Home

English
English
Search
Log in
Login/Register
All Red Hat

Overview

What's new in Red Hat Enterprise Linux 7

Last Updated:

INTRODUCTION

Red Hat® Enterprise Linux® 7 delivers dramatic improvements in reliability, performance, and scalability. A wealth of features provides the architect, system administrator, and developer with the resources necessary to innovate and manage more efficiently.

Architects: Red Hat Enterprise Linux 7 is ready for whatever infrastructure choices you make, efficiently integrating with other operating environments, authentication, and management systems. Whether your primary goal is to build network-intensive applications, massively scalable data repositories, or a build-once-deploy-often solution that performs well in physical, virtual, and cloud environments, Red Hat Enterprise Linux 7 has functionality to support your project.

System administrators: Red Hat Enterprise Linux 7 has features that help you do your job better. You’ll have better insights into what the system is doing and more controls to optimize it, with unified management tools and system-wide resource management that reduce the administrative burden. Linux container isolation and enhanced performance tools allow you to see and adjust resource allocation to each application. And, of course, there are continued improvements to scalability, reliability, and security.

Developers and DevOps: Red Hat Enterprise Linux 7 has more than just operating system functionality; it provides a rich application infrastructure with built-in mechanisms for security, identity management, resource allocation, and performance optimization. In addition to well-tuned default behaviors, you can take advantage of controls for application resources so you don’t leave performance up to chance. Red Hat Enterprise Linux 7 includes the latest stable versions of the most in-demand programming languages, databases, and runtime environments.

LINUX CONTAINERS

Linux containers and Kubernetes container orchestration have emerged as a key open source application packaging and delivery technology, combining lightweight application isolation with the flexibility of image-based deployment methods. Developers have rapidly embraced Linux containers because they simplify and accelerate application deployment, and many Platform-as-a-Service (PaaS) environments are built around containers and Kubernetes technologies, including Red Hat OpenShift®. Red Hat Enterprise Linux 7 implements Linux containers using core technologies such as control groups (cGroups) for resource management, namespaces for process isolation, and SELinux for security, enabling secure multitenancy and reducing the potential for security exploits. The Red Hat container certification ensures that application containers built using Red Hat Enterprise Linux will operate seamlessly across certified container hosts.

IDENTITY MANAGEMENT

CROSS-REALM KERBEROS TRUST

Identity management in Red Hat Enterprise Linux can now establish cross-realm trust with Microsoft Active Directory. Synchronization between the 2 identity stores is not needed. This capability makes it possible for users with Active Directory credentials to access Linux resources without requiring additional identity authentication so that single sign-on functionality exists across Microsoft Windows and Linux domains.

REALMD

Realmd discovers information about the domain or realm automatically and simplifies the configuration needed to join it. Realmd works with Microsoft Active Directory and Red Hat Enterprise Linux identity management.

PERFORMANCE MANAGEMENT

PERFORMANCE CO-PILOT

Performance Co-Pilot is a new framework for system-wide performance monitoring, recording, and analysis that provides an application programming interface (API) for importing and exporting sampled and traced data. It also includes tools for interrogating, retrieving, and processing the collected data. Performance Co-Pilot can transmit this data across a network and integrate with subsystems such as rsyslog, sar/sysstat, and systemd. It provides a common graphical user interface for browsing through all collected data as well as interactive text interfaces.

TUNED AND TUNED PROFILES

Tuned is an adaptive system-tuning daemon that tunes system settings dynamically depending on usage. Red Hat Enterprise 7 includes several default tuned profiles, allowing administrators to benefit from better performance and power management for common workloads with very little tweaking. By default, the tuned profile selected is based on the Red Hat Enterprise Linux product variant, though administrators can modify the profile to address intended use cases.

TUNA

Red Hat Enterprise Linux 7 enhances Tuna beyond process performance monitoring capabilities with additional support for kernel parameter tuning, along with profile customization and management.

Tuna has a unified, easy-to-use graphical user interface for system performance tuning, monitoring, and tuned profile management. It helps customers get the best performance out of their systems by using proactive load balancing and monitoring to eliminate hot spots, prevent performance problems, and avoid potential service calls.

