OpenShift 4.3: Quay Container Security Integration

OpenShift 4.3: Quay Container Security Integration

Overview In the Red Hat OpenShift 4.2 Web UI Console, we introduced a new Cluster Overview Dashboard as the landing page when users first log in. The dashboard is there to help users resolve issues more efficiently and maintain a healthy cluster. With the latest 4.3 release, we added an image security section to the […]

Read More...

Introducing Red Hat OpenShift 4.3 to Enhance Kubernetes Security

Introducing Red Hat OpenShift 4.3 to Enhance Kubernetes Security

Today Red Hat announces the forthcoming general availability of Red Hat OpenShift 4.3, the newest version of the industry’s most comprehensive enterprise Kubernetes platform. With security a paramount need for nearly every enterprise, particularly for organizations in the government, financial services and healthcare sectors, OpenShift 4.3 delivers FIPS (Federal Information Processing Standard) compliant encryption and […]

Read More...

Taking OpenShift’s Security for Containerized Applications to the next level with Aqua

This is a guest post by Amir Gabrieli of Aqua Security. The Red Hat OpenShift Container Platform has a number of built-in security capabilities. Aqua provides an additional layer of security in development and protects containerized applications in runtime. Aqua recently developed a Kubernetes Operator that was successfully tested and validated by Red Hat OpenShift […]

Read More...

Secure your Microservices

Secure your Microservices

Microservices architectures are becoming the de facto way developers are thinking about how their applications are constructed. But security remains a top concern to most organizations.  Therefore, it is important to understand the intersection of security and microservices. While not guaranteeing your application will be secure, we can look at some of the capabilities that […]

Read More...

From the Enterprisers Project: What Are Kubernetes Secrets?

From the Enterprisers Project: What Are Kubernetes Secrets?

The Enterprisers Project always has terrific information that can help you and your team communicate those complex cloud computing concepts to the C-levels. This past week, they published an excellent article describing what exactly secrets are in Kubernetes, how to manage them and what security benefits they provide. From the article: Kubernetes Secrets defined, three […]

Read More...

Self-Serviced, End-to-End Encryption for Kubernetes Applications, Part 2:  a Practical Example

Self-Serviced, End-to-End Encryption for Kubernetes Applications, Part 2:  a Practical Example

Introduction In part one of this series, we saw three approaches to fully automate the provisioning of certificates and create end-to-end encryption. Based on feedback from the community suggesting the post was a bit too theoretical and not immediately actionable, this article will illustrate a practical example. You can see a recording of the demo […]

Read More...

Federation V2 is now KubeFed

Some time ago we talked about how Federation V2 on Red Hat OpenShift 3.11 enables users to spread their applications and services across multiple locales or clusters. As a fast moving project, lots of changes happened since our last blog post. Among those changes, Federation V2 has been renamed to KubeFed and we have released […]

Read More...

How to backup, clone and migrate Persistent Volume Claims on OpenShift

How to backup, clone and migrate Persistent Volume Claims on OpenShift

I recently implemented a complete backup solution for our Red Hat OpenShift clusters. I wanted to share the challenges we faced in putting together the OpenShift backups, restores, hardware migrations, and cluster-cloning features we needed to preserve users’ Persistent Volume Claims (PVCs). At the moment, these features are not implemented directly in Kubernetes, and it […]

Read More...

What Red Hat OpenShift Online and OpenShift Dedicated Customers Should Know About the June 2019 Kernel Network Stack Flaws

What Red Hat OpenShift Online and OpenShift Dedicated Customers Should Know About the June 2019 Kernel Network Stack Flaws

On Monday, June 17, 2019, details were made public about security flaws that impact systems hosting Red Hat OpenShift Online (Starter and Pro) and Red Hat OpenShift Dedicated. For information on the CVEs, visit  CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479.  The vulnerability article can be found here.   The intent of this blog is to notify our […]

Read More...

What Red Hat OpenShift Online and OpenShift Dedicated customers should know about Fallout and RIDL/ZombieLoad/MDS

Earlier this week, details were made public about four CVEs related to microprocessor flaws that impact systems hosting Red Hat OpenShift Online (Starter and Pro) and Red Hat OpenShift Dedicated. Some organizations are referring to these as “Fallout”, “ZombieLoad”, “RIDL”, or collectively as MDS (Microarchitectural Data Sampling). Read additional technical details at these links (CVE-2018-12127, […]

Read More...