Friday Five — August 18, 2017

Depending upon the event you use to start the clock, cloud computing is only a little more than 10 years old. Some terms and concepts around cloud computing that we take for granted today are newer still. The National Institute of Standards and Technology (NIST) document that defined now-familiar cloud terminology–such as Infrastructure-as-a-Service (IaaS)–was only published in 2011, although it widely circulated in draft form for a while before that. Among other definitions in that document was one for hybrid cloud. Looking at how that term has shifted during the intervening years is instructive. Cloud-based infrastructures have moved beyond a relatively simplistic taxonomy. Also, it highlights how priorities familiar to adopters of open source software–such as flexibility, portability, and choice–have made their way to the hybrid cloud.

Red Hat just announced the general availability of Red Hat Enterprise Linux (RHEL) 7.4, saying "Red Hat Enterprise Linux 7.4 offers new automation capabilities designed to limit IT complexity while enhancing workload security and performance for traditional and cloud-native applications." The latest edition includes enhancements to the base operating system to improve security, manageability, reliability and performance while executing on a broad array of microprocessor architectures. It also includes further integration of Red Hat's recent acquisition of Ansible for monitoring and management of complex physical, virtual and cloud-based computing environments.

Red Hat has fixed an important vulnerability in the OpenStack subsystem that's used to manage network connectivity to and from virtual machines. If left unpatched, it could allow an attacker to access network resources from virtual machines. The vulnerability, tracked as CVE-2017-7543 in the Common Vulnerabilities and Exposures (CVE) database, is located in openstack-neutron, a "pluggable, scalable and API-driven" component of the Red Hat OpenStack Platform that's used to provision networking services to virtual machines. In a security advisory, Red Hat describes the flaw as a "race condition" triggered by a minor overcloud update. In OpenStack vernacular, the overcloud is the production cloud used by tenants, as opposed to the control cloud, or the undercloud, which is used to bootstrap the production cloud.

The Ansible team is heading to San Francisco next month for AnsibleFest. AnsibleFest is a day-long conference bringing together hundreds of Ansible users, developers and industry partners. Join us in San Francisco for the insights, best practices and connections you need to transform your business through IT automation with Ansible. This year we're bringing more content than ever before with five breakout tracks covering everything from beginner Ansible essentials to tech deep dives. There is something for everyone at AnsibleFest no matter where you are in your Ansible journey. Register today while seats are still available. Questions? Contact events@ansible.com.

Containers have quickly won a key role in enterprise IT plans for a practical reason: They help organizations gain speed. And for digital businesses, speed equals revenue. But how are your peers using containers, what's the best adoption pattern for your company – and what speed bumps should you avoid? CIOs can learn plenty from their peers' work on both fronts of culture and technology. On the technology side, when working in the trenches with companies adopting containers, you see many of the same goals and hurdles. Let's examine the four typical ways companies adopt containers – and what you should know about each pattern.