Woah. 2015 went by really quickly. I do suppose it’s not all that surprising as time flies… especially when you’re having fun or… getting older (you pick). In fact, we’ve already put 2 percent of 2016 behind us! That said, before we get too deep into “the future”, and in consideration of Janus having not one but two faces, let’s take a quick trip down memory lane…
Without a doubt, 2015 was an exciting year for all things “container”, especially here at Red Hat.
To recap, the year started off with a bang when we announced the general availability of Red Hat Enterprise Linux Atomic Host alongside Red Hat Enterprise Linux 7.1. Then – less than two months later
Continue reading “Looking Back on Containers in 2015”
Note: The following post was authored by Alexander Duyck before leaving Red Hat earlier this month. While Alex will be missed, his work continues in the capable hands of the Networking Services team. To this end, I encourage you to “read on” and learn more about how we’ve turned up the heat on kernel networking with the beta release of Red Hat Enterprise Linux 7.2.
Over the last year I have been working at Red Hat as a part of the Linux Kernel Networking Services Team focused on improving the performance of the kernel networking data path. Prior to working at Red Hat I had worked at Intel as a driver maintainer for their server drivers including ixgbe. This has put me in a unique position to be able to provide tuning advice for both the network stack and the Intel device drivers. Last month, at LinuxCon North America, I gave a presentation that summarizes most of the work that has been done to improve network performance in the last year, and the performance gains as seen by comparing Red Hat Enterprise Linux 7.1 versus an early (alpha) release of Red Hat Enterprise Linux 7.2. The following is a recap of what I covered.
Continue reading “Pushing the Limits of Kernel Networking”
We are pleased to announce the release of Red Hat Certificate System 9. Supported on Red Hat Enterprise Linux 7.1 and based on the open source PKI capabilities of the Dogtag Certificate System, Red Hat Certificate System 9 provides a robust and flexible set of features to support Certificate Life Cycle Management. It is able to issue, renew, suspend, revoke, archive/recover, and manage the single and dual-key X.509v3 certificates needed to handle strong authentication, single sign-on, and secure communications. Red Hat Certificate System 9 incorporates several new and enhanced features, including
Continue reading “Red Hat Certificate System 9 Now Available”
In March, we announced the general availability of Red Hat Enterprise Linux 7.1, the first update to our Red Hat Enterprise Linux 7 platform. In addition, we also announced the general availability of Red Hat Enterprise Linux Atomic Host, our first container-optimized host platform. Today, we are pleased to announce the beta availability of Red Hat Enterprise Linux 7.2.
Red Hat Enterprise Linux 7.2 beta includes a number of new features and enhancements – while continuing to provide the stability, reliability, and security required to meet the demands of both modern datacenters and next-generation IT environments.
Interested in learning more? For more information on the beta release of Red Hat Enterprise Linux 7.2 you can review the release notes in the Red Hat Customer Portal.
Ready to get started? If you’re an existing Red Hat customer (with an active Red Hat Enterprise Linux subscription), you can access and download Red Hat Enterprise Linux 7.2 beta via the Software & Download Center.
What are user namespaces? Sticking with the apartment complex analogy, the numbering of users and groups have historically been the same in every container and in the underlying host, just like public channel 10 is generally the same in every unit in an apartment building.
But, imagine that people in different apartments are getting their television signal from different cable and satellite companies. Channel 10 is now different for for each person. It might be sports for one person, and news for another.
Historically, in the Linux kernel, there was a single data structure which held users and groups. Starting in kernel version 3.8
Continue reading “What’s Next for Containers? User Namespaces”
Two-factor authentication, or 2FA, is not something new. It has existed for quite some time and in different forms. What is a ‘factor’? A factor is something you have, something you know, or something you are. For example, if we combine a PIN that you know, with your fingerprint, we get a 2FA based on biometrics. In practice, biometric solutions are not often used because it’s not especially difficult to steal someone’s fingerprint (…and it is quite hard to revoke or replace your finger). The more practical approach to two-factor authentication is to combine something you know, a PIN or password, with something you have.
Something you have often comes in form of
Continue reading “Identity Management and Two-Factor Authentication Using One-Time Passwords”
With every new Intel Xeon processor generation, the benefits typically span beyond simple increases in transistor counts or the number of cores within each processor. Things like increased memory capacity per chip or larger on-chip caches are tangible and measurable, and often have a direct effect on performance, resulting in record-breaking scores on various standard benchmarks.
There is, however, more to every new processor family launch than meets the eye. These new chips often send a ripple of innovation throughout our ecosystem of partners, forcing them to re-evaluate and re-visit existing performance results and break the status quo. The ability to support these partners is of paramount importance to Red Hat and, as a result, Red Hat Enterprise Linux is often being selected by our partners to support their ongoing benchmarking efforts.
Yesterday, Intel launched the Intel Xeon E7 v3 processor family with several new world record industry-standard benchmarks. Red Hat Enterprise Linux was used in nearly one-third of all results. The following table captures these leading results
Continue reading “Red Hat Delivers Leading Application Performance with the Latest Intel Xeon Processors”
Given the recent general availability of Red Hat Enterprise Linux 7.1 – this post is dedicated to reviewing what’s new in the world of IdM.
Table of Contents
Continue reading “Ten New Identity Management (IdM) Features in Red Hat Enterprise Linux 7.1”
This post is dedicated to the new SSSD features in Red Hat Enterprise Linux 7.1 that have significance when SSSD is used by itself (i.e. without IdM integration) – for example, when connecting directly to Active Directory (AD) or some other Directory Server.
Control Access to Linux Machines with Active Directory GPO
A common use case for managing computer-based access control in an Active Directory environment is through the use of GPO policy settings related to Windows Logon Rights. The Administrator who maintains a heterogeneous AD and Red Hat Enterprise Linux network without an IdM server has traditionally had to face the challenging task of centrally controlling access to the Linux machines without being able to update the SSSD configuration on each and every client machine.
In Red Hat Enterprise Linux 7.1, the Administrator is (now) able to
Continue reading “New SSSD Features in Red Hat Enterprise Linux 7.1”
Having access to quality random numbers is essential for correct and secure operation of operating systems. Operating systems need random numbers from an entropy pool for a variety of tasks, like creating secure SSH or GPG/PGP keypairs, generating random PIDs for processes, generating TCP sequence numbers, and generating UUIDs.
With Red Hat Enterprise Linux 7 we introduced the virtio RNG (Random Number Generator) device that provides KVM virtual machines access to entropy from the host machine. Red Hat Enterprise Virtualization starting version 3.5 also has exposed this feature. We have since made improvements to Red Hat Enterprise Linux guests to make the feature easier and more straightforward to use.
A Brief Introduction to virtio and Paravirtualized Devices
virtio is the paravirtualized transport framework for KVM virtual machines. Using the virtio framework, new devices can be
Continue reading “Red Hat Enterprise Linux Virtual Machines: Access to Random Numbers Made Easy”