Red Hat News

In the era of hyper-distributed systems where AI agents traverse our networks, and hybrid clouds stretch from the edge to the core, the "who" and "what" of infrastructure access are more critical than ever. Managing identities across thousands of nodes is a vital administrative task in optimizing your infrastructure's security posture. To assist with this, Red Hat Identity Management (IdM) can serve as a comprehensive domain controller for your Linux environment. If you're still managing local /etc/passwd files, or struggling with complex cross-realm Kerberos trusts manually, then it's time to

Model Context Protocol (MCP) is quickly becoming the standard for connecting AI agents to external tools and data. With the recent technology preview of the MCP server for Red Hat OpenShift, organizations can give AI agents controlled access to their clusters. Deploying and managing MCP servers at scale introduces its own operational challenge: how do you treat MCP servers as first-class infrastructure?Today, we're making the MCP lifecycle operator available as a developer preview (v0.1.0). MCP lifecycle operator is a Kubernetes-native operator that provides a declarative API to deploy, manage

The model context protocol (MCP) server for Kubernetes is moving toward technology preview (TP), and it’s bringing a powerhouse integration with it: the Kiali toolset. By integrating Kiali into the MCP server, we are bridging the gap between large language models (LLM) and your service mesh. This means your AI assistant doesn't just "talk" about your cluster, it can now visualize traffic, diagnose latency, and manage Istio configurations using the same trusted logic that powers the Kiali UI.Why Kiali in MCP?While standard Kubernetes tools handle pods and services, the Kiali toolset provides

The post-quantum cryptography (PQC) transition is well underway in Red Hat Enterprise Linux (RHEL). In May 2025, RHEL 10 delivered post-quantum key exchange algorithms in three major cryptography libraries (OpenSSL, GnuTLS, and NSS), making post-quantum key exchange usable in TLS 1.3 connections. RHEL 10.1 followed, setting the new key exchange algorithms as default in TLS, and introducing post-quantum signatures for RPM packages.The secure shell (SSH) protocol was not left behind. RHEL 10 shipped with OpenSSH 9.9, supporting two hybrid post-quantum key exchange methods: sntrup761x25519-sha512

Nearly two years ago, we launched image mode for Red Hat Enterprise Linux (RHEL) to give customers a simpler way to deploy the foundation of their IT enterprise. Since then, I’ve heard users who have adopted image mode describe it as a lifestyle change. There's a fundamental shift in thinking from package-based management to container-native, image-based management. And let's face it, lifestyle changes can be difficult. But the benefits—technical and personal—are real.Image mode makes some of IT’s most tedious processes simpler. That means more predictable operations for the enterprise

Digital certificates quietly underpin almost everything that matters in modern IT: public websites, internal systems, APIs, and machine-to-machine traffic. For years, many teams treated renewal as a calendar exercise—tolerable when validity stretched beyond a year. That era is ending.New security expectations are dramatically reducing maximum certificate validity—from periods of 398 days down to as little as 47 days by 2029. The shift is not theoretical: the first major reduction—to 200 days—began in March 2026. Shorter validity does not merely mean “more paperwork.” It means teams

For years, migrating to Red Hat Enterprise Linux (RHEL) meant a 2-step dance: first, you needed to convert the OS to a corresponding RHEL version, then perform an in-place RHEL upgrade. This meant that going from CentOS Stream 9 to RHEL 10 required a conversion from CentOS Stream 9 to RHEL 9 and a subsequent upgrade from RHEL 9 to RHEL 10. Different utilities and thus processes were used for each of those steps: Convert2RHEL for the conversion and Leapp for the upgrade. Having distinct utilities and separate processes introduces complexity, and requires separate automation workflows and care

Recent high-profile security events have created a cause for concern through the DevSecOps community. We have witnessed a sophisticated shift in the threat landscape: attackers are no longer just targeting the applications you build. They’re targeting the very tools you use to protect them.By compromising the service accounts and version tags of popular third-party security "actions" and scanners, threat actors have successfully turned security tools into delivery vehicles for malware. In these scenarios, the moment a continuous integration/continuous delivery (CI/CD) pipeline triggers a sec

In distributed system management, defining the "ideal state" of a server is rarely black and white. Different operational goals often create tension between performance tuning and security hardening, where optimizing for one can inadvertently break the other. To resolve this friction, Red Hat Lightspeed has introduced a new cross-service validation capability between our advisor and compliance services.Red Hat Lightspeed advisor: Recommendations for misconfigurations and best practices to improve stability, performance, and availability.Compliance: Monitors compliance with security baselines t

Have you noticed the recent surge of post-quantum cryptography (PQC) roadmaps and Q-day countdowns? They’re hard to miss. Organizations across the industry are rushing to set PQC deadlines as research increasingly suggests the risk of a cryptographically-relevant quantum computer (CRQC) appearing before the year 2030 is no longer a fringe theory—it’s a real possibility. While the industry makes bets on the exact date the quantum clock will hit zero, Red Hat has taken a different, pragmatic approach by focusing on adoption, integration, and delivery of the tools and software you need so w

