Lub tuam txhab Red Hat kev faib khoom siv . Kev teeb tsa cov rooj sib txoos tau npaj rau x86_64, s390x (IBM System z), ppc64le thiab Aarch64 architectures, tab sis rau tsuas yog rau npe Red Hat Customer Portal cov neeg siv. Cov peev txheej ntawm Red Hat Enterprise Linux 8 rpm pob tau muab faib los ntawm CentOS. RHEL 8.x ceg yuav raug txhawb kom txog thaum tsawg kawg 2029.
Thaum pib, kev tshaj tawm ntawm RHEL 8.2 yog ntawm Red Hat lub vev xaib thaum Lub Plaub Hlis 21, tab sis cov lus tshaj tawm tau ua ntxov ntxov thiab cov chaw khaws cia rau kev txhim kho tshiab tseem , tab sis qhov tseeb tso tawm tsuas yog niaj hnub no. Lub 8.x ceg tau tsim nyob rau hauv raws li lub voj voog kev loj hlob tshiab, uas suav nrog kev tsim tawm txhua rau lub hlis ntawm lub sijhawm teem tseg. Tshiab RHEL cov khoom nthuav dav ntau txheej, suav nrog Fedora ua lub caij nplooj ntoo hlav rau lub peev xwm tshiab, rau kev nkag mus rau cov pob khoom tsim tawm rau qhov nruab nrab tom ntej tso tawm ntawm RHEL (rolling version of RHEL), minimalistic universal base image (UBI, Universal Base Image) rau kev khiav cov ntawv thov hauv cov thawv cais thiab rau kev siv dawb ntawm RHEL hauv txoj kev txhim kho.
Ntsiab :
- kev txhawb nqa tag nrho rau kev tswj hwm cov peev txheej uas siv cov hierarchy unified , uas yav dhau los nyob rau theem kev sim ua tau. Cov pab pawg v2 tuaj yeem siv, piv txwv li, txhawm rau txwv kev nco, CPU thiab I / O noj. Qhov sib txawv tseem ceeb ntawm cgroups v2 thiab v1 yog kev siv cgroup hierarchy rau txhua hom kev pab, es tsis txhob cais hierarchies rau faib CPU cov peev txheej, rau kev tswj hwm kev nco, thiab rau I / O. Kev sib cais hierarchies tau ua rau muaj teeb meem hauv kev teeb tsa kev sib cuam tshuam ntawm cov neeg tuav haujlwm thiab rau cov nqi peev txheej ntxiv thaum siv cov cai rau cov txheej txheem hais txog hauv cov hierarchies sib txawv.
- Convert2RHEL cov cuab yeej rau kev hloov cov tshuab siv RHEL zoo li kev faib tawm, xws li CentOS thiab Oracle Linux, rau RHEL.
- Ntxiv lub peev xwm los kho qhov system-wide cryptographic subsystem txoj cai (crypto-txoj cai), npog TLS, IPSec, SSH, DNSSec thiab Kerberos raws tu qauv. Tus thawj coj tam sim no tuaj yeem txhais nws tus kheej txoj cai lossis hloov qee yam ntawm cov uas twb muaj lawm. Ntxiv ob lub pob tshiab setools-gui thiab setools-console-analyses rau kev txheeb xyuas SELinux cov cai thiab tshuaj xyuas cov ntaub ntawv ntws. Ntxiv qhov profile kev ruaj ntseg uas ua raws li DISA STIG (Defense Information Systems Agency) cov lus pom zoo. Ib qho kev siv hluav taws xob tshiab, oscap-podman, tau muab ntxiv los luam theej duab cov ntsiab lus ntawm cov thawv rau cov kev pabcuam tsis zoo.
- Cov cuab yeej tswj xyuas tus kheej tam sim no suav nrog kev siv Healthcheck tshiab uas tso cai rau koj txheeb xyuas cov teeb meem hauv IdM (Identity Management) ib puag ncig. Muab kev txhawb nqa rau Ansible lub luag haujlwm thiab cov qauv kom yooj yim IdM installation thiab tswj.
- Tus qauv tsim ntawm lub vev xaib console tau raug hloov pauv, uas tau hloov mus rau kev siv PatternFly 4 interface, zoo ib yam li tus qauv tsim ntawm OpenShift 4 interface. Ib tus neeg siv sijhawm tsis ua haujlwm tau ntxiv, tom qab ntawd qhov kev sib tham nrog lub vev xaib console raug kaw. Ntxiv kev txhawb nqa rau authentication siv daim ntawv pov thawj tus neeg siv khoom. Cov seem rau kev tswj cia thiab cov tshuab virtual tau hloov kho.
- Lub interface hloov pauv virtual desktops hauv GNOME Classic ib puag ncig tau hloov pauv; lub khawm hloov tau raug txav mus rau sab xis sab xis thiab tau tsim los ua ib txoj hlua nrog cov duab me me.
