REDEFINING THE ENTERPRISE OS ENTERPRISE 7

Rodrigo Freire Sr. Technical Account Manager 29/Ago/2014

1 Rodrigo Freire / Ron Pacheco Roadmap At A Glance

CY2010 CY2011 CY2012 CY2013 CY2014

RHEL 7 .0

RHEL 6 .0 .1 .2 .3 .4 .5 .6

RHEL 5 .5 .6 .7 .8 .9 .10 .11

Production 1 Production 2 Production 3

*All dates are approximate and subject to change

2> Rodrigo Freire / Ron Pacheco Application Isolation via Containers CONTAINERS ENABLE CONTINUOUS DELIVERY

APP HOST OS SERVER LIBS

CONTAINER

CONTAINER

APP

LIBS

HOST OS

SERVER DEVELOPMENT FOCUS OPERATIONS FOCUS ● CODE ● HARDWARE ● APPLICATIONS ● ● LIBRARIES AND OTHER ● NETWORKING DEPENDENCIES ● MONITORING ● DATA STORE

4 Rodrigo Freire / Ron Pacheco RHEL 7 Containers Architecture with Docker CLI

Containers Containers Containers

DOCKER CLI Docker Image

SYSTEMD Unit File

Cgroups SELinux

Drivers RHEL Kernel

Hardware (Intel, AMD)

5 Rodrigo Freire / Ron Pacheco BENEFITS OF LINUX CONTAINERS

6 Rodrigo Freire / Ron Pacheco MORE EFFICIENT INSTALLATION AND DEPLOYMENT

SPEED DEPLOYMENT IN-PLACE UPGRADES PRIORITIZE CRITICAL WITH SERVER PROFILES FROM 6.X TO 7 SERVICES AT START-UP

EASILY CREATE CUSTOM SAFELY ROLL-BACK DRAMATICALLY SPEED INSTALL IMAGES DURING INSTALL START-UP TIMES

8 Rodrigo Freire / Ron Pacheco Create, Install, Deploy & Manage Custom Install Images using Live Media Creator

Easier installation, deployment, and custom image creation/management across large-scale enterprises

● Spin custom installable images with the help of Live Media Creator

Content Sources Custom Image (Repositories)

10 Rodrigo Freire / Ron Pacheco Image Deployment with Anaconda Kickstart

● Filesystem Image Deployment

● kickstart liveimg command

● Same family as url, harddrive, & ● Deployment of pre-created filesystem images ● Supports squashfs compressed images ● Manual deployment of partitioned disk images for virt usage ● live images must contain the utilities needed by anaconda to perform the OS installation

11 Rodrigo Freire / Ron Pacheco CENTRALIZED MANAGEMENT AND FASTER BOOT UP

● Gain centralized management of “ is my favorite feature so far. processes, services, security, We deal with lots of init scripts currently; I’m already seeing great and other resources improvements by switching most of them to systemd.”1 ● Prioritize critical services and deliver production support while IT Architect, Medium Enterprise Media & less critical resources are still Entertainment Company initializing

● Dramatically decrease start up times

● Compatible with existing scripts (SysV and LSB init scripts)

1 Source: Research by TechValidate: www.techvalidate.com/product-research/red-hat-enterprise-linux TVID: 6D2-C98-90F

12 Rodrigo Freire / Ron Pacheco MANAGEABILITY WITH OPEN LMI

● Open MANAGEMENT SYSTEM PYTHON CUSTOM SHELL standards-based JBOSS management SCRIPTS APPS SCRIPTS LMI framework for PYTHON C/C++ JAVA CLI low-level system SHELL

configuration OpenLMI Client Interface Libraries ● Unified management tools and MANAGED SYSTEMS system-wide OpenLMI Object Broker resource

management allow OTHER NETWORK STORAGE SERVICESSOFTWARE users to streamline AGENTS SYSTEM administration USERS SECURITY MONITOR CONFIG

13 Rodrigo Freire / Ron Pacheco File System Choice CHOICE OF FILE SYSTEMS 7 RC

● Scale file systems to 500TB with new default filesystem XFS “The default XFS ● Scale to 50TB with ext4 filesystem is just great!!”1 2 ● Btrfs also available IT Specialist, ● Parallel NFS v4 provides improved performance US Federal Government and throughput Supported Type Root Boot Comments Limit Single-node XFS 500TB Yes Yes System default ext4 50TB Yes Yes Driver allow access to older versions (ext2, ext3). btrfs2 50TB Yes Yes Network/Multi-node GFS2 2-16 nodes Yes No Shared-storage file system

1 Source: Research by TechValidate: www.techvalidate.com/product-research/red-hat-enterprise-linux TVID: 6D2-C98-90F 2 Available as a Technology Preview

15 Rodrigo Freire / Ron Pacheco Storage RHEL 7 Storage Enhancements

● SSD’s

● Hierarchical/Tiered storage (Device mapper cache) ● MultiQ block layer design ● Interconnect support – upstream dependent (NVMe, SOP, SAS-3) ● Linux-IO SCSI Target (LIO)

● Asynchronous SCSI events

● Software RAID enhancements

17 Rodrigo Freire / Ron Pacheco Storage Management and CLI

● libstoragemgt manages SAN and NAS

● liblvm is the API equivalent of LVM user commands

● Blivet is a new high level storage and file system library that will be used by anaconda and OpenLMI

● Storage system manager provides an easy to use command line interface

Unification of storage management code

18 Rodrigo Freire / Ron Pacheco Networking Team Driver

● Mechanism to aggregate multiple network devices into a single logical interface at the data link layer (L2.)

