Articles
Airgap OpenShift Installation: move the registry created using oc adm release mirror between environments
Some customers, especially large banks, have very tight security requirements. Most of them enforce a complete disconnection of their internal networks from the Internet. When installing OpenShift in such environments (this is named “disconnected” or “airgap” installation), all the OpenShift images have to be fetched (thanks to oc adm release mirror) in a dedicated registry from a bastion host that is both on the internal network and on the Internet. Continue reading
Ansible: Add a prefix or suffix to all items of a list
Recently, in one of my Ansible playbooks I had to prefix all items of a list with a chosen string. Continue reading
Deploying Miniflux on OpenShift
Miniflux is a minimalist, open source and opinionated RSS feed reader. There is a hosted instance available at a fair price point but wouldn’t it be cooler to host your own instance on your OpenShift cluster? Let’s do it! Continue reading
Deploying Invidious on OpenShift
Invidious is an alternative frontend to YouTube that is slimmer, faster and at the same time offer more features than YouTube itself. And even more important: it’s Open Source! There is a hosted instance at invidio.us if you want to give it a try. But, wouldn’t it be cooler to host your own instance on your OpenShift cluster? Let’s do it! Continue reading
What is this 'Anonymous' policy configured by the 3scale toolbox?
In this article on the Red Hat Developer blog, I explained how to deploy an API from the CLI, using the 3scale toolbox. If you tried this approach by yourself you may end up, sooner or later, with a 3scale service including an Anonymous policy in its policy chain. What is this policy and why is it there? Let’s dig in! Continue reading
What is this 'URL Rewriting' policy configured by the 3scale toolbox?
In this article on the Red Hat Developer blog, I explained how to deploy an API from a Jenkins Pipeline, using the 3scale toolbox. If you tried this approach by yourself you may have noticed that in some cases, the configured service includes the URL Rewriting policy in its Policy Chain. Continue reading
Configure the TLS trust store in Apicurio Studio
Microcks and Apicurio are nice Open Source projects that can even talk to each other to deliver greater value than the sum of their parts. Unfortunately, sometimes TLS certificates can get in the way of proper communication between the two projects. This post explains how to configure the trust store in Apicurio to overcome TLS communication issues between Apicurio and Microcks. Continue reading
Running Red Hat SSO outside of OpenShift
In an article named Red Hat Single Sign-On: Give it a try for no cost!, I explained how to deploy Red Hat SSO very easily in any OpenShift cluster. As pointed by a reader in a comment, as widespread OpenShift can be, not everyone has access to a running OpenShift cluster. So, here is how to run Red Hat SSO outside of OpenShift: using only plain Docker commands. Continue reading
Solving the Ansible error 'This module requires the OpenShift Python client'
If you are using MacOS to develop Operators based on Ansible or simply running Ansible playbooks straight from your Mac, you might encounter this error: This module requires the OpenShift Python client. When coping with this error message, two items need to be checked: The openshift python module needs to be installed using the pip command bundled with your Ansible. If you are not using the implicit localhost, your inventory needs to be updated. Continue reading
Enable global policies on Apicast 3.6
Recent versions of Apicast have a pluggable policy mechanism to apply different treatments to each exposed API. This is very powerful since each service receives its specific configuration. However, if the same treatment has to be applied to every service exposed, it becomes an administration overhead. Hopefully, Apicast has the concept of Global Policies that applies to every service exposed by itself. Continue reading