DevOps

Digital transformation is about evolving into a technology business to compete in the digital economy. Businesses can’t transform without relying on the developer to implement the transformation strategy and deliver value. Unfortunately, as developers look to adopt new approaches that let them deliver business value more quickly, they find it challenging to get started in a timely fashion. First, they have to pick a software stack to use as a foundation. In the world of open source, there is an...

It’s hard to believe that spring of 2017 is upon us, and with it, the preparation for our second DevNation Federal. Last year has seen a surge of innovation in open source communities, and now more than ever it’s imperative that government agencies equip themselves for the change that lies ahead. This year, digital transformation , microservices , containers and Kubernetes are hotter than ever. Function as a Service (FaaS) , hyper-converged, and serverless architecture are on the horizon, and...

Since I've learned about nftables, I heard numerous times that it would provide better performance than its designated predecessor, iptables. Yet, I have never seen actual figures of performance comparisons between the two and so I decided to do a little side-by-side comparison. Basically, my idea was to find out how much certain firewall setups affect performance. In order to do that, I simply did a TCP stream test between two network namespaces on the same system and then added...

Hi there! It's been a while since I last wrote an article. Today, I want to show you how to easily setup some persistent storage for your projects in minishift / CDK 3 (Red Hat's Containers Development Kit 3). Prerequisites First, let's start planning what you'll need: A working minishift or CDK 3. That's all, I swear! I won't go deep into how to set up a minishift or CDK 3, there are many articles on the Internet to cover...

While validating OpenShift Container Platform on a VMware platform the usage of Atomic OS was also a requirement. In the initial reference architecture, the decision was made to use Red Hat Enterprise Linux as the platform. This platform was then customized and the same packages as in Atomic were installed via Ansible and Red Hat Network. The github repo with those playbooks is here: https://github.com/openshift/openshift-ansible-contrib/tree/master/reference-architecture/vmware-ansible . These playbooks will guide you from start to finish to deploying OCP on VMware...

Part 2 of 2 In part one of this blog post, we mentioned a pain point in Container based environments. We introduced SCAP as a means to measure compliance in computer systems and introduced ManageIQ as a means of automating Cloud & Container based workflows. Tutorial: Using the OpenSCAP integration in ManageIQ In ManageIQ we have been working on leveraging OpenSCAP to show container images that infringe known vulnerabilities based on the latest CVE content distributed by Red Hat. Integrating...

Part 1 of 2 "Docker is about running random crap from the Internet as root on your host" - Dan Walsh Do you trust your containers? In container-based development flows, a developer will create an image to be the base for an application. Images are stateless, read only, and they are built in layers. These layers represent everything in an application's runtime environment but the kernel, which will be “borrowed” from the hosting machine. Such layers include distribution, packages, environment...

Microservices Are Here, to Stay A few years back, most software systems had a monolithic architecture and slow release cycle. In the recent years, there is a clear move towards Microservices architecture, which is optimized for scalability, elasticity, failure, and speed of change. This trend has been further enforced by the adoption of cloud and containers, which also enabled practices such as DevOps. Trends in the IT Industry All these changes have resulted in a growing number of services to...

Red Hat Fuse Integration Service 2.0 tech preview was released a few weeks ago and as it's based on Red Hat OpenShift 3.3, which has pipeline capability on top of it (tech preview on OpenShift as well), you are able to get one step closer to a more automated and agile continuous integration. As well as, a deployment one-stop platform for us, the integration developer. For the pipeline to work on OpenShift, you need Jenkins installed and running. OpenShift uses...

Wanting to become familiar with nftables, I decided to jump in at the deep end and just use it on my local workstation. The goal was to replace the existing iptables setup, ideally without any drawbacks. The following essay will guide you through what I have done in order to achieve that. In order to be able to follow, you should already be familiar with iptables and at least have a rough idea of what nftables are. I don't see...

It's been a while since Red Hat released version 3.3 of OpenShift Container Platform, this version is full of features. One of my favorites is the support for Pipelines (Tech Preview for now) that lets you easily integrate Jenkins builds on your OpenShift (Origin) Platform. OpenShift Pipelines OpenShift Pipelines are based on the Jenkins Pipeline plugin. ( https://jenkins.io/solutions/pipeline/) Integrating Jenkins Pipelines into OpenShift unlocks all the features for the CI/CD world enabling its users to easily manage repeatable tasks in...

