Feeds

Red Hat nips, tucks RHEL 6.4 ahead of RHEL 7 later this year

Shadowman getting ready to be ARMed and dangerous

SANS - Survey on application security programs

Commercial Linux distributor Red Hat may be getting ready to start the Enterprise Linux 7 cycle later this year, but the pace of updates to the current RHEL 6 stack continues apace with the rollout of RHEL 6.4.

Enterprise Linux 6.4 went into beta back in December and is now ready for prime time, according to Shadowman, so if you have your RHEL support contracts in place and you want to use some of the new features, "Gentleman, start your downloads!"

RHEL 6.4 is not a particularly big release, and it is very likely that RHEL 6.5 won't be, either. Red Hat is sometimes imprecise about what future x86 and Power processors are supported with each RHEL release, and it has to be because it can't preannounce server processors from Intel, AMD, and IBM.

And with the roll-up of Fedora 18 for the first beta of RHEL 7 later this year, it will similarly not be able to preannounce system-on-chip products based on myriad ARM architectures if it decides to take ARM support commercial (as it almost certainly will so RHEL can be positioned to capture market share early next year when ARM server chips are expected to take off).

But nonetheless, buried in these betas and point releases are updates to the Linux kernel or the hypervisors that ship with RHEL that let them run on future processors. Sometimes Red Hat can talk about it, and sometimes it can't.

If you look at the RHEL 6.4 release notes or the RHEL 6.4 Technical Notes, you won't find much talk about future "Ivy Bridge" or "Haswell" Xeons or "Steamroller" Opterons. But it could be in there.

If you drill down into the virtualization enhancements, you will see that the QEMU-KVM tag team that does KVM virtualization on x86 iron now supports the "next-generation Core processor", which refers to the future Haswell Core processors. We know this because Red Hat says it is supporting a slew of Haswell features, including (take a deep breath) Advanced Vector Extensions 2 (AVX2), Bit-Manipulation Instructions 1 (BMI1), Bit-Manipulation Instructions 2 (BMI2), Hardware Lock Elision (HLE), Restricted Transactional Memory (RTM), Process-Context Identifier (PCID), Invalidate Process-Context Identifier (INVPCID), Fused Multiply-Add (FMA), Big-Endian Move instruction (MOVBE), F Segment and G Segment BASE instruction (FSGSBASE), Supervisor Mode Execution Prevention (SMEP), Enhanced REP MOVSB/STOSB (ERMS). If KVM is supporting Haswell, then it is likely the kernel has been tweaked to do so as well.

With RHEL 6.4, KVM is also updated to support the running of virtual machine guests on Opteron 4300 processors, and giving VMs access to their special hardware instructions, including the F16C instruction set, Trailing Bit Manipulation, Bit-Manipulation Instructions 1 (BMI1) decimate functions, and the Fused Multiply-Add (FMA) instruction set.

Perhaps more importantly, Microsoft's Hyper-V and VMware's ESXi paravirtualized drivers for virtual network, storage, memory, mouse, and video cards have been updated so they work in conjunction with RHEL 6.4. Paravirtualized drivers offer better performance for RHEL running inside a VM atop Hyper-V or ESXi compared to other drivers, which have more virty overhead.

Red Hat is also promoting the virtio-SCSI storage stack, which allows an OS inside of a guest to link directly to SCSI LUNs*, promoted from a tech preview in RHEL 6.3 to fully supported in RHEL 6.4. Parallel NFS is also now officially supported after being in tech preview for some time, and allows data to be accessed in parallel between servers running NFS and clients trying to suck data out of them rather than being bottlenecked through filer heads.

A whole bunch of kernel tweaks were added to RHEL 6.4. The Open vSwitch kernel module, for example, allows for the virtual switch by that name to be run inside of its "layered products". This is the beginning of a virtual networking stack that Red Hat will eventually roll out across RHEL, RHEV, and its OpenStack implementation.

In addition, the kernel now knows about the so-called "uncore" regions on Xeon 5500 and 5600 processors and can collect performance information on these areas, which include L3 cache and other elements of the processor. RHEL 6.4 also supports transactional memory and Flash Express memory on IBM's System z EC12 mainframes, launched last summer, and has end-to-end data consistency checking on the Fibre Channel protocol.

There are a slew of tech previews, which you can see in the Technical Notes, including tweaks to Linux containers, thin provisioning and scalable snapshots, dynamic vCPU allocation for VM guests (without having to take the VM down, which is a good thing), and a KVM network driver that can pump a 10Gb network card at wire speed. The Keepalived clustering software, which is used for load balancing across Layer 4 of the network stack, is added as a tech preview, and so is the HAProxy standalone load balancer for Layer 7. ®

* Bootnote

I had a case of SCSI LUNs once, but it cleared up after I stopped smoking.

3 Big data security analytics techniques

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.