Containers

As part of our participation in hundreds of open source communities, Red Hat engineers are often involved in research and development efforts that may or may not become a part of Red Hat's supported offerings. Intel's Data-plane Development Kit (DPDK) is a set of libraries and drivers for Linux and BSD built for fast packet processing, for the burgeoning " Network Function Virtualization", or NFV discipline. Typical verticals interested in turning Linux boxes into packet-processing machines are telecom, financial services...

Imagine this: deploy an application from code-commit to qa, validate through automated testing, and then push the same image into production with no manual intervention, no outage, no configuration changes, and with full audibility through change records. A month-and-a-half ago, we formed a tiger team and gave them less than 90 days to do it. How? Build an end-to-end CI/CD environment leveraging RHEL Atomic 7.1 as the core platform and integrating with key technologies like git, Jenkins, packer.io, in a...

Linux Containers combine well-established Linux kernel technologies such as namespaces, SELinux, cgroups and iptables with incredible ease of use and exceptional performance. For customers looking for the lowest possible network latencies and reduced CPU overhead coupled with the deployment advantages of Linux containers, Red Hat's new Accelerating Red Hat Enterprise Linux 7-based Linux Containers with Solarflare OpenOnload whitepaper provides installation, configuration and tuning guidance for Docker containers running on Red Hat Enterprise Linux with Solarflare OpenOnload network acceleration. The whitepaper...

Dan Walsh wrote this great article for opensource.com. I've recently learned from Dan that SELinux and containers are excellent complements to each other - kind of like tea and scones, peanut butter and jelly, Laurel and Hardy. (Which one of these did you need to google?) As container applications become finer grained, SELinux becomes really easy to use (for both dev and ops) for securing containers. Here's an excerpt from Dan's article - click through to read the whole thing...

Posted on March 18, 2015 by Bhavna Sarathy of Red Hat. Over the last 18 months, especially since the general availability of Red Hat Enterprise Linux 7, “containers” have emerged as a hot topic. With the more recent introduction of Red Hat Enterprise Linux Atomic Host, an operating system optimized for running the next generation of applications with Linux containers, one might wonder… what about virtualization? In that the benefits of containerization seem to overlap those of traditional virtualization, how...

Here are excerpts from today's announcement - an ecosystem with container development tools to containerize and certify applications: "Red Hat today announced the launch of the first certified, end-to-end ecosystem program for Linux containers based on Docker, a key component of the company’s vision for containerized applications unveiled in March 2014. Leveraging Red Hat’s vast network of thousands of partners and independent software vendors (ISVs), this ecosystem program is designed to enable the design, development and delivery of certified, trusted...

The rise of the purpose-built Linux distribution Recently, several purpose-built distributions have been created specifically to run Linux containers. There seem to be more popping up every day. For our part, in April 2014 at the Red Hat Summit, Red Hat announced its intention to deliver a purpose-built, container-optimized version of Red Hat Enterprise Linux 7 called RHEL Atomic Host. After over a year in the making, we are excited that launch day has finally come! What's important to know...

Red Hat "has announced the general availability of Red Hat Enterprise Linux 7 Atomic Host, an operating system optimized for running the next generation of applications with Linux containers." "Based on RHEL, Red Hat Enterprise Linux Atomic Host enables enterprises to embrace a container-based architecture to take advantage of the benefits of development and deployment flexibility and simplified maintenance, without sacrificing performance, stability, security, or the value of Red Hat’s vast certified ecosystem. "For building and maintaining container infrastructure, Red...

This article was written by Red Hat's Siddharth Nagar, RHEL 7 product manager. "As product manager for Red Hat Enterprise Linux 7, part of my job is to ensure that the latest version of our flagship product adheres to our promise of stability, reliability, and security. In addition, as Red Hat Enterprise Linux 7 is Red Hat’s latest enterprise Linux platform, it also needs to incorporate new innovations in technology to help our customers gain business advantage, reduce costs, and...

Lately I've been busy working on an Eclipse plugin that will support a wide range of docker functionality. Some of that has involved looking at some docker client libraries, figuring out how it works in one implementation, and seeing how this can be ported to other implementations. While the Docker Remote API is well documented, it can still be tricky to get things right. When I'm debugging some failed interaction, I've found socat to be very useful. Let's say we...

Linux containers are disrupting traditional application development and deployment models, enabling businesses to explore new, better ways to deliver products and services. How are organizations like yours using containers? Read more about this webinar and register today: Transform Application Delivery with Containers | A Red Hat Virtual Event | Red Hat Enterprise Linux Blog.

