Transcription
Red Hat Enterprise Linux 8 /Universal Base ImageWhat’s new?1Pete BowdenRobert SedorSenior Solutions ArchitectSenior Solutions Architect
RED HAT ENTERPRISE LINUX 8CONFIDENTIAL DesignatorAt a glance2KERNEL VERSION4.18 SYSTEM COMPILERGCC 8.2, LLVM 6.0HARDWAREARCHITECTURESIntel/AMD 64-bit, IBM Power LE,IBM z Systems, ARM 64-bitDEFAULT FILE SYSTEMXFSPACKAGE MANAGEMENTYum v4TIME SYNCHRONIZATIONChronyNETWORKINGNetworkManager
RED HAT ENTERPRISE LINUX 8Predictable updates33 years6 months2 phasesMajor releasesMinor updatesSupport life cycle
RED HAT ENTERPRISE LINUX 8Application streamsTime of supportPostgreSQL 12 streamPostgreSQL 10 streamPostgreSQL 9.6 streamRed Hat Enterprise Linux 8Red Hat Enterprise Linux 74More choiceOffers versions of the open source toolsand frameworks developers needNewer versionsProvides access to newer versions asthey stabilizeSimpler accessMaintains standard locations for toolsand libraries
RED HAT ENTERPRISE LINUX 8Simplified access to softwareRed Hat Enterprise Linux 7 optionalserverRed Hat Enterprise Linux 8 rbaseos5
RED HAT ENTERPRISE LINUX 8The newest yum package manager: version em6rpmNew technologyMaintains the same experience whileadding new toolsBetter dependency managementOffers faster resolution and easierminimization of what's installedStable APIProvides new application programminginterface (API) for extending yum thatwill progress into the future
RED HAT ENTERPRISE LINUX 8Insights is now included with all RHEL SubscriptionsAnalyze7IdentifyPrioritizeResolve
RED HAT ENTERPRISE LINUX 8Detect and fix issues with Red Hat InsightsProactive adviceIdentification of issues before theybecome problemsContinuous assessmentReal-world results to help find new risksSimpler remediationsTailored results at the host level8
RED HAT ENTERPRISE LINUX 8Create images for all your environments with imagebuilderBare metalHypervisorsBlueprintPublic cloudsPrivate clouds9Single sourceLets you create gold images for any environment fromthe same blueprint increasing stability and consistencyAny footprintSupports public cloud, private cloud, enterprisehypervisors, and bare metalSimple interfaceProvides web-based view within the web console forselecting packages and creating blueprints
RED HAT ENTERPRISE LINUX 8Speed automation creation with system on automationManage multiple versions ofRed Hat Enterprise Linux from asingle roleReduced reworkImport provided roles to eliminatetask creation in playbooksEasy switching of providersChange between default and optionaltools quickly and safely
RED HAT ENTERPRISE LINUX 8Optimized experiences for mission-critical databases11 Red Hat Enterprise Linux is thereference platform for SQL Server onLinux Benchmark-breaking performance Fast deployment and portabilityvia containers
RED HAT ENTERPRISE LINUX 8Red Hat Certified Cloud and Service Providers12
RED HAT ENTERPRISE LINUX 8Configuring systemwide cryptographic policiesCentral configurationSet acceptable algorithms from asingle nSSLSecuredcommunicationsClientImproved consistencyCovers multiple cryptographicproviders and consumers like TLS,kerberos, and JavaBuilt-in policiesIncluding legacy systems requiring64-bit security and FIPS allowed orapproved algorithms13
RED HAT ENTERPRISE LINUX 8Recording user terminal sessionsAudit activitiesCreate a record of actions taken forreview against security policiesCreate visual guidesBuild run books and training materialswith demonstrationsRecord and play backLogged via standard channels withmultiple playback options14
RED HAT ENTERPRISE LINUX 8Remote single-system views in the web consoleBrowser-based interfaceOffers remotely accessible user interfaceusing host security mechanismsConsolidated viewProvides single view of tasks to speedunderstanding and completionStandard management toolsUses system tools to change state, nota separate workflow15
