Disclaimer: In most cases, we don’t recommend editing files in a container. However, in rare cases, you might need to reproduce and slightly modify a file in a production container, especially when debugging. (In this case, the vim method I’m using works on Fedora 32 on my laptop and it is the base of my Red Hat OpenShift container image.)
Continue reading Use vim in a production Red Hat OpenShift container in 6 easy steps
Operators are one of the ways to package, deploy, and manage application distribution on Red Hat OpenShift. After a developer creates an Operator, the next step is to get the Operator published on OperatorHub.io. Doing this allows users to install and deploy the Operator in their OpenShift clusters. The Operator is installed, updated, and the management lifecycle is handled by the Operator Lifecycle Manager (OLM).
In this article, we explore the steps required to test OLM integration for the Operator. For demonstration, we use a simple Operator that prints a test message to the shell. The Operator is packaged in the recently introduced Bundle Format.
Continue reading “Operator integration testing for Operator Lifecycle Manager”
In my previous article about nsswitch.conf I talked about how simple, perhaps too simple, this config file is to use. What I didn’t cover then was how simplistic its internal implementation is. Specifically, an application only loads this file once—the first time it’s needed.
Continue reading Coming in glibc 2.33: Reloadable nsswitch.conf
If you’re looking to build Open Container Initiative (OCI) container images without a full container runtime or daemon installed, Buildah is the perfect solution. Now, Buildah is an open source, Linux-based tool that can build Docker- and Kubernetes-compatible images, and is easy to incorporate into scripts and build pipelines. In addition, Buildah has overlap functionality with Podman, Skopeo, and CRI-O.
Continue reading Getting started with Buildah
For a long time at Red Hat, all executables in RPMs were built with debuginfo enabled. While this practice makes it easier for people in support to investigate issues reported using tools such as GDB and crash, there are other important non-debugging uses for the resulting debuginfo.
Continue reading Debuginfo is not just for debugging programs
One of the most important early decisions when building a Linux distribution is the scope of supported hardware. The distribution’s default compiler flags are significant for hardware-platform compatibility. Programs that use newer CPU instructions might not run on older CPUs. In this article, I discuss a new approach to building the x86-64 variant of Red Hat Enterprise Linux (RHEL) 9 and share Red Hat’s recommendation for that build.
Continue reading Building Red Hat Enterprise Linux 9 for the x86-64-v2 microarchitecture level
As per the design, Keycloak imports all users into its local database if the users are authenticated via any third-party identity provider (e.g., Google, Facebook, or Okta). But what if users authenticated through the third-party identity provider have to be restricted—or be allowed only limited access—to applications that are federated with Keycloak? Here’s how you do it.
Continue reading “How to restrict user authentication in Keycloak during identity brokering”
This article describes the integration of Red Hat Single Sign-On (SSO) with Red Hat Directory Server 11 (LDAP). It also illustrates how it is possible to perform user synchronization and group synchronization between Red Hat Directory Server and Red Hat’s single sign-on tools.
Continue reading Integrating Red Hat Single Sign-On version 7.4 with Red Hat Directory Server (LDAP)
Daylight saving time transitions, a zone name change, and the removal of some obsolete files: These are some of the changes that occurred in the Time Zone Database (tzdata) package that provides Red Hat Enterprise Linux (RHEL) and applications with time zone information.
Continue reading 2020 Time Zone Database (tzdata) changes