ProHoster > Блог > ozi ịntanetị > Mwepụta nkesa Red Hat Enterprise Linux 8.2

Mwepụta nkesa Red Hat Enterprise Linux 8.2

Ụlọ ọrụ Red Hat bipụtara ngwa nkesa Red Hat Enterprise Linux 8.2. A kwadoro mgbakọ nwụnye maka x86_64, s390x (IBM System z), ppc64le na Aarch64 architectures, mana dị n'ihi na nbudata naanị maka ndị ọrụ Portal ahịa ahịa okpu uhie edebanyere aha. A na-ekesa isi mmalite nke ngwugwu Red Hat Enterprise Linux 8 rpm Git ebe nchekwa CentOS. A ga-akwado alaka RHEL 8.x ruo opekata mpe 2029.

Na mbido, ọkwa RHEL 8.2 bụ bipụtara na webụsaịtị Red Hat na Eprel 21, mana ekwuputara ọkwa ahụ akabeghị aka yana ebe nchekwa maka ịwụnye mmelite ka dị. adịghị njikere, ma n'ezie ntọhapụ pụtara naanị taa. A na-emepe ngalaba 8.x dịka usoro mmepe ọhụrụ a na-ahụ anya, nke gụnyere nhazi nke mwepụta kwa ọnwa isii n'oge a kara aka. Ọhụrụ okirikiri mmepe Ngwaahịa RHEL na-agbasa ọtụtụ ọkwa, gụnyere Fedora dị ka mmiri mmiri maka ike ọhụrụ, CentOS iyi maka ịnweta ngwugwu emepụtara maka ntọhapụ nke etiti nke RHEL na-esote (ụdị mpịakọta nke RHEL), ihe onyonyo nke pere mpe zuru ụwa ọnụ (UBI, Universal Base Image) maka ịgba ọsọ ngwa n'ime akpa dịpụrụ adịpụ na Ndebanye aha Onye Mmepụta RHEL maka iji RHEL n'efu na usoro mmepe.

Igodo gbanwee:

  • Echekwara nkwado zuru oke maka njikwa akụrụngwa site na iji usoro ejikọtara ọnụ otu v2, nke bụbu n'ọkwa ihe omume nnwale. Enwere ike iji otu v2, dịka ọmụmaatụ, kpachie ebe nchekwa, CPU na oriri I/O. Isi ihe dị iche n'etiti cgroups v2 na v1 bụ iji usoro nhazi otu dị iche iche maka ụdị akụrụngwa ọ bụla, kama nhazi ọkwa dị iche iche maka ikenye akụrụngwa CPU, maka ịhazi oriri ebe nchekwa, yana maka I/O. Ọchịchọ dị iche iche butere ihe isi ike n'ịhazi mmekọrịta n'etiti ndị na-ahụ maka njikwa yana ọnụ ahịa akụrụngwa kernel ndị ọzọ mgbe etinyere iwu maka usoro a kpọtụrụ aha na ọkwa dị iche iche.
  • agbakwunyere Ngwá ọrụ Convert2RHEL maka ịtụgharị sistemu site na iji nkesa RHEL, dị ka CentOS na Oracle Linux, na RHEL.
  • Agbakwunyere ikike ịhazi usoro amụma subsystem zuru oke (atụmatụ crypto), na-ekpuchi ụkpụrụ TLS, IPSec, SSH, DNSSec na Kerberos. Onye nchịkwa nwere ike ịkọwa iwu nke ya ugbu a ma ọ bụ gbanwee ụfọdụ paramita nke ndị dị adị. Agbakwunyere ngwugwu ọhụrụ abụọ setools-gui na setools-console-analyses maka nyocha atumatu SELinux na inyocha ọsọ data. Agbakwunyere profaịlụ nchekwa nke dabara na ndụmọdụ DISA STIG (Defense Information Systems Agency). Agbakwunyela akụrụngwa ọhụrụ, oscap-podman, iji nyochaa ọdịnaya nke arịa maka ụdị mmemme adịghị ike.
  • Ngwa njikwa njirimara ugbu a gụnyere ngwa Healthcheck ọhụrụ na-enye gị ohere ịchọpụta nsogbu dị na gburugburu IdM (Identity Management). Na-enye nkwado maka ọrụ na modul nwere ike ime ka ntinye na njikwa IdM dị mfe.
  • Agbanwewo nhazi nke ihe njikwa weebụ, bụ nke gbanwere na iji PatternFly 4 interface, dị ka nhazi nke OpenShift 4. Agbakwunyela oge nkwụsị ọrụ onye ọrụ, mgbe nke ahụ gasịrị, a kwụsịrị nnọkọ na njikwa weebụ. agbakwunyere nkwado maka nyocha site na iji asambodo ndị ahịa. Emelitela ngalaba maka ijikwa nchekwa yana igwe mebere.
  • Agbanwela interface maka ịgbanwee kọmpụta desktọọpụ mebere na GNOME Classic gburugburu; ebugharịla bọtịnụ mgba ọkụ na akuku aka nri ala ma hazie ya dị ka warara nwere obere mkpịsị aka.
  • DRM (Direct Rendering Manager) bụ sistemụ eserese eserese na ụdị Linux kernel 5.1. Emelitela ndị ọkwọ ụgbọ ala eserese ka ịgụnye nkwado maka Intel Intel Comet Lake H na U (HD Graphics 610, 620, 630), Intel Ice Lake U (HD Graphics 910, Iris Plus Graphics 930, 940, 950), AMD Navi 10, Nvidia Turing TU116,
  • A na-akwado nnọkọ GNOME dabere na Wayland site na ndabara maka sistemụ nwere ọtụtụ GPU (na mbụ ejiri X11 na sistemụ nwere eserese ngwakọ).
  • Nkwado agbakwunyere maka paramita kernel Linux ọhụrụ metụtara ịchịkwa nsonye nke nchebe megide mwakpo ọhụrụ na usoro mmebe nke CPU: mds, tsx, mbelata. Oke agbakwunyere
    mem_encrypt iji jikwaa ikike ndọtị AMD SME (Secure Memory Encryption). agbakwunyere cpuidle.governor paramita ịhọrọ onye njikwa steeti CPU na-adịghị arụ ọrụ (gọvanọ cpuidle). agbakwunyere /proc/sys/kernel/panic_print paramita iji hazie mmepụta ozi ma ọ bụrụ n'ihe ọghọm sistemu (ọnọdụ ụjọ). Oke agbakwunyere
    /proc/sys/kernel/threads-max iji kọwaa ọnụọgụ eri kachasị nke ọrụ ndụdụ () nwere ike ịmepụta. Agbakwunyere /proc/sys/net/bpf_jit_enable nhọrọ iji jikwaa ma agbanyere onye nchịkọta JIT maka BPF.