RED HAT ENTERPRISE LINUX 8New in the web consoleVirtual machinesCreate and manage virtual machinesNetwork-bound disk encryptionEnroll disks with Tang server andmanage LUKS keysSingle sign-on configurationAutomatically configure whenjoining a domain16
RED HAT ENTERPRISE LINUX 8Containers are LinuxRunBuildApplication binariesApplication cesCPU17MemoryStorageNetwork
RED HAT ENTERPRISE LINUX 8Powering the adoption of containerized workloadsTRADITIONAL DEVELOPMENTFindRunBuildRed Hat Enterprise yIntegrateDeployRed Hat OpenShift (Kubernetes)
RED HAT ENTERPRISE LINUX 8Manage containers with PodmanFast and lightweightNo daemons requiredKernelRunCAdvanced namespace isolationRootless operations for container runand buildPodmanOpen standards compliantCreates and maintains any standardOpen Containers Initiative (OCI)-compliant containers and podsImages19
RED HAT ENTERPRISE LINUX 8Create images with BuildahApplication layerMore controlScriptable tooling for fine-grainedimage control, and maximum controlstarting from base or scratch imagesJava runtime layerOS update layer20Base Red HatEnterprise LinuxJava runtime anddependencies, andapplicationFrom base, multilayerFrom scratch, single layerMinimization of imagesElimination of unneeded dependenciesby using host-based tools
RED HAT ENTERPRISE LINUX 821Challenges in selecting theright Container Base Image
THERE ARE A LOT OF DIFFERENT OPTIONSFiguring out which container base image to use can be difficultTraditional Options 22Red Hat Enterprise LinuxFedoraCentOSDebianUbuntuWindowsMinimal Options DistrolessScratchRHEL MinimalAlpine
HOW TO SELECT THE RIGHT IMAGEThere is some standard criteria that can helpArchitecture 23C LibraryCore UtilitiesSizeLife CycleCompatibilityTroubleshootingTechnical SupportISV SupportDistributabilitySecurity UpdatesTrackingSecurity ResponseTeamPerformance AutomatedPerformanceEngineering
IT WORKS ON MY LAPTOP, BUT.What about performance?CONTAINERCONTAINERAPPAPPLANGUAGE RUNTIMESLANGUAGE RUNTIMESGENERIC CONTAINERIMAGEGENERIC CONTAINERIMAGELAPTOPWorks on my laptop24PRODUCTIONBut, what about at 1Mtransactions per second1M TPS
IT WORKS ON MY LAPTOP, BUT.What about security?CONTAINERCONTAINERAPPAPPLANGUAGE RUNTIMESLANGUAGE RUNTIMESGENERIC CONTAINERIMAGEGENERIC CONTAINERIMAGELAPTOPWorks on my laptop25PRODUCTIONWhat about hackers?
ISVs NEED TO DISTRIBUTE ANYWHEREMeet your customers where they are, joint Red Hat customers, or not.CONTAINERISV APPJoint Red HatCustomerLANGUAGE RUNTIMESOnly ISVCustomerOS(USER SPACE)Joint Red HatCustomer26Only ISVCustomer
RED HAT ENTERPRISE LINUX 827Introducing the UniversalBase Image
THE BASE IMAGE FOR ALL OF YOUR NEEDSEnterprise architecture, security and performanceCONTAINERAPPLANGUAGE RUNTIMESOS(USER SPACE)The Red Hat Universal Base Image is based on RHEL andmade available at no charge by a new end user licenseagreement.Development Minimal footprint ( 90 to 200MB)Programming languages (Modularity & AppStreams)Enables a single CI/CD chainProduction 28Supported as RHEL when running on RHELSame Performance, Security & Life cycle as RHELCan attach RHEL support subscriptions as RHEL
THE BASE IMAGE FOR ALL OF YOUR NEEDSEngineered by Red Hat with an enterprise roadmap, security andperformanceCONTAINERAPPTrusted: LANGUAGE RUNTIMES OS(USER SPACE) 29LibrariesPackaging formatCore UtilitiesSecurity ResponsePatchingPerformance ResponseTechnical SupportMore
WHAT IS THE RED HAT UNIVERSAL BASE IMAGE?Three base images, language runtime images, and software packagesMINIMALSTANDARDALL RED HATENTERPRISE de.jsMULTISERVICEBaseImages30UNIVERSALBASE Subset
THE BASE IMAGE FOR ALL OF YOUR NEEDSBringing the value of RHEL to cloud native applications31RHELCONTAINERAPPAPPLANGUAGE RUNTIMESLANGUAGE RUNTIMESKERNEL & SYSTEMSOFTWARESYSTEM ationsOPERATORWEBSERVICEDATABASECACHETIERCloud NativeApplications
