Top new features in Red Hat Enterprise Linux 8.8 and 9.2 Beta

I’m pleased to announce the availability of Red Hat Enterprise Linux (RHEL) 8.8 and 9.2 Beta. RHEL provides a more flexible and stable foundation to support hybrid cloud innovation and a faster, more consistent experience for deploying applications and critical workloads across physical, virtual, private and public cloud, and edge deployments.

What’s new?

RHEL 8.8 and 9.2 Beta brings new features and enhancements that deliver greater consistency and a stronger security posture to the open hybrid cloud’s foundation, with the ability to deliver workloads, applications and services faster with less effort across various environments.

Primary features and benefits

Here are a few highlights of what’s included in RHEL 8.8 and 9.2 Beta.

Provides built-in layers of security

Enhanced capabilities added to RHEL 8.8 and 9.2 Beta help simplify how organizations manage security and compliance when deploying new systems or managing existing infrastructure. New features include:

• An available realmd RHEL system role that allows customers to automate the process of directly integrating RHEL systems with Microsoft Active Directory.
• A SCAP profile and Ansible content for enhanced system checks and hardening that align with Center for Internet Security (CIS) benchmarks for RHEL 9 (RHEL 9.2 Beta only).

Optimizes existing edge investments

RHEL makes it easier to deploy workloads to distributed computing systems at the edge, helping to move computing closer to users and data sources. The platform supports the remote management and monitoring needed to deploy hundreds or thousands of edge nodes, with the latest versions bringing new capabilities to bear, including ignition support in a simplified installer and an additional zero-touch provisioning method for edge systems as an alternative to FIDO Device Onboard (FDO) (RHEL 9.2 Beta only).

Accelerates application development

RHEL 8.8 and 9.2 Beta provide developers with enhancements to application streams through new compilers, runtime languages, databases and web servers. Improvements in this release include:

• Python 3.11 adds several new features and significantly faster performance.
• New versions of Performance Co-Pilot (PCP) with new analysis tools and the Grafana data visualization platform.
• Nginx 1.22—the high-performance, lightweight web server, reverse proxy and load balancer—now includes OpenSSL 3.0 compatibility, which hardens against request smuggling and cross-protocol attacks, along with Application-Layer Protocol Negotiation (ALPN).
• PostgreSQL 15—a popular open source database—has new security features and significant performance improvements.
• Updates have been made to Rust v1.66, Go v1.19 and LLVM v15 toolsets.

Makes it easier to automate and standardize systems

Automation and management capabilities in RHEL 8.8 and 9.2 Beta continue to help reduce the complexities of automating manual tasks, standardizing deployments and simplifying the day-to-day administration of systems. New capabilities include:

Web console

• Disable root account logins by default on new RHEL 9.2+ installations. This can be configured via the /etc/cockpit/disallowed-users file (RHEL 9.2 Beta only).
• Provide holistic configuration with network-bound disk encryption (NBDE) on root file systems using the web console.
• Add a virtual watchdog device to virtual machines (VMs) and eject and insert ISO images within virtual CD-ROM devices running on VMs. Additionally, the web console will now set the discard attribute to "unmap" for newly created VM virtual disks, which allows discard requests to pass to the file system.
• Select frequently used combinations of policies and sub-policies for system-wide crypto policies. System-wide crypto policies ensure that the cryptographic configuration on all supported services configured for a host is reasonable and follows industry and site-specific security policies.  
• Add or remove groups from user accounts. The account page now provides a new list view that includes groups and the ability to search and sort.
• Detect and use the system's dark mode setting, which users can override if needed.

RHEL system roles

• The new Podman RHEL system role lets customers automate the deployment of containers in their environment to save time and improve consistency. 
• The new journald RHEL system role lets customers automate the configuration of the systemd journal on RHEL, including the ability to configure a persistent systemd journal.    
• The new ad_integration RHEL system role helps users automate the process of directly integrating RHEL systems with Microsoft Active Directory.
• Several RHEL system roles—including metrics, nbde_server, vpn, microsoft.sql.server, ha_cluster, logging, postfix and cockpit—can now optionally call the firewall and/or Security-Enhanced Linux (SELinux) system roles to open a port and configure port labeling automatically.
• The ha_cluster, logging, microsoft.sql.server and cockpit RHEL system roles can now call the certificate system role to create a corresponding certificate.
• The microsoft.sql.server RHEL system role now provides operational efficiencies, fortifications for disaster recoveries and support for the newest Microsoft SQL Server release. 

Build system images in a more consistent way

The on-premise version of RHEL image builder includes many new security and system configuration options to create highly customized images such as:

Security configurations

• Apply OpenSCAP security policy profiles
• Onboard a FIDO device for secure provisioning of edge devices

System configurations

• Import and export blueprint files
• Append kernel boot parameters
• Enable or disable services
• Enable or disable firewall rules for ports and services
• Define users and groups
• Define SSH public keys for remote access
• Define time zone and time servers
• Define language and locale
• Define installation device
• Define URL to ignition files for an additional zero-touch provisioning method for edge systems

More easily architect and design containerized deployments 

Podman provides an open source tool for developing, managing and running containers on Linux systems. New capabilities include:

• Container creation auditing. This offers Podman event tracking, allowing container creation events for audit. Container creation auditing is practical for environments with system activity auditing requirements.
• Custom health check actions via Podman. This provides organizations automation options when a container becomes unhealthy, which is crucial for services in remote locations or critical systems.

Red Hat customers can directly access RHEL 8.8 and 9.2 Beta from the Red Hat Enterprise Linux product page.

Additional resources

• RHEL 8.8 Beta Product Documentation
• RHEL 9.2 Beta Product Documentation
• RHEL 8.8 Beta Release Notes
• RHEL 9.2 Beta Release Notes