New SSSD Features in Red Hat Enterprise Linux 7.1

This post is dedicated to the new SSSD features in Red Hat Enterprise Linux 7.1 that have significance when SSSD is used by itself (i.e. without IdM integration) – for example, when connecting directly to Active Directory (AD) or some other Directory Server.

Control Access to Linux Machines with Active Directory GPO

A common use case for managing computer-based access control in an Active Directory environment is through the use of GPO policy settings related to Windows Logon Rights. The Administrator who maintains a heterogeneous AD and Red Hat Enterprise Linux network without an IdM server has traditionally had to face the challenging task of centrally controlling access to the Linux machines without being able to update the SSSD configuration on each and every client machine.

In Red Hat Enterprise Linux 7.1, the Administrator is (now) able to

Continue reading “New SSSD Features in Red Hat Enterprise Linux 7.1”

Shaping the Performance of a Linux Distro: Inside Red Hat Enterprise Linux 7

Backstory

Red Hat’s Performance Engineering team is responsible for the performance of many of Red Hat’s products.  We cover existing products such as Red Hat Enterprise Linux, OpenStack Platform, OpenShift and Red Hat Enterprise Virtualization, as well as newer products like Ceph and CloudForms.

Although these days we contribute extensively to Red Hat’s cloud offerings, Red Hat Enterprise Linux remains a core responsibility as the building block for our ecosystem of customers and partners, plus much of Red Hat’s growing product portfolio.

Prior to beginning efforts on Red Hat Enterprise Linux 7 in earnest

Continue reading “Shaping the Performance of a Linux Distro: Inside Red Hat Enterprise Linux 7”

Red Hat Enterprise Linux Virtual Machines: Access to Random Numbers Made Easy

Having access to quality random numbers is essential for correct and secure operation of operating systems. Operating systems need random numbers from an entropy pool for a variety of tasks, like creating secure SSH or GPG/PGP keypairs, generating random PIDs for processes, generating TCP sequence numbers, and generating UUIDs.

With Red Hat Enterprise Linux 7 we introduced the virtio RNG (Random Number Generator) device that provides KVM virtual machines access to entropy from the host machine.  Red Hat Enterprise Virtualization starting version 3.5 also has exposed this feature.  We have since made improvements to Red Hat Enterprise Linux guests to make the feature easier and more straightforward to use.

A Brief Introduction to virtio and Paravirtualized Devices

virtio is the paravirtualized transport framework for KVM virtual machines. Using the virtio framework, new devices can be

Continue reading “Red Hat Enterprise Linux Virtual Machines: Access to Random Numbers Made Easy”

Welcome to the World, Red Hat Enterprise Linux Atomic Host

Today marks an exciting milestone for Red Hat as we share news of the general availability of Red Hat Enterprise Linux 7 Atomic Host, an operating system optimized for running the next generation of applications with Linux containers.

Based on the world’s leading enterprise Linux platform, Red Hat Enterprise Linux Atomic Host enables enterprises to embrace a Red Hat Enterprise Linux Atomic Hostcontainer-based architecture to take advantage of the benefits of development and deployment flexibility and simplified maintenance, without sacrificing performance, stability, security, or the value of Red Hat’s vast certified ecosystem.

An application architecture based on Linux containers requires not only the tools to build and run containers, but also an underlying foundation that is secure, reliable, enterprise-grade, with an established lifecycle designed to meet the ongoing requirements of the enterprise over the long term. The release of Red Hat Enterprise Linux Atomic Host supports Red Hat’s commitment to make Linux containers a stable and reliable component of enterprise IT across the open hybrid cloud.

Red Hat Enterprise Linux 7 Atomic Host provides many benefits, including

Continue reading “Welcome to the World, Red Hat Enterprise Linux Atomic Host”

Active Directory and Identity Management (IdM) Trusts – Exactly Where Are My Users?