The Kubernetes client package for Go provides developers with a vast range of functions to access data and resources in a cluster. Taking advantage of its capabilities can allow the opportunity to build powerful controllers, monitoring and managing your cluster, beyond the scope of what is offered by stock OpenShift or Kubernetes setups. For example, the PodInterface allows you to list, update, delete, or get specific pods either by namespace or across all namespaces. This interface is complemented by similar...

One of the main principles of microservices is to be independently deployable. As a consequence, Microservices development and operation tend to be much more complex than a Monolith because of their distributed nature --- if your IT team has not moved out yet from its silos and has adopted DevOps practices, the operations team will not really understand why they have to deploy hundreds of independent software pieces in opposite to the "good old monolith". "You need a mature operations...

The world is moving to microservices, where applications are composed of a complex topology of components, orchestrated into a coordinated topology. Microservices have become increasingly popular as they increase business agility and reduce the time for changes to be made. On top of this, containers make it easier for organizations to adopt microservices. Increasingly, containers are the runtimes used for composition, and many excellent solutions have been developed to handle container orchestration such as: Kubernetes/OpenShift; Mesos and its many frameworks...

Editor's note: Raffaele Spazzoli is an Architect with Red Hat Consulting's PaaS and DevOps Practice. This blog post reflects his experience working for Key Bank prior to joining Red Hat. A recount of the journey from three-months, to one-week release cycle-time. This is the journey of KeyBank, a super-regional bank, from quarterly deployments to production to weekly deployments to production. In the process we adopted all open source software migrating from WebSphere to Tomcat and adopting OpenShift as our private...

OpenShift gives its administrators the ability to manage a set of security context constraints (SCCs) for limiting and securing their cluster. Security context constraints allow administrators to control permissions for pods using the CLI. SCCs allow an administrator to control the following: Running of privileged containers. Capabilities a container can request to be added. Use of host directories as volumes. The SELinux context of the container. The user ID. The use of host namespaces and networking. Allocating an 'FSGroup' that...

Developers have a lot of choices when deciding how to start using OpenShift and Kubernetes locally --- without going through a native OS installation. We all need to have a development environment as close as possible to production (to prevent defects caused by environmental differences), but ideally we need to do this without spending a lot of time to setup and a lot of computational resources (cpu, memory and disk space). This post will present four alternatives to create a...

In the microservices landscape, the API provides an essential form of communication between components. To allow secure communication between microservices components, as well as third-party applications, it's important to be able to consume API keys and other sensitive data in a manner that doesn't place the data at risk. Secret objects are specifically designed to hold sensitive information, and OpenShift makes exposing this information to the applications that need it easy. In this post, I'll demonstrate securely consuming API keys...

One of our most popular Red Hat JBoss BRMS demo's, and one that has been available for quite some time, is the CoolStore demo. The CoolStore demo shows how business rules can be used to calculate values like promotional and shipping discounts in a shopping-cart. It furthermore illustrates concepts like ruleflow-groups and dynamic rule updates using KieScanner. Rules and micro-services: the JBoss BRMS Decision Server One of the more interesting features we've recently released in the Red Hat JBoss BRMS...

Welcome to the third installment of That App You Love, a blog series in which I show you how to you can make almost any app into a first-class cloud citizen. If you want to start from the beginning, jump back and check out Part 1: Making a Connection. In Part 2 of this series, we looked at ZNC’s configuration options to decide which settings we wanted to expose to the user, and which settings we could hard-code straight into...

Last June, Eclipse IDE had a great release, named Neon. It features, among many other less visible but still quite useful improvements, many new functionalities for everyone. If you did not migrate yet and are still using an older Eclipse version, just move to Neon right now, it’s worth it! For this Neon release, Red Hat managed to increase its contributions to the Eclipse IDE. The 2 main teams doing Eclipse IDE development (to package Eclipse IDE as .rpm for...

Red Hat Developers and author N. Harrison Ripps have just released the first pieces of a ten-part series ("That app you love") in which Harrison describes the process of deploying an application using containers into a clustered environment on the cloud. Using the ZRC IRC client as a sample application, Harrison demonstrates each step in the process of containerizing software, dealing with issues like statelessness, security, and robustness that are typically architectural hurdles for most development teams moving to a...

In order for businesses to stay agile, developers must be able to deploy apps -- quickly, efficiently, and in a streamlined manner. Red Hat Open Innovation Labs uses a container-driven application development framework to perform continuous delivery and accelerate innovation. In this video, I’ll give you a peek into some of the work we at Labs are undertaking to accelerate application development. Specifically, I’ll walk you through the steps to create a deployment pipeline in Jenkins using the JBoss TicketMonster...