NUMA AFFINITY

With more and more systems, even at the low end, presenting non-uniform memory access (NUMA) topologies, Red Hat Enterprise Linux 7 addresses the performance irregularities that such systems present. A new, kernel-based NUMA affinity mechanism automates memory and scheduler optimization. It attempts to match processes that consume significant resources with available memory and CPU resources in order to reduce cross-node traffic. The resulting improved NUMA resource alignment improves performance for applications and virtual machines, especially when running memory-intensive workloads.

HARDWARE EVENT REPORTING MECHANISM

Red Hat Enterprise Linux 7 unifies hardware event reporting into a single reporting mechanism. Instead of various tools collecting errors from different sources with different timestamps, a new hardware event reporting mechanism (HERM) will make it easier to correlate events and get an accurate picture of system behavior. HERM reports events in a single location and in a sequential timeline. HERM uses a new userspace daemon, rasdaemon, to catch and log all RAS events coming from the kernel tracing infrastructure.

VIRTUALIZATION

GUEST INTEGRATION WITH VMWARE

Red Hat Enterprise Linux 7 advances the level of integration and usability between the Red Hat Enterprise Linux guest and VMware vSphere.

Integration now includes:

  • Open VM Tools—bundle
  • 3D graphics drivers for hardware-accelerated OpenGL and X11 rendering.
  • Fast communication mechanisms between VMware ESX and the virtual machine.

Combined, these additions provide a rich, high-performance environment for the Red Hat Enterprise Linux virtual machine running on VMware.

CRYPTOGRAPHY SUPPORT

KVM-based virtualization capabilities meet new cryptographic security requirements from both US and UK governments by adding the para-virtualized driver (virtio-rng) to provide the ability for the host to feed entropy to the virtual machine. By alleviating entropy starvation in guests, cryptographic applications running on the guest are more effective. This feature is especially important to highly security-conscious customers such as federal governments, online merchants, financial institutions, and defense contractors.

VIRTUAL FUNCTION I/O DEVICE ASSIGNMENT

The virtual function I/O (VFIO) userspace driver interface improves PCI device assignment for KVM. VFIO enforces device isolation, improves security of device access, and is compatible with features such as secure boot. For example, Red Hat Enterprise Linux 7 uses the VFIO framework for graphic processing unit (GPU) device assignment. Note that VFIO replaces the KVM device assignment mechanism used in Red Hat Enterprise Linux 6.

DEVELOPMENT

OPENJDK

Red Hat Enterprise Linux 7 includes OpenJDK as the default JavaTM development and runtime environment. OpenJDK 7 is the most current stable version of publicly available Java. It provides more stability, better performance, better support for dynamic languages, and quicker startup times.

All Java 7 packages (java-1.7.0-openjdk, java-1.7.0-ibm) in Red Hat Enterprise Linux 7 let you install multiple versions in parallel, similarly to the kernel. Parallel installation makes it simpler to try out multiple versions of the same JDK simultaneously in order to tune performance and debug problems if needed.

INSTALLATION AND DEPLOYMENT

IN-PLACE UPGRADE

Red Hat Enterprise Linux 7 provides support that simplifies the task of performing in-place upgrades. A pre-upgrade assistant package is provided in the Red Hat Enterprise Linux 6.5 zstream, which reports what can be upgraded in-place and what will have to be done manually. The report describes the issues and links to knowledgebase articles available in the Red Hat Customer Portal.

The report includes information on configuration files that will be modified and identifies existing user-modified configuration files, recommending some to be manually checked. At that point, the administrator can decide if the end result of an in-place upgrade is sufficient for their needs. Upon executing the in-place upgrade, the administrator can then inspect the final results and decide to complete the upgrade.

PARTITIONING DEFAULTS FOR ROLLBACK

The ability to revert to a known, good system configuration is crucial in a production environment. Using LVM snapshots with ext4 and XFS (or the integrated snapshotting feature in Btrfs described in the “Snapper” section) an administrator can capture the state of a system and preserve it for future use. An example use case would involve an in-place upgrade that does not present a desired outcome and an administrator who wants to restore the original configuration.

