Five-Day Sprint Process meets Raleigh Innovators Program – Part 1 of 5

Hi, Red Hat Developers!  I’m new to the Red Hat Developers blog and wanted to give you a quick introduction before diving into the Innovators Program and how you can use some of the theories and processes in your day to day.  I’m a Red Hatter and I specialize in UX and knowledge management for internal support at Red Hat.  Basically, I make sure Red Hat employees and the teams that support them get everything they need out of our internal support portal.  This ranges from customer surveys to webform design to knowledge management.  Most  recently, I took a three-month hiatus from this role to participate in the Raleigh Innovators Program.

While participating in the program, I got to learn a new sprint process, collaborate with new peers from across the company, and work in a different department.  First, let’s dig into the background on the Innovators Program, how it works, and what I’ve gained from the experience.

The Innovators Program

The Innovators Program gives an edge to promising startups through a guided twelve-week program. Startup teams get a $10,000 grant, formal training, and one-on-one expert guidance.  The program emphasizes the Google Ventures five day sprint process, an accelerated approach to solving problems, as the methodology that will take startup products to a new level.

The Five-Day Sprint

The idea of the five-day sprint is to develop creative solutions and get direct feedback from users. It’s about prototyping, not development. Sprint: How to Solve Big Problems and Test New Ideas in Just Five Days prescribes the schedule, activities, team roles, and even environmental factors required for a successful sprint. The process is an intense balance of individual and collaborative activities that push the bounds of your creative thinking. It guides you from a high-level problem to very specific solutions that can ratify your product.  

Corporate Participates Alongside Startups

Red Hat and Citrix Systems co-sponsored Raleigh’s 2016 Innovators program. While fostering the startups, both companies also got the opportunity to have internal teams participate in the program.  The internal teams reaped the benefits of the program on projects of our own. Red Hat’s two project teams re-imagined our employee referral process and annual performance review process. The Innovators Program structure gave us a focused opportunity to make rapid innovation in these spaces.

My Team’s Project

I was on the team that reworked performance management and development (aka annual reviews). Simply say the words “annual review” and most people get sweaty palms and visions of sitting in a hot seat absorbing an uninterrupted list of shortcomings from their manager. That outdated stereotype is not quite what we’d been doing at Red Hat, yet we had the opportunity to build on the strengths of our existing program to better meet the needs of the organization.

Our team’s purpose was to: create a culture of open, ongoing conversations that connect, develop, and reward associates to be at their best every day.

As a team, we were excited to reuse the existing program’s strengths while exploring innovative solutions to fill in the gaps.  

Unlike the startups, our Innovators Program product wouldn’t be a new tool or app; instead, we delivered a new process and a list of technical requirements that would bring our vision to life. This sounds easy. Just draw a new map, right? Nope. We are researching industry trends and weighing them against Red Hat’s culture. Just because everyone else is doing it doesn’t guarantee success for our project. Red Hatters, after all, aren’t like everyone else. We conducted surveys, prototype testing, and external interviews. Our decisions were both data-driven and rooted in the Open Decision-Making Framework. Not only that, we planned to accommodate a diverse and rapidly growing workforce with our solution.

The complexity of this project is why it was a great topic choice for the Raleigh Innovators Program. Early on, I could see the value that the five-day sprint process would bring to our project. We additionally benefited from some of the entrepreneurial-focused classes and cross-team conversation.  It was a privilege to be part of something outside of my normal discipline, which will support all Red Hatters and contribute to the continued success of our fast-growing company.

Manage your Mongo Databases in RHMAP with Mongo Express

Red Hat Mobile Application Platform (RHMAP) supports an agile approach to developing, integrating, and deploying enterprise mobile applications. Most likely, your mobile apps will include one or more cloud apps which will require persistence support such as a Mongo Database. But managing databases is not always easy, as command line support for this databases is complex and not always available.

To ease this pain, Mongo Express can be used as an database GUI. For the mongo databases in your cloud apps, it is a powerful and intuitive tool which can be used in conjunction or as substitute for the default database browser. The main benefits from using “Mongo Express” instead of “Data Browser” are:

  • Can run complex queries
  • In-depth stats for every view
  • Supports BSON types as TimeStamp() or DBRef()

IMPORTANT: there are some implications when using Mongo Express as a database manager:

  • Mongo Express can only manage the databases in one Cloud App and environment at a time
  • There is no authentication by default when using Mongo Express as explained in this article so take into account all the security issues that this may arise [1]
  • Users running the platform on the RHMAP should upgrade their databases if it was not upgraded before

[1] Check the Annex ‘how to add authentication’ to overcome this issue

Continue reading “Manage your Mongo Databases in RHMAP with Mongo Express”

Getting Started with Microsoft SQL Server on Red Hat Enterprise Linux

Microsoft announced SQL Server on Linux public preview, so now you can try SQL Server on your Red Hat Enterprise Linux server. I’ll describe how to start SQL Server on RHEL.

