Redhat

How to download Redhat Certification

Installation, Linux, Openshift, Redhat /

To Download the Redhat Certification, Follow the below steps : Step 1: Login to redhat.com Step 2 : Click on Certifications Step 3 : Click on Privacy Settings Under I want to be visible in search , click on Yes Step 4 : Login to credly.com If you do not have an account , create one Step 5 : Find your badge in the dashboard It may take even 24 hours to reflect in Dashboard , after enabling the option in redhat.com privacy settings

How to download Redhat Certification Read More »

What Is RedHat Certification?

Redhat /

Hi, Do you know about Redhat Certification that is so popular nowadays. In IT world all we hear about are the various Certification that a candidate has obtained and how it helped them to land in their dream job.So lets Understand what Redhat means and what are the Certifications they provide. The terms RHCSA,RHCE, RHCA comes usually pops up when you search for Redhat Certifications. Before we get into what those are let us get a overall jist of what these are all about. Almost everything starts with RHEL — A secure foundation of Linux that can run on Bare metal, Virtualized environment, Private clouds or public clouds . If you want to built out a private Cloud — Openstack is going to be your cup of tea . Ansible will help you to automate nearly everything from your application to servers to network to storage. This helps take away cost from your system, is fast and more secure. Now when we talk about Managing — Cloudform allows you to manage Applications in your environment in Private as well as public cloud. Then as we start to build the applications — new or existing applications — that is where Containers comes into play . And Redhat has the no.1 Container Portfolio ,It starts with Openshift — This allows to deploy the containers in the private cloud as well as the public cloud. Like the foundation in a building with consistent operating model across a multi cloud environment . To control the applications comes the Middleware portfolio — for Java application, integration services, api gateways — these really allows developer to be super productive Now if you put all this together and you know its opensource and supported by Redhat , its going to be always secure and delivers a great portfolio RHCSA — Redhat Certified System Administrate This is the entry level Certification that Redhat provides This is the most successful Certification that Redhat has 6 months experience with Linux is an added advantage Basic Knowledge on Linux Fundamental RHEL Version 8 — (Red Hat Enterprise Linux )is the upgarded version After RHCSA you can become a RHCE RHCE- Redhat Certified Engineer Its about — ANSIBLE — Data center Automation It is not Linux — its a Linux based product that helps to manage Linux environment with other environments Lot of Ansible is found in Networking Environment — which could be used to manage instances in cloud , to manage network devices and windows The next Certification is the Redhat Certified Architect — RHCA To become a RHCA — you need to take 5 exams. These exams are about Performance optimisation Troubleshooting Openshift Security Advanced Ansible Openstack For each of the 5 exams a Certificate of Expertise is provided, it will add to your resume . Once all the 5 exams are taken you become a RHCA Tips to pass Redhat Exams Take a Redhat Certification Course Look up for Exam Objectives Get real time training Mock Exams Rest before your Exam For a great learning experience get in touch with CubenSquare.com , where complete guidance is given in terms of Training, Certification and Placement.

What Is RedHat Certification? Read More »

Redhat Openshift 4.10

Redhat /

WHAT’S NEW IN OPENSHIFT 4.10 New Updates Openshift Sandboxed Containers New Compliance Profiles Additional Infrastructure Providers and ARM Streamlined Disconnected Clusters More Powerful Tools for Seamless Upgrades OpenShift on Bare Metal MetalLB with BGP mode OpenShift Virtualization Brings Together Virtual Machines and Containers Test the Latest in OpenShift Serverless A Smarter OpenShift Console https://youtu.be/X5BwzjTIPe0   New users can accomplish the following tasks through the Getting Started: Create a project Grant view permissions Deploy a container image from Quay Examine and scale an application Deploy a Python application from GitHub Connect to a database from Quay Create a secret Load and view your application FEATURES The following features are supported for OpenShift Container Platform on ARM: OpenShift Cluster Monitoring RHEL 8 Application Streams OVNKube Elastic Block Store (EBS) for AWS AWS .NET applications NFS storage on bare metal The following Operators are supported for OpenShift Container Platform on ARM: Node Tuning Operator Node Feature Discovery Operator Cluster Samples Operator Cluster Logging Operator Elasticsearch Operator Service Binding Operator