ANACONDA KICKSTART FOR ACTIVE DIRECTORY INTEGRATION

A system administrator can now create kickstart installation files that do not require administrative credentials. The installed system can then join an Active Directory domain with a one-time password. This new feature eliminates the need for writing and maintaining large blocks of interdependent code in two domains.


CREATING INSTALLATION MEDIA

Red Hat Enterprise Linux 7 introduces Live Media Creator for creating customized installation media from a kickstart file for a range of deployment use cases. Media can then be used to deploy standardized images whether on standardized corporate desktops, standardized servers, virtual machines, or hyperscale deployments. Live Media Creator, especially when used with templates, provides a way to control and manage configurations across the enterprise.

SERVER PROFILE TEMPLATES

Red Hat Enterprise Linux 7 features the ability to use installation templates to create servers for common workloads. These templates can simplify and speed creating and deploying Red Hat Enterprise Linux servers, even for those with little or no experience with Linux.

RED HAT ENTERPRISE LINUX DESKTOP AND WORKSTATION

Red Hat Enterprise Linux 7 includes 3 desktops to match different work styles and preferences: GNOME 3, GNOME Classic, and KDE.

GNOME 3 provides a focused working environment that encourages productivity. A powerful search feature lets you access all your work from one place. Side-by-side windows make it easy to view several documents at the same time, and you can turn off notifications when you need to concentrate on the task in hand. Every part of GNOME 3 has been designed with simplicity and ease-of-use in mind. Activities Overview gives an easy way to access all your basic tasks. A press of a button is all it takes to view your open windows, launch applications, or check if you have new messages.

GNOME Classic combines old and new; it keeps the familiar look and feel of GNOME 2, but adds the powerful new features and 3-D capabilities of GNOME Shell. GNOME 3 and GNOME Classic integrate well with online document-storage services, calendars, and contact lists, so all your data can be accessed from the same place. In addition to GNOME 3 and GNOME Classic, Red Hat Enterprise Linux 7 offers the latest stable version of the popular KDE desktop.

MANAGEMENT

SYSTEM-WIDE MANAGEMENT

Red Hat Enterprise Linux 7 includes systemd, a system and service manager. It combines compatibility for most SysV and LSB init scripts as well as the following new capabilities:

  • Provides aggressive parallelization capabilities.
  • Uses socket and D-Bus activation for starting services.
  • Offers on-demand starting of daemons.
  • Keeps track of processes using Linux cgroups.
  • Supports creating snapshots and restoring system state.
  • Maintains mount and automount points.
  • Implements fine-grained transactional, dependency-based, service control logic.

OPENLMI

The OpenLMI project provides a common infrastructure for the remote management of Linux systems. Capabilities include configuration, management, and monitoring of hardware, operating systems, and system services. OpenLMI includes a set of services that can be accessed both locally and remotely, multiple language bindings, standard APIs, and standard scripting interfaces. It enables system administrators to manage more systems, automate management operations, and manage both physical and virtual servers. The standardized tool interface shortens the learning curve for new administrators and the standard APIs make it easier to build custom tools.

Storage management capabilities simplify configuring and managing storage, especially on systems with multiple drives. A traditional issue on Linux systems is that volume labels can change when hardware is reconfigured. OpenLMI avoids this problem by allowing you to address volumes by volume label, UUID, or Device ID. The combination of a standardized API and persistent device names makes it easy to keep storage consistent, even when hardware and software change.

OpenLMI enables remote network management by providing a standardized API to query and configure the network hardware. In addition to standard network configuration, it supports configuring network bridging and bonding and provides notification of changes in network configuration.

A system administrator can use the OpenLMI Software Provider to remotely add or remove services, and the Service Provider to determine the state of the service (started, running, stopped, failed), enable, start, or restart a service.

OpenLMI is a common infrastructure for automating system management operations across physical and virtual deployments.

