Introduction

This article is a follow up on our previous blog post VMware provisioning example] using Ansible, where we deployed a simple virtual machine on VMware using Ansible from the CloudForms service catalog. In this week’s demonstration, we go a step further and provision a multi-tier application on Amazon Web Services (AWS). Once provisioned, the application lifecycle, as well as all day 2 operations are performed from Red Hat CloudForms.

Christian Jung recently posted another interesting article as a follow-up on Best Practice Recommendations for Automate. This time, he focuses on setting up Continuous Integration for Red Hat CloudForms.

In his blog post, Christian discusses how to use common development tools like GIT and Travis in conjunction with CloudForms to configure a datastore pointing to a git repository and set a Continuous Integration/Continuous Delivery (CI/CD) environment. This feature is available in CloudForms since CloudForms 4.2.

Introduction

A few days ago, Michele Naldini posted a series on the [Red Hat Developer Blog] [https://developers.redhat.com] about how to build a Software Defined Data Center (SDDC) using Red Hat CloudForms and Red Hat OpenStack Platform.
Red Hat CloudForms allows to more quickly deploy and scale Red Hat OpenStack Platform (also known as OSP) private clouds, combine existing IT infrastructure investments, and federate public cloud deployments. This series includes both background information and hands-on tips to implement a full SDDC in practice.
The first part of the series covers the introduction, the goals, some key information about OSP and more specifically Heat, OSP configuration, and pre-requisites. It also illustrates how to start working with OSP in order to spin a new operating service based on a 3 tier deployment (2 web servers, 2 app servers, and 1 database) using 2 load balancers (1 for the web servers and 1 for the app servers).
The second part focuses on CloudForms, where it shows how to create a service based on Heat templates, using service dialog, and how to restrict services to a set of users. Both Operator UI and the Self-Service UI are used in the exercise. The blog series also contains a summary video that covers all steps explained as part of the deployment. Read more on the Red Hat Developer Blog:

Few days ago one of our fellows, Christian Jung, published a very good article explaining best practices while coding Ruby code inside Red Hat CloudForms. The post does not claim to be exhaustive, but establishes guidelines about coding, naming conventions and rules to follow in order to make the code cleaner, easier to understand, and more consumable by others.

In the article, several key topics are discussed, such as:

This blog is part 5 of our series on Container Management with CloudForms].

In this last post, we focus on financial management of container environments for both chargeback and for optimizing infrastructure resource usage and spending.

This blog is part 4 of our series on Container Management with CloudForms.

This blog post focuses on the security and compliance aspects of managing containerized environments. In a container based infrastructure, the container software is often built directly by developers, usually via continuous integration (CI/CD). Once it comes to deploying this software in production, we need to make sure it is securely validated.

Another challenge is the source of those containers. Developers can use any base images for their builds, including insecure container images downloaded from the Internet. On the other hand, Enterprise IT needs to ensure all containers running in production are built based on trusted and approved sources.

And finally, it is also important to validate that all containers images, as well as containers instantiated from those images, are up to date with respect to security fixes.

CloudForms provides specific capabilities for managing security and compliance for container based infrastructures.

It can enforce policies for container hosts, and marks the nodes that are not compliant (e.g. outdated versions, configuration issues, security risks, etc). Those policies take into account information about the container host itself, but also about any resources that are connected to this host. If needed, it can trigger an action to start automatic remediation. We could for example automatically trigger an update of a package when a new security fix is available.

CloudForms also provides reporting for container sources. For example, it can identify containers that come from untrusted registries.

Finally it can scan the content of container images using OpenSCAP for standardized security checks. When an image is identified as non-compliant, all running containers instantiated from this image can be flagged automatically.

The following video demonstration highlights these capabilities in CloudForms:

This blog is part 3 of our series on Container Management with CloudForms.

A second area of concern identified when managing a containerized environment is service health. We need to operate our containers with good performance, reliability, and ensure high enough utilization ratios. In this post, we focus on the container based infrastructure, its on-going resource consumption, and how we can monitor and optimize its health.

This blog is part 2 of our series on Container Management with CloudForms.

Containers have rapidly evolved from being used for development and testing to production. Today, many vendors provide container products supporting enterprise IT production workloads. Red Hat offers [OpenShift], (https://www.openshift.com) an open source container platform based on Kubernetes.

First let’s talk about Remote Session vs Remote Console, they are often confused.

One side effect of quick and easy provisioning of virtual machines (VMs) is VM sprawl. To keep the number of VMs manageable, administrators set retirement dates to automatically retire the VM and free the hardware resources.