Redhat Openshift 4.10 Read More »

homework, education, exam-8533767.jpg

Redhat Remote Exam Preparation — CubenSquare

Redhat /

Getting Ready for your Red Hat remote exam System Requirements Computer:​ You will need a computer with a single active monitor. Red Hat Supports many Intel compatible X86_64-bit architecture computers. USB:​ One USB Drive (2.0 or higher) with at least 8 GB capacity. NOTE: The entire disk will be overwritten, so make sure you have saved any contents you may have on the disk before following the procedure for creating thelive exam environment. USB Hub​: ​One wired USB hub is allowed if a hub is needed to accommodate permitted peripheral devices as described below. Hard Drive:​ A hard drive with free storage capacity of at least 4 GB (for Live USB creation only). Mouse:​ A wired ​mouse is optional but recommended.​ A wireless mouse is not allowed. A wired mouse is required if you use a laptop in a closed and docked mode as described below. Keyboard: Only one keyboard is allowed for the exam. If you wish to use an external, wired keyboard with your laptop, you will have to use the laptop closed and docked. This will require the use of an external monitor and wired mouse as well. Wireless keyboards are not permitted. Webcam:​ One external webcam with at least a 1m cable. Monitors:​ Only one physical display will be allowed for the exam. Connecting an external monitor to a laptop: you are only allowed to use one monitor, one keyboard and one external mouse. If you chose to connect an external monitor to your laptop, the laptop lid must be closed throughout the duration of the exam session. You will be required to use a wired keyboard and a wired mouse. Sound and microphone:​ A working microphone is required. Verify that the audio and microphone are not set on mute prior to the exam. Operating system:​ N/A Firewalls:​ Firewalls that allow normal web activities will typically work. More restrictive firewalls that limit outgoing access and that require additional authentication may cause problems. Most firewall issues will show up when you run the compatibility test. RAM:​ Minimum 4GB of RAM are required. Internet connection speed:​ Download speed requirements are 768Kbps and upload speed requirements are 512Kbps. Network connection:​ Unless it is physically not possible, a wired network connection should be used, not wireless, to ensure the most reliable delivery of your exam. Laptop battery:​ If using a laptop, please ensure that the built-in battery is fully charged just in case there is an interruption of power. Do not rely on the battery as the principal power source. Power:​ Recommended to use an uninterrupted power supply (UPS) for your computer, external monitor (if used) and networking equipment to maintain internet connectivity during power outages. Create a Remote Exam Bootable Live USB Download the Remote Exam Bootable Live USB​ from ​here > https://static.redhat.com/downloads/training-certification/rhrexboot.iso and save it in the local hard drive. Connect the USB drive​ intended for creation of Live USB Download and install​ > http://s.bl-1.com/h/cRvkm70t?url=https://getfedora.org/en/workstation/download/ — to download ​ and install Fedora Media Writer. Use the Fedora Media Writer​ to write the downloaded .iso file to your USB drive. Launch Fedora Media Writer from the list of installed programs Select Custom Image. Navigate to the bootable live usb image (.iso) stored in your computer, click on Open’ and bring up the ‘Write Custom Image’ window. If you have a USB drive connected to your computer, Fedora Media Writer will display that as the target device to create a bootable image. ​ Note:​ Fedora Media Writer destroys all data on the USB stick while creating a Live USB media. We recommend you back up the contents of your USB drive beforehand. Select ‘Write To Disk’ to initiate the Live USB creation process. The ‘Write Custom Image’ window should identify the connected USB drive. 5. Close the window​ once the writing process is completed 6. Boot to the Remote Exam Bootable Live USB​ Booting to the Remote Exam Live USB Connect all the external devices you will be using during the remote exam to your computer before booting. These may include: – The remote exam LiveUSB, an external wired webcam, network cable (unless you plan on using wifi) and a wired mouse (optional) for laptops – The remote exam LiveUSB, an external wired webcam, network cable, wired keyboard and wired mouse for desktops -The remote exam LiveUSB, an external wired webcam, network cable, wired keyboard, wired mouse and external monitor for laptops with external display. – You will need to keep the laptop lid closed if an external display is used. Restart your computer/Mac and go to the boot menu. Select your boot device as USB drive Note: Boot menu is available in most computers to select the boot device temporarily without entering the BIOS Setup Utility. Depending on your hardware, the keystroke to enter the boot menu at start up may differ. The typical keys used for various brands of computers are, but not limited to the following: F12 — for most Lenovo, Dell, and Toshiba laptop models ESC and F9 for HP Look at the splash screen when your computer starts to know the key to interrupt the booting process and enter the temporary boot menu. For Mac systems, press and hold the Option ( ) or Alt key to access the start up manager and select the boot device. 3. Review boot order selection screen. An example of a typical Macintosh boot screen is as follows. Select any of the EFI boot icons. 4. Wait for the image to load 5. Allow the LiveUSB resources to be loaded to the random access memory. 6. Remove the USB drive and click Ok. 7. Use the settings page to make changes, such as mouse and touchpad speed, region and language, and sound levels. The hamburger button next to “settings” provides a list of available keyboard shortcuts. 8. Adjust display resolution. If the default resolution of your screen is higher than 1920*1080, we recommend adjusting it to 1920*1080 for better screen readability inside the exam environment. Leave the settings as is if the default screen resolution is less than 1920*1080. 9. Adjust the mouse/touchpad settings per your