FILE SYSTEMS

  • Red Hat Enterprise Linux now includes XFS as the default file system, providing scalability enhancements and additional file system choice. Previously, XFS was available only with the Scalable File System Add-On. XFS supports file system sizes up to 500TB.
  • Ext4 supports a file system size of 50TB, up from 16TB.
  • Btrfs is a relatively young file system especially useful for local, large-scale use cases. Btrfs includes basic volume management, snapshot support, and full data and metadata checksum integrity checksumming, and a command-line interface that makes these advanced features easier to use than in other large-scale file systems. 
  • The CIFS networking file system with server message block (SMB) protocol updates will provide better performance, security, and more features than were available with previous protocols.
  • GFS2 commands now more accurately deal with RAID stripe alignment and placement of critical elements such as journals and resource groups. This increases the scalability and performance of GFS2 when the file system is being created and when it is used.

STORAGE

ISCSI AND FCOE TARGETS

Red Hat Enterprise Linux 7 includes a new software implementation of the iSCSI (RFC-3720 mode) and Fibre Channel over Ethernet (FCoE) targets in the kernel, as opposed to the prior userspace implementation. This new implementation strengthens the ability to replace expensive shared storage arrays with Linux-based storage appliances built on commodity hardware.

DYNAMIC LUN DETECTION

Logical units (LUN) can now be dynamically recognized by the operating system with no manual intervention, resulting in fewer reboots and less downtime.

SNAPPER

Snapper is a new utility that creates, deletes, labels, and organizes snapshots of both Btrfs file systems and LVM logical volumes. The additional information and tooling give system administrators more control over their backup environment.

SECURITY DYNAMIC FIREWALL

The new dynamic firewall service (firewalld) provides greater flexibility over traditional Linux iptables enabling the unified management of IPv4, IPv6, and Ethernet Bridge rule sets. It allows administrators to quickly respond to new threats by activating new rules without restarting, thus eliminating service disruptions. In addition to dynamic configuration capabilities, firewalld supports a powerful rules language that simplifies firewall configuration and includes nearly 50 pre-defined settings for many commonly used system services.

STRUCTURED LOGGING

Information stored in the system log files can now be accessed in a structured form, making automated log analysis tools more powerful and effective. The default log file structure is not changed, ensuring that your existing tools and processes continue to work without requiring modifications.

SELINUX OVER NFS

Labeled NFS allows customers to take advantage of the full power of SELinux and deploy more secure environments, including secure virtual machine home directories stored on NFS servers. Images in a Red Hat Virtualization storage domain can have labels conveniently assigned and issued by the Red Hat Virtualization Manager.

Many types of attacks on a system can be prevented by providing fine-grained control of who can access system resources. SELinux protection is now available when using NFS, simplifying the development of secure applications. The Linux kernel has enhanced support for passing SELinux labels between a client and server using NFS.

NETWORKING

NETWORKMANAGER INTERFACES

Two new NetworkManager user interfaces are now available in Red Hat Enterprise Linux 7 and are aimed at administrators who prefer or may require command-line access for managing networking connections and services:

  • Nmcli uses a command-line interface to provide network administration of local, remote, and headless systems. It can also be used for network management scripting purposes.
  • Nmtui is a curses-based, menu driven text user interface designed to replace system-confignetwork-tui (in Red Hat Enterprise Linux 6) and simplifies configuring many common network settings, eliminating the need for administrators to manually edit network interface configuration files.

ACCURATE TIME SYNCHRONIZATION

Chrony is a different implementation of the network time protocol (NTP) than the network time protocol daemon (ntpd) that is able to synchronize the system clock faster and with better accuracy than ntpd. Note that ntpd is still included for customers who need to run an NTP service.

Benefits of Chrony include:

  • Faster synchronization requires only minutes instead of hours to minimize the time and frequency error, which is useful on desktops or systems not running 24 hours a day.
  • Better response to rapid changes in the clock frequency, which is useful for virtual machines that have unstable clocks or for power-saving technologies that don’t keep the clock frequency constant.
  • After the initial synchronization, it never steps the clock so as not to affect applications needing system time to be monotonic.
  • Better stability when dealing with temporary asymmetric delays, for example when the link is saturated by a large download.
  • Periodic polling of servers is not required, so systems with intermittent network connections can still quickly synchronize clocks.