- Lub DRM (Direct Rendering Manager) cov duab subsystem yog synchronized nrog Linux kernel version 5.1. Graphics tsav tsheb tau hloov kho kom suav nrog kev txhawb nqa rau Intel Intel Comet Lake H thiab U (HD Graphics 610, 620, 630), Intel Ice Lake U (HD Graphics 910, Iris Plus Graphics 930, 940, 950), AMD Navi 10, Nvidia Turing TU 116,
- Wayland-raws li GNOME kev sib ntsib yog qhib los ntawm lub neej ntawd rau cov tshuab nrog ntau lub GPUs (yav dhau los X11 tau siv rau cov tshuab nrog cov duab sib xyaw).
- Ntxiv kev txhawb nqa rau Linux kernel tshiab tsis muaj feem cuam tshuam txog kev tswj hwm kev suav nrog kev tiv thaiv kev tawm tsam tshiab ntawm CPU speculative execution mechanism: mds, tsx, mitigations. Ntxiv parameter
mem_encrypt los tswj kev ua haujlwm ntawm AMD SME (Secure Memory Encryption) txuas ntxiv. Ntxiv cpuidle.governor parameter los xaiv CPU tsis ua haujlwm hauv xeev tus tuav haujlwm (cpuidle tswv xeev). Ntxiv /proc/sys/kernel/panic_print parameter los teeb tsa cov ntaub ntawv tawm thaum muaj kev sib tsoo (lub xeev ntshai). Ntxiv parameter
/proc/sys/kernel/threads-max los txhais cov xov tooj ntau tshaj plaws uas lub diav rawg () muaj peev xwm tsim tau. Ntxiv /proc/sys/net/bpf_jit_enable xaiv los tswj seb lub JIT compiler puas tau qhib rau BPF. - Lub dnf-automatic.timer tso tawm algorithm tau raug hloov mus hu rau cov txheej txheem hloov tshiab tsis siv neeg. Es tsis txhob siv lub sij hawm monotonous uas ua rau kom ua rau lub sij hawm tsis paub tseeb tom qab khau raj, chav tsev teev tam sim no pib ntawm 6 txog 7 teev sawv ntxov. Yog tias lub sijhawm no lub kaw lus kaw, tab sis pib hauv ib teev tom qab qhib nws.
- Modules nrog cov ceg tshiab ntawm Python 3.8 (yog 3.6) thiab Maven 3.6 tau ntxiv rau AppStream repository. Hloov tshiab pob nrog GCC 9.2.1, Clang/LLVM 9.0.1, Rust 1.41 thiab Go 1.13.
- Hloov tshiab pob versions powertop 2.11 (nrog kev txhawb nqa rau EHL, TGL, ICL/ICX platforms), opencv 3.4.6, tuned 2.13.0, rsyslog 8.1911.0, audit 3.0-0.14, fapolicyd 0.9.1-2, sudo 1.8.29 - 3., ib 8.
firewalld 0.8, tpm2-cov cuab yeej 3.2.1, mod_md (nrog ACMEv2 kev txhawb nqa), grafana 6.3.6, pcp 5.0.2, elfutils 0.178, SystemTap 4.2, 389-ds-base 1.4.2.4,
samba 4.11.2. - Ntxiv cov pob tshiab whois, graphviz-python3 (tshwj xeeb los ntawm kev tsis lees paub CRB (CodeReady Linux Builder) repository), perl-LDAP, perl-Hloov-ASN1.
- BIND DNS neeg rau zaub mov tau hloov kho rau version 9.11.13 thiab hloov mus siv GeoIP2 qhov chaw khi cov ntaub ntawv hauv libmaxminddb hom tsis siv cov GeoIP outdated, uas tsis muaj kev txhawb nqa ntxiv lawm. Ntxiv qhov kev pabcuam-stale (stale-lus teb) qhov chaw, uas tso cai rau koj rov qab cov ntaub ntawv DNS qub yog tias nws tsis tuaj yeem tau txais cov tshiab.
- Lub omhttp plugin tau ntxiv rau rsyslog rau kev sib cuam tshuam ntawm HTTP REST interface.
- Cov kev hloov pauv cuam tshuam rau Linux 5.5 kernel tau raug xa mus rau qhov kev tshuaj xyuas subsystem.
- Lub setroubleshoot plugin tau ntxiv kev txhawb nqa rau kev txheeb xyuas kev nkag mus tsis ua haujlwm vim tsis nco qab thiab tau txais kev teb los daws cov teeb meem zoo li no.