Redhat Remote Exam Preparation — CubenSquare Read More »

conference, workshop, iphone-3677032.jpg

Red Hat Certified Specialist in OpenShift Automation and Integration exam – EX380

3 Comments / Redhat /

Exam description The Red Hat Certified Specialist in OpenShift Automation and Integration exam (EX380) tests the knowledge, skills, and ability to plan, implement, and manage large-scale OpenShift Container Platform deployments in the enterprise. By passing this exam, you become a Red Hat Certified Specialist in OpenShift Automation and Integration that also counts towards earning a Red Hat Certified Architect (RHCA®). Objectives listed for this exam are based on the most recent Red Hat product version available. Click “Get started” to view all versions of this exam available for purchase. The skills and knowledge associated with this exam can be applied to both self-managed editions of OpenShift as well as managed services editions like Red Hat OpenShift on AWS (ROSA) and Azure Red Hat OpenShift. Audience for this exam Cluster engineers (systems administrators, cloud administrators, or cloud engineers) focused on planning, designing, and implementing production-grade OpenShift clusters. Cluster engineers require automation skills to scale their manpower to provision and manage an increasing population of clusters, applications, and users, at the same time ensuring these clusters remain in compliance with corporate standards. Site reliability engineers (SREs) focused on keeping OpenShift clusters and applications running without disruption. SREs are interested in troubleshooting infrastructure and application issues with OpenShift clusters and require automation skills to reduce the time to identify, diagnose, and remediate issues. Prerequisites for this exam Take our free assessment to find the course that best supports your preparation for this exam. Red Hat OpenShift Administration II: Operating a Production Kubernetes Cluster (DO280) and  Red Hat OpenShift Administration III: Scaling Kubernetes Deployments in the Enterprise (DO380) In preparation Study points for the exam To help you prepare, the exam objectives highlight the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance. As part of this exam, you should be able to perform these tasks: Deploy Kubernetes applications on OpenShift Assemble an application from Kubernetes components Understand and use Kustomize Use an image stream with a Kubernetes deployment Configure and automate OpenShift tasks Create a simple script to automate a task Deploy an existing script to automate a task Troubleshoot and correct a script Understand and query the REST API using CLI tools Create a custom role Create a cron job Create a simple Ansible playbook Work with and manage OpenShift Operators Install an operator Update an operator Delete an operator Subscribe an operator Troubleshoot an operator Work with registries Pull/push content from remote registries Tag images in remote registries Implement GitOps with Jenkins Deploy a Jenkins master Create a Jenkins pipeline to remediate configuration drift Configure Enterprise Authentication Configure an LDAP identity provider Configure RBAC for an LDAP provided user account Synchronize OpenShift groups with LDAP Understand and manage ingress Use the oc route command to expose services Understand how ingress components relate to OpenShift deployments and projects Configure trusted TLS Certificates Work with certificates using the web and CLI interfaces Renew and apply a certificate Work with machine configurations Understand MachineConfig object structure Create custom machine configurations Configure Dedicated Node Pools Add a worker node Create custom machine config pools Configure Persistent Storage Provision shared storage for applications Provision block storage Configure and use storage quotas, classes, and policies Troubleshoot storage issues Manage Cluster Monitoring and Metrics Manage OpenShift alerts Use monitoring to troubleshoot cluster issues Provision and Inspect Cluster Logging Deploy cluster logging Query cluster logs Diagnose cluster logging problems Recover Failed Worker Nodes Diagnose worker node failures Recover a node that has failed Preparation Red Hat encourages you to consider taking Red Hat OpenShift Administration II: Operating a Production Kubernetes Cluster (DO280) and  Red Hat OpenShift Administration III: Scaling Kubernetes Deployments in the Enterprise (DO380) help prepare for this exam.  Attendance in these classes is not required; students can choose to take just the exam. While attending Red Hat classes can be an important part of your preparation, attending class does not guarantee success on the exam. Previous experience, practice, and native aptitude are also important determinants of success. Many books and other resources on system administration for Red Hat products are available. Red Hat does not endorse any of these materials as preparation guides for exams. Nevertheless, you may find additional reading helpful to deepen your understanding. Exam format This exam consists of a single section lasting three hours.  The exam is a performance based evaluation of candidates’ abilities to implement and manage tasks related to large-scale OpenShift Container Platform deployments in the enterprise.   Candidates perform a number of routine tasks associated with automation and integration similar to those they would be expected to perform in a large-scale OpenShift Container Platform environment and are evaluated on whether those tasks meet specific objective criteria. Scores and reporting Official scores for exams come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 3 U.S. business days. Exam results are reported as total scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request. You are eligible for one exam retake if you are unsuccessful on your first attempt. For more information please read our Training Policies page

