For those responsible for container security within their organizations, clashing is now much more than just a fashion faux pas: The recently discovered Linux Stack Clash vulnerability (CVE-2010-2240) is a serious threat that attackers can exploit to gain root privileges within a container. Worse, if the exploit is applied in the hosts user space, it represents a critical danger in which an attacker could compromise running containers (or the Docker daemon itself).
Ansible is the Rodney Dangerfield of Red Hats software portfolio: It, too, dont get no respect. Despite the Ansible automated configuration management tool helping to sell Red Hats hybrid cloud story, delivering six deals worth more than $1 million and one deal worth over $5 million, not a single analyst in the latest financial call bothered to check on Ansibles progress.
If you want to do the devops then you need to have a deep understanding of the principles, values, and concepts that drive it. Devops may be a trendy topic, but it brings together important concepts that come from multiple sources.
The concept of employing separate platforms to monitor and secure containers soon may be obsolete if Sysdig has its way. The company has added a Sysdig Secure module to provide visibility into container runtimes and apply polices to secure them and analyze how they might have been compromised.
Red Hat is moving to implement System Containers to reduce the number of components a developer needs to manage when employing a lightweight distribution of Linux. Lightweight distributions of Linux are being employed more widely because more of the software required to deploy an application is now embedded in a container.