Red Hat OpenStack and DevSecOps updates

DSO National Laboratories (DSO), Singapore’s national defense research and development (R&D) organization, and open source leader Red Hat, has announced a collaboration to develop new DevSecOps capabilities. The joint work between Red Hat and DSO shows the value of collaboration to facilitate knowledge exchange in Singapore’s defense R&D efforts.

"This collaboration will significantly advance our knowledge and capabilities in the latest DevSecOps practices as we deliver solutions from enterprise IT systems to mission-critical systems deployed in the field," said Cheong Chee Hoo, Chief Executive Officer, of DSO National Laboratories.

DSO National Laboratories collaborates with Red Hat to advance DSO’s defense research and development efforts

DevSecOps, an IT approach that combines development, operations, and system security practices, encompasses culture, automation, and platform design, integrating security considerations as a shared responsibility throughout the entire IT lifecycle. Red Hat aims to collaborate with and support DSO’s DevSecOps development through the adoption of a trusted hybrid cloud solution that improves integration and interoperability among systems. Using Red Hat OpenShift, Red Hat Ansible Automation Platform, and Red Hat Device Edge (early access) in addition to Red Hat training services, organizations like DSO can tap enterprise open-source software to enhance automation processes and bridge old and new IT systems to deliver timely, mission-critical applications and services. DSO also aims to more quickly develop and deploy software to respond to evolving mission conditions in the field.

Red Hat Device Edge delivers enterprise-ready, lightweight Kubernetes container orchestrations, building on the MicroShift project to support different use cases and workloads on small, resource-constrained devices at the farthest edge Along with the Integration of technologies such as Red Hat OpenShift and Red Hat Ansible Automation Platform, this is intended to help DSO further extend container applications to even more remote areas running on resource-constrained devices.

"We are pleased to collaborate with DSO on technology solutions that can help drive their digitalization agenda. With the adoption of Red Hat open-source technologies, DSO will have more agility to respond quickly and nimbly to new challenges through continuous innovation. We look forward to working with DSO on DevSecOps, automation, and other initiatives that will help DSO advance Singapore’s defense resiliency," said Daniel Aw, vice president, of enterprise sales, at Red Hat APAC.

"Red Hat is a valuable partner in accelerating DSO’s software development and deployment efforts. This collaboration will significantly advance our knowledge and capabilities in the latest DevSecOps practices as we deliver solutions from enterprise IT systems to mission-critical systems deployed in the field," said Cheong Chee Hoo, Chief Executive Officer, of DSO National Laboratories.

Red Hat OpenStack Platform 17.1 delivers modern networks and enhanced security features

This week, Red Hat is attending OpenInfra Summit to share the news that Red Hat OpenStack Platform 17.1 will be released in the coming weeks. This release will deliver enhanced flexibility, efficiency, and security features with new management and operation tools that enable OpenStack users to further manage their infrastructure at the edge.

Last year, we announced continued efforts for service providers to rely on the Red Hat OpenStack Platform as they build out massive, modern 5G network infrastructures. This year, we're extending this work by helping service providers bridge existing 4G investments with new 5G networks. This helps realize advanced use cases like 5G standalone (SA) core, network, storage and compute and open virtualized radio access networks with increased resilience from the core to the edge.

Red Hat OpenStack Platform 17.1 will enable service providers to scale faster and maximize their resources through a virtualized control plane running on Red Hat OpenShift. This is designed to drive optimized network capacity and performance, greater efficiency, and further simplify deployments at scale, allowing for the management of both 4G virtualized and 5G containerized workloads from the same environment. This helps better position service providers to future-proof investments without leaving workloads behind and progress on their cloud-native journey more easily. Service providers can expect:

• Multi-version support for Red Hat Enterprise Linux (RHEL) that allows Red Hat OpenStack Platform 17.1 compute nodes to run on either RHEL 8.4 and/or RHEL 9.2 to provide service providers with flexibility in their choice of hardware platform while increasing compatibility across a wide range of workloads;
   
• An enhanced upgrade experience from Red Hat OpenStack Platform 16.2 to 17.1. Red Hat OpenStack Platform content upgrade and RHEL upgrades have been separated into distinct steps, aimed at improving flexibility and easing troubleshooting. With multi-version support for RHEL, service providers can now delay the RHEL compute nodes' reboot to a later stage.
   
• Logical volume management partitioning, which provides a short-lived snapshot and reverts functionalities. This enables service providers to revert back to a previous state during the upgrade process;
   
• Domain Name System as a Service (DNSaaS), also known as Designate, which includes a REST API for domain and record management, is multi-tenanted and integrates with OpenStack Identity Service (keystone) for authentication. DNSaaS includes a framework for integration with Compute (nova) and OpenStack Networking (neutron) notifications, allowing auto-generated DNS records. In addition, DNSaaS includes integration support for Bind9;
   
• Open Virtual Networking (OVN) capabilities to innovate network infrastructure services and quality of service metering, providing for bandwidth measurement in specific functions. These new capabilities also help improve OVN migration time for large-scale deployments within maintenance windows;
   
• Octavia load balancer to further scalability by increasing the number of connections that can be directed simultaneously;
   
• Virtual data path acceleration for a more efficient hardware offloading mechanism in both physical and virtual environments.
  
   

A more flexible and open platform

From the beginning, OpenStack has been the open-source private cloud that provides a public sector stack with a greater security posture. Red Hat OpenStack Platform 17.1 continues this approach with a number of key systems and network security enhancements aimed at helping service providers ability to exert control over their own digital infrastructure, data, and technology. Red Hat OpenStack Platform is an adaptable solution for these projects, built on an open-source software foundation that Red Hat has been practicing for more than 25 years. From healthcare to the public sector, telecommunications, and more, the Red Hat OpenStack Platform has security features that can meet the growing need to be ‘in control’ of your IT environment. Our latest release includes:

• Improved security features with role-based access control (RBAC) for expanded and more granular enforcement across OpenStack services to help deliver increased functionality, improved suitability, and a reduced attack surface;
   
• Support for FIPS-140 (ISO/IEC 19790) compatibility^* to help meet service providers’ security requirements;
   
• Federation through OpenID Connect to use an external identity provider (IdP) to manage user authentication and authorization;
   
• Fernet tokens help protect users’ confidential information and enable their experience with the platform to be fast, convenient, and trusted.

With open source, there is a transparent and demonstrated trust in the communities building these solutions. Red Hat is able to extend our leadership on open standards and interoperability beyond technology to include operations and data and provide demonstrated architecture patterns for an open hybrid sovereign cloud, from cloud to edge and back.