Red Hat Certified Specialist in OpenShift Automation and Integration exam – EX380 Read More »

studying, exams, preparation-951818.jpg

EX200 Red Hat Certified System Administrator (RHCSA) exam

122 Comments / Redhat /

Overview Exam description The performance-based Red Hat Certified System Administrator (RHCSA) exam (EX200) tests your knowledge in areas of system administration common across a wide range of environments and deployment scenarios. The skills tested in this exam are the foundation for system administration across all Red Hat® products. By passing this exam, you become a Red Hat Certified System Administrator. If you choose to continue your learning journey beyond RHCSA, the credential can also serve as a foundational step on your path toward our highest level of certification—Red Hat Certified Architect. Objectives listed for this exam are based on the most recent Red Hat product version available. Click “Get started” to view all versions of this exam available for purchase. Audience for this exam Experienced Red Hat Enterprise Linux system administrators seeking validation of their skills Students who have attended Red Hat System Administration I (RH124) and Red Hat System Administration II (RH134) and are on the path to becoming an RHCSA Experienced Linux system administrators who require a certification either by their organization or based on a mandate (DoD 8570 directive) IT professionals who are on the path to becoming a Red Hat Certified Engineer (RHCE) An RHCE who is noncurrent or who is about to become noncurrent and wants to recertify as an RHCE DevOps professionals who wish to demonstrate their expertise with the fundamentals of container technology Prerequisites for this exam Have either taken Red Hat System Administration I (RH124) and Red Hat System Administration II (RH134) or the RHCSA Rapid Track course (RH199) that combines those courses, or have comparable work experience as a system administrator on Red Hat Enterprise Linux Review the Red Hat Certified System Administrator exam (EX200) objectives Take our free assessment to find the course that best supports your preparation for this exam. Objectives Study points for the exam RHCSA exam candidates should be able to accomplish the tasks below without assistance. These have been grouped into several categories. Understand and use essential tools Access a shell prompt and issue commands with correct syntax Use input-output redirection (>, >>, |, 2>, etc.) Use grep and regular expressions to analyze text Access remote systems using SSH Log in and switch users in multiuser targets Archive, compress, unpack, and uncompress files using tar, gzip, and bzip2 Create and edit text files Create, delete, copy, and move files and directories Create hard and soft links List, set, and change standard ugo/rwx permissions Locate, read, and use system documentation including man, info, and files in /usr/share/doc Create simple shell scripts Conditionally execute code (use of: if, test, [], etc.) Use Looping constructs (for, etc.) to process file, command line input Process script inputs ($1, $2, etc.) Processing output of shell commands within a script Operate running systems Boot, reboot, and shut down a system normally Boot systems into different targets manually Interrupt the boot process in order to gain access to a system Identify CPU/memory intensive processes and kill processes Adjust process scheduling Manage tuning profiles Locate and interpret system log files and journals Preserve system journals Start, stop, and check the status of network services Securely transfer files between systems Configure local storage List, create, delete partitions on MBR and GPT disks Create and remove physical volumes Assign physical volumes to volume groups Create and delete logical volumes Configure systems to mount file systems at boot by universally unique ID (UUID) or label Add new partitions and logical volumes, and swap to a system non-destructively Create and configure file systems Create, mount, unmount, and use vfat, ext4, and xfs file systems Mount and unmount network file systems using NFS Configure autofs Extend existing logical volumes Create and configure set-GID directories for collaboration Diagnose and correct file permission problems Deploy, configure, and maintain systems Schedule tasks using at and cron Start and stop services and configure services to start automatically at boot Configure systems to boot into a specific target automatically Configure time service clients Install and update software packages from Red Hat Network, a remote repository, or from the local file system Modify the system bootloader Manage basic networking Configure IPv4 and IPv6 addresses Configure hostname resolution Configure network services to start automatically at boot Restrict network access using firewall-cmd/firewall Manage users and groups Create, delete, and modify local user accounts Change passwords and adjust password aging for local user accounts Create, delete, and modify local groups and group memberships Configure superuser access Manage security Configure firewall settings using firewall-cmd/firewalld Manage default file permissions Configure key-based authentication for SSH Set enforcing and permissive modes for SELinux List and identify SELinux file and process context Restore default file contexts Manage SELinux port labels Use boolean settings to modify system SELinux settings Diagnose and address routine SELinux policy violations Manage containers Find and retrieve container images from a remote registry Inspect container images Perform container management using commands such as podman and skopeo Build a container from a Containerfile Perform basic container management such as running, starting, stopping, and listing running containers Run a service inside a container Configure a container to start automatically as a systemd service Attach persistent storage to a container Preparation Red Hat encourages you to consider taking Red Hat System Administration I (RH124) and Red Hat System Administration II (RH134) to help prepare. Attendance in these classes is not required; you can choose to take just the exam. While attending Red Hat classes can be an important part of your preparation, attending class does not guarantee success on the exam. Previous experience, practice, and native aptitude are also important determinants of success. Many books and other resources on system administration for Red Hat products are available. Red Hat does not endorse any of these materials as preparation guides for exams. Nevertheless, you may find additional reading helpful to deepen your understanding. Exam format The Red Hat Certified System Administrator (RHCSA) exam is a hands-on, practical exam that requires you to undertake real-world tasks. Internet access is not provided during the in-person

