Red Hat Enterprise Linux Version 7.5 Released

On Tuesday Red Hat announced the general availability of Red Hat Enterprise Linux version 7.5. An anonymous reader writes: Serving as a consistent foundation for hybrid cloud environments, Red Hat Enterprise Linux 7.5 provides enhanced security and compliance controls, tools to reduce storage costs, and improved usability, as well as further integration with Microsoft Windows infrastructure both on-premise and in Microsoft Azure.

New features include a large combination of Ansible Automation with OpenSCAP, and LUKS-encrypted removable storage devices can be now automatically unlocked using NBDE. The Gnome shell has been re-based to version 3.26, the Kernel version is 3.10.0-862, and the kernel-alt packages include kernel version 4.14 with support for 64-bit ARM, IBM POWER9 (little endian), and IBM z Systems, while KVM virtualization is now supported on IBM POWER8/POWER9 systems.
See the detailed release notes here.

Gzip, bzip and xz

[aglider]

"tools to reduce storage costs"

Re:Gzip, bzip and xz

do those do dedup?

Re:Gzip, bzip and xz

Use CentOS, FreeNAS or any thing else free, it's another way to save licence cost.

Re:Gzip, bzip and xz

[MiliusXP]

"VDO reduces data redundancy and improves effective storage capacity through de-duplication and compression of data before it lands on a disk."

Re:Gzip, bzip and xz

Comes with systemd

Re:Gzip, bzip and xz

[F.Ultra]

Neither of these tools do.

Re:Gzip, bzip and xz

[See+Attached]

What if server is already on Pure platform where the dedup is already done? Hence, penalty for bzip and pals.

Re:Gzip, bzip and xz

[See+Attached]

Should this be an option? seriously though, can this be modularized so it can be optimized by the public at large? Some would argue its trying to do too much?

Re:Gzip, bzip and xz

[F.Ultra]

Aiming for +5 funny I see. It's a kernel module called VDO: https://rhelblog.redhat.com/20...

Re: Gzip, bzip and xz

Feel free then to fork and do that modularization.

Re: Gzip, bzip and xz

[buchanmilne]

"Use CentOS, FreeNAS or any thing else free, it's another way to save licence cost."

This really depends on many factors. For example, it is cheaper to run Red Hat Virtualisation with unlimited supported RHEL VMs than VMWare (with the same featureset) with unsupported (e.g. CentOS) VMs.

(Of course, if you want no support at all, you could run oVirt on CentOS, but I know of shops spending huge amounts on VMWare and trying to save money by running unsupported Linux VMs).

Re: Gzip, bzip and xz

[See+Attached]

Just saying, its impossibel to do.. .so it violates in spirit the main point... an unassailable fortress, cant be replaced, has no bounds. Is there formal training on Systemd? Nope.. its a Work In progress till it gobbles up ... everything. then we have an environment that is closed once more.

Re:Gzip, bzip and xz

[aglider]

C'mon!
The tool to reduce storage costs it's you, the system designer.
Not the distribution.
If the storage is local or remote and you pay by size), you reduce the costs at the design stage. Once you have bought those 4 disks, you cannot reduce their costs any more.
If the storage is remote and you pay by use, you cannot reduce costs after deployment. Only increase.
If deduplication is the keywork to "to reduce storage costs", then you'd better think: why do I need deduplication?

No way, data compression is the only way to reduce storage costs if you are dumb.
Good design is the real way to do things.

I Hope

[jmccue]

I hope the replaced kernel 3.10.0-693.21.1.el7.x86_64 with a better kernel :). For some laptops models, DRI had to be disabled in X to prevent hangs. That kernel was applied in 7.3 to fix a vulnerability and was carried over to 7.4.

Re:I Hope

[olsmeister]

Was the problem due to an issue with the kernel, or an issue with the laptops? Because 'better kernel' is kind of a loaded term.

Re:I Hope

[JoeRandomHacker]

It looks like they have a 3.10.0-862 kernel and a 4.14.0-49 kernel-alt.

https://access.redhat.com/docu...

Re:I Hope

[Espectr0]

why in earth would you use an enterprise / server side distro for a laptop?

Re: I Hope

Maybe demonstrating server software?

Silly to expect it to work properly though. You'd never expect Windows Server to work on a laptop, after all.

Re:I Hope

[arth1]

why in earth would you use an enterprise / server side distro for a laptop?

RHEL Workstation is a good OS for laptops, especially if you want to maintain binary and package version compatibility with your servers.
Development is a good example of where this is useful. Automounts that contain binaries and/or libraries is another. And remote X. Sometimes compatibility wins over bleeding edge.

