(Last Updated On: December 8, 2018)

Red Hat Enterprise Linux 8 commonly known as RHEL 8 has been released in Beta for Developers and users to test and give feedback. RHEL 8 official release date will be announced by Red Hat Inc, the company behind Development of Red Hat Enterprise Linux (RHEL) 8. Red Hat Enterprise Linux 8 public beta was announced on November 14, 2018.

With the release of Red Hat Enterprise Linux 8 (RHEL 8) comes new features and improvements as compared to the predecessor – RHEL 7.

What is new in Red Hat Enterprise Linux 8 (RHEL 8 )?

Some of the new features of RHEL 8 are as described below.

Kernel & OS

Red Hat Enterprise Linux 8.0 is based on Fedora 28 and upstream kernel 4.18. This provides users with a secure, stable and consistent foundation across hybrid cloud and Data Center deployments with tools needed to support all levels of workloads.

Supported CPU Architectures are:

  • AMD and Intel 64-bit architectures
  • The 64-bit ARM architecture
  • IBM Power Systems, Little Endian
  • IBM Z

Content Distribution

Red Hat Enterprise Linux 8 has two modes of Content distribution and will only need two repositories enabled.

  • BaseOS repository – The BaseOS repository provides the underlying core OS content in the form of traditional RPM packages. BaseOS components have a life cycle identical to that of content in previous Red Hat Enterprise Linux releases.
  • AppStream repository – The Application Stream repository provides all the applications you might want to run in a given userspace. Other software that has special licensing are available on a Supplemental repository.
What is AppStream?

The AppStream allows you to install additional versions of software on independent life cycles and keep your operating system up-to-date while having the right version of an application that suits your use case. Note that no two streams can be installed at the same time into the same userspace.

Application Streams are typically named according to the version of software it distributes e.g. mongodb:3.4 or mongodb:3.6, but may also use names such as “latest” and “stable” and “latest“.

Desktop Environment

RHEL default Desktop Environment is GNOME. The GNOME Project is supported by the GNOME Foundation. A version of Gnome shipped in RHEL 8 is version 3.28 which has automatic downloading of operating systems in Boxes. Other new features include:

  • New on-screen keyboard
  • New GNOME Boxes features
  • Extended devices support, most significantly integration for the Thunderbolt 3 interface
  • Improvements for GNOME Software, dconf-editor and GNOME Terminal
  • GNOME Software utility, which enables you to install and update applications and gnome-shell extensions.
  • GNOME Display Manager (GDM) use Wayland as their default display server instead of the X.org server

Features of Wayland display server

  • Stronger security model
  • Improved multi-monitor handling
  • Improved user interface (UI) scaling
  • The desktop can control window handling directly.

Read more about Gnome 3.28 features in the release notes.

Software Management

RHEL 8 YUM package manager is now based on the DNF technology and it provides support for modular content, increased performance, and a well-designed stable API for integration with tooling. The version of RPM is 4.14.2 and it validates the whole package contents before it starts the installation.

YUM version available in RHEL 8 is v4.0.4. YUM based on DNF has the following advantages over the previous YUM v3 used on RHEL 7:

  • Increased performance
  • Support for modular content
  • Well-designed stable API for integration with tooling

Web servers, Web Tools, Compilers, Languages & Databases

Red Hat Enterprise Linux 8 includes Application Streams of multiple versions of databases, languages, compilers, and other tools available for your use.

Below is a list of components available on Red Hat Enterprise Linux 8.

  • Python: The default Python implementation in RHEL 8 is Python 3.6.
  • Database Servers: RHEL 8 provide the following databases –  MariaDB 10.3, MySQL 8.0, PostgreSQL 9.6, PostgreSQL 10.
  • Redis: The redis version available is 4.0
  • Web Servers: httpd 2.4 Nginx 1.14*
  • OpenLDAP replaced by 369 LDAP Server
  • Varnish Cache 6.0*
  • Git 2.17
  • Maven 3.5
  • Perl 5.26* and 5.24
  • PHP 7.2* and 7.1*
  • Ruby 2.5*
  • Node.js 10* and 8*
  • Python 3.6* and 2.7*
  • Rust Toolset 1.26*
  • Scala 2.10
  • Go Toolset 1.10*
  • GCC System compiler 8.1
  • .NET Core 2.1*
  • Java 8 and 11
  • Pacemaker cluster resource manager 2.0.0. The pcs configuration system fully supports Corosync 3, knet, and node names.
  • glibc libraries based on version 2.28

Networking

Below are the new changes in the Networking Level:

  • RHEL 8 is distributed with TCP networking stack version 4.16, which provides higher performances, better scalability, and more stability.
  • The networking stack upgraded to upstream version 4.18
  • Iptables has been replaced by the nftablesframework as the default network packet filtering facility.
  • The nftables framework is the designated successor to the,iptablesip6tables,arptables, and ebtables tools. This provides a single framework for both the IPv4 and IPv6 protocols
  • The firewalld daemon now uses nftables as its default backend.
  • Support for IPVLAN virtual network drivers that enable the network connectivity for multiple containers.
  • NetworkManager now supports single-root I/O virtualization(SR-IOV) virtual functions (VF). NetworkManager allows configuring some attributes of the VFs, such as the MAC address, VLAN, the spoof checking the setting and allowed bitrate