EX200 Red Hat Certified System Administrator (RHCSA) exam Read More »

to read the book, library, reading room-2784895.jpg

EX280 V1.12 Study Point for the exam

4 Comments / Redhat /

Overview The Red Hat Certified OpenShift Administrator exam (EX280) tests the knowledge, skills, and ability to create, configure, and manage a cloud application platform using Red Hat OpenShift Container Platform. By passing this exam, you become a Red Hat Certified OpenShift Administrator that also counts towards earning a Red Hat Certified Architect (RHCA®). Objectives listed for this exam are based on the most recently released version of the exam. Once you have purchased the exam you may have older versions available. Audience for this exam System and Software Architects who need an understanding of the features and functionality of an OpenShift Container Platform cluster. System Administrators who need to support the initial establishment of an OpenShift cluster. Cluster Operators who need to support ongoing maintenance of an OpenShift cluster. Site Reliability Engineers who need to support the ongoing maintenance and troubleshooting of an OpenShift cluster. System administrators who want to demonstrate their OpenShift Container Platform skills Red Hat Certified Engineers who wish to become a Red Hat Certified Architect (RHCA) System administrators or developers who are working in a DevOps environment using Red Hat OpenShift Container Platform Prerequisites for this exam Candidates for this exam should: Have taken Red Hat System Administration I (RH124) or have comparable experience. Red Hat Certified System Administrator (RHCSA) is strongly recommended but not required. Have taken Red Hat OpenShift Administration I: Containers & Kubernetes (DO180) course or have comparable work experience using OpenShift Container Platform Have taken Red Hat OpenShift Administration II: Operating a Production Kubernetes Cluster (DO280) course or have comparable work experience using OpenShift Container Platform Review the Red Hat Certified OpenShift Administrator exam (EX280) objectives Experience with container technology is recommended Take our free assessment to find the course that best supports your preparation for this exam Objectives In preparation Study points for the exam As with all Red Hat performance-based exams, configurations must persist after reboot without intervention. Manage OpenShift Container Platform Use the web console to manage and configure an OpenShift cluster Use the command-line interface to manage and configure an OpenShift cluster Query, format, and filter attributes of Kubernetes resources Import, export, and configure Kubernetes resources Locate and examine container images Create and delete projects Examine resources and cluster status View logs Monitor cluster events and alerts Assess the health of an OpenShift cluster Troubleshoot common container, pod, and cluster events and alerts Use product documentation Deploy Applications Deploy applications from resource manifests Use Kustomize overlays to modify application configurations Deploy applications from images, OpenShift templates, and Helm charts Deploy jobs to perform one-time tasks Manage application deployments Work with replica sets Work with labels and selectors Configure services Expose both HTTP and non-HTTP applications to external access Work with operators such as MetalLB and Multus Manage access to container image registry servers Configure projects to use private registries as container image sources Configure clusters to use trusted image sources Expose the OpenShift internal registry Manage Storage for Application Configuration and Data Create and use secrets Create and use configuration maps Provision Persistent Storage volumes for block and file-based data Use storage classes Manage non-shared storage with StatefulSets Configure Applications for Reliability Configure and use health probes Reserve and limit application compute capacity Scale applications to meet increased demand Manage Application Updates Identify images using tags and digests Roll back failed deployments Manage image streams Use triggers to manage images Manage Authentication and Authorization Configure the HTPasswd identity provider for authentication Create and delete users Modify user passwords Create and manage groups Modify user and group permissions Configure Network Security Configure networking components Troubleshoot software defined networking Create and edit external routes Control cluster network ingress Secure external and internal traffic using TLS certificates Configure application network policies Enable Developer Self-Service Configure cluster resource quotas Configure project quotas Configure project resource requirements Configure project limit ranges Configure project templates Manage OpenShift Operators Install an operator Delete an operator Configure Application Security Configure and manage service accounts Run privileged applications Create service accounts Manage and apply permissions using security context constraints Create and apply secrets to manage sensitive information Configure application access to Kubernetes APIs Configure Kubernetes CronJobs Update OpenShift Update an OpenShift cluster Identify deprecated Kubernetes API usage Update OpenShift Operators What you need to know Preparation Red Hat encourages you to consider taking Red Hat OpenShift Administration I: Containers & Kubernetes and Red Hat OpenShift Administration II: Operating a Production Kubernetes Cluster to help prepare. Attendance in these classes is not required; students can choose to take just the exam. While attending Red Hat classes can be an important part of your preparation, attending class does not guarantee success on the exam. Previous experience, practice, and native aptitude are also important determinants of success. Many books and other resources on system administration for Red Hat products are available. Red Hat does not endorse any of these materials as preparation guides for exams. Nevertheless, you may find additional reading helpful to deepen your understanding. Exam format This exam is a performance-based evaluation of skills and knowledge required to configure and manage a cloud application platform. Candidates perform routine configuration and administrative tasks using Red Hat OpenShift Container Platform and are evaluated on whether they have met specific objective criteria. Performance-based testing means that candidates must perform tasks similar to what they perform on the job.

