Project News

Announcing the Fedora CoreOS community!

Welcome to Fedora CoreOS

Earlier this year Red Hat acquired CoreOS, Inc.. In the past few months we have been working hard to evaluate the different technologies in the CoreOS Container Linux and Project Atomic spaces. Since Container Linux and Atomic Host overlap in functionality quite a bit we have decided to merge future development of the two projects so that we can combine our efforts and bring two great communities of people together to solve future challenges in the transactional update and container operating system landscape.

Read More »

Buildah version 1.1 Release Announcement

Buildah version 1.1 Release Announcement

buildah logo

We’re pleased to announce the release of Buildah version 1.1 which is now available from GitHub for any Linux distro. We are shipping this release on Fedora, RHEL 7, CentOS and Ubuntu in the near future.

The Buildah project has continued to grow over the past several weeks, welcoming several new contributors to the mix, launching new functionality and creating a number of improvements and bug fixes.

Read More »

How to sneak secrets into your containers, without leaving a trace

Default mounts for all of your containers.

I was presenting OpenShift and really the underlying container technology we are building CRI-O, Buildah and Podman to some customers the other day. After the presentation, one of the customers came over to me and said, the biggest problem they have with their users building containers, was they needed to use certificates in the container in order to access their software repositories. But they did not want the certificates to end up embedded in the containers. I pointed out that Red Hat’s version of Docker allowed you to do volume mounts into containers during a docker build. Also Buildah had the same functionality. But he pointed out that they did not want everyone of their engineers to have to add the volumes, or if they were running a container and wanted to update software and they forgot the volume mount then they could not access the certificates.

Read More »

Problems Are Just Opportunities in Disguise

As a father who’s ushered one child through their teen years, and with two more in the teens now, I know about problems. Problems with the WiFi not working, or the shoes that are two months old and now two sizes too small. Those are the easy ones, the harder ones come in with sleepovers with their significant others, the broken down car after curfew or the death of a classmate. In my at-work life, I was explaining to my scrum master that I’d not been picking off any cards off our board in the past sprint because I’d spent all my time working on issues. He remarked that as a software engineer we’re not so much coders as we’re problem solvers. I guess I can’t escape problems either at work or at home.

Recently one of the folks that talks about Buildah, Podman, and other related container technologies at conferences sent me an email about a problem he was having with a demo script he was hoping to show.

Read More »

Building Kernel Modules with Podman

Building Kernel Modules on Atomic with Podman

The goal of this post is to explain how to build and load a kernel module inside a container using Podman.

Building and using third party kernel modules on Atomic is a challenging task. There are a handful of methods for supporting kernel modules on a Linux system such as kmods, akmods, DKMS, and manually building them by hand. Digging into all of the technical hurdles Atomic faces with each method is a very large topic and a bit out of scope for this blog post, so we will focus on DKMS for the time being.

Using DKMS on Atomic does not work as expected. This means using popular third party kernel modules such as NVidia drivers, VirtualBox, and WireGuard via their supported install methods will not work as a result, but I will explain how we can work around these limitations in this blog post.

Read More »