2019-05-07
RHEL 8 is on the way! I have experimented with RHEL 8, both the beta release that came out last November and the final release this June. Here's my brief "test drive" report. For far more detail, I have a series of pages describing the upgrade path from RHEL 5 through 8.
RHEL 8 was due. Major releases have taken 2 years, then 3, then 4, and now almost 5 years.
RHEL 3 | Oct 2003 |
RHEL 4 | Feb 2005 |
RHEL 5 | Mar 2007 |
RHEL 6 | Nov 2010 |
RHEL 7 | Jun 2014 |
RHEL 8 | May 2019 |
Evolution, Not Revolution
It was a big step from RHEL 5 to 6. And then, an enormous leap from 6 to 7. Good news! The step from 7 to 8 brings many nice upgrades. But, it's much more manageable.
Don't blame Red Hat for all the changes in RHEL 7. That transition period from 2010 through 2014 saw many sweeping changes across Linux projects. For example, file systems evolved. Network interfaces got new names. The network commands were almost completely replaced. Systemd replaced init
. (What? Has Linux left the UNIX family?) The once-dominant "super server" xinetd
relinquished control of network services.
So, what is new in RHEL 8?
Let's Start With Installation
As always, the installation sequence looks very similar, although details differ. If you have ever installed Red Hat, this will feel familiar.
Red Hat has added tools to make it easier to deploy and manage RHEL containers and cloud images.
What immediately follows, however, strikes me as the biggest change. The traditional entry barrier of a command-line interface disappears.
RHEL 8 introduces Cockpit, a web console. It reminds me of the Google Cloud Platform dashboard. Connect to TCP port 9090 with a web browser. You can monitor activity, check logs, control services, and much more with a few clicks. It even includes a browser-embedded command shell. Cockpit appeared in later releases of RHEL 7.x, but it's featured from the beginning in RHEL 8.
Monitoring a RHEL 8 system
Monitoring network traffic on RHEL 8
Checking the Security Auditing Service on RHEL 8
Packages and Graphics
Many upgrades are significant, including:
- Kernel 3.10.0 to 4.18.0
- GCC 4.8.5 to 8.2.1
- Python 2.7.5 to 3.6.6
- PHP 5.4.16 to 7.2.11
- OpenSSL 1.0.2k to 1.1.1
The Wayland display server now drives graphics by default, although the old Xorg server is still available. RHEL 8 drops support for KDE.
Platforms and Memory
RHEL 7 came with a kernel that limited memory to 64 TB of RAM and 256 TB of virtual memory. That never became an issue for anyone I worked with. But...
RHEL 8 supports 4 PB of RAM and 128 PB of virtual memory. 4 petabytes of RAM! That's 252 bytes, or 4,194,304 gigabytes of RAM.
Identity Management
Samba 4 has been out for some time. Furthermore, the System Security Services Daemon or sssd
has matured. So, integration with Active Directory has become reliable and easy.
Also, because we no longer need some now-redundant alternatives, things have become a little simpler.
Storage
RHEL 7 used XFS by default, but included Btrfs or the B-tree File System as a "technology preview".
However, Red Hat deprecated Btrfs at the 7.4 release, and RHEL 8 does not support it.
For some time I have believed that Oracle bought Sun Microsystems to get the ZFS file system. It certainly wasn't for the UltraSPARC hardware or Solaris operating system! Oracle has been working to port ZFS features into Btrfs.
I think Red Hat sees Btrfs as "Oracle's file system", and so they stick with XFS as a distinguishing feature.
Package Management
You don't need to learn anything new here. However, you will benefit.
DNF replaces YUM. But thanks to symbolic links, all your yum
syntax still does the same things. It just runs much faster. DNF has reimplemented the "guts" of yum
, the engine that solves complex dependency problems.
RHEL 8 uses the concept of streams to reduce application dependencies on the underlying operating system. So, maintenance becomes easier.
Networking
The Netfilter package Nftables and the nft
command have replaced iptables
and ip6tables
. However, you have tools to translate rules sets back and forth. Custom rule sets should be pretty easy to convert.
But to be realistic, most of you will maintain your rule sets with the firewall daemon and its graphical tool. So, you won't notice any difference! Beyond, of course, performance improvements provided by Nftables.
RHEL 8 includes Apache 2.4.37, and it also has Nginx 1.14.0. So, you have options for providing HTTP/2 over TLS 1.3.
Security-Enhanced Linux
Red Hat continues to improve their NSA SELinux support. Here are policy statistics for typical server installations:
RHEL | 5 | 6 | 7 | 8 |
Classes | 61 | 77 | 83 | 129 |
Types | 1868 | 3073 | 4263 | 4934 |
Booleans | 271 | 168 | 261 | 326 |
Permissions | 220 | 229 | 255 | 452 |
U.S. DoD and other government agencies and their contractors will appreciate finding OpenSCAP in addition to related tools for STIG compliance.
How Can You Prepare?
Given the evolutionary nature of this major upgrade, Learning Tree's Linux server administration course does the job!
I'm the author, I recently turned in a revision. The course now covers what you need to know for RHEL 7 and 8, plus CentOS of course, and also the latest major releases of Oracle Linux and the U.S. Department of Energy's Scientific Linux, and others. Course 144 is a good introduction to modern Linux systems. While it uses RHEL, it is designed to be as distribution-neutral as possible.
If you're still running RHEL 6 or even earlier, it's high time to update your systems. Take advantage of the current technology!
For your own experimentation, RHEL 8 is largely based on the May 2018 Fedora 28 release. Also, you can register a free account and download RHEL 8 for your own exploration and experiments. See Red Hat's Get RHEL 8 page. Plus, CentOS 8 should be out soon.
I hope to see you for a RHEL server introduction, refresher, or update in Course 144!