 

PRECISION TIME PROTOCOL

Red Hat Enterprise Linux 7 supports the IEEE 1588, Precision Time Protocol version 2 (PTPv2) standard, a method for accurately synchronizing distributed clocks over an Ethernet network. While similar to Network Time Protocol (NTP), one of the main advantages of PTP is the hardware support found in various network interface cards (NICs) and network switches. When used in conjunction with the appropriate hardware, enabled devices, and network drivers, it is capable of achieving clock accuracy in the sub-microsecond range, which is far more accurate than is typically obtainable with NTP. This feature is particularly important for applications in the financial services and trading-related industries, where application latency is measured in microseconds.

TEAM DRIVER LINK AGGREGATION

The Team Driver project is new for Red Hat Enterprise 7 and provides a mechanism to bond multiple network devices (ports) into a single logical interface at the data link layer (OSI Layer 2). This mechanism is typically used to increase the maximum bandwidth and provide redundancy for links.

Team Driver moves most of the work and logic into a user-space daemon by implementing only the necessary data fast-path parts in the kernel. This approach provides several advantages over traditional bonding such as more stability, easier debugging, and making it simpler to extend while providing equal or better performance.

TCP ENHANCEMENTS

Various improvements to transmission control protocol (TCP) aim to reduce application latency for connection-oriented services such as web servers built on Red Hat Enterprise Linux.

  • Fast Open is an experimental TCP extension designed to reduce overhead when establishing a TCP connection by eliminating one round time trip (RTT) from certain kinds of TCP conversations. Fast Open could result in speed increases of between 4% and 41% in page-load times for busy websites.
  • Tail loss probe (TLP), an experimental algorithm, improves the efficiency of how the TCP networking stack deals with lost packets at the end of a TCP transaction. For short transactions, TLP could reduce retransmission timeouts by 15% and shorten HTTP response times by an average of 6%.
  • Early Retransmit (RFC 5827) allows the transport to use fast retransmits to recover segment losses that would otherwise require a lengthy re-transmission timeout. Connections can recover from lost packets faster, decreasing overall latency.
  • Proportional Rate Reduction (PRR) is an experimental algorithm designed to return to the maximum transfer rate quickly. It can potentially reduce HTTP response times by 3-10%.

40G ETHERNET LINK SPEED

Red Hat Enterprise Linux 7 supports 40G Ethernet link speeds on the appropriate hardware, which enables faster network communication for systems and applications.

LOW-LATENCY SOCKETS

Low-latency sockets are a software implementation that reduces networking latency and jitter within the kernel. This implementation makes it easy for applications to poll for new packets directly in the network driver which speeds up packets moving into the network stack. Applications that are sensitive to unpredictable latency benefit from the top-down, busy-wait polling method that replaces interrupts for incoming packets. 

HIGH AVAILABILITY

ENHANCED CLUSTER RESOURCE MANAGER

Cluster resource management has been enhanced through several additions:

  • Simplified administrative procedures reduce the amount of effort it takes to monitor and manage a cluster.
  • Finer-grained monitoring of every component in the cluster stack provides more awareness and control over applications running in high-availability environments. Resources can have multiple states associated with them and can be managed on a schedule basis or manually. An important new feature is the ability to create user-defined actions.
  • Resource cloning allows a single command to be replicated across multiple nodes in the cluster. For example, by using cloned resources, issuing a single command can cause a GFS2 filesystem to be mounted on all nodes within the cluster.
  • The new cluster resource manager has both a graphical and a command-line interface. The new resource manager provides a single environment for managing clusters running Red Hat Enterprise Linux 6 and 7.

PACEMAKER POLICY ENGINE

The pacemaker remote capabilities now apply to virtual machines within a cluster. Now with Red Hat Enterprise Linux 7, users can run pacemaker from within a virtual machine and to control resources and applications running in other virtual machines in the cluster. For more detailed technical information and instructions for using the features and capabilities described in this document, see the Red Hat Enterprise Linux 7 documentation.

ADD-ONS

The capabilities previously available in the High Performance Networking Add-On, the Load Balancing Add-On, and the Scalable File System Add-On have been included in the Red Hat Enterprise Linux Server base.