webinar: Hybrid cloud, OpenStack, containers – what are you thinking about in 2015?

Reposted from

Compass-Rose-BW“Hybrid IT is becoming the “new normal,” and open source use is on the rise in today’s enterprise landscape. Containers are taking on a bigger role, and new, innovative management solutions are becoming a requirement. Join the Red Hat® virtual event to learn about the top technology trends that will affect the way you build and deploy infrastructure and applications in 2015 and beyond.

“As part of this discussion, IDC vice president Mary Johnson Turner will reveal new research on how hybrid clouds and new application architectures will change management across increasingly complex IT environments.

“We’ll discuss how:


Microservice principles and Immutability – demonstrated with Apache Spark and Cassandra

Shipping_containers_at_ClydeContainerizing things is particularly popular these days.   Today we’ll talk about the idioms we can use for containerization, and specifically play with apache spark and cassandra in our use case for creating easily deployed, immutable microservices.


Note: This post is done using centos7 as a base for the containers, but these same recipes will apply with RHEL and Fedora base images.

Continue reading “Microservice principles and Immutability – demonstrated with Apache Spark and Cassandra”


Creating custom Atomic trees, images, and installers – Part 2

Shipping_containers_at_ClydeThis blog is a continuation of “Creating custom Atomic trees, images, and installers – Part 1.”  In part one, we learned how to compose our own atomic trees and consume them in a guest.  In part two, we will learn how to create our own disk images and installer media.


Creating custom disk images

As mentioned in the previous blog, the subcommand imagefactory can be used to create disk images.  As of this writing, the imagefactory subcommand can output the following image types:

  • kvm – results in a qcow2 image perfect for importing with KVM
  • raw – a raw image, which can be used as it or converted to another type
  • vsphere –
  • rhevm – suitable image for importing into RHEV-M

Continue reading “Creating custom Atomic trees, images, and installers – Part 2”

JBoss on Docker At a Glance

JBoss on Docker At a Glance

Shipping_containers_at_ClydeIf one thing survived all the New Year parties, it is Docker. It was hot at the end of 2014 and it looks like it is getting even hotter in 2015. And Red Hat is one of the key drivers behind the adoption of this amazing container technology. This is a short summary blog post about a bunch of resources to get you started with Java EE, WildFly and Microservices on Docker mostly collecting resources and information from the JBoss guys.

Get A First Impression – Introduction to Docker
We’ve published a practical introduction here before. And there’s even more. You can look at Arun Gupta’s introduction post about Docker basics and also refer to the official Docker User Guide.

Continue reading “JBoss on Docker At a Glance”

Creating custom Atomic trees, images, and installers – Part 1

Creating custom Atomic trees, images, and installers – Part 1

Shipping_containers_at_ClydeNot too soon after people start using Atomic images, the question of customization soon follows. It is a natural progression for most people when they use Atomic. There are a number of different ways to accomplish using custom images not withstanding using docker and containers. The Atomic tool called ‘rpm-ostree-toolbox‘ is emerging as the best tool for customizing Atomic.

The ‘rpm-ostree-toolbox’ main command is actually a wrapper (much like virsh) for three subcommands: treecompose, imagefactory, and installer.  With these three subcommands, you can create:

  • a custom Atomic tree
  • customized disk images (qcow2 and the like) based on your tree
  • install media (ISO) that installs your tree

Continue reading “Creating custom Atomic trees, images, and installers – Part 1”

Running PHP FPM in Docker

Running PHP FPM in Docker

Use cases

In Red Hat Enterprise Linux we support a variety of different versions of PHP. Sometimes users find they need to run a legacy application, requiring an older version of PHP, on a newer version of RHEL. Developers may want to develop an application on their Fedora Workstation and deploy it on a RHEL server or ensure it will be compatible with all available PHP versions in enterprise distributions.PHP logo

This example can be easily adapted for all PHP versions available as RPM packages in distribution repository (5.3.3 in RHEL-6, 5.4.16 in RHEL-7, 5.4.16 and 5.5.6 in RHSCL-1.2).

Here is the sample Dockerfile I use to run PHP 5.3 FPM in an CentOS-6 container:

Continue reading “Running PHP FPM in Docker”

Dockerfiles now available for Red Hat Software Collections

Dockerfiles now available for Red Hat Software Collections

Shipping_containers_at_ClydeWe recently announced that we’ve made available a set of Dockerfiles for Red Hat Software Collections.  We are making these available since we think they may be useful to customers looking to build more complex application containers on top of RHEL and RHSCL. We don’t intend the Dockerfiles to produce useful standalone images which you’ll immediately put in production – the Docker images which these create are very simple containers which give you RHEL plus the basic set of packages from a particular RHSCL collection.

There are two different ways to get your hands on the Dockerfiles:

  1. From the upstream source at github 
  2. From a new package, rhscl-dockerfiles, which we’ve shipped in the RHSCL channels – both for RHEL6 and RHEL7

Continue reading “Dockerfiles now available for Red Hat Software Collections”

Useful Dockerfiles for the RHEL-ecosystem

Useful Dockerfiles for the RHEL-ecosystem

Shipping_containers_at_ClydeLike most programmers, I find it much easier to take some existing example of code and modify it to do what I want. Sometimes, I end up with nothing from the original source, but I still find it easier. I wonder if this is akin to writing where, I find, if you put the words down in a stream of consciousness manner, then “rewrite, rewrite, rewrite.”

Continue reading “Useful Dockerfiles for the RHEL-ecosystem”

Introducing a *Super* Privileged Container Concept

Introducing a *Super* Privileged Container Concept

Letting the containers out of containment.padlock

I have written a lot about *Containing the Containers*, e.g. *Are Docker containers really secure?* and *Bringing new security features to Docker*. However, what if you want to ship a container that needs to have access to the host system or other containers? Well, let’s talk about removing all the security! Safely?

Continue reading “Introducing a *Super* Privileged Container Concept”

Share – Bringing new security features to Docker – Bringing new security features to Docker

In the first of this series on Docker security, I wrote “containers do not contain.” In this second article, I’ll cover why and what we’re doing about it.homepage-docker-logo

Docker, Red Hat, and the open source community are working together to make Docker more secure. When I look at security containers, I am looking to protect the host from the processes within the container, and I’m also looking to protect containers from each other. With Docker we are using the layered security approach, which is “the practice of combining multiple mitigating security controls to protect resources and data.”

Basically, we want to put in as many security barriers as possible to prevent a break out. If a privileged process can break out of one containment mechanism, we want to block them with the next. With Docker, we want to take advantage of as many security mechanisms of Linux as possible.

Luckily, with Red Hat Enterprise Linux (RHEL) 7, we get a plethora of security features.

Continue reading “ – Bringing new security features to Docker”