Rate this page del.icio.us  Digg slashdot StumbleUpon

What’s next in Red Hat Enterprise Linux (part 2)

by Bill Nottingham

Here’s the final installment of Bill Nottingham’s series based on the talk he gave at this year’s Red Hat Summit. Find out about the latest and greatest Fedora™ developments… and the future of Red Hat® Enterprise Linux® from this experienced engineer. Missed the first part? Catch up in the archives.

Network handling

Another area that’s shown a lot of improvement since Enterprise Linux 5 is networking, especially for desktop and laptop computers. In Fedora 9, we’ve greatly enhanced NetworkManager, and as a result, have switched to NetworkManager by default for all installs. Some of the features we’ve added to NetworkManager include:

  • MobileBroadband support – NetworkManager now supports configuring access via GSM and CDMA cards for even greater connectivity options.
  • System configuration support – NetworkManager now reads my system configuration , as configured via anaconda or system-config-network. This allows support for things such as static IPs.
  • Multiple device support – NetworkManager will automatically connect to both wireless and wired devices simultaneously. This means that if I disconnect the wired device, I’ll have seamless access through my wireless device, instead of having to wait for it to associate and get an IP address.
  • Connection editing – NetworkManager also includes a connection editor. With this, I can easily configure my wireless network, my mobile broadband connection, or even 802.1x for my wired connection.

Fig. 10 Network connections

Fig 10. Network connections

From the application side, we’re working on getting more and more apps tied into the NetworkManager infrastructure so they will automatically adapt to changing networks. For example, Firefox in Fedora 9 will now automatically go into offline mode if the network goes away, and go back online as soon as it returns.

In the future, we’re looking at extending NetworkManager to support Ipv6, as well as more device types (such as bridging and bonding devices).

Encrypted devices

One of the most requested features since the release of Enterprise Linux 5 is encrypted device support. We support encrypted devices via a technology called LUKS. LUKS, implemented on top of the existing device-mapper cryptography code, standardizes the partition header for the automatic detection of encrypted devices. It also allows for multiple passphrases to decrypt the device. For example, if I insert an encrypted USB stick, the encrypted device is detected via HAL, the GNOME file manager prompts me for the passphrase, and LUKS unlocks the device–which is then mounted and ready to use.

Fig 11. Unlocking an encrypted USB stick

Fig 11. Unlocking an encrypted USB stick

Fedora 9 goes even further: We support encrypting the entire system in the installer if the user desires. Anaconda will prompt for a password for physical devices, and then on boot, you’ll be prompted for that password before proceeding.

Fig 12. Encrypting the system during installation

Fig 12. Encrypting the system during installation

Audio handling

The addition of PulseAudio has greatly improved the audio subsystem in Fedora 9. PulseAudio is a networked sound server, used for mixing and playing audio streams on the system. Now, some of you might remember ESD, and wonder why we need another sound server. Simply put, the power and flexibility provided by PulseAudio is far beyond what ESD ever did.

For example, with PulseAudio I can easily adjust the volume of the audio streams individually. If I’m listening to music and I get a SIP call via ekiga, I can mute the music.

Fig 13. Setting different volumes for different volume streams

Fig 13. Setting different volumes for different volume streams

PulseAudio abstracts away your hardware devices as well. Say I decide to plug in a USB headset. I can then move any (or all) of my audio streams to that headset, while they’re playing. If I remove the headset, the audio streams are automatically moved back to the remaining device.

Fig 14. Moving audio streams to other devices

Fig 14. Moving audio streams to other devices

We’re working to use PulseAudio natively by all the applications shipped in Fedora and Enterprise Linux, and also use PulseAudio’s network support as a potential means for doing virtualized audio.

User switching and constrained users

Say I’m using my computer. My daughter comes up and says she wants to check her mail. In Fedora, we’ve made it easy for you to switch between users. When I log in, I see my user name on the panel. If I click there, my session is locked and a new login window will launch. From that window, I can select a different user. When this user logs out, I’ll automatically be switched back to my session.

Fig 15. Switching to another user

Fig 15. Switching to another user

If you notice, there’s a ‘Guest’ entry in the user list. The simple listing belies what’s available–this account is more than just an login named ‘guest’. Through cooperation between the Desktop and the SELinux teams, we’ve introduced a technology called ‘xguest.’

XGuest is a restricted kiosk-type user. I can log in as the guest user with no password. The guest user is specially confined via SELinux and only certain actions are allowed. For example, the only way to get out on the network is via the browser. Furthermore, on logout, any changes, customizations, or data saved by the guest user is thrown away so the next user will start with a clean slate (and guests can do little permanent damage). For example, I can change the background of the desktop. The next time I log in as the guest user, it will be reset to normal.

Virtual file systems

Another feature that was added in Fedora 9 is something called GVFS. GVFS is a userspace-based virtual filesystem. It replaces gnome-vfs in GNOME, adding many new features.

Let’s look at an example. One of the backends for GVFS is an archive mounter. I can enter and examine an archive–such as an ISO image or a tarball of source code– via the file manager by simply right-clicking and choosing ‘Open with Archive mounter.’ Once it’s open, I can navigate and open items with standard GNOME tools. Anything mounted with gvfs will also show up both in the GNOME ‘Places’ menu, and in the file chooser.

Fig 16. A mounted ISO image and a network mount in Places

Fig 16. A mounted ISO image and a network mount in Places

GVFS adds a new feature that makes it even more useful. Leveraging the power of FUSE userspace filesystems, anything mounted by GVFS is also exposed to your ‘standard’ Linux tools under ~/.gvfs. I can navigate into it with a shell, and read/write files to these locations without actually porting your apps to GVFS.