Multicluster management has been a rapidly evolving part of ITOps over the past several years. As organizations deploy hundreds to thousands of clusters across distributed environments, it’s important they assess their options for platforms that can handle critical workloads at scale. Their goals include operational consistency, reduced manual intervention, improved security posture, and a streamlined, automated lifecycle. Red Hat integrates several key technologies to orchestrate a fully automated, security-focused, and efficient workflow for OpenShift environments to manage Day 2 operation

Fierce Network: Red Hat CTO says these are 3 big things it’s working on with telcosVerizon took to the keynote stage at Red Hat Summit to talk up its network modernization work with the vendor. Red Hat CTO Chris Wright said it is also working with operators on OSS/BSS transformation. Sovereign infrastructure is another emerging area of focus. Learn more TelecomTV: Red Hat cements its sovereign credentials with Telenet deal and new productsSovereignty topped the agenda at the recent Red Hat Summit event, where the IBM-owned open-source solutions specialist made a raft of announcements, incl

I recently saw OpenClaw referred to as a harness. I thought, “That’s interesting. OpenClaw isn’t a harness. It’s an agent runtime—it drives the agent loop.” So, what does the word "harness" even mean?The conversation so farThe structural baseline for the concept comes from Birgitta Böckeler's April 2026 article, which elegantly defines an agent as model + harness = agent. She bifurcated the stack into a builder harness (the inner runtime shipped with the tool) and a user harness (the developer's custom context). This definition built on a wave of discussion from February 2026, whi

One of the core principles of Red Hat’s open source culture is open exchange, which is the belief that information should be freely available and accessible to anyone. I recently represented Red Hat at Axe-con 2026, the free accessibility conference organized by Deque Systems. There, I shared one of the methods we use to ensure an inclusive experience on our public websites: Keyboard accessibility testing.My Axe-con presentation outlined the topic and invited viewers to join me in a live demonstration of some keyboard testing practices. After the demo, I performed a quick top-to-bottom test

Consider a medical device running Linux in a hospital. It processes patient data, adjusts dosing, and reports to clinical systems. Or an ATM on a street corner, processing transactions around the clock. Or a gateway device at the edge of a manufacturing network, relaying sensor data from the factory floor. The operating system (OS) on each of these was verified when it was installed. But is every binary and library still exactly what was built? If you would demand that guarantee for a device in an operating room or on a factory floor, why not expect the same from the servers running your busin

Red Hat Enterprise Linux (RHEL) 10.2 and 9.8 are here, evolving the operating system from a foundation to a powerful engine for critical applications, security, and innovation. These updates enhance the core strengths of RHEL to help IT leaders, developers, and administrators accelerate time-to-market, simplify hybrid cloud management, and proactively defend against advanced threats, including quantum computing risks. This integrated strategy enables your organization to innovate, simplify, protect, and trust with the world's leading enterprise Linux platform.Innovate: Accelerating your pace o

AI agents are no longer passive assistants. They write code, call APIs, install packages, and interact with production systems. This shift from passive to active changes not only the usefulness of agents, but also the security question around their activities entirely.When an agent can only generate text, the worst outcome is a bad answer. When an agent can execute code, the worst outcome is a deleted production database. That happened last month. 9 seconds, no rollback,no recovery.The question every enterprise team hits sooner or later: how do you safely allow AI agents to execute code and in

True innovation is never a solo act; it is the result of diverse experts coming together to solve the impossible. While the 2026 Red Hat Ecosystem Innovation Award winners represent the pinnacle of open source success, the sheer volume of transformative work across our global network deserves broader recognition.The following regional honorable mentions represent partners who have acted as force multipliers for our customers. By leveraging the Red Hat portfolio, these organizations have turned complex technical challenges into measurable business value, from securing sovereign AI to automating

In the last few years, large language models (LLMs) have moved from research labs to production systems powering critical business functions. This rapid adoption poses a fundamental challenge for enterprises: How do you deploy AI with confidence when models can behave unpredictably under adversarial conditions? The question keeping IT leaders awake isn't if their AI will fail—it's when, and what will the consequences be?As we've already discovered, traditional software testing approaches fall short when applied to AI. Models don't just have bugs that can be discovered and quickly patched, th

The promise of enterprise AI agents is straightforward: Let the model think, Let the code run, and keep everything under your control.Until now, this promise was hard to deliver. If you wanted Claude to write and execute code for your team, you had 2 options: Run everything on the cloud and accept that your data, your code, and your execution environment live outside your perimeter. Build the entire orchestration stack yourself and lose the intelligence that makes managed agents valuable.Anthropic's self-hosted sandboxes for Claude Managed Agents change that equation. Effectively, this capabil