Virtualization

  • Red Hat Enterprise Linux 8 is distributed with qemu-kvm 2.12 with – Q35 guest machine type support, UEFI guest boot support, vCPU hot plug and hot unplug,  NUMA tuning and pinning in the guest and guest I/O threading
  • The QEMU emulator introduces the sandboxing feature. QEMU sandboxing provides configurable limitations to what systems calls QEMU can perform, and thus makes virtual machines more secure
  • KVM virtualization now supports the User-Mode Instruction Prevention (UMIP) feature, which can help prevent user-space applications from accessing to system-wide settings
  • KVM virtualization now supports the 5-level paging feature, which significantly increases the physical and virtual address space that the host and guest systems can use.
  • NVIDIA vGPU is now compatible with the VNC console
  • Ceph storage is supported by KVM virtualization on all CPU architectures supported by Red Hat
  • Q35, a more modern PCI Express-based machine type is supported by RHEL 8 Virtualization.  All virtual machines created in RHEL 8 are set to use Q35 PC machine type by default.

Web Management – Cockpit

  • RHEL 8 comes with Cockpit automatically installed and firewall ports required by Cockpit are automatically opened.
  • Cockpit interface can be used to apply Policy-Based Decryption (PBD) rules to disks on managed systems.
  • For systems enrolled in an Identity Management (IdM) domain, Cockpit uses the domain’s centrally managed IdM resources by default.
  • Cockpit menus and pages can be navigated on mobile browser variants.
  • Virtual machines can be created and managed from the Cockpit web interface.
  • The Virtual Machines page can now be added to the Cockpit interface, which enables the user to create and manage libvirt-based virtual machines.

System Users

  • The usernfsnobody that was available in RHEL 7 has been merged with usernobody into the nobody user and group pair with UID  and GID of  65534.This change reduces the confusion about files that are owned by nobody but have nothing to do with NFS.

Security

  • RHEL 8 comes with support for OpenSSL 1.1.1 and TLS 1.3. This enables you to secure customer’s data with the latest standards for cryptographic protection.
  • RHEL 8 comes with System-wide Cryptographic Policies which helps you with the management of cryptographic compliance. No need to modify and tune specific applications.
  • OpenSSH has been rebased to version 7.8p1– with no support for SSH version 1 protocol, Blowfish/CAST/RC4 ciphers, hmac-ripemd160 message authentication code

Linux containers

RHEL 8 has the enterprise support for Linux containers via a lightweight, open standards-based container toolkit based on:

  • Buildah to facilitate building of OCI images
  • Skopeo for sharing/finding container images on Docker registries, the Atomic registry, private registries, local directories and local OCI-layout directories.
  • Podman for running containers without need for daemon.

Both Buildah and Podman are command line tools that work on OCI images and containers.

How is Buildah different from Podman?

Buildah’s commands replicate all of the commands that are found in a Dockerfile. Buildah containers are really just created to allow content to be added back to the container image.

Podman specializes in all of the commands and functions that help you to maintain and modify OCI images, such as pulling and tagging. It also allows you to create, run, and maintain containers created from those images.

Storage and File systems

Stratis is the new local storage manager for RHEL 8. It provides managed file systems on top of pools of storage with additional features to the user. Stratis provides ZFS/Btrfs-style features by integrating layers Linux’s devicemapper subsystem, and the XFS filesystem.

Stratis supports LUKSv2 disk encryption and Network-Bound Disk Encryption (NBDE) for more robust data security.

With Stratis, you can easily perform storage tasks such as:

  • Maintain file systems
  • Manage snapshots and thin provisioning
  • Automatically grow file system sizes as needed

Pools are created from one or more storage devices, and volumes are created from a pool. The file system is created on top of a volume, hence resizing a volume automatically resize FS as well. The default file system used by Stratis is XFS.

Other notable Storage features are:

  • The XFS file system now supports shared copy-on-write data extent functionality. This enables two or more files to share a common set of data blocks. Creating shared copies does not utilize disk I/O nor consume additional disk space. The files sharing common blocks act like regular files.
  • The shared copy-on-write data extents are now enabled by default when creating an XFS file system, starting with the xfsprogs package version 4.17.0-2.el8.
  • Support for Virtual Data Optimizer (VDO) on all of the architectures supported by RHEL 8.
  • LUKS2 is now the default format for encrypting volumes. This replaces the legacy LUKS (LUKS1) format distributed in RHEL 7.  LUKS2 provides encrypted volumes with metadata auto-recovery and redundancy if partial metadata corruption is encountered.

I’ll frequently update this article as I do more testing and review on RHEL 8.