Reposted from http://www.redhat.com/en/about/events/game-changing-it-trends-red-hat-virtual-event "Hybrid IT is becoming the “new normal,” and open source use is on the rise in today’s enterprise landscape. Containers are taking on a bigger role, and new, innovative management solutions are becoming a requirement. Join the Red Hat® virtual event to learn about the top technology trends that will affect the way you build and deploy infrastructure and applications in 2015 and beyond. "As part of this discussion, IDC vice president Mary Johnson Turner will reveal...

The Winter of Code is a challenge for the best application built on OpenShift. Winter of Code 2015 challenge is organized (and judged) by OpenShift developers from Red Hat Czech as part of the Developer Conference which takes place from February 6th to February 8th in Brno, Czech Republic. From most practical to the most crazy, submit your applications and win fabulous prizes, such as Google Nexus Tablet and much more! The winners on each category will be announce on...

Containerizing things is particularly popular these days. Today we'll talk about the idioms we can use for containerization, and specifically play with apache spark and cassandra in our use case for creating easily deployed, immutable microservices. Note: This post is done using centos7 as a base for the containers, but these same recipes will apply with RHEL and Fedora base images. There are a few different ways to build a container. For example, for beginners, you can build a container...

Il y a quelques mois, j'ai développé et publié une petite extension Puppet pour tuned-adm. En effet, cette commande est une fonctionnalité assez appréciable de RHEL, et il m'a semblé donc pertinent d'évoquer cette dernière sur Red Hat developer blog. Tour d'horizon de 'tuned-adm' Pour faire court, cette commande va s'occuper des nombreux fins réglages du système d'exploitation pour vous, selon l'usage que vous souhaitez faire de ce dernier. Par exemple, si vous utilisez le système comme un simple serveur...

This blog is a continuation of " Creating custom Atomic trees, images, and installers - Part 1." In part one, we learned how to compose our own atomic trees and consume them in a guest. In part two, we will learn how to create our own disk images and installer media. Creating custom disk images As mentioned in the previous blog, the subcommand imagefactory can be used to create disk images. As of this writing, the imagefactory subcommand can output...

If one thing survived all the New Year parties, it is Docker. It was hot at the end of 2014 and it looks like it is getting even hotter in 2015. And Red Hat is one of the key drivers behind the adoption of this amazing container technology. This is a short summary blog post about a bunch of resources to get you started with Java EE, WildFly and Microservices on Docker mostly collecting resources and information from the JBoss...

Not too soon after people start using Atomic images, the question of customization soon follows. It is a natural progression for most people when they use Atomic. There are a number of different ways to accomplish using custom images not withstanding using docker and containers. The Atomic tool called ' rpm-ostree-toolbox' is emerging as the best tool for customizing Atomic. The 'rpm-ostree-toolbox' main command is actually a wrapper (much like virsh) for three subcommands: treecompose, imagefactory, and installer. With these...

Use cases In Red Hat Enterprise Linux we support a variety of different versions of PHP. Sometimes users find they need to run a legacy application, requiring an older version of PHP, on a newer version of RHEL. Developers may want to develop an application on their Fedora Workstation and deploy it on a RHEL server or ensure it will be compatible with all available PHP versions in enterprise distributions. This example can be easily adapted for all PHP versions...

We recently announced that we've made available a set of Dockerfiles for Red Hat Software Collections. We are making these available since we think they may be useful to customers looking to build more complex application containers on top of RHEL and RHSCL. We don't intend the Dockerfiles to produce useful standalone images which you'll immediately put in production - the Docker images which these create are very simple containers which give you RHEL plus the basic set of packages...

Like most programmers, I find it much easier to take some existing example of code and modify it to do what I want. Sometimes, I end up with nothing from the original source, but I still find it easier. I wonder if this is akin to writing where, I find, if you put the words down in a stream of consciousness manner, then " rewrite, rewrite, rewrite." As such, I am really excited about the efforts from the CentOS, Fedora...

Letting the containers out of containment I have written a lot about *Containing the Containers*, e.g. * Are Docker containers really secure?* and * Bringing new security features to Docker*. However, what if you want to ship a container that needs to have access to the host system or other containers? Well, let's talk about removing all the security! Safely? Packaging Model I envision a world where lots of software gets shipped in image format. In other words, the application...

In the first of this series on Docker security, I wrote "containers do not contain." In this second article, I'll cover why and what we're doing about it. Docker, Red Hat, and the open source community are working together to make Docker more secure. When I look at security containers, I am looking to protect the host from the processes within the container, and I'm also looking to protect containers from each other. With Docker we are using the layered...

This article from opensource.com is based on a talk I gave at DockerCon this year. It will discuss Docker container security, where we are currently, and where we are headed. Containers do not contain I hear and read about a lot of people assuming that Docker containers actually sandbox applications—meaning they can run random applications on their system as root with Docker. They believe Docker containers will actually protect their host system. I have heard people say Docker containers are...