This is a blog that I did for work. Enjoy.

Red Hat Enterprise Linux Blog

Red Hat Virtualization offers a flexible technology for high-intensive performance and secure workloads. Red Hat Virtualization 4.0 introduced new features that enable customers to further extend the use case of traditional virtualization in hybrid cloud environments. The platform now easily incorporates third party network providers into the existing environment along with other technologies found in next generation cloud platforms such as Red Hat OpenStack Platform and Red Hat Enterprise Linux Atomic Host. Additionally, new infrastructure models are now supported including selected support for hyperconverged infrastructure; the native integration of compute and storage across a cluster of hosts in a Red Hat Virtualization environment.

View original post 853 more words

When I was still doing IT Operations work, I dreamt of a day when a system could be secured and done so reliably during the installation process.  Sure, I had scripts and other tools at my disposal, but the problem with them was that there was not consensus that the actions I was taking to secure the server was actually correct.  Additionally, what happened if the checks and remediation steps that I was performing changed?  How long, if ever, would it take me to change my scripts?

With the advent of SCAP and the associated tools, achieving compliance during installation has never been easier.  Long gone are the worries that I used to have and I can now be sure that the systems I am installing are secure from the first time that they touch the network. Read the rest of this entry »

One of the strengths of OpenStack is that it exposes a very rich API that can be used to control every aspect of your cloud.  Likewise, one of the more intriguing ways of interacting with an OpenStack cloud is programatically.  There is a Ruby Gem named Fog that allows such interaction.  Details on the API methods that Fog provides support for can be found at http://fog.io/ – the website for Fog: The Ruby Cloud Services Library. Read the rest of this entry »

I was recently asked to show an example of how Windows Server 2012 running Internet Information Service (IIS) 8 can scale out in an OpenStack environment. I accepted the challenge and this post is the result.  To accomplish the task, I did a default install of an evaluation version of Windows Server 2012 and installed/configured IIS8 along with ASP.net support.  I then created a very simple web page that uses server variables and the current date an time to create some dynamic content.  Lastly, I installed the CloudBase Cloud-Init service so that Windows Server could talk to the OpenStack metadata service.  I hope you enjoy the video. Read the rest of this entry »

After a long delay (I was moving into a new house and work keeps me very busy) here is the second part of my post on creating scale out workloads in OpenStack using Heat and Ceilometer.  In part one, we broke down the different parts of the Heat template that we will be using in this part of the posting.  We also covered how I had images and software repos configured to support the WordPress website the template will be deploying.  In this part, we will deploy the application, or stack as it is called in OpenStack lingo, and look at different ways to monitor the application to see what is going on. Read the rest of this entry »

Recently, I have been spending a fair amount of time tinkering with Red Hat Enterprise Linux OpenStack Platform 5 (RHEL-OSP 5) which is Red Hat’s Icehouse based offering of OpenStack.  My goal was to learn how to get OpenStack to scale workloads up and down as needed.  Elasticity like this is one of the essential characteristics of cloud computing as defined by the National Institute of Science and Technology (NIST), and is one of the capabilities that OpenStack has that traditional data center virtualization systems typically don’t possess. Read the rest of this entry »

A lot of people are probably looking at all of the OpenStack offerings that are out there today and wondering “Which one should I use?”  or “What feature makes one company’s OpenStack better the others?”  One feature that causes Red Hat’s offering to stand out among the others is the inclusion of sVirt.  In the simplest terms, sVirt is SELinux for virtualization.  It implements Mandatory Access Controls to provide protection from potential attacks that could result in hosts or virtual machine instances being compromised.  Other Red Hat products take advantage of sVirt as well, including the stand alone KVM hypervisor that comes with Red Hat Enterprise Linux and Red Hat Enterprise Virtualization. Read the rest of this entry »

SCAP and Remediation

Posted: September 8, 2013 in Security
Tags: ,

Chances are if you are a security conscious server administrator that you have had to endure the hardship of locking down a server.  A lot of times the lockdown process consists of following a checklist and completing several hours of configuration changes, scans and more configuration changes.  You have probably also noticed that even with a detailed checklist, scans often reveal that no two server are configured in the same manner.  Fortunately, the work being done on the Security Configuration Automation Protocol (SCAP) and the SCAP Security Guide (SSG) is going to make your life easier.

The National Institute of Standards and Technology (NIST) is spearheading the use of SCAP and says it is “a synthesis of interoperable specifications derived from community ideas. Community participation is a great strength for SCAP, because the security automation community ensures the broadest possible range of use cases is reflected in SCAP functionality.”

In this post I am going to demonstrate how to install and use the OpenSCAP scanner along with content from the SCAP Security Guide (SSG) website to scan and secure a Red Hat Enterprise Linux 6 server.  If you decide to try this, do it on a test server since the configuration changes could affect your ability to access the server. Read the rest of this entry »

Back to Basics: Creating an RPM

Posted: August 27, 2013 in Software
Tags:

This upcoming Saturday, I will be at the Fredericksburg Linux Users Group (fredlug.info) presenting on the topic of Creating RPMs.  While not as flashy as the latest buzz in Cloud, application development or virtualization, it is a skill that can be used to package files in an easy to deploy format.  During the presentation, I will be covering what an RPM is and how to make a very simple RPM that contains exactly one executable file – kind of a spin on the ever popular “Hello World” test app.  I thought it would also be convenient to post the information that I am presenting here so that others can access it as well. Read the rest of this entry »

Over the past week, I noticed a few articles on new transportation projects that are focusing on using Open Source development techniques to create something new.  This time it isn’t software though and it isn’t a new piece of computer hardware either.  Instead the people running these projects are creating new ways to transport people.

First, there is John Nicol’s MakerPlane Open Source aircraft.  I met John about 9 months ago at a simulations conference and on his website, he states:

MakerPlane is an open source aviation organization which will enable people to build and fly their own safe, high quality, reasonable cost plane using advanced personal manufacturing equipment such as CNC mills and 3D printers.  Our  projects  include open source avionics software to enable state-of-the-art digital flight instruments and display capabilities.

Read the rest of this entry »