Today I want to talk about the demo we presented @ OpenShift Container Platform Roadshow in Milan & Rome last week.
The demo was based on JBoss team’s great work available on this repo:
Continue reading “OpenShift and DevOps: The CoolStore Microservices Example”
Hi there! It’s been a while since I last wrote an article. Today, I want to show you how to easily setup some persistent storage for your projects in minishift / CDK 3 (Red Hat’s Containers Development Kit 3).
Continue reading “Adding Persistent Storage to Minishift / CDK 3 in Minutes”
It’s been a while since Red Hat released version 3.3 of OpenShift Container Platform, this version is full of features.
Continue reading Using Pipelines in OpenShift 3.3+ for CI/CD
Containers are one of the top trend today. Starting working or playing with them could be really hard also if you’ve well understood the theory at their base.
With this article I’ll try to show you some useful tips and tricks to start into containers world, thanks also to the great web interface provided by the Cockpit project.
Cockpit is an interactive server admin interface. You’ll find below some a of its great features:
- Cockpit comes “out of the box” ready for the admin to interact with the system immediately, without installing stuff, configuring access controls, making choices, etc.
- Cockpit has (as near as makes no difference) zero memory and process footprint on the server when not in use. The job of a server is not to show a pretty UI to admins, but to serve stuff to others. Cockpit starts on demand via socket activation and exits when not in use.
- Cockpit does not take over your server in such a way that you can then only perform further configuration in Cockpit.
- Cockpit itself does not have a predefined template or state for the server that it then imposes on the server. It is imperative configuration rather than declarative configuration.
- Cockpit dynamically updates itself to reflect the current state of the server, within a time frame of a few seconds.
- Cockpit is firewall friendly: it opens one port for browser connections: by default that is 9090.
- Cockpit can look different on different operating systems, because it’s the UI for the OS, and not a external tool.
- Cockpit is pluggable: it allows others to add additional UI pieces.
Continue reading “Cockpit: Your entrypoint to the Containers Management World”
OpenShift gives its administrators the ability to manage a set of security context constraints (SCCs) for limiting and securing their cluster. Security context constraints allow administrators to control permissions for pods using the CLI.
SCCs allow an administrator to control the following:
- Running of privileged containers.
- Capabilities a container can request to be added.
- Use of host directories as volumes.
- The SELinux context of the container.
- The user ID.
- The use of host namespaces and networking.
- Allocating an ‘FSGroup’ that owns the pod’s volumes
- Configuring allowable supplemental groups
- Requiring the use of a read only root file system
- Controlling the usage of volume types
- Configuring allowable seccomp profiles
Continue reading “Understanding OpenShift Security Context Constraints”
Have you ever used a temporary directory? I’m guessing if you use a computer, you’ve used one of these. It’s a core feature of nearly every operating-system.
To ensure system stability, you should always check that filesystems on which a temporary directory resides don’t get full — running out of space can quickly bring your system to a grinding halt.
One method to prevent running out of space could be to place those directories on a dedicated partition, but no matter the solution, it is a best practice to clean those directories periodically, based on your/your app’s needs.
Continue reading “Managing temporary files with systemd-tmpfiles on Red Hat Enterprise Linux 7”