About the February 2019 Cri-O / RunC / Docker vulnerability

What OpenShift Online and OpenShift Dedicated customers should know about the recently announced vulnerability of runc/docker/CRI-O On February 11th, 2019, details of a vulnerability that researchers have confirmed is present on certain versions of runc (impacting docker and CRI-O) was published.  These tools are deployed as part of the OpenShift product and impact the Red […]

Read More...

OpenShift Protects against Nasty Container Exploit

OpenShift Protects against Nasty Container Exploit

Have you ever done something that was difficult for you to do, but you did it anyway because you cared about the people it would affect? Maybe it was something people honestly forgot you were even doing because you have been doing it for so long? This week I would like to pause and say […]

Read More...

Kubernetes Federation V2 on OpenShift 3.11

Kubernetes Federation V2 on OpenShift 3.11

With datacenters spread across the globe, users are increasingly looking at ways to spread their applications and services across multiple locales or clusters. This need is driven by multiple use cases: from providing high availability, spreading load across multiple clusters while being resilient to individual cluster failures; to avoiding provider lock-in by using hybrid cloud […]

Read More...

[Podcast] PodCTL – Reviewing KubeCon Seattle 2018

[Podcast] PodCTL - Reviewing KubeCon Seattle 2018

In 2016, just over a 1,000 people gathered in Seattle for the first “large” KubeCon event. Just two years later, the event had grow to over 8,000 attendees (+ a long waiting list). The event has always been billed at KubeCon + CloudNativeCon, and this year’s event finally felt like the CloudNativeCon name desired equal […]

Read More...

[Podcast] PodCTL – Kube Security, Kube 1.13 and KubeCon

[Podcast] PodCTL  - Kube Security, Kube 1.13 and KubeCon

Heading into the week of KubeCon, we wanted to make sure that listeners had some basics to prepare them for a week of learning and announcements. We discussed the severe Kubernetes bug (Kubernetes Privilege Escalation Flaw) and available patches, all of the new features in Kubernetes 1.13, as some previews of things to expect from […]

Read More...

OpenShift Commons Briefing: Container Deployment and Security Best Practices John Morello (Twistlock) and Dirk Herrmann (Red Hat)

OpenShift Commons Briefing Summary In this briefing, Twistlock’s John Morello and Red Hat’s Dirk Herrmann gave an in-depth look at the recent NIST Special Publication SP800-190 on Container Security and why it matters if you are deploying containers. They covered best practices for achieving the SP800-190 recommendations on OpenShift. Access the slides from this briefing: Container […]

Read More...

[Podcast] PodCTL #55 – Kubernetes as the new Application Server

[Podcast] PodCTL #55 - Kubernetes as the new Application Server

We mentioned last week that we’re moving into the 3rd Era of Kubernetes (automated ops, automated apps), with the 2nd Era being about getting a broader set of applications on Kubernetes. Today we thought we’d talk about some design patterns, especially for anyone that’s transitioning from existing applications, and how some of those concepts map […]

Read More...

PodCTL #53 – The Internal Build vs Buy Discussion

PodCTL #53 - The Internal Build vs Buy Discussion

This week we had a great listener question that went something like this: “I work at a large company and we currently run a production Kubernetes (vendor-centric) environment. Some other groups in our company have some homegrown platforms that do similar functionality. How do we convince those other groups to work more closely with us, […]

Read More...