How security has changed in the era of cloud computing

Technologies come and go, but one concept has remained at the forefront of IT conversations for decades: Security. While security remains a perennial top priority for IT departments, what it means to be secure, and the processes required, continue to change. Let's talk about how security, open source, and cloud computing can co-exist.

“DevOps Culture and Practice with OpenShift”: The experience-driven, real world guide to building empowered teams

With a wealth of information about DevOps adoption readily available on the market, a group of Red Hatters felt that some critical elements were missing—pieces they've found to be successful in their own work with customers adopting DevOps.

Technology is the cornerstone of DevOps adoption, but containers and Kubernetes need DevOps practices to maximize the business impact of modern application platforms. The team pivoted to focus not just on the technology, but on those practices and the role that people, process, and culture play in supporting the technology; a key change in approach that is imperative to success.

Introducing Node.js 17

Back in April, I gave an update on some of the news features in the Node.js 16 release. Today, I am happy to share that the Node.js community is releasing Node.js 17 and that next week Node.js 16 will be promoted to Long Term Support (LTS).

As per the Node.js release process, Node.js version 17 will not be promoted to LTS as only even versions get LTS. For production deployments, we recommended using Node.js 16, and focus on Node.js 17 to test and provide feedback on the new functionality and features to help pave the way for future releases. You can read more about the community release process here.

AlmaLinux Announces 'ELevate' For CentOS 7 to AlmaLinux 8 Migrations - FOSS Force

On Tuesday at the All Things Open conference in Raleigh, AlmaLinux’s community manager, Jack Aboutboul announced the ELevate project, which includes software and methods for migrating CentOS 7 deployments to AlmaLinux 8 without needing to do a lot of heavy lifting and shifting.

Actually, according to Aboutboul, ELevate capabilities aren’t confined to CentOS to AlmaLinux moves, but can be used help with all migrations between different Red Hat Enterprise Linux-based distributions, such as CentOS 7 to AlmaLinux 8, Oracle Linux 8, or Rocky Linux 8.

AlmaLinux Announces ELevate Project to Migrate or Upgrade Any Red Hat Enterprise Linux-based Distribution

Why IT automation training is a smart way to boost your career

However, the benefits of Red Hat Training and Certification also apply to individuals. Many IT professionals seek automation training on their own and find that it enhances their value to their company and their personal marketability. Take, for example, Christian Sandrini, an IT professional who was named the 2021 Red Hat Certified Professional of the Year. He has earned nearly a dozen Red Hat certifications, including the Red Hat Certified Specialist in Ansible Best Practices and the Red Hat Certified Specialist in Ansible Automation Platform.

Deploy a Java application using Helm, Part 1

To deploy enterprise Java applications with Red Hat JBoss Enterprise Application Platform (EAP) servers to Red Hat OpenShift, developers have usually needed to learn how to use OpenShift templates or Operators to specify Kubernetes and OpenShift resources such as build config, deployment, volume, environment variables, and application image. This article, the first of a two-part series, explains a simpler way to deploy an enterprise Java application to OpenShift using Helm charts, and how to connect the application to a PostgreSQL database.

IT hiring: 5 signs of a continuous learner | The Enterprisers Project

Deep into the digital transformation age, IT leaders recognize that change is the one constant. As a result, their hiring needs have shifted from seeking out those employees who are highly skilled in a single area to pursuing professionals who are capable of acquiring new aptitudes on an ongoing basis. Continuous learning is the name of the game.

“The pace of digital innovation across industries was already rapid, but COVID accelerated change,” says Charley Betzig, managing director, IT executive recruiting firm Heller Search Associates. “It is more important than ever to have continuous learners in positions of leadership. Companies need IT leaders who not only are on top of the most modern technology but are curious and creative around how those technologies can influence current business models or even create new ones.”

5 ways leaders can fight team burnout

Despite the uncertainty around COVID-19, the shift to remote work was, for many employees, a welcome departure from the in-office routine. However, as weeks turned into months, and months into a year, the downsides of remote work became clear for some people.

One example is the difficulty of delineating work from home life. With 24/7 connectivity and no commute, it can be challenging to separate the two. Many people find themselves working late into the evening and on weekends. Add in reduced staff and increased workloads, and burnout quickly becomes a reality: A Deloitte survey found that 77 percent of workers have experienced burnout.

MontaVista MVShield Support Now Available for Rocky Linux Baselines

MontaVista® Software, LLC, a leader in commercial Embedded Linux® products and services, today announced the immediate availability of MVShield support services for Rocky Linux. The Rocky Linux project was founded in late 2020, gathering immediate momentum since its inception with continued robust adoption during 2021.