Install and connect with CLI on RHEL

Microsoft publishes a step-by-step document how to Install SQL Server on Red Hat Enterprise Linux. It’s only 7 steps to install and run.

# systemctl status mssql-server
● mssql-server.service - Microsoft(R) SQL Server(R) Database Engine
   Loaded: loaded (/usr/lib/systemd/system/mssql-server.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2016-11-16 20:59:33 EST; 1 weeks 1 days ago
 Main PID: 77982 (sqlservr)
   Memory: 753.6M
   CGroup: /system.slice/mssql-server.service
           ├─77982 /opt/mssql/bin/sqlservr
           └─77997 /opt/mssql/bin/sqlservr

Now you can connect to SQL Server on RHEL. At first, let’s connect with sqlcmd. You should have to install SQL Server tools even if you run sqlcmd on the same host as you installed mssql-server package with following the document. First connect to local SQL Server instance.

Continue reading “Getting Started with Microsoft SQL Server on Red Hat Enterprise Linux”

Red Hat JBoss Data Virtualization on OpenShift: Part 3 – Data federation

Welcome to part 3 of Red Hat JBoss Data Virtualization (JDV) running on OpenShift.

JDV is a lean, virtual data integration solution that unlocks trapped data and delivers it as easily consumable, unified, and actionable information. JDV makes data spread across physically diverse systems such as multiple databases, XML files, and Hadoop systems appear as a set of tables in a local database.

When deployed on OpenShift, JDV enables:

  1. Service enabling your data
  2. Bringing data from outside to inside the PaaS
  3. Breaking up monolithic data sources virtually for a microservices architecture

Together with the JDV for OpenShift image, we have made available several OpenShift templates that allow you to test and bootstrap JDV.

Continue reading “Red Hat JBoss Data Virtualization on OpenShift: Part 3 – Data federation”

Red Hat Releases New Versions of DevStudio, CDK, and DevSuite

As the interest in container application development continues to grow, so does our expansion of development tools and features.

Today, Red Hat released new versions of the following:

Here’s a listing of the new features:

Continue reading “Red Hat Releases New Versions of DevStudio, CDK, and DevSuite”

Securing Fuse 6.3 Fabric Cluster Management Console with SSL/TLS

Introduction

Enabling SSL/TLS in a Fabric is slightly more complex than securing a jetty in a standalone Karaf container. In the following article, we are providing feedback on the overall process. For clarity and simplification, the article will be divided into two parts.

 

Part1: The Management Console

Part2: Securing Web Service:including gateway-http

 

For the purpose of this PoC, the following environment will be used.

Environment

  • Host  fabric1.example.com  (192.168.56.1),  localhost MacOS

  • Host  fabric2.example.com  (192.168.56.101), RHEL 7.2 Virtual Box VM

  • Host  fabric3.example.com  (192.168.56.102), RHEL 7.2 Virtual Box VM

 

With the following components

  • jboss-fuse-6.3.0.redhat-187
  • jdk1.8.0_102

 

Part1: Put the Management Console in HTTPS in a Fuse Fabric 6.3 Cluster.

 

STEP1: Prepare/Generate a valid certificate/Keystore

If you setup a fabric with three ensemble servers, each ensemble server should trust the two others; the most practical approach to do this is to create a certificate authority to sign all the individual certificates. For the purpose of this demo we are creating a self signed certificate with  all the fabricXX.example.com  in the Subject Alternative section.

 

keytool -genkeypair -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -validity 365 -keystore san.demo.jks -storepass Cluster01# -keypass Cluster01# -dname cn=fabric1.example.com -alias demo

-ext SAN=dns:fabric1.example.com,dns:fabric2.example.com,dns:fabric3.example.com

 

This certificate should be populated on the three hosts in the same folder location, for this demo the file is stored in  /shared/fuse/certs/

 

STEP2: Edit the EXTRA_JAVA_OPTS on all hosts.

<

p class=”p1″>vi $FUSE_HOME/bin/setenv

export EXTRA_JAVA_OPTS="-Djavax.net.ssl.trustStore=/shared/fuse/certs/san.demo.jks -Djavax.net.ssl.trustStorePassword=Cluster01# -Djavax.net.ssl.keyStore=/shared/fuse/certs/san.demo.jks -Djavax.net.ssl.keyStorePassword=Cluster01# "

This will make your certs trusted by client code in fuse also. for debugging purpose you can add the options

  -Djavax.net.debug=ssl to have all the exception trace if any during the SSL handshake process.

  -Djava.rmi.server.logCalls=true , to get all RMI Exceptions

STEP3: Start Fuse and create the Fabric

./fuse

JBossFuse:karaf@fabric1> fabric:create --clean --resolver manualip --global-resolver manualip --manual-ip fabric1.example.com --force

Waiting for container: fabric1

It may take a couple of seconds for the container to provision…

You can use the –wait-for-provisioning option, if you want this command to block until the container is provisioned.

