Vous êtes sur la page 1sur 29

RED HAT ENTERPRISE LINUX 7

OVERVIEW

Ondej Vak
RHEL 5/7 Engineering Lead, Red Hat Czech
RED HAT ENTERPRISE LINUX 7
REDEFINING THE ENTERPRISE OS

FLEXIBILITY to STABILITY to efficiently CERTAINTY of


quickly adapt to meet challenges of data mission-critical
demands for centre virtualisation and reliability and military-
business agility cloud grade security

90% OF FORTUNE 500 COMPANIES TRUST RED HAT ENTERPRISE LINUX


FOR THEIR CRITICAL BUSINESS INFRASTRUCTURE.

2
RED HAT ENTERPRISE LINUX 7 BASICS

Based on Fedora 19, the upstream kernel version 3.10


and over 4000 patches just for RHEL 7.0
Supported hardware architectures:
Intel/AMD 64-bit (x86_64)
IBM POWER 64 BE
IBM System z (s390x)
RHEL 7.1 adds IBM POWER 64 LE
RHEL 7.1 largest (~5000BZs features, bugfixes,
CVEs, HW enablement), realtime, atomic host
Support for 32-bit applications enabled via inclusion of
32-bit libraries (multilib).
3
RED HAT ENTERPRISE LINUX 7 HIGHLIGHTS

LIGHTWEIGHT WINDOWS SCALABLE


APPLICATION ISOLATION INTEROPERABILITY FILE SYSTEMS
FLEXIBLE

(LINUX CONTAINERS)

OPTIMAL STREAMLINED SYSTEM MANAGEMENT


PERFORMANCE INSTALLATION AND AND FEATURES
STABLE AND
EFFICIENT

VIA PROFILES DEPLOYMENT

CERTAINTY OF MISSION-CRITICAL RELIABILITY AND MILITARY-GRADE SECURITY

4 RED HAT ENTERPRISE LINUX 7


LIGHTWEIGHT APPLICATION
ISOLATION
via LINUX CONTAINERS
LINUX CONTAINERS

Software packaging concept that typically includes an


application and all of its runtime dependencies.
Easy to deploy and portable
across host systems
Isolates applications on a
CONTAINER
host operating system. In RHEL,
this is done through: APP

LIBS
Control Groups (cgroups)
kernel namespaces HOST OS

SELinux, sVirt SERVER


RHEL 7.1 RHEL 7 Atomic Host

6 RED HAT ENTERPRISE LINUX 7


WINDOWS
INTEROPERABILITY
WINDOWS INTEROPERABILITY
VIA DIRECT INTEGRATION
MICROSOFT
ACTIVE DIRECTORY
Easily connect a
Red Hat
Enterprise Linux
client to an
existing Windows
domain with
realmd.

SSSD

RHEL

8 RED HAT ENTERPRISE LINUX 7


WINDOWS INTEROPERABILITY
VIA INDIRECT INTEGRATION
MICROSOFT IDENTITY
ACTIVE DIRECTORY MANAGEMENT
ALLOWS FOR
EASIER
CENTRALISED
NATIVE LINUX
TRUST MANAGEMENT
OF MULTIPLE
LINUX CLIENTS

SSSD

RHEL

9 RED HAT ENTERPRISE LINUX 7


FILE SYSTEMS AND STORAGE
CHOICE OF FILESYSTEMS
Scale file systems to 500TB with new default file system XFS
Scale to 50TB with ext4
Btrfs also available1
Parallel NFS v4 provides improved performance
and throughput

Supported
Type Root Boot Comments
Limit
Single-node
XFS 500TB Yes Yes System default
ext4 50TB Yes Yes Driver allow access to older
versions (ext2, ext3).
btrfs1 50TB Yes Yes Technology Preview
Network/Multi-node
GFS2 2-16 nodes Yes No Shared-storage file system
1
Available as a Technology Preview

11 RED HAT ENTERPRISE LINUX 7


STORAGE

Easy storage configuration with the introduction of


System Storage Manager.
Provides easy to use CLI for configuration of file and
storage.
LVM snapshots based on thin provisioning.
Storage allocated only when needed.
Faster performance for recursive snapshots.
Support for tiered storage for improved performance.
New target dm-cache that allows high-speed solid state
drives (SSD) to serve as a cache for slower rotational
media.

12
STORAGE

Dynamic detection of new LUNs. Reduces the amount


of system down-time and manual intervention.
LibStorageMgmt (7.1) provides the ability to manage
external storage devices from the RHEL system.
Simplified provisioning of storage volumes on Linux
shared storage appliance with the help of a new service
called targetd.
Unified management of btrfs and LVM snapshots with
the introduction of snapper.
Allows administrators to create, delete, label and
compare snapshots of volumes.