EX280 V1.12 Study Point for the exam Read More »

volkswagon, vw, car wallpapers-698531.jpg

Openshift Tools used by Volkswagen

917 Comments / Openshift, Redhat /

Volkswagen has used a variety of tools available in OpenShift to build and deploy its digital services, including: Source-to-Image (S2I): Volkswagen has used S2I to create container images from source code automatically. S2I eliminates the need to create Dockerfiles manually and allows developers to focus on writing code rather than managing containers. Operators: Volkswagen has used Operators to manage and automate the deployment of its applications on OpenShift. Operators provide a way to package, deploy, and manage applications in a standardized way across different teams and environments. Service Mesh: Volkswagen has used Service Mesh, a set of tools and technologies to manage microservices-based applications running on OpenShift. Service Mesh provides capabilities like traffic management, security, and observability, making it easier for Volkswagen to deploy and manage complex microservices-based applications. OpenShift Pipelines: Volkswagen has used OpenShift Pipelines to automate the build, test, and deployment of its applications. OpenShift Pipelines provides a standardized and automated way to build and deploy applications, which helps Volkswagen to reduce errors and accelerate the delivery of new features. Container Security: Volkswagen has used the built-in container security features in OpenShift to ensure that its applications are secure and compliant with industry standards. OpenShift provides container image scanning and vulnerability assessment tools, which helps Volkswagen to identify and mitigate security risks in its applications. The use of OpenShift tools has helped Volkswagen to automate and standardize its application development and deployment process, while also ensuring high levels of security and compliance. Here are some additional details on how Volkswagen is using OpenShift: Multi-Cloud Deployment: Volkswagen is using OpenShift to deploy its applications on multiple clouds, including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). OpenShift’s multi-cloud capabilities allow Volkswagen to leverage the benefits of different cloud providers while still maintaining a consistent and standardized deployment environment. DevOps Transformation: Volkswagen has been undergoing a DevOps transformation, and OpenShift is a key part of that effort. By adopting a container-based architecture on OpenShift, Volkswagen has been able to improve the speed and agility of its development teams, while also maintaining a high level of quality and security. Continuous Integration and Deployment (CI/CD): Volkswagen is using OpenShift’s built-in CI/CD capabilities to automate the deployment of its applications. OpenShift Pipelines, which is based on the Tekton framework, provides a standardized and automated way to build, test, and deploy applications, which helps Volkswagen to reduce errors and accelerate the delivery of new features. Hybrid Cloud Management: Volkswagen is using OpenShift to manage its hybrid cloud environment, which includes both on-premises and cloud-based infrastructure. OpenShift’s hybrid cloud capabilities allow Volkswagen to manage its infrastructure consistently across different environments, which helps to improve operational efficiency and reduce complexity. Partner Ecosystem: Volkswagen has partnered with Red Hat, the company behind OpenShift, to leverage its expertise and support in deploying and managing OpenShift at scale. Red Hat’s ecosystem of partners and integrations also allows Volkswagen to extend the capabilities of OpenShift and integrate with other tools and systems in its technology stack. Overall, Volkswagen’s adoption of OpenShift demonstrates the benefits of using container-based architectures and DevOps practices in enterprise environments. By leveraging OpenShift’s capabilities, Volkswagen has been able to improve the speed, agility, and quality of its software development efforts, while also maintaining a high level of security and compliance.

