More and more companies are migrating their applications to the Red Hat OpenShift Container Platform (RHOCP). This enterprise-grade container platform is secure and comprehensive, based on industry standards including those related to Docker and Kubernetes. However, due to the tightened security restrictions, containers that run on Docker and Kubernetes might not run successfully on Red Hat OpenShift without modification.
Red Hat OpenShift Container Platform is a fully managed Red Hat OpenShift service that takes advantage of enterprise-ready scaling and security. It is directly integrated with Kubernetes and provides several models for application deployment. For example, OpenShift can mitigate the risk that processes running in a container might be given escalated privileges on the host machine, due to security vulnerabilities in the container engine. For this reason, containers are run using an arbitrarily assigned user ID.
In contrast, in Docker and Kubernetes containers are run either as the user specified by the USER directive in the Dockerfile, or as the root user if a USER directive is not specified. Containerized applications designed to run as the root user might not run as expected on OpenShift.
Continue reading “Adapting Docker and Kubernetes containers to run on Red Hat OpenShift Container Platform”
Red Hat is heading to NodeConf Remote 2020 with IBM to demonstrate a few of our favorite production-quality tools and solutions, all designed to help developers maintain their productivity while successfully navigating the vast and rapidly-changing cloud-native landscape.
Continue reading Red Hat talks and workshops at NodeConf Remote 2020
Red Hat OpenShift is an enterprise-ready Kubernetes platform that provides a number of different models you can use to deploy an application. OpenShift 4.x uses Operators to deploy Kubernetes-native applications. It also supports Helm and traditional template-based deployments. Whatever deployment method you choose, it will be deployed as a wrapper to one or more existing OpenShift resources. Examples include BuildConfig, DeploymentConfig, and ImageStream.
Continue reading Persistent storage in action: Understanding Red Hat OpenShift’s persistent volume framework
In April, the Node.js development team released Node.js 14. This major version release, code-named Fermium, will become a long-term support (LTS) release in October 2020.
Continue reading Get started with Node.js 14 on Red Hat OpenShift
We are always looking for ways to understand better how developers create, build, manage, test, and deploy applications on and for Red Hat OpenShift. An important part of that effort is the annual OpenShift Developer Survey, which we’ve just released for 2020.
Keep reading to learn more about the survey, including highlights of the 2019 survey results and what to expect from the survey this year. We also invite you to participate in our OpenShift developer experience office hours and one-to-one feedback sessions for our developer community and customers.
Continue reading “Let’s collaborate! Take the 2020 Red Hat OpenShift Developer Survey now”
The release of Red Hat Data Grid 8.1 offers new features for securing applications deployed on Red Hat OpenShift. Naturally, I wanted to check them out for Quarkus. Using the Quarkus Data Grid extension made that easy to do.
Data Grid is an in-memory, distributed, NoSQL datastore solution based on Infinispan. Since it manages your data, Data Grid should be as secure as possible. For this reason, it uses a default property realm that requires HTTPS and automatically enforces user authentication on remote endpoints. As an additional layer of security on OpenShift, Data Grid presents certificates signed by the OpenShift Service Signer. In practice, this means that Data Grid is as secure as possible out of the box, requiring encrypted connections and authentication from the first request. Data Grid generates a default set of credentials (which, of course, you can override), but unauthenticated access is denied.
In this article, I show you how to configure a Quarkus application with Data Grid and deploy it on OpenShift.
Continue reading “Securely connect Quarkus and Red Hat Data Grid on Red Hat OpenShift”
Red Hat CodeReady Workspaces 2.4 is now available. For this release, we focused on adding support for IBM Z and improving the IDE editor and configuration elements.
Continue reading Support for IBM Z and more in CodeReady Workspaces 2.4
DevNation Tech Talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions plus code and sample projects to help you get started. In this talk, you’ll learn about testing Quarkus applications and services from Alex Soto Bueno and Burr Sutter.
Continue reading Quarked testing: Writing tests for Quarkus
In this article, we introduce a new utility for developers who want to ensure that their code transitions cleanly from upstream Kubernetes to Red Hat OpenShift. OpenShiftKubeAudit (KubeAudit) is a static analyzer that semantically checks a user’s code for known incompatibilities so you can fix them before bringing the code into OpenShift. KubeAudit is also simple to use and easy to extend.
Running an audit
This being the first release, KubeAudit currently offers only a handful of audits, but they’re easy to write. We’re looking for feedback and additional use cases from the community to help make the tool more comprehensive.
Continue reading “Static analysis with KubeAudit for Red Hat OpenShift”
Red Hat Runtimes now supports the new Open Liberty 184.108.40.206 Java runtime. Open Liberty 220.127.116.11 features support for the Automatic Certificate Management Environment (ACME) protocol, which automates the process of obtaining a certificate signed by a certificate authority (CA). The Open Liberty 18.104.22.168 release also includes many bug fixes.
Continue reading Install a signed certificate with Open Liberty 22.214.171.124’s Automatic Certificate Management Environment Support 2.0