Use and contribute to a new Open Source Cloud Guide

Today, at All Things Open, IBM is releasing the Open Source Cloud Guide, which highlights various use cases that are important in hybrid cloud environments, features the important open source projects in those areas, and discusses how various clouds are using open source in their offerings. By open sourcing the guide, developers are able to both use and contribute to the learnings and use cases

Announcing Cryostat 2.0: JDK Flight Recorder for containers

Cryostat is a container-native JVM application that provides a secure API for profiling and monitoring containers with JDK Flight Recorder (JFR). JDK Flight Recorder collects profiling and diagnostic data from applications using JFR events stored in binary flight recordings. When requested, Cryostat can retrieve, store, and analyze flight recordings from containerized Java virtual machines (JVMs) to assess overall application health. Users can download recording files and upload them to JDK Mission Control (JMC) or Grafana for further analysis.

This article introduces Cryostat and shares new features in the 2.0 release, including example use cases, tips for getting started, and additional release notes. For more information about Cryostat fundamentals, visit Introduction to Cryostat: JDK Flight Recorder for containers.

Kafka Monthly Digest: September 2021

Welcome to the 44th edition of the Kafka Monthly Digest. In this edition, I'll cover what happened in the Apache Kafka community in September 2021.

For last month’s digest, see Kafka Monthly Digest: August 2021 on IBM Developer.

Sensitive information detection using the NVIDIA Morpheus AI framework

The growth of cloud-native applications has driven an explosion of east-west network traffic within a datacenter where applications can create hundreds of thousands of network connections among virtual machines and containers. As a consequence, the ability to track, monitor, and secure a datacenter in a timely manner has risen above that of any individual or team, thus requiring the help of AI and machine learning (AI/ML) to enable ITOps, infrastructure security, and DevSecOps teams to manage the complexity of modern cloud-native applications and the underlying platforms.

Red Hat and NVIDIA have been working together to bring the security analytics capabilities of the NVIDIA Morpheus AI application framework to Red Hat infrastructure platforms for cybersecurity developers. This article provides a set of configuration instructions to Red Hat developers working on applications that use the NVIDIA Morpheus AI application framework and NVIDIA BlueField data processing units (DPUs) to secure interservice communication.

DevSecOps: 11 questions to ask about your security strategy now

It’s the fourth and final quarter of 2021, believe it or not. That makes it time for IT leaders to review and evaluate how things are going – and plan for 2022. Security sometimes gets left out of those conversations. We’re here to make sure that doesn’t happen, with an extensive list of questions worth asking as you assess your security posture and look for ways to improve.

We’ll start with a series of topics that are particularly relevant for teams that are considering or already implementing a DevSecOps strategy, then we’ll cover a series of fundamental questions worth asking in any organization – especially those currently struggling to modernize their security approach.

How Podman runs on Macs and other container FAQs | Enable Sysadmin

As the Podman machine function becomes more used—particularly on Macs—there have been many questions about how this all works. Some of what is tossed around on the internet is pure speculation, so this article aims to eliminate any speculation.

Many people do not realize that containers are really Linux. As such, Linux containers cannot run natively on macOS. Therefore, the containers must run in a Linux virtual machine (VM), and a Podman client interacts with that VM. This is in line with all solutions for running containers on macOS.

Reach your open source community with content marketing [Ed: IBM has totally lost direction; this is how they think of Free software...]

Both startups and more established firms are increasingly turning to content marketing as a way of reaching prospective customers.

However, corporate marketers often consider the open source software (OSS) community a challenge to reach. This article features ways your technology and content marketing teams can work together to target and reach the community around an OSS project your organization supports.

Why digital transformation demands a change in leadership mindset

Recently a key retail executive forecast that their industry will change more in the next five years than it has in the past fifty. Another executive believes society will change more in the next fifty years than it has in the last three hundred. A recent headline declared that, “We are approaching the fastest, deepest, most consequential technological disruption in history”, and Ray Kurzweil, Google’s Director of Engineering and co-Founder of Singularity University, has said that there will be fourteen internet size revolutions in the next decade. Whichever way you look at it, things are shifting… fast.

When you speak with the visionaries and entrepreneurs actually building the solutions of tomorrow, from on-demand retail to vertical farms, and ask how far into this new era we are, almost universally the reply is: “only one percent”. Imagine then, where we will be ten years from now? How about 50?

Major industries, from medicine to energy to travel to entertainment, are radically transforming, putting pressure on others such as manufacturing, construction, transportation, finance, education…frankly, all of it. What an extraordinary opportunity this presents.

DevSecOps lessons learned during a pandemic | The Enterprisers Project

As we’ve seen over the past year and a half, the pandemic has accelerated digital transformation and forever changed workplace culture. Increased reliance on digital tools has elevated the value of DevSecOps, as enterprises of all sizes and across all industries realize the importance of automating and integrating security at every phase of the software development lifecycle – from initial design through integration, testing, deployment, and product delivery.

My engineering team was no exception to this shift – we had to quickly prepare to build a new Virtana SaaS platform and deliver several new modules, all while working remotely.

Here I’ll share some observations, pain points, and lessons learned to help others intelligently embrace DevSecOps best practices within their teams.