Openshift Tools used by Volkswagen Read More »

walt disney world, disney world, disney-239144.jpg

Walt Disney and Redhat Linux

14 Comments / Linux, Redhat /

Walt Disney The Walt Disney Company is a global entertainment company that was founded in 1923 by Walt Disney and his brother Roy. It is best known for its iconic characters such as Mickey Mouse, Donald Duck, and Goofy, as well as its animated films and theme parks. Today, the company is a multinational conglomerate with interests in film, television, theme parks, and more, and is one of the world’s largest media companies Redhat Linux Red Hat Linux is a popular distribution of the Linux operating system. Red Hat Linux is known for its stability, security, and scalability, making it a popular choice for enterprise environments. It also offers enterprise-level support and services, including updates and patches Walt Disney and Redhat Linux Red Hat Linux in the entertainment industry is its use by the Walt Disney Company. The Walt Disney Company has a long history of using open-source software, including Linux, to power its animation and special effects workflows. In particular, the Walt Disney Animation Studios (WDAS) has been using Linux for over a decade. The studio’s production pipeline relies heavily on Linux-based tools such as Autodesk Maya, Nuke, and Houdini for tasks such as modeling, animation, and compositing. To manage its Linux-based infrastructure, WDAS turned to Red Hat Enterprise Linux. The use of Red Hat Enterprise Linux allowed the studio to standardize its infrastructure, improve security, and increase efficiency. It also enabled WDAS to take advantage of Red Hat’s enterprise support and services, which helped the studio to quickly resolve any issues that arose. In addition, Red Hat’s open-source philosophy aligned with WDAS’s culture of collaboration and innovation. The use of open-source software allowed WDAS to customize and optimize its production pipeline to meet its specific needs, while also contributing back to the open-source community. Overall, the use of Red Hat Linux by the Walt Disney Company highlights the benefits of open-source software in the entertainment industry. It demonstrates how open-source solutions can provide a cost-effective and customizable platform for managing critical workloads such as animation and special effects, while also enabling collaboration and innovation.

Walt Disney and Redhat Linux Read More »

