Blogs

Red Hat Advanced Cluster Security Walkthrough

Red Hat Advanced Cluster Security for Kubernetes enables organizations to securely build, deploy, and run cloud-native applications anywhere. This video demonstration walks through the major features of RHACS to demonstrate vulnerability management, network segmentation, custom security policies, and more!

Continue reading

Red Hat Advanced Cluster Management Walkthrough

Red Hat Advanced Cluster Management for Kubernetes, RHACM, built on the Open Cluster Management project, manages Kubernetes distributions like AKS, EKS, GKE, and OpenShift including the workloads they host. Read on for a demonstration of RHACM features like Cluster Hibernation, Cluster Pools, Multi-cluster application deployment and Observability.

Skip to the end for the complete video demo or take your time and stroll through a few quick GUI Free reanimations on your way there.

Continue reading

Protect Gitignored but Tracked Files

Sometimes you want to put files in git that you really shouldn’t be putting in git.

Continue reading

Recovering kubeconfig for a Cluster Created with RHACM

Red Hat Advanced Cluster Management for Kubernetes and it’s upstream Open Cluster Management automate cluster lifecycle management from creation, configuration, upgrade, and destruction. If a cluster is created by RHACM you may need to download the kubeadmin password and the kubeconfig. This is easily accomplished by browsing to the RHACM cluster overview, but how do you do the same from the CLI? ClusterDeployment The creation of a cluster starts with a ClusterDeployment which will be interpreted by Hive.

Continue reading

Deploying a Cross-platform Windows and Linux Application to OpenShift

An application can sometimes require diverse components that span technology stacks. There may be a depency on a legacy component built for Windows which may not be suitable for deployment to Linux. The good news is it may still be suitable for deployment to Kubernetes. With a Windows node in your OpenShift cluster you can deploy cross-platform applications that can simultaneously leverage the strengths of Linux and Windows.

Continue reading

Adding a Windows Node to an OpenShift Cluster

The Windows Machine Config Operator builds and configures Windows machines to act as nodes in an OpenShift cluster enabling cross platform workloads. This post will demonstrate the addition of a Windows node to an existing cluster and explore the integration of Windows and Kubernetes.

Continue reading

Installing OpenShift on Azure for Windows Containers

Adding support for Windows nodes in your OpenShift cluster is a day 2 operation that requires preparation at install time. It is important to accommodate the hybrid networking requirements for Windows Kubernetes nodes. Azure specific tasks and gotchas are highlighted in this part 1 of 3 while laying the groundwork applicable to deploying OpenShift on any provider in preparation for managing Windows containers.

Continue reading

How do OpenShift Over The Air Updates Work?

OpenShift 4 extends the operator pattern introduced by CoreOS, and enables automated management of the Kubernetes cluster and the underlying resources including machine instances and operating system configuration. Operator driven over the air updates enable automated updates much like you are accustomed to receiving for your smart phone. What follows is a a technical exploration of the OpenShift over the air updates implementation. Operators All the Way Down What is an “Operator”?

Continue reading

OpenShift 4 on OpenStack Networking and Installation

OpenShift Containter Platform 4 is much more like Tectonic than OpenShift 3. Particularly when it comes to installation and node management. Rather then building machines and running an Ansible playbook to configure them you now have the option of setting a fewer paramters in an install config running an installer to build and configure the cluster from scratch. I would like to illustrate how the basics of the networking might look when installing OpenShift on OpenStack.

Continue reading

Playbook to replace bootstrap.kubeconfig and node certificates on OpenShift 3.10 3.11

If you are a serial upgrader like me, you may have found that at one point during your 3.10.xx patching (say 3.10.119) you hit this error during the data plane upgrade: TASK [openshift_node : Approve the node] ************************************************************ task path: /usr/share/ansible/openshift-ansible/roles/openshift_node/tasks/upgrade/restart.yml:49 Using module file /usr/share/ansible/openshift-ansible/roles/lib_openshift/library/oc_csr_approve.py ... FAILED - RETRYING: Approve the node (30 retries left).Result was: { "all_subjects_found": [], "attempts": 1, "changed": false, "client_approve_results": [], "client_csrs": {}, "failed": true, "invocation": { "module_args": { "node_list": [ "ose-test-node-01.

Continue reading