RHEL trends: secure automation, (any) cloud-native performance… and automation, again

As part of a series of analysis posts designed to look at the major (and some slightly lesser) open source distributions and what they have achieved over the last year, let us briefly revisit Red Hat’s major release, which came in the shape of Red Hat Enterprise Linux 7.4, or simply RHEL, to its friends.

As with so many platform level software releases at this time, Red Hat went for workload automation controls as a key theme.

In particular, Red Hat went for automation efficiency that can be applied to cloud native applications, securely, obviously.

Any cloud

The firm wants RHEL to be seen as an operating system that works across physical servers, virtual machines and hybrid, public and multi-cloud footprints. So that was many cloud, any cloud – often employing containers – in case you weren’t counting.

Even in 2018 we stand at a point where open source is criticised for its security stance over and above proprietary systems.

Security updates

Red Hat has tried to address this issue with updated audit capabilities to help simplify how administrators filter the events logged by the audit system, gather more information from critical events and to interpret large numbers of records.

The firm also introduced a USB Guard feature that allows for greater control over how plug-and-play devices can be used by specific users to help limit both data leaks and data injection.

Enhanced container security functionality with full support for using SELinux with OverlayFS helps secure the underlying file system and provides the ability to use Bocker and use namespaces together for fine-grained access control.

Other key trends

Other key trends RHEL 7.4 included new features designed to improve the performance of both networking and storage.

For the deep geek value here – Red Hat added support for Over Fabric – which helps connect to high performance NVMe storage devices located in a datacentre on both Ethernet or Infiniband fabric infrastructures.

For Linux containers – the latest version of Red Hat Enterprise Linux Atomic Host refines enterprise-grade Linux container security and support for package layering providing a means of adding packages like monitoring agents and drivers to the host operating system.

We also saw the introduction of LiveFS as a Technology Preview, which enables users to install security updates and layer packages without a reboot… so, kind of more automation goodness again really.

Red Hat’s affable public relations department contrived to put these words in the mouth of Jim Totton, vice president and general manager, platforms business unit at Red Hat – as noted below:

“The modern enterprise will not be solely based in physical servers or cloud services; rather, the path to digital transformation weaves across four distinct technology footprints. The latest version of the world’s leading enterprise Linux platform supports each of these deployment methodologies with new security features, improved performance and introduces new automation capabilities to cut through the inherent complexities of heterogeneous datacenters.”

Those four footprints (in case you missed the reference) are:

  • Traditional physical servers — in server rooms or in-house datacenters.
  • Virtual machines — In public cloud datacenters
  • Next-generation cloud — Servers in a combination of the two above locations to provide ‘hybrid’ cloud services with workload orchestration.
  • Container services – Which encapsulate discrete components of application logic provisioned only with the minimal resources needed.

So in summary, RHEL is all about automation performed with an (even more) focused eye on security and cloud-native performance for any cloud and any virtualisation layer within the total fabric of computing… oh yes, and it’s all about automation, again, throughout, that’s how it works.