Red Hat Summit 2019, the annual tech conference for open source technology, was held in Boston this past April. I attended to learn more about what’s new in the Red Hat ecosystem and discovered some interesting details involving Red Hat Enterprise Linux 8 (RHEL), the Linux-based operating system; and Red Hat Virtualization, an open, software-defined platform that virtualizes Linux and Microsoft Windows workloads.
Learn about what’s new below.
SEE: Choosing your Windows 7 exit strategy: Four options (Tech Pro Research)
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux (RHEL) 8 is based upon the principles of “operational consistency, security, and cloud foundation.” Utilizing kernel 4.18x, RHEL 8 is based on Fedora 28 and will run on Intel/AMD 64-bit processors as well as IBM Power LE, IBM z Systems, and ARM 64-bit.
Improvements in operational consistency
- Red Hat has sought to reduce complexity in RHEL 8, which comes with ten guaranteed years of enterprise support. Their model involves repositories for the base operating system as well as application streams for flexible lifecycle options, which offer multiple versions of databases, languages, various compilers, and other tools to help facilitate the use of RHEL for business models.
- Build-in defaults in RHEL 8 include tuned profiles for database options (ready-to-go options out of the box) and ansible system roles to provide a common configuration interface (ensuring standardization and reliability)
- The RHEL 8 YUM package manager is now based on the Dandified Yum (DNF) technology, which supports modular content, better performance, and a stable API for integration with tooling. User feedback indicated that “yum is a lot faster than it used to be, and all the commands work well.”
- Red Hat Insights (tools to provide system administrators with analytics, machine learning, and automation controls) are now included in RHEL 8 along with a session recording feature, which can record and playback user terminal sessions for better security and training capabilities.
Improvements in security
- Secure default compiler flags and static code analysis have been added to RHEL 8 for more secure code writing.
- FIPS (“Federal Information Processing Standards”) mode has been made easier to activate for organizations that require federal government security standards.
- Red Hat has also sought to make it easier to work with smart cards and hardware security modules (HSMs) using PKCS#11 centralized configurations. For instance, OpenSSH or Apache Web Server can be better secured using these options.
- RHEL 8 offers strong crypto policies for encryption (to meet an array of security standards)
- Transport Layer Security (TLS) 1.3 is a systemwide standard for data encryption as TLS 1.2 is widely considered too slow for today’s applications.
- SELinux has been improved for better controls on files and directories and is enabled by default in RHEL 8.
- Software ID (SWID) tags in RHEL 8 can help perform software inventory management and enforce application whitelisting across the enterprise to permit only trusted programs to execute. Furthermore, Trusted Platform Module (TPM) usage can help ensure the integrity of core software itself to prevent tampering or malicious activity.
Improvements in cloud foundation
- RHEL 8 includes more modern options for better stability, flexibility, and performance with containers and images. Docker, podman, buildah, and skopeo were all referenced as options to work with containers and images in the RHEL 8 environment. Image building was touted as another benefit of RHEL 8 to enable the automated creation of customized RHEL OS images which can accelerate deployment options.
- RHEL 8 helps facilitate building standard (also known as master) images for everything type of scenario spanning from bare-metal builds to public clouds. This is a key element because it provides a scalability option to involve diverse platforms, spanning on-premises to cloud.
Red Hat Virtualization
Red Hat Virtualization (RHV) 4.3 is the latest virtualization offering from Red Hat and can be compared to the VMWare virtualization environment.
As with current standards, the environment relies on compute, network, and storage, and Red Hat has sought to implement improvements in all of the above categories.
Improvements in compute
- Red Hat Enterprise Linux (RHEL) 8 support.
- Simplified driver/firmware updates for hardware partners to ease hardware installation and maintenance.
- Installation of hardware monitoring agents to analyze and report on problems.
- Easy customization and configuration management to help deploy and support virtual systems in a more timely fashion.
- Anaconda provides a common installer tool for both Red Hat Enterprise Linux and Red Hat Virtualization host to get virtual hosts up and running more rapidly.
- Cockpit plug-in—a simple and lightweight web-based Linux administration tool provides host specific tuning, troubleshooting access, and host access.
- Active-Active and Active-Passive disaster recovery modes to keep virtual environments online.
- An advanced system dashboard offers a deep resource utilization overview of CPU, memory, and storage host resources. Administrators can make quicker decisions and speed up operations.
- Expanded Ansible integration for automating more tasks.
- Live migration of high performance virtual machines.
- Advanced migration policies allow the fine tuning of granular migration characteristics on a VM or cluster level. These policies provide enhanced high-performance VM live migration.
Improvements in network
- Red Hat supports many different networking configurations in RHV 4.3. If you use bonded interfaces (as most companies do), 4.3 “sort of” aggregates bandwidth. Two 10 Gb links in a bond does not double bandwidth; traffic is issued across either link. However, the total aggregate bandwidth is increased by that amount, another strong feature of a continually evolving enterprise product.
- Red Hat OpenStack Platform 13 and 14 SDN certification is included in RHV 4.3, which includes Open Virtual Network (OVN) and Open vSwitch (OVS) standards to provide integration with OpenStack’s software-defined network capabilities.
Improvements in storage
- Enhanced storage functionality using “managed block storage” domains. Managed storage domains enable Red Hat Virtualization to connect to Cinder, using CinderLib, for storage connectivity and functionality, such as copy and clone offload operations.
- Storage image uploader allows the uploading of images from local or remote disks to a storage domain through a browser based user interface or an API.
I can speak to the effectiveness of Red Hat Enterprise Linux and Red Hat Virtualization; I work with these products daily in my capacity as a system administrator, and I look forward to implementing these updated products.