13
OPTIMAL PERFORMANCE
MANAGEMENT AND TOOLING
PROFILING AND MONITORING WITH TUNA
Tool for fine grained control
Display applications /
processes
Displays CPU enumeration
Socket (useful for NUMA
tuning)
Dynamic control of tuning
Process affinity
Parent & threads
Scheduling policy
Device IRQ priorities, etc

15 RED HAT ENTERPRISE LINUX 7


TUNED DYNAMIC TUNING DAEMON
Installed by default
Predefined profiles, automatically
determined based on variant
Consolidation of profiles into a single
tuned.conf file
Supported by TUNA
How do I create my own tuned profile on
RHEL7 ?
https://access.redhat.com/site/node/731473

16 RED HAT ENTERPRISE LINUX 7


STREAMLINED INSTALLATION
AND DEPLOYMENT
EASIER INSTALLATION AND DEPLOYMENT
IN-PLACE UPGRADES FROM RHEL 6.X TO 7

PRE-UPGRADE UPGRADE
1 Audits current OS state vs 2
ASSISTANT RHEL 7 profile and creates: TOOL
HTML report of potential
issues, XML for upload to
preupg preupg UI
redhat-upgrade-
DIRECTORY of config files tool
for modification / migration
use
PRE-UPGRADE and
RED HAT POST-UPGRADE scripts RED HAT
ENTERPRISE for redhat-upgrade-tool ENTERPRISE
LINUX 6.6 LINUX 7.1

IF REPORT IS ACCEPTABLE

See documentation for valid configurations

18
INSTALLATION AND DEPLOYMENT

Software selection provides pre-configured package


selections for quicker deployment.
Spin custom installable images and Live images with
the help of Live Media Creator.
Provision of system roll-
back at install time.

19
CENTRALIZED MANAGEMENT
AND FASTER BOOT UP

CENTRALLY MANAGE PRIORITIZE AND DRAMATICALLY COMPATIBLE WITH


PROCESSES, ORDER SERVICES SPEED START-UP EXISTING SCRIPTS
SERVICES, SECURITY AT START-UP TIMES (SYSV AND LSB)

Next generation system and service manager,


systemd, provides on-demand service start-up and
better transactional dependency.
Compatible with SysV and LSB init scripts.

20 RED HAT ENTERPRISE LINUX 7


SYSTEM MANAGEMENT AND
FEATURES
NETWORK MANAGEMENT

Network Manager 1.0


Easy to use yet comprehensive network management suite designed to provide
painless network configuration.

Flexible interface options with GUI, (new) CLI, and (new) TUI for managing local,
remote, or even headless systems.
Supports a broad array of many common network interface types, including:
Ethernet, IPoIB, VLANs, Bridges,
Bonds, Teams, WiFi, WiMAX,
WWAN, Bluetooth, VPN, and
ATM-based DSL.

22
NETWORK FEATURES

Team Driver
Mechanism for bonding multiple network devices (ports) into a single logical
interface at the data link layer (L2)
Provides an increase in maximum bandwidth and link redundancy
Alternative to the existing Linux Bonding driver
Provides a number of advantages over traditional bonding while providing equal or
even slightly better performance in some cases.
Moves most of the work and logic into a user space
daemon making it:
more stable
easier to debug eth0

much simpler to extend Network


Network
Server
Server team0 Switch
Switch

eth1

23
NETWORK FEATURES
40G Ethernet (IEEE 802.3ba)
Support for 40G Ethernet link speeds enabling faster network communication for
applications and systems.
Highly accurate network time synchronization using:
Precision Time Protocol (IEEE 1588v2)
Method for precisely synchronizing distributed clocks.
Capable of achieving clock accuracy in the sub-microsecond range when used in
conjunction with PTP hardware support.
Chrony
Enables faster clock synchronization with better accuracy than ntpd especially in
cases where network connectivity is not always constant.
Numerous TCP optimization and enhancements aimed at reducing overall latency for
connection oriented services such as web servers, including:
Fast Open, Tail Loss Probe (TLP) Algorithm, Early retransmit (ER), Proportional Rate
Reduction (PRR), Busy Poll (Low Latency Sockets)

24
NETWORK FEATURES
40G Ethernet (IEEE 802.3ba)
Support for 40G Ethernet link speeds enabling faster network communication for
applications and systems.
Highly accurate network time synchronization using:
Precision Time Protocol (IEEE 1588v2)
Method for precisely synchronizing distributed clocks.
Capable of achieving clock accuracy in the sub-microsecond range when used in
conjunction with PTP hardware support.
Chrony
Enables faster clock synchronization with better accuracy than ntpd especially in
cases where network connectivity is not always constant.
Numerous TCP optimization and enhancements aimed at reducing overall latency for
connection oriented services such as web servers, including:
Fast Open, Tail Loss Probe (TLP) Algorithm, Early retransmit (ER), Proportional Rate
Reduction (PRR), Busy Poll (Low Latency Sockets)

25
SECURITY

New dynamic and protocol independent firewall


service, firewalld, provides greater flexibility
compared to iptables.
Unified firewall management service for IPv4 (iptables),
IPv6 (ip6tables), and Ethernet Bridges (ebtables).
Eliminates service disruptions during rule updates.
Supports different network trust zones for per-connection firewall settings.
Simple yet powerful XML-based configuration file format with nearly 50 built-in
pre-defined settings for many common system services.
Easier analysis of log files with the help of structured logging
that provides additional context in the logs.
Extension of SELinux access controls to NFS with the help of
labelled NFS.

26 RED HAT ENTERPRISE LINUX 7


HIGH AVAILABILITY

Better cluster resource management with the


introduction of Pacemaker.
No longer necessary to edit configuration files directly.
Policy engine now allows the cluster to manage both
virtual guest(s) and the applications contained within
those guests.
Easier backup and restore
Automated migration from rgmanager

27 RED HAT ENTERPRISE LINUX 7


THANK YOU!