Recently I was looking for a way to implement access control for microservices. I needed a solution that would allow defining complex authorization rules that could be enforced across many services. After searching the web, I discovered a very promising Open Policy Agent project that seems to be the right tool for the job. In this series of three blog posts, I am going to introduce Open Policy Agent to you and highlight how it can help you.
Continue reading “Open Policy Agent, Part I — The Introduction”
Are you still doing all your Linux container management using an insecure, bloated daemon? Well, don’t feel bad. I was too until recently. Now I’m finding myself saying goodbye to my beloved Docker daemon, and saying hello to Buildah, Podman, and Skopeo. In this article, we’ll explore the exciting new world of rootless and daemon-less Linux container tools.
Continue reading “Say “Hello” to Buildah, Podman, and Skopeo”
This diagram represents the reference architecture for a full high availability and disaster recovery solution. This solution can be individually tailored to address a single availability solution. For example, if only disaster recovery is needed the configuration supports exclusion of the HA replica.
Continue reading “Ansible Tower High Availability and Disaster Recovery”
The pace of innovation has shortened expectations for time to market, placing pressure on IT teams to keep up with the rate of change. Organizations need just-in-time, prescriptive resources to enable their teams to leverage innovation to solve business problems. The Red Hat Learning Subscription (RHLS) delivers unlimited, on-demand, modular access to Red Hat’s entire training portfolio including cloud based labs for a full year. The Early Access feature of RHLS enables subscribers to learn from real-time publishing of courses and labs currently in development.
Continue reading “Start learning Red Hat Enterprise Linux 8 and Red Hat OpenShift Container Platform 4 through Early Access”
I have been asked, tasked, and dropped in by parachute on an extraordinary number of occasions recently to answer questions about, and implement solution for, Single Sign On (SSO) to OpenShift Container Platform. These conversations can start in multiple ways:
- How do I do SSO to OpenShift?
- How do I integrate OpenShift with my existing SAML identity provider?
- How do I log into OpenShift with my PIV and PIN?
The goal of all of these questions is typically the same and all have the same answer. Organizations typically have an existing SAML based identity provider they use for single sign on, and in the case of many, especially government, organizations the identity is provided by the user via a PIV and PIN.
Continue reading “OpenShift Single Sign On (SSO)”
Automation within enterprise IT is not a new topic. Whether it’s automating the creation of a user desktop or a server, the drive has always been to automate as much as possible to achieve faster time to market and efficiency. What has changed, though, is the number of infrastructure elements one can automate within an IT org. I still remember my first job in college 15 years ago where I used a variety of tools to automatically deploy and configure Windows XP simultaneously across 50 desktop machines for a classroom lab environment. Today not only can we automate desktop computer deployments but also servers, applications, and even networking.
Continue reading “4 ways to jump start an Open Source & Agile Automation Culture”
Like many others in the technology industry, I share a passion for artificial intelligence (AI). This year at OpenStack Summit in Berlin, I presented a talk around parallel AI training. OpenStack lends itself well to big data problems.
Continue reading “Welcome to the AI Thunderdome: Using OpenStack to accelerate AI training with Sahara, Spark, and Swift”