continue reading “Introducing kpatch: Dynamic Kernel Patching”

Network Management, Bandwidth, and Security

It’s difficult to overestimate the importance of networking in today’s business environment. Since networking provides a central means for data exchange and collaboration, it is often a critical factor when it comes to determining an organization’s ultimate potential for success.

At Red Hat, we understand the importance of networking and the role it plays in maintaining business continuity. As such, we made networking one of the primary focus areas of development for Red Hat Enterprise Linux 7. Having incorporated numerous enhancements and performance optimizations into the Red Hat Enterprise Linux 7 beta – I’d like to take this opportunity to talk about “what’s new” with respect to improvements in network management, bandwidth, and security.

Continue reading “Network Management, Bandwidth, and Security”

Managing Linux with OpenLMI

Managing Linux servers requires a degree of expertise. We need to do a better job of enabling mid-level system administrators with a background on other systems to manage Linux.

Existing management tools address a variety of needs. Red Hat Satellite Server is excellent for provisioning hardware, managing subscriptions, and handling patches and updates. Configuration management tools such as Puppet are great for putting systems into a known state, especially when you have many identical or near identical systems. The challenge is dealing with systems that need substantial customization and with fine grain control of individual systems.

Continue reading “Managing Linux with OpenLMI”