OpenShift blog

    June 25, 2020

    GitOps secret management

    References: "Sealed Secrets" for Kubernetes Kubernetes External Secrets GitOps is the way to do Kubernetes or OpenShift cluster management through declarative management of API manifests (yaml files) ...

    Raif Ahmed

    May 1, 2020

    4.4 OpenShift: Not On My Watch - Image Vulnerabilities List

    Security is a top priority for OpenShift. OpenShift 4.3 laid the groundwork for even more robust image security with Quay Container Security Integration, which allows registry images to be scanned ...

    Peter Kreuser

    April 21, 2020

    Integrating Hashicorp Vault in OpenShift 4

    Introduction This is the fourth post of the blog series on HashiCorp Vault. The first post proposed a custom orchestration to more securely retrieve secrets stored in the Vault from a pod running in ...

    Mattia Mascia, Codrin Bucur, Ricardo Lourenco, Nikolaj Majorov

    April 20, 2020

    Managing SCCs in OpenShift

    On the first post we looked into Linux and process privileges and saw how containers have the exact same behaviors. We saw that those privileges are specific to the Linux user that the container ...

    Alexandre Menezes

    April 9, 2020

    Certifiable Software Distribution Process for OpenShift

    Introduction In some environments, it’s mandatory to be able to certify (validate) the integrity and authenticity of the software being used. Validating the integrity in this case refers to ensuring ...

    Raffaele Spazzoli

    April 6, 2020

    Adding security facets to your app on OpenShift

    TL;DR: Securing your app with Istio, SSO, Vault. Step-by-step without coding! Assembling security aspects using cloud native patterns. Today, securing your apps is a “must have” but it’s difficult to ...

    Laurent Broudoux

    April 3, 2020

    OpenShift Commons Briefing: State of Container Security – Urvashi Mohnani and Sally O’Malley (Red Hat)

    Linux Containers continue to rapidly proliferate in the software industry. With the vast amount of solutions pertaining to containers out there, it is important to note the various security features ...

    Diane Mueller

    April 3, 2020

    OpenShift Commons Briefing: State of OpenShift Container Storage – Eran Tamir and Duncan Hardie (Red Hat)

    Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for Red Hat OpenShift Container Platform. OpenShift Container Storage 4.2 is built on Red Hat Ceph® ...

    Diane Mueller

    April 3, 2020

    What customers of Red Hat OpenShift hosted services should know about the April 2020 HAProxy HTTP/2 flaws

    On April 2, 2020, details were made public about a security flaw that impacts systems running the HAProxy component when HTTP/2 support is enabled. Before the flaws were publicly disclosed, Red Hat ...

    Bill Montgomery

    April 2, 2020

    Adding authentication to your Kubernetes Web applications with Keycloak

    In this article, I will walk you through the deployment of Keycloak, a user authentication and authorization tool and how to integrate this to any Kubernetes Web application without touching a single ...

    Carlos Eduardo de Paula

    March 16, 2020

    Introduction to Security Contexts and SCCs

    With Role Based Access Control, we have an OpenShift-wide tool to determine the actions (or verbs) each user can perform against each object in the API. For that, rules are defined combining ...

    Alexandre Menezes

    January 22, 2020

    OpenShift 4.3: Quay Container Security Integration

    Overview In the Red Hat OpenShift 4.2 Web UI Console, we introduced a new Cluster Overview Dashboard as the landing page when users first log in. The dashboard is there to help users resolve issues ...

    Alex Handy