JBossFuse:karaf@fabric1> fabric:wait-for-provisioning

SUCCESS

 

JBossFuse:karaf@fabric1> fabric:info

Fabric Release:            1.2.0.redhat-630187
Web Console:               http://fabric1.example.com:8181/hawtio
Rest API:
Git URL:                   http://fabric1.example.com:8181/git/fabric/
Jolokia URL:               http://fabric1.example.com:8181/jolokia
ZooKeeper URI:             fabric1.example.com:2181
Maven Download URI:        http://fabric1.example.com:8181/maven/download/
Maven Upload URI:          http://fabric1.example.com:8181/maven/upload/

From fabric2.example.com and fabric3.example.com, run the fabric join command

JBossFuse:karaf@fabric2>fabric:join --resolver manualip --manual-ip  fabric2.example.com --force  fabric1.example.com:2181
JBossFuse:karaf@fabric3>fabric:join --resolver manualip --manual-ip  fabric3.example.com --force  fabric1.example.com:2181

 

The –resolver –global-resolver and –manual-ip are very important, if they do not match , certificate validation will failed

 

JBossFuse:karaf@fabric1> container-resolver-list

[id]     [resolver]  [local hostname]        [local ip]      [public hostname]  [public ip]  [manual ip]
fabric1  manualip    fabric1.example.com     192.168.56.1                                    fabric1.example.com
fabric2  manualip    fabric2.example.com     192.168.56.101                                  fabric2.example.com
fabric3  manualip    fabric3.example.com     192.168.56.102                                  fabric3.example.com

 

STEP4: Create the secure SSL profile

Create a secure profile ssl

JBossFuse:karaf@root> profile-create --parent default ssl
profile-edit --pid org.ops4j.pax.web/org.osgi.service.http.enabled=false ssl
profile-edit --pid org.ops4j.pax.web/org.osgi.service.http.secure.enabled=true ssl
profile-edit --pid org.ops4j.pax.web/org.osgi.service.http.port.secure='${port:8443,8543}' ssl
profile-edit --pid org.ops4j.pax.web/org.ops4j.pax.web.ssl.keystore='/shared/fuse/certs/san.demo.jks' ssl
profile-edit --pid org.ops4j.pax.web/org.ops4j.pax.web.ssl.password=Cluster01# ssl
profile-edit --pid org.ops4j.pax.web/org.ops4j.pax.web.ssl.keypassword=Cluster01# ssl

Check the created profile
JBossFuse:karaf@fabric1> profile-display ssl

Profile id: ssl

Version   : 1.0

Attributes:

  parents: default

Containers:

Container settings

—————————-

Configuration details

—————————-

PID: org.ops4j.pax.web   org.ops4j.pax.web.ssl.password Cluster01#   org.osgi.service.http.enabled false   org.ops4j.pax.web.ssl.keypassword Cluster01#   org.osgi.service.http.secure.enabled true   org.osgi.service.http.port.secure ${port:8443,8543}   org.ops4j.pax.web.ssl.keystore /shared/fuse/certs/san.demo.jks

Other resources

—————————-

STEP5: Put the fabric in HTTPS

By adding the ssl profile to the fabric1, for example, the fabric turns in https. You can repeat the operation for fabric2 and fabric3.

 

JBossFuse:karaf@fabric1> container-add-profile fabric1 ssl

JBossFuse:karaf@fabric1> container-add-profile fabric2 ssl

JBossFuse:karaf@fabric1> container-add-profile fabric3 ssl

 

JBossFuse:karaf@fabric1> log:tail | grep “Pax Web available”

2016-11-15 11:29:59,802 | INFO  | onfig-1-thread-3 | JettyServerImpl                  | 117 – org.ops4j.pax.web.pax-web-jetty – 4.3.0 | Pax Web available at [0.0.0.0]:[8443]

 

JBossFuse:karaf@fabric1> fabric:info
Fabric Release:                1.2.0.redhat-630187
Web Console:                   https://fabric1.example.com:8443/hawtio
Rest API:
Git URL:                       https://fabric1.example.com:8443/git/fabric/
Jolokia URL:                   https://fabric1.example.com:8443/jolokia
ZooKeeper URI:                 fabric1.example.com:2181
Maven Download URI:            https://fabric1.example.com:8443/maven/download/
Maven Upload URI:              https://fabric1.example.com:8443/maven/upload/

 

console

STEP 6: Creating Child containers

Connections from child containers also need to be trusted (e.g. Maven proxy, communication with fabric ensemble.) To create a child container with the ssl profile follow the following steps:

  • create the child container with ssl profile  container-create-child –profile ssl fabric1 node1
  • edit the child container JVM Options : pass the trustStore file and password
container-edit-jvm-options node1 '-Djavax.net.ssl.trustStore=/shared/fuse/certs/san.demo.jks -Djavax.net.ssl.trustStorePassword=Cluster01#'
  • restart the container 
      container-stop node1

       container-start node1

 

More Information

https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.3/pdf/Security_Guide/JBoss_Enterprise_Application_Platform-6.3-Security_Guide-en-US.pdf