Recently I was looking for a way to implement access control for microservices. I needed a solution that would allow defining complex authorization rules that could be enforced across many services. After searching the web, I discovered a very promising Open Policy Agent project that seems to be the right tool for the job. In this series of three blog posts, I am going to introduce Open Policy Agent to you and highlight how it can help you.
Continue reading “Open Policy Agent, Part I — The Introduction”
Are you still doing all your Linux container management using an insecure, bloated daemon? Well, don’t feel bad. I was too until recently. Now I’m finding myself saying goodbye to my beloved Docker daemon, and saying hello to Buildah, Podman, and Skopeo. In this article, we’ll explore the exciting new world of rootless and daemon-less Linux container tools.
Continue reading “Say “Hello” to Buildah, Podman, and Skopeo”
This diagram represents the reference architecture for a full high availability and disaster recovery solution. This solution can be individually tailored to address a single availability solution. For example, if only disaster recovery is needed the configuration supports exclusion of the HA replica.
Continue reading “Ansible Tower High Availability and Disaster Recovery”
The pace of innovation has shortened expectations for time to market, placing pressure on IT teams to keep up with the rate of change. Organizations need just-in-time, prescriptive resources to enable their teams to leverage innovation to solve business problems. The Red Hat Learning Subscription (RHLS) delivers unlimited, on-demand, modular access to Red Hat’s entire training portfolio including cloud based labs for a full year. The Early Access feature of RHLS enables subscribers to learn from real-time publishing of courses and labs currently in development.
Continue reading “Start learning Red Hat Enterprise Linux 8 and Red Hat OpenShift Container Platform 4 through Early Access”
I have been asked, tasked, and dropped in by parachute on an extraordinary number of occasions recently to answer questions about, and implement solution for, Single Sign On (SSO) to OpenShift Container Platform. These conversations can start in multiple ways:
- How do I do SSO to OpenShift?
- How do I integrate OpenShift with my existing SAML identity provider?
- How do I log into OpenShift with my PIV and PIN?
The goal of all of these questions is typically the same and all have the same answer. Organizations typically have an existing SAML based identity provider they use for single sign on, and in the case of many, especially government, organizations the identity is provided by the user via a PIV and PIN.
Continue reading “OpenShift Single Sign On (SSO)”