Fig 17. And also, available in the shell

Fig 17. And also, available in the shell

GVFS has back-ends for archive mounting, Samba/CIFS shares, DAV shares, sftp network mounts, OBEX (for talking to your bluetooth phone), and more. In future releases, we plan on extending the backends available for GVFS, and porting more of the desktop stack to use it natively.

Virtualization

If you’ve been around any sort of technical presentation in the past two years, you’ve certainly heard about virtualization. That’s another area we’re working on improving in Fedora, although a lot of that improvement is done under the covers. For example, if I start virt-manager now, it looks much the same as it does under Red Hat Enterprise Linux 5.

Fig 18. Virt-manager, running a test domain

Fig 18. Virt-manager, running a test domain

However, the virtualization hypervisor has changed from Xen to KVM. KVM offers many benefits over Xen:

  • KVM uses the standard kernel

    Xen runs as a hypervisor that requires a modified kernel underneath. Since it runs a (somewhat) non-standard kernel, it can lead to compatibility problems, especially for anything that has to call into, or use, the BIOS. For example, power management has had problems working under Xen, and console redirection and handling was often an interesting exercise., as anyone who’s used a serial console will tell you. By using the standard kernel, KVM allows full hardware compatibility–whatever works in the standard kernel, works in your virtualized host.

  • KVM is in the upstream kernel

    KVM has been accepted into the upstream Linux kernel. This is a great step for virtualization, in that it will now always be available, and won’t need continual porting to newer kernels. As anyone who has followed Fedora knows, attempting to maintain the Xen kernel patchset against the upstream kernel is a large amount of work. Working in the upstream obviates the need for that effort, allowing work to be done on improving the virtualization experience rather than chasing the kernel of the day.

But wait, you say… what about my paravirtualized guests? We’ve got you covered. Fedora 9 introduces new technology called Xenner. Xenner emulates the Xen hypervisor interface as a thin layer on top of KVM.

Fig 19. Running a Xen guest under KVM

Fig 19. Running a Xen guest under KVM

This shows the power of our virtualization strategy–by abstracting the interfaces away via tools like libvirt and virt-manager, we can change out the virtualization hypervisor, yet still present the same interface to the user and administrator, and run the same guests.

And more…

There’s even more where this comes from–new versions of Firefox, new firewire stacks, and more. If you want to know what’s down the road for Red Hat Enterprise Linux, check out Fedora 9– that’s where the innovation happens.

About the author

Bill Nottingham is an engineer at Red Hat, where he’s worked on Red Hat Linux, Red Hat Enterprise Linux, and Fedora for the past ten years. (yipes!) He currently serves on the Fedora Project Board and the Fedora Engineering Steering Committee, and maintains a variety of packages in Fedora.

13 responses to “What’s next in Red Hat Enterprise Linux (part 2)”

  1. Martin says:

    You should make the VM situation a bit more clear. Will RHEL6 ship Xen as a alternative besides KVM? It is a major difference between what we have and what we will get. One of those two gives a safer feeling.

    This might be important for those of us that is in the process of testing Xen on RHEL5.

  2. XpucToB says:

    From the article sounds like the same virtual machines that you created under RHEL5 using XEN will run under RHEL6 using KVM Xenner.

  3. XpucToB says:

    Is Fedora 9 the code base for RHEL6 ?

  4. Baptiste says:

    What about Cobbler, FreeIPA, oVirt and others interesting projects for deployment, identity management and virtualization… ?
    they will be integrated ?

  5. Michel S. says:

    XpucToB: RHEL pulls in code from the Fedora project; the features from Fedora 9 (and 10) will likely show up in RHEL 6.

  6. Missing Droid says:

    Hi there,

    Thanks for the time and effort you’ve put into this article. It’s helped highlight a few features I wasn’t aware of.

    Regards,

  7. manpreet says:

    its vary usefull edition for me thnx sir

  8. rgott09 says:

    What about performance? We are using Xen/Paravirtualization because of it’s very high performance. I don’t think any type of full virtualization can reach nearly the performance of Xen. I hope at least Xen will be shiped as an alternative.

    Regards

  9. onlyRHEL says:

    What abt requirements? I am currently running 3 guests(all linux) over vmware server1.0 . My host O/S is WinXP. Total RAM is 512 MB. Can Xen/Xenner/KVM do this? I don’t think so.

  10. Joel Anderson says:

    Sirs:

    I am very much impressed with Fedora Core 9. My last experience was with Fedora Core 3 used to build a Web Server. I learned very much about Linux during that project. Unfortunately, I got away from that for a time. My interest in Linux remained. I was recently able to spend some time with Fedora Core 9 building a dual boot laptop. Since then I find that the enhancements to Core 9 are excellent. Spending more time using the Linux OS then the Windows OS means that the team has done a very good job. In the past, I would not recommend using Linux desktops to a “regular” home user. That is no longer true. I would tell anyone that they can get Fedora Core 9, install it and become productive immediately. Thanks to you and everyone involved in the free project.

  11. Gorogo Folpratz says:

    Well, it seems like there STILL will be that primitive, ugly crumbled FONTS with the next release – I do not understand, why can not be invested in good looking, clean fonts – it is for our all health a good benefit to have clean fonts and not that ugly catastrophe with every linux distro since years.

  12. manan says:

    There are some extra filesystems available in fedora9 like ext4 ,etc.what is new in this ???

  13. Ilie Andrei says:

    PHP 5.2.9