Once upon a time, the saying was “Nobody ever got fired for buying IBM.” Today, for Linux servers — with all due respect to Canonical’s Ubuntu and SUSE’s SUSE Linux Enterprise Server (SLES) — you can’t get fired for running Red Hat’s Red Hat Enterprise Linux (RHEL) on your Linux server. Today, Red Hat gave its customers more reason to stay the course with the release of RHEL 7.3.
This latest update to RHEL includes new features and enhancements built around performance, security, and reliability. The release also introduces new capabilities around Linux containers and the Internet of Things (IoT). From the top, here are the latest improvements:
RHEL 7.3 helps address the need for faster networking, with the addition of lightweight tunnels. These enable guest instances of RHEL 7.3 to be more secure, efficient, scalable, and flexible. Additionally, bulk packet memory allocator enhancements improve performance for both 40 and 100GB networking interfaces.
At the same time, high-transaction applications like databases, event processing, and virtual machines need improved input-output (IO) rates and lower latencies. New hardware technologies like non-volatile memory address these concerns, and RHEL 7.3 supports these next-generation memory devices. In addition, RHEL 7.3 makes performance-sensitive Parallel NFS (pNFS) clusters easier to manage, with support for the Block SCSI layout format and the Flex Files layout format.
Security and Identity Management
RHEL 7.3 also introduces several new and enhanced security features. These include:
- Updates to SELinux, a mechanism for enforcing granular, system-level access control policies for faster policy creation and improved overall ease of use. SELinux is notoriously hard to use. Siddharth Nagar, RHEL’s product manager, promises, “RHEL 7.3 provides what is really an ease-of-use enhancement to SELinux.”
- RHEL 7.3 now provides a consistent compliance checking mechanism across containerized and traditional non-container workloads for better overall operations efficiency. This is provided through enhancements to OpenSCAP, an open source implementation of the Security Content Automation Protocol (SCAP). This provides a standardized compliance-checking solution for enterprise-level Linux infrastructure. Configuring SCAP-based policies with the OpenSCAP Workbench graphical user interface has also been made easier.
- Improvements to Red Hat’s Identity Management solution. These include better performance for large installations, support for smart card authentication with Active Directory, and support for configurable authentication strength across individual hosts and services.
RHEL 7.3 has improved its built-in disaster recovery solution. Specific enhancements in support of this include:
- The ability to configure pacemaker to manage multi-site and stretch clusters across geo-locations for disaster recovery and scalability.
- The ability to better configure and trigger notifications when the status of a managed cluster changes with the introduction of enhanced pacemaker alerts.
RHEL 7.3 bolsters support for Linux containers via numerous incremental improvements in addition to enhanced management tools (Atomic CLI / Cockpit) and an updated container runtime (docker engine). It also includes a new container-signing capability as a Technology Preview.
Internet of Things
RHEL 7.3 introduces two key features for industrial IoT implementations.
- Bluetooth LE (Low Energy) devices – an extension of the Bluetooth standard, Bluetooth LE is specifically designed for low energy devices like IoT sensors.
- Kernel support for the Controller Area Network bus (CANbus) protocol – CANbus is a controller area network used in automobiles and high-end industrial controllers.
Red Hat is also improving its special purpose RHEL variants.
- RHEL Atomic Host, a minimal footprint operating system optimized to run Linux containers. Running applications in containers on top of RHEL Atomic Host provides application portability across the hybrid cloud. New to RHEL Atomic Host 7.3 as a Technology Preview is the capability for users to layer additional RPMs, providing additional flexibility often required by diverse environments.
- RHEL for SAP Applications, a variant optimized for running SAP environments, is now supported on IBM z Systems and IBM Power, big endian.
- RHEL Server for ARM 7.3 Development Preview, Red Hat’s operating system designed for 64-bit ARM-based systems has been updated to include:
- Single-host virtualization based on KVM, one of the leading open source virtualization technologies.
- Red Hat Ceph Storage for prototyping and deploying scale-out, software- defined storage for object, block, and file.
- Initial support for Red Hat Developer Toolset, which provides C and C++ developers with the latest stable open source tools to create, diagnose, and debug applications for 64-bit ARM platforms.
So, while Ubuntu may be the cloud Linux of choice and SUSE is a mainframe firepower, you really can’t get fired for buying the new RHEL for your servers. This new version, once more, gives current RHEL users many good reasons to keep using it and new users reasons to consider switching.