Zero trust is becoming a norm as organizations look to enhance the security posture of their workloads in cloud environments. A core principle of the zero trust approach is the ability to prove and verify identity for all - whether these entities are inside or outside...
Hybrid Cloud
Istio ambient mode with Red Hat OpenShift
Istio ambient refers to a new mode for the Istio service mesh, the upstream project behind Red Hat OpenShift Service Mesh. This article provides an overview and some technical analysis of this emerging technology. Note that the ambient mode is currently in the alpha...
Using eBPF in unprivileged Pods
Extended Berkeley Packet Filter (eBPF) presents an attractive technology that Kubernetes applications can take advantage of, either to accelerate their packet processing needs (as an in kernel Fast Path) or as part of various monitoring and telemetry projects....
Going to Red Hat Summit? Here’s where to find Red Hat Research and Emerging Technologies
Engineers and researchers from the Red Hat Research and Emerging Technologies groups will feature recent work and a glimpse of where open source technology will go next at the upcoming Red Hat Summit, May 23-25. Interactive sessions, hands-on labs, and demos include...
Running WebAssembly Workloads on Container Runtimes
WebAssembly (WASM) was designed as a binary instruction set that natively-compiled languages like C/C++ and Rust could use as a compilation target to be executed in a web browser. However, running WASM natively on the host outside the browser has unique...
The Hybrid Networking Stack
The battle between userspace networking and kernel networking has been ongoing since the dawn of high performance Data Plane Frameworks in 2010. With the transition of networking applications to the cloud-native paradigm, developers have had to weigh the benefits of...
Red Hat NEXT! 2022 Session Recap
If you missed the Red Hat NEXT! event back in September, or if you just want to refresh your memory on some of the amazing content that was presented there, here's a complete listing of all of the talks. Follow the links to see the recordings on the Red Hat Community...
Establishing a Secure Pipeline
In a recent post we walked through using Tekton and Cosign to build, sign and verify container images within Kubernetes. Red Hat utilizes OpenShift, signing and scanning in its own build systems to deliver release artifacts. Red Hat’s secure software delivery is...
Signing Images
The release of Kubernetes 1.24 includes signed images, which highlights the importance of delivering secure images. Whether container images are being distributed to customers or run within your own datacenters, you must ensure that the assets within the software have...
Get Ready for Red Hat NEXT! 2022
Are you a CTO, CISO, CDO, or thought leader responsible for open source strategy for your company? If so, don’t miss out on Red Hat NEXT! This is Red Hat’s annual event for deep dives on all things Emerging Technologies, coming up on September 15th. This year’s...
FetchIt: Life-cycling and configuration of containers using GitOps and Podman
GitOps is a great solution for continuous delivery of Kubernetes applications, as it’s based on Git, a tool that many if not all developers are familiar with. Developers can manage deployed applications by storing their desired state in Git and reap the benefits, such...
The UOR Framework
Universal Object Reference (UOR) is a radically different approach to serverless and decentralized systems. The term “everything is an object” may be familiar to some. It is typically used to convey a fundamental object-oriented programming concept. We can also apply...
Developing Circuits Using the Qiskit Operator: Quantum on OpenShift, Part Two
Quantum computing is an emerging paradigm in computer science which aims to bridge gaps in problems that classical computers, meaning those that follow the traditional deterministic model of computing, have difficulty solving. Building off of our previous post,...
Collecting and Visualizing OpenTelemetry Traces
Note: Red Hat’s Emerging Technologies blog includes posts that discuss technologies that are under active development in upstream open source communities and at Red Hat. We believe in sharing early and often the things we’re working on, but we want to note that unless...
What’s Happening NEXT!
The Red Hat NEXT! conference is Red Hat’s annual event for deep dives on all things Emerging Technologies. Featuring a keynote from our CTO, Chris Wright, and breakout sessions on edge computing, cloud services, and security, this conference covers all of the most...
OpenTelemetry Tracing in Kubernetes Core
In this post, OpenTelemetry tracing and the OpenTelemetry Protocol (OTLP) is examined. As an example, the instrumentation required to generate and export OTLP traces from CRI-O is explained. CRI-O is an implementation of the Kubernetes Container Runtime Interface, and...
Improving Storage System Reliability with Open Data
This post describes an open data research collaboration between the Ceph open source project and the Red Hat AI Center of Excellence, with a goal of addressing a long-standing problem with preemptively predicting storage device failure in order to improve overall...
Introducing VolSync: your data, anywhere
Organizations face a challenging task of identifying and developing data storage, backup, recovery, and migration solutions for the enterprise. There are a wide variety of tools and solutions in the ecosystem that work well with traditional legacy-type environments,...
Bucket Caching for Kubernetes
Object storage systems can offer simple, scalable and cost-effective means of storing heterogeneous data sets. Traditionally, these systems have been designed for media, backup, and archive. However, the usage of object storage systems is increasingly expanding to...
Deploying Crossplane Providers with the Operator Lifecycle Manager
Crossplane is a project that strives to bring cloud infrastructure, services, and applications closer to your Kubernetes cluster in order to create a hybrid control plane. This goal is primarily achieved through the use of providers, which are standalone controllers...