As this is my sixth post on Identity Management I thought it would (first) be wise to explain (and link back to) my previous efforts.  My first post kicked off the series by outlining challenges associated with interoperability in the modern enterprise.  My second post explored  how the integration gap between Linux systems and Active Directory emerged, how it was formerly addressed, and what options are available now.  My third post outlined the set of criteria with which one is able to examine various integration options.  And my most recent entries, post four and five, reviewed options for direct and indirect integration, respectively.

Delving deeper into the world of indirect integration (i.e. utilizing a trust-based approach) – two of the biggest questions are often: “Where are my users?” and “Where does authentication actually happen?” As opposed to a solution that relies upon synchronization

Continue reading “Active Directory and Identity Management (IdM) Trusts – Exactly Where Are My Users?”

Top 3 Reasons to Run Container-Based Applications on Red Hat Enterprise Linux 7

As product manager for Red Hat Enterprise Linux 7, part of my job is to ensure that the latest version of our flagship product adheres to our promise of stability, reliability, and security.  In addition, as Red Hat Enterprise Linux 7 is Red Hat’s latest enterprise Linux platform, it also needs to incorporate new innovations in technology to help our customers gain business advantage, reduce costs, and increase efficiency without compromising their existing investments. With this in mind, the Red Hat Enterprise Linux team takes great care in evaluating new technology to ensure that it is introduced in a manner that is minimally intrusive (if at all) and is a natural fit for the platform. Support for Linux containers and the ability to host container-based applications are great examples of this and Red Hat Enterprise Linux 7 stands ready for the challenge.

Creating and operating application containers via process isolation is not a new concept. Red Hat Enterprise Linux 6 sowed the seeds for this way back in 2010 with the introduction of Control Groups (cgroups). Since that time there have been many exciting developments in this area with active participation from Red Hat. Building upon cgroups functionality, enhancements to the kernel combined with an easy-to-use container format (Docker) make now an opportune time to consider deploying container-based applications on Red Hat Enterprise Linux 7.

Here are the top three reasons to consider Red Hat Enterprise Linux 7 as the host for your container-based applications

Continue reading “Top 3 Reasons to Run Container-Based Applications on Red Hat Enterprise Linux 7”

Mysteries of NUMA Memory Management Revealed

The memory subsystem is one of the most critical components of modern server systems–it supplies critical run-time data and instructions to applications and to the operating system. Red Hat Enterprise Linux provides a number of tools for managing memory. This post illustrates how you can use these tools to boost the performance of systems with NUMA topologies.

Continue reading “Mysteries of NUMA Memory Management Revealed”

Top 7 Reasons to Use Red Hat Enterprise Linux Atomic Host

In November we announced Red Hat Enterprise Linux 7 Atomic Host Public Beta, a small footprint, container host based on Red Hat Enterprise Linux 7.  It provides a stable host platform, optimized for running application containers, and brings a number of application software packaging and deployment benefits to customers.

What are the top 7 reasons to deploy containers on Red Hat Enterprise Linux 7 Atomic Host?

Continue reading “Top 7 Reasons to Use Red Hat Enterprise Linux Atomic Host”

Containers: Stumbling on the Road to Utopia

Applications don’t always work as expected, and “it works fine on my machine” — the first line of response when reporting an issue — has been around for decades. One way to avoid the challenge of application issues in production is to maintain identical environments for development, testing, and production. Another is to create a Continuous Integration environment, where code is compiled and deployed to test machines and vetted with each and every code check-in, long before being pushed to production.

Enter containers.

Continue reading “Containers: Stumbling on the Road to Utopia”

Red Hat Enterprise Linux 7 Atomic Host Beta: Tell Us What You Think

beta-feeback

It’s been one week since we announced the beta for Red Hat Enterprise Linux 7 Atomic Host and we’re looking for your feedback. If you’ve downloaded and installed the beta, this is your chance to tell us what you think, and what you’d like to see in the product moving forward.

TechValidate is conducting a short, 5-minute survey on behalf of Red Hat. Why should you participate?

Continue reading “Red Hat Enterprise Linux 7 Atomic Host Beta: Tell Us What You Think”