INTRODUCTION
-
XFS
as the default file system; -
a new boot loader and a fully redesigned graphical installer;
-
the systemd system and service manager;
-
the kernel patching utility, kpatch, Technology Preview, which allows users to patch the kernel without rebooting;
-
the Docker environment that allows users to deploy any application as a lightweight and portable container;
-
the Hardware Event Report Mechanism (HERM) that refactors the Error Detection and Correction (EDAC) mechanism of dual in-line memory module (DIMM) error reporting;
-
the OpenLMI project providing a common infrastructure for the management of Linux systems.
Kernel
Support for 5-level paging
New P4d_t
software page table type has been added into the Linux kernel in order to support 5-level paging in Red Hat Enterprise Linux 8.
Memory management supports 5-level page tables
With Red Hat Enterprise Linux 7, existing memory bus had 48/46 bit of virtual/physical memory addressing capacity, and the Linux kernel implemented 4 levels of page tables to manage these virtual addresses to physical addresses. The physical bus addressing line put the physical memory upper limit capacity at 64 TB.
These limits have been extended to 57/52 bit of virtual/physical memory addressing with 128 PiB of virtual address space and 4 PB of physical memory capacity.
With the extended address range, the memory management in Red Hat Enterprise Linux 8 adds support for 5-level page table implementation, to be able to handle the expanded address range.
RPM now validates the entire package contents before starting an installation
On Red Hat Enterprise Linux 7, the RPM utility verified payload contents of individual files while unpacking. However, this is insufficient for multiple reasons:
- If the payload is damaged, it is only noticed after executing script actions, which are irreversible.
- If the payload is damaged, upgrade of a package aborts after replacing some files of the previous version, which breaks a working installation.
- The hashes on individual files are performed on uncompressed data, which makes RPM vulnerable to decompressor vulnerabilities.
On Red Hat Enterprise Linux 8, the entire package is validated prior to the installation in a separate step, using the best available hash.
Packages built on Red Hat Enterprise Linux 8 use a new SHA-256
hash on the compressed payload. On signed packages, the payload hash is additionally protected by the signature, and thus cannot be altered without breaking a signature and other hashes on the package header. Older packages use the MD5
hash of the header and payload unless it is disabled by configuration.
The %_pkgverify_level
macro can be used to additionally enable enforcing signature verification before installation or disable the payload verification completely. In addition, the %_pkgverify_flags
macro can be used to limit which hashes and signatures are allowed. For example, it is possible to disable the use of the weak MD5
hash at the cost of compatibility with older packages.
Infrastructure services
Notable changes in the recommended Tuned profile in RHEL 8
With this update, the recommended Tuned profile (reported by the tuned-adm recommend
command) is now selected based on the following rules – the first rule that matches takes effect:
If the syspurpose role (reported by the syspurpose show
command) contains “atomic”, and at the same time:
- if Tuned is running on bare metal, the “atomic-host” profile is selected.
Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux is the leading platform for open source computing. It is sold by subscription, delivers continuous value and is certified by top enterprise hardware and software vendors. From the desktop to the datacenter, Red Hat Enterprise Linux couples the innovation of open source technology and the stability of a true enterprise-class platform.
- Red Hat Enterprise Linux 6 is the next generation of Red Hat’s comprehensive suite of operating systems, designed for mission-critical enterprise computing. This release is available as a single kit on the following architectures.
Power Management
Next generation Networking
-
Comprehensive IPv6 support (NFS 4, CIFS, mobile support [RFC 3775], ISATAP support), FCoE, iSCSI, and a new and improved mac80211 wireless stack.
- Reliability, Availability, and Serviceability
System level enhancements from industry collaborations to make the most of hardware RAS capabilities and NUMA architectures.
- Fine-grained Control and Management
Improved scheduler and better resource management in the kernel using Completely Fair Scheduler (CFS) and Control Groups (CG).
- Scalable Filesystems
ext4 is the default filesystem, and xfs offers robustness, scalability, and high-performance.
- Pulp
- Pulp usage is only supported via the Satellite Server web UI, CLI, and API. Direct modification or interaction with Pulp’s local API or database is not supported, as this can cause irreparable damage to the Red Hat Satellite 6 databases.
- Foreman
-
Foreman can be extended using plug-ins, but only plug-ins packaged with Red Hat Satellite are supported. Red Hat does not support plug-ins in the Red Hat Satellite Optional repository.
Red Hat Satellite also includes components, configuration and functionality to provision and configure operating systems other than Red Hat Enterprise Linux. While these features are included and can be employed, Red Hat supports their usage for Red Hat Enterprise Linux.
- Candlepin
- The only supported methods of using Candlepin are through the Red Hat Satellite 6 web UI, CLI, and API. Red Hat does not support direct interaction with Candlepin, its local API or database, as this can cause irreparable damage to the Red Hat Satellite 6 databases.
- Embedded Tomcat Application Server
- The only supported methods of using the embedded Tomcat application server are through the Red Hat Satellite 6 web UI, API, and database. Red Hat does not support direct interaction with the embedded Tomcat application server’s local API or database.
Managed Hosts
Hosts are the recipients of content from Capsule Servers. Hosts can be either physical or virtual (deployed on KVM, VMware vSphere, OpenStack, Amazon EC2, Rackspace Cloud Services, Google Compute Engine, or in a Docker container). The Satellite Server can have directly managed hosts. The base system running a Capsule Server is also a managed host of the Satellite Server.