Blog
Using eBPF in unprivileged Pods
Extended Berkeley Packet Filter (eBPF) presents an attractive technology that Kubernetes applications can take advantage of, either to accelerate their packet processing needs (as an in kernel Fast Path) or as part of various monitoring and telemetry projects....
Introducing Enterprise Contract
You may have heard of sigstore and its container image verification tool, cosign. This blog post introduces a policy-driven workflow, Enterprise Contract, built on those technologies. Note: Red Hat’s Emerging Technologies blog includes posts that discuss...
Going to Red Hat Summit? Here’s where to find Red Hat Research and Emerging Technologies
Engineers and researchers from the Red Hat Research and Emerging Technologies groups will feature recent work and a glimpse of where open source technology will go next at the upcoming Red Hat Summit, May 23-25. Interactive sessions, hands-on labs, and demos include...
Keylime’s durable attestation makes security auditable
Remote attestation answers the (slightly paraphrased) question: “It’s 3pm, do you know what the systems in your data center are doing?” Going with this premise, durable attestation answers a similar question about 3pm yesterday. In this article we describe the...
Optimizing development with the time to merge tool
Organizations are dedicating significant resources to produce and distribute top-quality software at a more accelerated pace due to the growing competition in the software market (source). To achieve this goal, they use practices such as Continuous Integration (CI),...
Sustainability, the cloud native way
Sustainability has gained tremendous mindshare across the world. Energy conservation and CO2 emissions reductions are among the key initiatives for environmental sustainability. Since data centers contributed to as much as 1% global electricity usage there is a...
Running WebAssembly Workloads on Container Runtimes
WebAssembly (WASM) was designed as a binary instruction set that natively-compiled languages like C/C++ and Rust could use as a compilation target to be executed in a web browser. However, running WASM natively on the host outside the browser has unique...
The Hybrid Networking Stack
The battle between userspace networking and kernel networking has been ongoing since the dawn of high performance Data Plane Frameworks in 2010. With the transition of networking applications to the cloud-native paradigm, developers have had to weigh the benefits of...
Red Hat NEXT! 2022 Session Recap
If you missed the Red Hat NEXT! event back in September, or if you just want to refresh your memory on some of the amazing content that was presented there, here's a complete listing of all of the talks. Follow the links to see the recordings on the Red Hat Community...
Establishing a Secure Pipeline
In a recent post we walked through using Tekton and Cosign to build, sign and verify container images within Kubernetes. Red Hat utilizes OpenShift, signing and scanning in its own build systems to deliver release artifacts. Red Hat’s secure software delivery is...