Red Hat Enterprise Virtualization 3.4.1 Released

Principal Product Manager, Red Hat

I don’t often find myself getting overly excited about maintenance releases, however Red Hat Enterprise Virtualization 3.4.1 is an exception due to two key factors:

  • Preview support for Red Hat Enterprise Linux 7 as a hypervisor host
  • Support for up to 4,000 GB memory in a single virtual machine

Red Hat Enterprise Virtualization 3.4, originally introduced official guest operating system support for Red Hat Enterprise Linux (RHEL) 7. In continuing down the path of providing the latest Red Hat technologies to our customers, I am proud to announce that Red Hat Enterprise Virtualization 3.4.1 has preview support for RHEL 7 as a hypervisor.  Red Hat customers with active subscriptions will be able to take advantage of using RHEL 7 as a hypervisor either as a RHEL host, or by using our thin Red Hat Enterprise Virtualization Hypervisor image.

Continue reading “Red Hat Enterprise Virtualization 3.4.1 Released”

Juno Updates – Security

Written by Nathan Kinder

 

There is a lot of development work going on in Juno in security related areas. I thought it would be useful to summarize what I consider to be some of the more notable efforts that are under way in the projects I follow.

Keystone

Nearly everyone I talk with who is using Keystone in anger is integrating it with an existing identity store such as an LDAP server. Using the SQL identity backend is really a poor identity management solution, as it only supports basic password authentication, there is lack of password policy support, and the user management capabilities are fairly limited. Configuring Keystone to use an existing identity store has it’s challenges, but some of the changes in Juno should make this easier. In Icehouse and earlier, Keystone can only use one single identity backend. This means that all regular users and service users must exist in the same identity backend. In many real-world scenarios, the LDAP server used for users and credentials is considered to be read-only by anything other than the normal user provisioning tools. A common problem is that the OpenStack service users are not wanted in the LDAP server. In Juno, it will be possible to configure Keystone to use multiple identity backends. This will allow a deployment to use an LDAP server for normal users and the SQL backend for service users. In addition, this should allow multiple LDAP servers to be used by a single Keystone instance when using Keystone Domains (which previously only worked with the SQL identity backend).

Continue reading “Juno Updates – Security”