- Cov neeg siv txwv los ntawm SELinux tau muab lub peev xwm los tswj cov kev pabcuam cuam tshuam nrog cov neeg siv kev sib tham. Semanage tau ntxiv kev txhawb nqa rau kev ntsuas thiab hloov SCTP thiab DCCP cov chaw nres nkoj network (yav dhau los TCP thiab UDP tau txais kev txhawb nqa). Cov kev pabcuam lvmdbusd (D-Bus API rau LVM), lldpd, rrdcached, stratisd, timedatex yog ua tiav raws li lawv cov SELinux domains.
- Firewalld tau raug hloov mus rau libnftables JSON interface thaum cuam tshuam nrog nftables, uas tau ua rau muaj kev ua tau zoo thiab kev ntseeg siab. nftables ntxiv kev txhawb nqa rau ntau hom hauv IP teeb, uas tuaj yeem suav nrog kev sib koom ua ke thiab spans. Firewalld cov cai tam sim no tuaj yeem siv cov neeg tuav haujlwm los saib xyuas kev sib txuas rau cov kev pabcuam uas khiav ntawm cov chaw nres nkoj tsis yog tus qauv.
- Lub tc (Traffic Control) kernel subsystem muab kev txhawb nqa tag nrho
eBPF, uas tso cai rau koj siv tc kev siv hluav taws xob los txuas eBPF cov kev pab cuam los faib cov pob ntawv thiab ua cov kab nkag thiab tawm. - Kev txhawb nqa ruaj khov rau qee qhov eBPF subsystems tau ua tiav: BCC (BPF Compiler Collection) cov cuab yeej thiab cov tsev qiv ntawv tsim BPF tracing thiab debugging cov kev pab cuam, eBPF kev txhawb nqa hauv tc. Cov bpftrace thiab eXpress Data Path (XDP) cov khoom tseem nyob ntawm theem Technology Saib ua ntej.
- Cov khoom siv ntawm lub sijhawm tiag tiag (kernel-rt) yog synchronized nrog ib txheej ntawm thaj ua rau thaj rau 5.2.21-rt13 kernel.
- Nws yog tam sim no muaj peev xwm khiav cov txheej txheem rngd (daemon rau pub entropy rau hauv pseudo-random tooj generator) yam tsis muaj cov cai hauv paus.
- LVM tau ntxiv kev txhawb nqa rau dm-writecache caching txoj kev ntxiv rau yav dhau los muaj dm-cache. Dm-cache caches feem ntau siv sau thiab nyeem cov haujlwm, thiab dm-writecache caches tsuas yog sau cov haujlwm los ntawm kev tso lawv ua ntej ntawm ceev SSD lossis PMEM media thiab tom qab ntawd txav lawv mus rau lub disk qeeb hauv keeb kwm yav dhau.
- XFS tau ntxiv kev txhawb nqa rau cgroup-paub hom sau rov qab.
- FUSE tau ntxiv kev txhawb nqa rau kev ua haujlwm copy_file_range(), uas tso cai rau koj kom ceev luam cov ntaub ntawv los ntawm ib cov ntaub ntawv mus rau lwm qhov los ntawm kev ua haujlwm tsuas yog nyob rau sab kernel yam tsis tau nyeem thawj cov ntaub ntawv rau hauv cov txheej txheem nco. Qhov kev ua kom zoo tau pom meej meej hauv GlusterFS.
- Ntxiv qhov "--preload" kev xaiv rau lub dynamic linker, tso cai rau koj qhia meej meej cov tsev qiv ntawv kom raug yuam kom thauj khoom nrog daim ntawv thov. Qhov kev xaiv no ua rau nws ua tau kom tsis txhob siv LD_PRELOAD ib puag ncig hloov pauv, uas tau txais los ntawm cov txheej txheem menyuam yaus.
- KVM hypervisor muab kev txhawb nqa tag nrho rau kev ua haujlwm zes ntawm cov tshuab virtual.
- Cov tsav tsheb tshiab tau ntxiv, suav nrog
gVNIC, Broadcom UniMAC MDIO, Software iWARP, DRM VRAM, cpuidle-haltpoll, stm_ftrace, stm_console,
Intel Trace Hub, PMEM DAX,
Intel PMC Core,
Intel RAPL
Intel Runtime Average Power Limit (RAPL). - Deprecated DSA, TLS 1.0 thiab TLS 1.1 yog neeg xiam los ntawm lub neej ntawd thiab tsuas yog muaj nyob hauv LEGACY suite.
- Muab kev sim (Technology Preview) kev txhawb nqa rau nmstate, AF_XDP, XDP, KTLS, dracut, kexec ceev reboot, eBPF, libbpf, igc, NVMe dhau TCP/IP, DAX hauv ext4 thiab xfs, OverlayFS, Stratis, DNSSEC, GNOME ntawm ARM systems , AMD SEV for KVM, Intel vGPU
Tau qhov twg los: opennet.ru