Re:I Hope

[jmccue]

The older kernel worked, 693 had issues with Nvidia (who else). We are not suppose to install the Nvidia binary, so that hardware is 'stuck'. These are models with discrete graphics which cannot be disabled. disabled means setting the bios to use integrated graphics

Re:I Hope

[jmccue]

These are using RHEL Developer Workstations

Re:I Hope

why in earth would you use an enterprise / server side distro for a laptop?

RHEL Workstation is a good OS for laptops, especially if you want to maintain binary and package version compatibility with your servers.
Development is a good example of where this is useful. Automounts that contain binaries and/or libraries is another. And remote X. Sometimes compatibility wins over bleeding edge.

RHEL won't work on hardware that is released after it was. You'll get warnings at boot time and your hardware will not work. Software updates will not fix the problems because the updates are not coming. RHEL is for certified hardware and you can't certify hardware that doesn't exist yet.

Re:I Hope

[innocent_white_lamb]

I use Centos on everything from laptops to desktops to servers of various kinds, from webservers to a custom RIP for a publishing company that I wrote a few years ago -- everything runs on Centos.

I know how Centos works and what it does and how to administer it, and what it's doing in the background (no mysterious processes) and it's very stable so I don't have worry about cutting-edge bugs or reformatting a machine and setting it up again from scratch since the lifetime of a Centos version is about the same as the (reliable) lifetime of the hardware that it runs on so by the time I need to replace something it's time to update to the next Centos version.

And by running Centos on everything I can write something on my laptop or desktop and know that it's going to work exactly the same way on a rack box or whatever else, too. No mysteries there either.

What's not to like?

Re:I Hope

4.14 is only for ARM64, POWER9 (little endian), and System Z. No such luck for x86_64 users. If you can stand dealing with Oracle, then Oracle Linux has UEKr5 available soon which uses 4.14.

Re: I Hope

[Brockmire]

Wuh? Did you respond to a BSD thread by accident?

Re: I Hope

[Brockmire]

The only downside to me is that also means you might be a couple years behind the most current version of something, missing out on some features. In a lot of cases, it's in a third party repo, but on more than a few times, ffmpeg was a PITA. SSL and webserver features as well missing without latest versions. It's my server of choice. I'd recommend Fedora for laptop on current hardware, though .

Re:I Hope

I assume the first step would be to file a support request with Red Hat if you haven't already.

Re: I Hope

The only downside to me is that also means you might be a couple years behind the most current version of something, missing out on some features.

I'm totally fine with using slightly older software on my work laptop where I value reliability over having the latest stuff.

Re:I Hope

I guess that's why the "hardware enablement" section in the release notes are empty in each release. oh wait!

Re: I Hope

[buchanmilne]

"We are not suppose to install the Nvidia binary, so that hardware is 'stuck'."

I sounds much easier to just install the nvidia driver to see if that works, even if you are not "supposed to".

(The only machine I have with an nvidia card now is an old Ion chipset, but I previously ran a linux workstation with an Nvidia card, and had no stability problems with the nvidia driver.)

Re: I Hope

[swimboy]

That's why RH implemented Software Collections. The base install may contain an older stable-when-the-distro-was-new version of software, but a supplementary repo that's maintained by RH provides more current versions of most major tools. It's a couple of steps more involved than just "yum install python-3.6.5" but it's there and supported by RedHat.

Re:I Hope

[jmccue]

That is controlled by some another group of people, I filed it with them and who knows where it went from there, the fun of being in a fortune 500 company :)

Re: I Hope

I run CentOS 7 on my laptop because it is a good laptop distro. Laptop is a Dell Precision M6700 and works great.

Re:I Hope

I know right!!! Next thing you know they will be parking in driveways and driving on parkways.

Re: I Hope

You can't run server distro on laptop, it has no codecs.

You don't know how dangerous closed source is...

... simply because you can't see the code. Ignorance is bliss? In your case, apparently so.

Re:Dangerous to use open source

Tell that to Intel/AMD with their Spectre and Meltdown vulnerabilities affecting products _decades_ old. They shouldn't have open-sourc.... oh wait!

Conflict of RHEL ansible with EPEL ansible

RHEL chose to create a new subscription just for ansible, one that contains with "ansible" with the same package name and version as the recently ansible package in EPEL. The result is that the RHEL version, and the EPEL version, are going to fight it out for installation supremacy on any system that has the upstream channel and the EPEL channel both enabled.

This was avoidable: it's exactly the sort of thing that the engineer who set up the new channel should have looked for. It's also why I loathe the subscription channel structure for Red Hat. I understand why they want people to pay for licenses for some of the channels, but before RHEL, Red Hat used to publish most of their content as RPM's directly. They have effectively recreated that non-commercial, non-supported channel or set of channels by supporting and collaborating with CentOS. But it still sometimes causes issues.

