Considerations on OpenShift PKIs and Certificates

Considerations on OpenShift PKIs and Certificates

OpenShift features several Public Key Infrastructures (PKIs) that manage certificates for specific purposes. To help deploy OpenShift more securely, it’s necessary to know what each of these infrastructures does and how to best configure them. Note that the information discussed in this article refers to OpenShift 3.x and it is subject to change in the […]

Read More...

OpenShift Commons Briefing: State of Open Source Security Report Review with Liran Tal (Snyk)

  OpenShift Commons Briefing Summary In this briefing, Snyk’s Liran Tal shows the results of his company’s State of Open Source Security 2019 Report. Liran explains each step of the process, from development, to testing, to deployment, and follows the chains of responsibility across those domains. Who is responsible for the security of container images? […]

Read More...

About the February 2019 Cri-O / RunC / Docker vulnerability

What OpenShift Online and OpenShift Dedicated customers should know about the recently announced vulnerability of runc/docker/CRI-O On February 11th, 2019, details of a vulnerability that researchers have confirmed is present on certain versions of runc (impacting docker and CRI-O) was published.  These tools are deployed as part of the OpenShift product and impact the Red […]

Read More...

[Podcast] PodCTL – Kube Security, Kube 1.13 and KubeCon

[Podcast] PodCTL  - Kube Security, Kube 1.13 and KubeCon

Heading into the week of KubeCon, we wanted to make sure that listeners had some basics to prepare them for a week of learning and announcements. We discussed the severe Kubernetes bug (Kubernetes Privilege Escalation Flaw) and available patches, all of the new features in Kubernetes 1.13, as some previews of things to expect from […]

Read More...

OpenShift Commons Briefing: Container Deployment and Security Best Practices John Morello (Twistlock) and Dirk Herrmann (Red Hat)

OpenShift Commons Briefing Summary In this briefing, Twistlock’s John Morello and Red Hat’s Dirk Herrmann gave an in-depth look at the recent NIST Special Publication SP800-190 on Container Security and why it matters if you are deploying containers. They covered best practices for achieving the SP800-190 recommendations on OpenShift. Access the slides from this briefing: Container […]

Read More...

Istio on OpenShift: Technology Preview of Service Mesh Now Available

Istio on OpenShift: Technology Preview of Service Mesh Now Available

  We’re happy to announce the availability of our first technology preview of the Red Hat OpenShift Service Mesh, based on the Istio Project. The advancement of application/software development practices combined with technology/practice improvements in software delivery have resulted in a proliferation of application instances within many organizations. Whether these are macro/monoliths, “mini” services, or […]

Read More...

[Podcast] PodCTL #50 – Listener Mailbag Questions

[Podcast] PodCTL #50 - Listener Mailbag Questions

As the community around PodCTL has grown (~8000 weekly listeners) we’ve constantly asked them to give us feedback on topics to discuss and areas where they want to learn. This week we discussed and answered a number of questions about big data and analytics, application deployments, routing security, and storage deployment models. The show will […]

Read More...