Red Hat News

Every day, I talk to IT executives, commercial leaders, and partners who are facing the exact same pressure: How do we move from AI experimentation to true enterprise production?If you glance at the tech headlines today, you’d think the answer is simple. The industry has become utterly obsessed with the concept of agentic AI—the promise of autonomous software agents executing complex corporate workflows with the flick of a switch. The mainstream narrative treats AI like a standalone magic box. Buy the right proprietary model, plug it in, and watch your operational headaches vanish.But out

Red Hat OpenShift Virtualization 4.21 introduces highly anticipated networking design flows to simplify network management. Tailored to VM network requirements, this complete workflow lets you more efficiently create networks, configure them on specific nodes, and provide reliable access to virtual machines (VMs). The new workflow helps create complex configurations by breaking them into smaller, simpler steps, while still providing the same functionality.Explore the highlights of these networking enhancements:Centralized physical networks pageA physical network is a logical entity that was ad

A couple of weeks ago, I wrote about Copy-Fail (CVE-2026-31431) and how Red Hat OpenShift’s defense-in-depth approach prevented container escape despite a vulnerable kernel. I spent time actively trying to break out of an OpenShift container, achieved root inside the pod almost immediately, and still couldn’t escape to the host. The kernel vulnerability was real. The exploit path was real. The defenses still held. While I was wrapping up this article, another related variant, DirtyDecrypt (CVE-2026-31635), started circulating publicly alongside exploit discussion and proof-of-concept cover

Industrial teams are eager to implement AI in critical locations: on factory floors, at logistics hubs, in remote field operations, and as the intelligence driving robots. However, a significant number of such projects fail to move past the pilot phase. The primary obstacle is seldom the AI model itself. More often, challenges arise from the reality of edge environments, which are characterized by limited resources, inconsistent connectivity, and hard-to-access systems, often without local technical support. Red Hat Device Edge addresses this problem by delivering operational consistency for f

As agentic systems become common in the enterprise, it's clear to anyone concerned about sovereignty in AI factories: Inference is the hard part to scale.One of the many benefits of a sovereign cloud is agency in how you accomplish your operations. Sovereign AI means you have control over the agents in your applications, workflows, and value delivery chain. Much of agent behavior is dependent on interactions with the model, so a truly sovereign agentic system requires sovereign inference - which in turn demands accelerators and AI models that are fully under your control.For flexible and gener

Modern enterprise networks demand speed, consistency, and absolute resilience. Relying on manual, time-consuming network management tasks is no longer a viable strategy for organizations seeking true operational efficiency. To overcome these bottlenecks, IT leaders are turning to Red Hat Ansible Automation Platform and Cisco Catalyst Center and the solution this partnership provides.By taking advantage of ready-to-use, Red Hat Ansible Certified Content, organizations can embrace NetOps-as-Code to manage network infrastructure as version-controlled, repeatable code, scaling modern network opera

For a Chief Information Officer (CIO) or VP of Infrastructure, the term "digital sovereignty" often arrives as a regulatory burden to support a collection of acronyms like DORA (the EU Digital Operational Resilience Act), NIS2 (the updated Network and Information Security Directive), and PDPA (the Personal Data Protection Act) that require more checklists and audits. This begs the question, is viewing sovereignty through a purely legal lens a strategic mistake? Red Hat’s point of view has just been published in our recently released article, Red Hat Strategic Approach to Compliance, Sovereig

IBM and Red Hat Commit $5 Billion to Redefine the Future of Open Source in the AI EraIBM and Red Hat committed $5 billion to Project Lightwell, deploying over 20,000 engineers and advanced AI. This enterprise clearinghouse actively identifies and remediates open source vulnerabilities across the software supply chain. Learn more Red Hat Summit 2026 keynotes and product spotlight sessionsTune into Red Hat TV to watch the keynotes and product summary sessions from Red Hat Summit 2026. Learn more SD Times - Rethinking the AI gold rush: Industry leaders warn of the “agentic paradox”As organ

I've had this conversation dozens of times with infrastructure teams. They've just finished, or are deep into, a VM migration off a legacy hypervisor. The hard part is nearly done. Or, so they think.Here's the thing most people don't talk about: migration itself is the easy part. It's tactical. It has a clear beginning, middle, and end. What comes after, actually modernizing how you run your infrastructure, that's where the real work lives, and honestly, where most of the value is.The industry shifts driving these migrations represent a strategic opportunity for modern infrastructure. By addre

As enterprise IT organizations push deeper into operationalizing AI, the conversation has shifted from theoretical capability to hard execution metrics. Whether your team is talking with customers about scaling large language models (LLMs) on restricted local hardware, navigating the real-world performance numbers of distributed inference, or shielding proprietary model weights, the underlying goal remains the same: building a predictable, highly security-focused foundation that returns clear business value. This month’s roundup brings you the critical architecture analyses, benchmark realit