● Alternative to the existing Linux Bonding driver that provides many advantages over traditional bonding.

● Mostly implemented in user space with only the data fast-path implemented in the kernel. ● Supports IEEE 802.3ad (IEEE 802.1ax) LACP + many proprietary standards.

● Performance is equal or better than Linux Bonding driver and provides nearly identical functionality including some added improvements.

20 Rodrigo Freire / Ron Pacheco Other Network Features and Improvements

● Network Namespaces

● Lightweight container-based virtualization allowing virtual network stacks to be associated with a process group. Essentially, another copy of the network stack.

● Network Priority Control Group (cgroup)

● Provides an interface to allow an administrator to dynamically set the priority of network traffic generated by various applications.

● Firewalld

● New dynamic firewall service providing greater flexibility over iptables by eliminating service disruptions during rule updates, abstraction, and support for different network trust zones.

● TCP

● Numerous performance and latency improvements including Fast Open, Tail Loss Probe (TLP) Algorithm, Early Retransmit (ER), Proportional Rate Reduction (PRR) and low latency sockets using Busy Poll

● 127.0.0.0/8 routing

● Useful for private blocks-depleted networks, providing local tenant systems a local network without the risk of clashing network blocks.

21 Rodrigo Freire / Ron Pacheco Optimal Performance and Monitoring OPTIMAL PERFORMANCE VIA PROFILES

Optimal performance management via enhanced performance tuning at install, simplified instrumentation and tuning features, and performance monitoring tooling

PERFORMANCE CO-PILOT (PCP) THERMOSTAT (FOR JVMs)

23 Rodrigo Freire / Ron Pacheco Profiling and Monitoring - Tuna

● Tool for fine grained control

● Display applications / processes

● Displays CPU enumeration

● • Socket (useful for NUMA tuning)

● • Dynamic control of tuning

● Process affinity

● Parent & threads

● Scheduling policy

● Device IRQ priorities, etc

24 Rodrigo Freire / Ron Pacheco Performance -Tuned

● Re-written for maintainability and extensibility.

● Optional hook/callout capability ● Adds concept of Inheritance (just like httpd.conf) ● Configuration is now consolidated a single tuned.conf file ● Profiles updated for RHEL7 features and characteristic

25 Rodrigo Freire / Ron Pacheco Performance - numabalance

● Simplify and automate numa management

● numabalance scheduler

● Tries to move/keep tasks and their memory “NUMA-local”

● Enable / Disable / Tracing ● sysctl kernel.numa_balancing=0/1 ● perf list | grep numa

26 Rodrigo Freire / Ron Pacheco Windows Interoperability WINDOWS INTEROPERABILITY VIA DIRECT INTEGRATION

MICROSOFT “Windows Domain interoperability is what I ACTIVE DIRECTORY am looking forward to. We have a large Windows domain with 10k Windows workstations and 1300 Windows servers. Being able to authenticate and interact with Active Directory is a very high priority for us.”1

Lynn Dixon, System Administrator, Mohawk Industries

SSSD

RHEL

1 Source: Research by TechValidate: www.techvalidate.com/product-research/red-hat-enterprise-linux

28 Rodrigo Freire / Ron Pacheco WINDOWS INTEROPERABILITY VIA INDIRECT INTEGRATION

MICROSOFT IDENTITY ACTIVE DIRECTORY MANAGEMENT ALLOWS FOR EASIER CENTRALIZED TRUST NATIVE LINUX MANAGEMENT OF MULTIPLE LINUX CLIENTS

SSSD

RHEL

1 Source: Research by TechValidate: www.techvalidate.com/product-research/red-hat-enterprise-linux

29 Rodrigo Freire / Ron Pacheco RED HAT ENTERPRISE LINUX 7 HIGHLIGHTS

LIGHTWEIGHT WINDOWS SCALABLE APPLICATION ISOLATION INTEROPERABILITY FILE SYSTEMS

E (LINUX CONTAINERS) L B I X E L F

OPTIMAL STREAMLINED SYSTEM MANAGEMENT

D PERFORMANCE INSTALLATION AND VIA OPENLMI T N VIA PROFILES DEPLOYMENT N A

E I E C L I B F F A T E S

CERTAINTY OF MISSION-CRITICAL RELIABILITY AND MILITARY-GRADE SECURITY

30 Rodrigo Freire / Ron Pacheco RED HAT ENTERPRISE LINUX 7 RETHINK YOUR ENTERPRISE OS

FLEXIBILITY to quickly adapt to demands for business agility

CERTAINTY of mission-critical reliability and STABILITY military-grade security to efficiently meet current challenges of datacenter virtualization and cloud

90% OF FORTUNE 500 COMPANIES TRUST RED HAT ENTERPRISE LINUX FOR THEIR CRITICAL BUSINESS INFRASTRUCTURE.

31 Rodrigo Freire / Ron Pacheco THANK YOU!

Rodrigo Freire [email protected] http://people.redhat.com/rfreire/cce-rhel7-rio.pdf