Do not get me *going* on the problems caused by the obsolete version of Subversion in the RHEL distributions. I used to update that from Repoforge, but that repo stopped getting updates years ago.

Python 2: goodbye in RHEL 8

In the "Deprecated Functionality" chapter, it is mentioned that Python 2 will not be shipped in the OS:

* https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.5_release_notes/chap-red_hat_enterprise_linux-7.5_release_notes-deprecated_functionality

If you need it in RHEL 8, you need to either get it via EPEL, another third-party repo, or compile-from-source.

Re:Python 2: goodbye in RHEL 8

This is something that utterly annoys me. Despite being deprecated, considered a legacy language by its own creators... python2 is still infesting not only linux but also OS X (where python2 is provided by Apple as default python interpreter). God, even the lastest software you can find on gnome or kde depends on python2.

It really annoys me because I use python3 for my dialy work and I can't stand having two pythons installed to do the same job >:(

Re:Python 2: goodbye in RHEL 8

[KiloByte]

I can't stand having two pythons installed to do the same job >:(

So do like me: ignore both pythons, consider them necessary evil (unless you have good replacements for programs implemented in Python), and use Perl for actual work.

Re:Python 2: goodbye in RHEL 8

I can't see how that would fly.
There is more software (including maintained software) for Python2 than for Python3 (and yes, that is quite sad).
I don't see the conservative circles RedHat is paid by having much use for Python3 in the coming years.
Well, maybe they are not using Python at all, but if they are I can't see RedHat getting away without massive customer protests.

Re:Python 2: goodbye in RHEL 8

[Junta]

Particularly since RHEL 7 shipped with *only* 2.

Generally, you'd have an overlap of both.

Re:Python 2: goodbye in RHEL 8

They already do that, you have been able to install python 3.x using Red Hat Software Collections on rhel 6 for a long time now.

Re: Python 2: goodbye in RHEL 8

[buchanmilne]

"In the "Deprecated Functionality" chapter, it is mentioned that Python 2 will not be shipped in the OS:"

That's because it is already deprecated upstream and will receive no upstream support after 1 Jan 2020 (https://pythonclock.org/). If RHEL8 were to ship with Python 2.7, it would be supported for about 1/10th of the OS support lifetime, which does seems unreasonable.

"If you need it in RHEL 8, you need to either get it via EPEL, another third-party repo, or compile-from-source."

No, if you're going to need Python 2.7 on RHEL8, you should be doing the work to run on Python 3 *now*. Install python3 on RHEL7 using software collections and make sure all your run on both versions (using 2to3 and six), and run RHEL7 in production until you can switch (you havr a few years left). Any other approach (e.g. investing at all in keeping python 2.7) is a poor investment of your time.

Re: Python 2: goodbye in RHEL 8

I absolutely agree with you that going to python 3 is the right solution.

That being said Red Hat's ability to support python 2 in rhel is not dependent on whether or not python upstream still supports it. One of the main reasons why Red Hat is able to charge a lot of money for its subscription services is that they have competent people on staff that can support things like this long after upstream has dropped its support.

Re:Python 2: goodbye in RHEL 8

[Junta]

As a user maintaining internal software, that's.. ok..... Software collections though require copious amount of duct tape and don't quite act the same as when it is *in* the distro (at least when I needed to use httpd from software collections, it was a huge mess).

As a vendor, it's often unacceptable to mandate software collections for your software to work. Hell they hated when I had a dependency in the "optional" channel, forcing me to stay away from even that.

When you 'deprecate' something but not even have the non-deprecated version without resorting to the workaround that is software collections, that is not right.

I'm not sure how they'll do it, at one point last year a RHEL rep was telling me that /usr/bin/python was going to be python3, and I told them they were setting themselves up for a world of hurt from gobs of customer python scripts suddenly breaking in subtle ways, and /usr/bin/python missing completely and only there being python3 would be a clear sign of needing migration.

Re:Python 2: goodbye in RHEL 8

If a vendor requires a specific version of python I rather see them just package their own copy and include that with the installation, preferably walled off somewhere in /opt/$vendor/python.

Re:Python 2: goodbye in RHEL 8

[Junta]

My projects don't require specific pythons, works with several to avoid needing a python runtime bundled.

Will have to run more thorough python 3 tests, as prior to RHEL8, the only baked in versions were 2.x. Would have been nice to have both 2 and 3 available as first-class at least for one generation of the distro.

RHEL is also the reason I still have to support Python 2.6, due to the enduring popularity of RHEL6.

Some customers insist on RedHat...

We use Centos internally, so deploying on RedHat is pretty painless.