workplace, wallpaper 4k, office-2303851.jpg

CIS Benchmarks for Linux Systems

3,629 Comments / Linux, Redhat /

Objective: Below are the standard Guidelines as per the CIS Benchmarking standard to adopt a secure Configuration posture for Linux Systems running on x86 and x64 platforms. This benchmark is intended for system and application administrators, security specialists, auditors, helpdesk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate Linux on the x86 or x64 platform.   About CIS Benchmarks: CIS Benchmarks are a set of guidelines and best practices for securing IT systems, networks, and infrastructure. They are developed by the Center for Internet Security (CIS), a global non-profit organization. CIS Benchmarks are free to the public and are used by thousands of businesses. Note: It is advisable to verify root users’ path integrity and the integrity of any programs being run prior to the execution of commands and scripts. –> Disable unused filesystems Ensure mounting of cramfs filesystems is disabled Ensure mounting of freevxfs filesystems is disabled Ensure mounting of jffs2 filesystems is disabled Ensure mounting of hfs filesystems is disabled Ensure mounting of hfsplus filesystems is disabled Ensure mounting of squashfs filesystems is disabled Ensure mounting of udf filesystems is disabled Ensure mounting of FAT filesystems is limited Ensure /tmp is configured Ensure nodev option set on /tmp partition Ensure nosuid option set on /tmp partition Ensure noexec option set on /tmp partition Ensure separate partition exists for /var Ensure separate partition exists for /var/tmp Ensure nodev option set on /var/tmp partition Ensure nosuid option set on /var/tmp partition Ensure noexec option set on /var/tmp partition Ensure separate partition exists for /var/log Ensure separate partition exists for /var/log/audit Ensure separate partition exists for /home Ensure nodev option set on /home partition Ensure nodev option set on /dev/shm partition Ensure nosuid option set on /dev/shm partition Ensure noexec option set on /dev/shm partition Ensure nodev option set on removable media partitions Ensure nosuid option set on removable media partitions Ensure noexec option set on removable media partitions Ensure sticky bit is set on all world-writable directories Disable Automounting Disable USB Storage  –> Configure Software Updates Ensure package manager repositories are configured Ensure GPG keys are configured Filesystem Integrity Checking Ensure AIDE is installed Ensure filesystem integrity is regularly checked Secure Boot Settings Ensure permissions on bootloader config are configured Ensure bootloader password is set Ensure authentication required for single user mode Ensure interactive boot is not enabled  –> Additional Process Hardening Ensure core dumps are restricted Ensure XD/NX support is enabled Ensure address space layout randomization (ASLR) is enabled Ensure prelink is disabled Mandatory Access Control Ensure login and logout events are collected Ensure session initiation information is collected Ensure discretionary access control permission modification events are collected Ensure unsuccessful unauthorized file access attempts are collected Ensure use of privileged commands is collected Ensure successful file system mounts are collected Ensure file deletion events by users are collected Ensure changes to system administration scope (sudoers) is collected Ensure system administrator actions (sudolog) are collected Ensure kernel module loading and unloading is collected Ensure the audit configuration is immutable  –>Configure Logging Configure rsyslog Ensure rsyslog is installed Ensure rsyslog Service is enabled Ensure logging is configured Ensure rsyslog default file permissions configured Ensure rsyslog is configured to send logs to a remote log host Ensure remote rsyslog messages are only accepted on designated log hosts.  –>Configure journald Ensure journald is configured to send logs to rsyslog Ensure journald is configured to compress large log files Ensure journald is configured to write logfiles to persistent disk Ensure permissions on all logfiles are configured Ensurelogrotate is configured Access, Authentication and Authorization  –> Configure cron Ensure cron daemon is enabled Ensure permissions on /etc/crontab are configured Ensure permissions on /etc/cron.hourly are configured Ensure permissions on /etc/cron.daily are configured Ensure permissions on /etc/cron.weekly are configured Ensure permissions on /etc/cron.monthly are configured Ensure permissions on /etc/cron.d are configured Ensure at/cron is restricted to authorized users  –> SSH Server Configuration Ensure permissions on /etc/ssh/sshd_config are configured Ensure permissions on SSH private host key files are configured Ensure permissions on SSH public host key files are configured Ensure SSH Protocol is set to 2 Ensure SSH LogLevel is appropriate Ensure SSH X11 forwarding is disabled Ensure SSH MaxAuthTries is set to 4 or less Ensure SSH IgnoreRhosts is enabled Ensure SSH HostbasedAuthentication is disabled Ensure SSH root login is disabled Ensure SSH PermitEmptyPasswords is disabled Ensure SSH PermitUserEnvironment is disabled Ensure only strong Ciphers are used Ensure only strong MAC algorithms are used Ensure only strong Key Exchange algorithms are used Ensure SSH Idle Timeout Interval is configured Ensure SSH LoginGraceTime is set to one minute or less Ensure SSH access is limited Ensure SSH warning banner is configured Ensure SSH PAM is enabled Ensure SSH AllowTcpForwarding is disabled Ensure SSH MaxStartups is configured Ensure SSH MaxSessions is set to 4 or less –> Configure PAM Ensure password creation requirements are configured Ensure lockout for failed password attempts is configured Ensure password reuse is limited Ensure password hashing algorithm is SHA-512 –> User Accounts and Environment –> Set Shadow Password Suite Parameters Ensure password expiration is 365 days or less Ensure minimum days between password changes is 7 or more Ensure password expiration warning days is 7 or more Ensure inactive password lock is 30 days or less Ensure all users last password change date is in the past Ensure system accounts are secured Ensure default group for the root account is GID 0 Ensure default user umask is 027 or more restrictive Ensure default user shell timeout is 900 seconds or less Ensure root login is restricted to system console Ensure access to the su command is restricted –> System Maintenance System File Permissions Audit system file permissions Ensure permissions on /etc/passwd are configured Ensure permissions on /etc/shadow are configured Ensure permissions on /etc/group are configured Ensure permissions on /etc/gshadow are configured Ensure permissions on /etc/passwd-are configured Ensure permissions on /etc/shadow-are configured Ensure permissions on /etc/group-are configured Ensure permissions on /etc/gshadow-are configured Ensure no world writable files exist

CIS Benchmarks for Linux Systems Read More »