I mean, they’re within their right to pull support, but people are equally within their right to point out how that is shooting themselves and the RHEL communities in the foot.
This. What a good opportunity to compare: the (GitOps!) packaging workflows, build server security, software supply chain integrity controls, issue tracking / triage, wiki, documentation, kernel patching, cloud fuzzing / integration testing, and baseline MAC and DAC policies of the stable kernel patchset OSes within budget for schools, hobbyists, after workers, and corporations who can and for some services maybe should afford an SLA.
On worthwhile investments of time differentiating our offering in InfoSec and Operating Systems,
FWIU (RH) OpenShift (and MicroShift) does k8s containers most correctly in terms of separate SELinux contexts per container, which we should probably have for browser tabs, too. Do (a) browsers, (b) Cloudflare Runners, and (c) Docker WASM runtimes run WASM tasks without container-like process isolation; all as the same user and cgroup and context?
It's pretty sad. Red Hat should be optimizing for "maximum number of dollars over 10 years", not "maximum control over RHEL-compatible distribution". The second goal leads to more support for their competitors, and ultimately less people buying Red Hat subscriptions.
Anecdotally, we'll have to support more Linux varieties instead of comfortably mandating RHEL-compatible.
On worthwhile investments of time differentiating our offering in InfoSec and Operating Systems,
FWIU (RH) OpenShift (and MicroShift) does k8s containers most correctly in terms of separate SELinux contexts per container, which we should probably have for browser tabs, too. Do (a) browsers, (b) Cloudflare Runners, and (c) Docker WASM runtimes run WASM tasks without container-like process isolation; all as the same user and cgroup and context?