In the era of hyper-distributed systems where AI agents traverse our networks, and hybrid clouds stretch from the edge to the core, the "who" and "what" of infrastructure access are more critical than ever. Managing identities across thousands of nodes is a vital administrative task in optimizing your infrastructure's security posture. To assist with this, Red Hat Identity Management (IdM) can serve as a comprehensive domain controller for your Linux environment. If you're still managing local /etc/passwd files, or struggling with complex cross-realm Kerberos trusts manually, then it's time to

Model Context Protocol (MCP) is quickly becoming the standard for connecting AI agents to external tools and data. With the recent technology preview of the MCP server for Red Hat OpenShift, organizations can give AI agents controlled access to their clusters. Deploying and managing MCP servers at scale introduces its own operational challenge: how do you treat MCP servers as first-class infrastructure?Today, we're making the MCP lifecycle operator available as a developer preview (v0.1.0). MCP lifecycle operator is a Kubernetes-native operator that provides a declarative API to deploy, manage

The model context protocol (MCP) server for Kubernetes is moving toward technology preview (TP), and it’s bringing a powerhouse integration with it: the Kiali toolset. By integrating Kiali into the MCP server, we are bridging the gap between large language models (LLM) and your service mesh. This means your AI assistant doesn't just "talk" about your cluster, it can now visualize traffic, diagnose latency, and manage Istio configurations using the same trusted logic that powers the Kiali UI.Why Kiali in MCP?While standard Kubernetes tools handle pods and services, the Kiali toolset provides

The post-quantum cryptography (PQC) transition is well underway in Red Hat Enterprise Linux (RHEL). In May 2025, RHEL 10 delivered post-quantum key exchange algorithms in three major cryptography libraries (OpenSSL, GnuTLS, and NSS), making post-quantum key exchange usable in TLS 1.3 connections. RHEL 10.1 followed, setting the new key exchange algorithms as default in TLS, and introducing post-quantum signatures for RPM packages.The secure shell (SSH) protocol was not left behind. RHEL 10 shipped with OpenSSH 9.9, supporting two hybrid post-quantum key exchange methods: sntrup761x25519-sha512

Nearly two years ago, we launched image mode for Red Hat Enterprise Linux (RHEL) to give customers a simpler way to deploy the foundation of their IT enterprise. Since then, I’ve heard users who have adopted image mode describe it as a lifestyle change. There's a fundamental shift in thinking from package-based management to container-native, image-based management. And let's face it, lifestyle changes can be difficult. But the benefits—technical and personal—are real.Image mode makes some of IT’s most tedious processes simpler. That means more predictable operations for the enterprise

Digital certificates quietly underpin almost everything that matters in modern IT: public websites, internal systems, APIs, and machine-to-machine traffic. For years, many teams treated renewal as a calendar exercise—tolerable when validity stretched beyond a year. That era is ending.New security expectations are dramatically reducing maximum certificate validity—from periods of 398 days down to as little as 47 days by 2029. The shift is not theoretical: the first major reduction—to 200 days—began in March 2026. Shorter validity does not merely mean “more paperwork.” It means teams

For years, migrating to Red Hat Enterprise Linux (RHEL) meant a 2-step dance: first, you needed to convert the OS to a corresponding RHEL version, then perform an in-place RHEL upgrade. This meant that going from CentOS Stream 9 to RHEL 10 required a conversion from CentOS Stream 9 to RHEL 9 and a subsequent upgrade from RHEL 9 to RHEL 10. Different utilities and thus processes were used for each of those steps: Convert2RHEL for the conversion and Leapp for the upgrade. Having distinct utilities and separate processes introduces complexity, and requires separate automation workflows and care

Recent high-profile security events have created a cause for concern through the DevSecOps community. We have witnessed a sophisticated shift in the threat landscape: attackers are no longer just targeting the applications you build. They’re targeting the very tools you use to protect them.By compromising the service accounts and version tags of popular third-party security "actions" and scanners, threat actors have successfully turned security tools into delivery vehicles for malware. In these scenarios, the moment a continuous integration/continuous delivery (CI/CD) pipeline triggers a sec

In distributed system management, defining the "ideal state" of a server is rarely black and white. Different operational goals often create tension between performance tuning and security hardening, where optimizing for one can inadvertently break the other. To resolve this friction, Red Hat Lightspeed has introduced a new cross-service validation capability between our advisor and compliance services.Red Hat Lightspeed advisor: Recommendations for misconfigurations and best practices to improve stability, performance, and availability.Compliance: Monitors compliance with security baselines t

Have you noticed the recent surge of post-quantum cryptography (PQC) roadmaps and Q-day countdowns? They’re hard to miss. Organizations across the industry are rushing to set PQC deadlines as research increasingly suggests the risk of a cryptographically-relevant quantum computer (CRQC) appearing before the year 2030 is no longer a fringe theory—it’s a real possibility. While the industry makes bets on the exact date the quantum clock will hit zero, Red Hat has taken a different, pragmatic approach by focusing on adoption, integration, and delivery of the tools and software you need so w