Re:Dangerous to use open source

[F.Ultra]

I think that the best advice you can give your very powerful clients is to base all their IT on Adobe Flash, that would save them from the horrors of open source.

Re:Dangerous to use open source

Your secretaries spell and grammar check your reports to your very powerful clients, correct?

Just use CentOS

I've been a sysadmin since 1998, and I've since switched over to CentOS for a Red Hat replacement. If your shop knows Linux, CentOS is a breeze, easier, actually, since there are no licenses to muck about with in rolling out servers. If you know Red Hat, you know CentOS. And before the naysayers stipulate use of Red Hat in critical environments, CentOS handles this area very well, as it's based on Red Hat, just minus the badging, licensing, some tooling.

For me, it's come down to CentOS on the servers, Check Point and OpenBSD on the security side, and Fastmail hosting the email. A winning combination that has given me little agro over the years. Yes, Check Point is not open source, but in all honesty, I don't believe you can ask for a better firewall. OpenBSD is great at handling some of the internal security, filtering, and proxies.

Re:Just use CentOS

[Junta]

There are a few reasons to buy RHEL:

-You don't know what you are doing and you are going to be paying *someone* to know what they are doing. Many may believe that such a Linux customer is a unicorn, but I have seen many people relying heavily upon their enterprise vendor.
-You need urgent human attention to problems as they arise. Recently I worked with a company that needed to understand the root cause of a kernel panic they were hitting *immediately*, and RedHat was there for that.
-To pass the buck when things do go south.

You are correct that from a technical perspective, CentOS is all the capability but none of the hassle. It just doesn't have any of the guaranteed human attention, and that is really what you are paying for. All that said, their entitlement scheme is terribly convoluted and even if I would be willing to pay, it's enough to make me not want to use them.

Re:Just use CentOS

OP here. Great comments. I agree to a point on the human help element, but I've never ran into something so critical that me and the team couldn't solve. Since all of our servers are virtualised, if we ran into something *critical*, we would likely just activate a hot spare until we could get it all sorted. This has happened maybe twice in almost 20 years. We keep things simple, as we are all old-school *nix mentality guys. Each server does one thing only. Our servers don't share duties. The Asterisk server does just PBX work, the OpenBSD server does proxy work and handles internal security, the Web server/Intranet does just Apache and file serving. We strive to keep things dead simple. Later this year, we are looking at thin clients for the desktop, because we have almost 300 end users and want to save money on desktops.

Re: Just use CentOS

[Brockmire]

What are you paying for desktops and what would you pay for a thin client? That savings doesn't sound like much, depending on what you're paying.

Re: Just use CentOS

Sadly, we're a Dell shop, so we buy small form factor Dell desktops for about $600 a piece. Loaded RAM, now no optical drive, I7 Intel processor, and a higher end graphics card for two HDMI monitors. I think it's a bit expensive. 95% of the user base does nothing but word processing, spreadsheets, etc. Typical business environment. We use several specialist software programs, as we are largely paperless and archive all documents on a network share locked down via RBAC. I would like to see us go to VMWare and thin clients since all of our servers are already virtualised using VMWare. It would be a no-brainer. Those people like the engineers who need high-end workstations will keep them, ditto the graphics people. Sally Secretary and the office drones can easily be put on thin clients. We operate almost exclusively from network shares so this already makes sense. I've specced out some nice thin clients from a company I now forget that works with VMWare, have I5 processors, 16GB RAM for $469.

Re: Just use CentOS

[Type44Q]

On an unrelated note, isn't "agro" slang for "aggressive" rather than "aggravation?"

Re: Just use CentOS

Why not a few beefier $4k servers and lots of $200 4gb atom NUCs or similar low end laptops running RDC?

For most office drones the pc is the thing that lets them use the browser/ see what they saved on the server by typing on the keyboard and clicking the mouse.

Hell you can just buy the left over Lumia Win10 phones with Continuum.

Oracle UEK - Unbreakable Enterprise Kernel

[emil]

The current Oracle UEKr4 is a v4.1.12 kernel, and can be loaded in a supported configuration with Ksplice on a Red Hat system.

The preview of the UEKr5 is a 4.14.26 kernel (the Long Term Support release). That is in beta.

You can find installation instructions here for both versions.

They should focus more on bug fixes

[mike2006]

My 6.9 servers and workstations are still as solid as a rock. Granted I need to add allot of newer rpms but it is stable and everything works as it should.

My confidence level of stability and bugs is still lower with 7.4. They should focus more on bug fixes and making 7.x as stable as 6. If I had my wish they would also get rid of systemd and go back to init.

.

Re:They should focus more on bug fixes

To be fair 6.x was a bit unstable too back in the early 6.x days, I kept using mostly 5.x until around 6.5.