WHAT IS THE RED HAT UNIVERSAL BASE IMAGE?Providing the right level of content for application stability via the RHEL API/ABIMINIMALPLATFORMAPPAPPmicrodnf coreutilsYUM @base/usr/sbin/initglibc (En locale)glibc (full locales)glibc (full ned for applications that containall dependencies (Golang, dotnet, etc) Minimized content setNo suid binariesMinimal package manager(install, update, remove)For any application that runs on RHEL Unified, openssl crypto stackFull YUM stackIncludes useful basic OS tools(tar, gzip, vi, etc)MULTI-SERVICEAPP0APP1Eases running multiple services in asingle container Configured to run systemd onstartSimply enable the services atbuild time
CAN BE BUILT & DEPLOYED ANYWHEREBuilding on UBI is the first step33CONTAINERCONTAINERCONTAINERPARTNER CONNECTCERTIFIED APPAPPAPPLANGUAGE RUNTIMESLANGUAGE RUNTIMESLANGUAGE RUNTIMESRED HAT UNIVERSALBASE IMAGERED HAT UNIVERSALBASE IMAGERED HAT UNIVERSALBASE IMAGERED HAT PLATFORMRED HAT PLATFORMANY CONTAINER PLATFORMCertification provides thehighest level of supportEnterprise support when runon Red Hat platformsTrusted base for anyenvironment
TWO WAYS TO GET UPDATESRed Hat provides updated base images & RPM updates so you canrebuild any time you wantCONTAINERAPPLANGUAGE RUNTIMESRED HAT UNIVERSALBASE IMAGEBase Image Updates34Associated RPM Updates
LEVELS OF SUPPORTABILITY35ANYWHERE RED HAT PLATFORM CERTIFICATION OPERATOR CERTIFICATIONTrusted RoadmapYesYesYesYesProven ImagesYesYesYesYesMinimal ImagesYesYesYesYesPackage/Image UpdatesOnly UBI ContentAll RHEL ContentAll RHEL ContentAll RHEL ContentCloud Native Language YesYesYesPlatform TestingNoneYesYesYesCustomer SupportNoneRed Hat ComponentsJoint (All Components)Joint (All Componentes)Joint PromotionNoneNoneYesYesISV Build SupportNoneNoneYesYesAutomated Deployment SupportNoneNoneNoneYesAutomated Operations SupportNoneNoneNoneYes
SUPPORTABILITY MATRIXTIER 1TIER 2TIER 3COMMUNITYSUPPORTTiered support model36RHEL 6UBI 7RHEL 6UBI 7RHEL 6UBI 7UBI 8OTHERUBI 8OTHERUBI 8OTHERRHEL 7RHEL 8ANY CONTAINER PLATFORMRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8Like any upstream project
Thank dHatVideosRed Hat is the world’s leading provider ofenterprise open source software solutions.facebook.com/redhatincAward-winning support, training, and consultingservices makeRed Hat a trusted adviser to the Fortune 500.37twitter.com/RedHat
UNIVERSAL BASE IMAGE - TIMELINEPlanning and Launch readiness WCR plan for UBI launchSelect Partner disclosure and enablement Disclosure under NDA Developer Preview release Updated Container Certification Appendix(Terms-based registry already GA)RHEL8 GA (May 2019) Public Launch of UBI RHEL8 GA with UBI only OpenShift 4.0 Transition RH portfolio onto new Image Transition certified ISV onto new ImageQ1 FY2020Q3/Q4 FY2019UBI 7 Partner Launch / GA Launch Operator Certification Container Certification 2.0Update ISV Commercial Models ISV Embedded to reference ContainerCertification 2.0 FY19 Sales Incentives adjustRed Hat Community Initiatives UBI can now be the defaultH2 FY2020Q2 FY2020UBI Future UBI 8 images UBI 7 Images RHEL 7 Images for layered products &customersRHEL 7 base imageDev PreviewUniversal Base Image 7Dev PreviewUniversal Base Image 8
SUPPORTABILITY MATRIXRED HATSUPPORTCOMMUNITYSUPPORTRed Hat Support and Community Support39RHEL 6UBI 7RHEL 6UBI 7RHEL 6UBI 7UBI 8OTHERUBI 8OTHERUBI 8OTHERRHEL 7RHEL 8ANY CONTAINER PLATFORMRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8Like any upstream project
WHAT IS THE RED HAT UNIVERSAL BASE IMAGE?The UBI is a subset of content from RHEL.CONTAINER1.A set of three base images (ubi,ubi-minimal, ubi-init)2.A set of language runtime images(nodejs, ruby, python, php, perl, etc)3.A set of associated YUM repositorieswith common applicationdependency componentsAPPLANGUAGE RUNTIMESOS(USER SPACE)40
Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. Thank you 37. UBI 7 Partner Launch / GA Launch Operator Certification Container Certification 2.0 Update ISV Commercial Models ISV Embedded to reference Container Certification 2.0 FY19 Sales Incentives adjust Red Hat Community Initiatives UBI can now be the default UNIVERSAL BASE .
