Mitigate TCP SYN Flood Attacks with Red Hat Enterprise Linux 7 Beta

Distributed Denial of Service (DDoS) attacks are becoming increasingly commonplace as business becomes more and more dependent on delivering services over the Internet.  One of the most common types of DDoS attacks is the well-known SYN-flood attack. It is a basic end-host resource attack designed to bring your server to its knees.  As a result, your server is unable to properly handle any new incoming connection requests.

Recently at DevConf.cz 2014, I gave a talk focusing on how you can survive TCP SYN-flooding attacks by implementing some recently developed kernel level Netfilter/iptables defense mechanisms. In this post I will provide a more condensed version of the talk highlighting how you can use these same techniques to protect your servers running Red Hat Enterprise Linux 7 Beta.

Continue reading “Mitigate TCP SYN Flood Attacks with Red Hat Enterprise Linux 7 Beta”

The Application Apartment Complex: Red Hat Enterprise Linux & Linux Containers

The advent of any new technology tends to generate a lot of excitement.  Over the course of my career, however, I have never experienced “a buzz” like what we are seeing around Linux containers and application packaging and isolation, containerized applications built in the Docker format.  From my perspective, the ways in which containers may influence our ever evolving technological ecosystem are, quite possibly, limitless…okay, limitless may be strong, and while “game changing technology” may sound cliche, it’s not far from the truth in this case.

Continue reading “The Application Apartment Complex: Red Hat Enterprise Linux & Linux Containers”

OpenLMI @ Red Hat Summit 2014

OpenLMI will be represented at the upcoming Red Hat Summit, which is being held in San Francisco from April 14-17.

Stephen Gallagher and I will be giving a talk on OpenLMI, the new Linux Management Infrastructure, on Tuesday, April 15, at 10:40am. This talk will provide an overview of OpenLMI, cover its functional capabilities, and demonstrate using the LMIShell CLI and Scripts to accomplish common management tasks.

Continue reading “OpenLMI @ Red Hat Summit 2014”

Red Hat Enterprise Linux: Beyond the World Records

In a recent post, we reviewed the 10 world record results set by Red Hat Enterprise Linux on the Intel Xeon processor E7 v2 family.  Besides showcasing the extreme capabilities of Red Hat Enterprise Linux, these performance achievements tell another compelling story – Red Hat Enterprise Linux has become an exceedingly popular choice when it comes to tough workloads.

For example, consider the share of Red Hat Enterprise Linux versus other operating systems used to produce these records. Out of 20 world record benchmark results (22 total submissions, 3 results were tied) posted by eight different OEM partners at the Intel Xeon processor E7 v2 family announcement, Red Hat Enterprise Linux was used in 12. Seventy-five percent of the hardware vendors taking part in this process chose to publish their world record benchmarks on the new family of processors using Red Hat Enterprise Linux. The chart below shows the significance of this adoption.

Continue reading “Red Hat Enterprise Linux: Beyond the World Records”

Red Hat Enterprise Linux Powers Scalable Computing Platforms with 10 New World Record Benchmarks

We’ve often talked about how Red Hat Enterprise Linux was fueling top benchmark results on the latest generation of Intel Xeon processors.

Today, we’re pleased to say that Red Hat Enterprise Linux has again demonstrated how an OS platform can handle the rigors of highly multi-threaded processing and on-demand scaling. In the most recent set of benchmarks done with one of the latest cutting edge processors, the Intel Xeon processor E7 v2 family, Red Hat Enterprise Linux claims 10 new world records. Here are these leading results at a glance:

Continue reading “Red Hat Enterprise Linux Powers Scalable Computing Platforms with 10 New World Record Benchmarks”

Introducing kpatch: Dynamic Kernel Patching

In upstream development news, the kernel team here at Red Hat has been working on a dynamic kernel patching project called kpatch for several months.   At long last, the project has reached a point where we feel it’s ready for a wider audience and are very excited to announce that we’ve released the kpatch code under GPLv2.

kpatch allows you to patch a Linux kernel without rebooting or restarting any processes.  This enables sysadmins to apply critical security patches to the kernel immediately, without having to wait for long-running tasks to complete, users to log off, or scheduled reboot windows.  It gives more control over uptime without sacrificing security or stability.

Continue reading “Introducing kpatch: Dynamic Kernel Patching”

Is Red Hat Enterprise Linux 7 Beta “The 7th Guest”?

Someone out there “gets” the title, right?  No, I’m not suggesting that Red Hat Enterprise Linux 7 Beta is an interactive puzzle adventure game. The relationship, I suppose, is in fact based on a much looser association: this is our seventh major release and this post (as opposed to my first) is dedicated to Red Hat Enterprise Linux running as a guest on third party hypervisors.

Continue reading “Is Red Hat Enterprise Linux 7 Beta “The 7th Guest”?”

A New and Improved Installation Experience

The installation software used in Red Hat Enterprise Linux has a long and storied history. Hewn from a stone found deep underground in Durham, North Carolina (during the early days of Red Hat Linux), the installer has grown from a simple single-platform tool to a complex multi-architecture / multi-interface application used to deploy Red Hat Enterprise Linux. After more than ten years with the original evolving code base, the installer engineering team decided to use the advent of a new release of Red Hat Enterprise Linux as the perfect opportunity to make a few significant changes to the installation software. We are excited about these changes and hope that users will find the new installer to be more versatile and easier to use. Here are some of the main improvements and enhancements that you will encounter when working with the new installer for Red Hat Enterprise Linux 7 Beta:

Continue reading “A New and Improved Installation Experience”

KVM Virtualization: Refining the Virtual World with Red Hat Enterprise Linux 7 Beta

Ever since Red Hat Enterprise Linux added KVM Virtualization as a kernel-based hypervisor to run virtual machines (way back in Red Hat Enterprise Linux 5.4), the operating system took on a dual personality.

Red Hat Enterprise Linux became both a Virtualization host for high density virtual data centers / cloud service platforms, and a guest operating system running on third party hypervisors such as VMware vSphere and Microsoft Hyper-V. As the topic is sufficiently broad, I plan to split my discussion of virtualization into two posts.

Today’s post will discuss Red Hat Enterprise Linux 7 beta as a hypervisor using KVM Virtualization technology and it will highlight a few key enhancements that make Red Hat Enterprise Linux the operating system of choice for modern hybrid data centers. While the features that I will review are inherently those that I find to be the most exciting (note: I’m hoping you will find them to be exciting and useful as well), a complete list is available in the Red Hat Enterprise Linux 7 beta release notes.

Continue reading “KVM Virtualization: Refining the Virtual World with Red Hat Enterprise Linux 7 Beta”