NewsADMIN News

News for Admins

Tech News

In the news: Native edge computing comes to Red Hat Enterprise Linux; IBM/Red Hat deals crushing blow to CentOS; Linux Kernel 5.10 is ready for release 48; and Canonical launches curated container images. By Jack Wallen

Native Edge Computing Comes to Red Hat Enterprise Linux

With the latest release of Red Hat Enterprise Linux (RHEL) and OpenShift, it has become even easier for businesses to add edge deployment to existing infrastructure.

With this release, Red Hat has attempted to refine the definitions of Edge computing. To this, Nicolas Barcet, Red Hat Senior Directory Technology Strategy, says "Edge is not just one thing, it's multiple things, multiple layers." Barcet continues, "A single customer use case may have up to five layers of edge-related infrastructure, going from the IoT device all the way to the aggregation data centers." Barcet concludes with, "What we need to offer as a software infrastructure provider is all the components to build according to the topology that the customer wants for that use case."

To address those components, Red Hat identified three basic edge architectures:

Far edge – single server locations with limited connectivity
Closer edge – factory, branch, or remote store with reliable connectivity and multiple servers
Central edge – a regional data center that can control far and closer edge infrastructures

RHEL 8.3 (released in November) includes tools like Image Builder, to address building custom images (based on RHEL) for the Far Edge, worker nodes for the Closer Edge, and OpenShift with an added management layer for the Central Edge. But the most important feature found in RHEL 8.3 is the Red Hat Advanced Cluster Management tool, which provides the ability to manage a fleet of OpenShift clusters.

For more information about RHEL 8.3, read the official release notes (https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/index).

IBM/Red Hat Deals Crushing Blow to CentOS

In a move that can be best summed up with a gaping mouth, IBM/Red Hat has announced it is ending CentOS 8 and shifting all releases of the server operating system to the Stream edition.

What is CentOS Stream, you ask? It's a rolling release edition of the popular server platform. What is a rolling release? Instead of the traditional yearly major and minor releases, rolling releases are continuously updated, so all software (from the kernel to the userspace software) is always up to date.

For many, this means instability can be introduced to the system. For an operating system known for its rock-solid stability, the shift to a rolling release could mean disaster.

But it's not just the update process that has many a Linux admin up in arms. To date, CentOS has been downstream of RHEL, which meant it included most of the features added to the enterprise-grade operating system. CentOS Stream, however, will be downstream of Fedora, so it will not benefit from anything added to RHEL.

CentOS 8 admins will have until some point in 2021 to decide if they want to continue on with CentOS Stream or find another platform.

To read more on this, check out Red Hat's official take on the shift (https://www.redhat.com/en/blog/centos-stream-building-innovative-future-enterprise-linux).

Linux Kernel 5.10 Is Ready for Release

For a while, Linus Torvalds was concerned about the size of changes for the Linux 5.10 release. However, with the release of the rc6 candidate, that worry has subsided. To this point, Torvalds said, "…at least this week isn't unusually bigger than normal – it's a pretty normal rc6 stat-wise. So unless we have some big surprising left-overs coming up, I think we're in good shape."

Torvalds continued to say, "That vidtv driver shows up very clearly in the patch stats too, but other than that it all looks very normal: mostly driver updates (even ignoring the vidtv ones), with the usual smattering of small fixes elsewhere – architecture code, networking, some filesystem stuff."

As far as what's to be expected in the kernel, there are two issues that have been around for some time that are finally being either given the boot or improved.

The first is the removal of the set_fs() feature, which checks whether a copy of the user space actually goes to either the user space or to the kernel. Back in 2010, it was discovered that this feature could be used to overwrite and give permission to arbitrary kernel memory allocations. The bug was fixed, but the feature remained. Since then, however, manufacturers improved the management of memory so that on most architecture memory space overloads have been banned.

Another improvement is the continued work to address the 2038 issue (a bug that has been known for some time regarding time encoding). On POSIX systems, time is calculated based on seconds elapsed since January 1, 1970. As more time passes, the number to represent a date increases. By the year 2038, it is believed 32-bit systems will no longer function. As of the 5.6 release, those systems could pass the year 2038. The 5.10 release improves on that reliability.

Released in mid-December 2020, Linux Kernel 5.10 offers filesystem and storage optimizations, as well as support for even more hardware.

For more information on the release, check out this message (https://lwn.net/Articles/838514/) from Linus himself.

Canonical Launches Curated Container Images

Any admin that has deployed containers understands how important security is for business. The problem with containers is that it's often hard to know if an image is safe to use, especially when you're pulling random images from the likes of Docker Hub. You never know if you're going to pull down an image that contains vulnerabilities or malware.

That's why Canonical has decided to publish the long-term support (LTS) Docker Image Portfolio to Docker Hub. This portfolio comes with up to 10 years of Extended Security Maintenance from Canonical. In response, Mark Lewis, Canonical VP of Application Services, has stated, "LTS Images are built on trusted infrastructure, in a secure environment, with guarantees of stable security updates." Lewis continued, "They offer a new level of container provenance and assurance to organizations making the shift to container based operations."

This means that Canonical has joined Docker Hub as a Docker Verified Publisher to ensure that hardened Ubuntu images will be available for software supply chains and multicloud development.

For anyone looking to download images, they can be viewed on the official Ubuntu Docker page (https://hub.docker.com/_/ubuntu) or pulled with a command like docker pull ubuntu.

For more information about this joint venture, check out the official Docker announcement (https://www.docker.com/blog/canonical-joins-docker-verified-publisher-program/).