  • Agbanwewo algọridim mmalite dnf-automatic.timer ka ọ kpọọ usoro nrụnye mmelite akpaka. Kama iji ngụ oge na-enweghị atụ nke na-ebute ịgbalite n'oge a na-atụghị anya ya ka emechara buut, nkeji a kapịrị ọnụ na-amalite ugbu a n'etiti 6 na 7 am. Ọ bụrụ na n'oge a agbanyụrụ usoro, ma na-amalite n'ime otu awa mgbe ịgbanye ya.
  • Agbakwunyela modul nwere alaka ọhụrụ nke Python 3.8 (bụ 3.6) na Maven 3.6 na ebe nchekwa AppStream. Ngwunye emelitere nwere GCC 9.2.1, Clang/LLVM 9.0.1, Rust 1.41 na Go 1.13.
  • Ụdị ngwugwu emelitere powertop 2.11 (na nkwado maka EHL, TGL, ICL/ICX nyiwe), opencv 3.4.6, na-ekiri 2.13.0, rsyslog 8.1911.0, nyocha 3.0-0.14, fapolicyd 0.9.1-2, sudo 1.8.29 -3.el8,
    firewalld 0.8, tpm2-ngwaọrụ 3.2.1, mod_md (na ACMEv2 nkwado), grafana 6.3.6, pcp 5.0.2, elfutils 0.178, SystemTap 4.2, 389-ds-base 1.4.2.4,
    samba 4.11.2.

  • Agbakwunyere ngwugwu ọhụrụ whois, graphviz-python3 (kesara site na ebe nchekwa CRB (CodeReady Linux Builder) na-akwadoghị), perl-LDAP, perl-Convert-ASN1.
  • Emelitela ihe nkesa BIND DNS ka ọ bụrụ ụdị 9.11.13 wee gbanwee ka iji nchekwa data jikọtara ọnọdụ GeoIP2 n'ụdị libmaxminddb kama GeoIP ochie, nke anaghị akwado. Agbakwunyere ntọala ozi-stale (stale-azịza), nke na-enye gị ohere ịlaghachi ndekọ ndekọ DNS ochie ma ọ bụrụ na ọ gaghị ekwe omume ịnweta ndị ọhụrụ.
  • Agbakwunyela ngwa mgbakwunye omhttp na rsyslog maka mmekọrịta site na interface HTTP REST.
  • Mgbanwe dabara na Linux 5.5 kernel ka ebufela ya na sistemụ nyocha.
  • Ngwa mgbakwunye setroubleshoot agbakwunyela nkwado maka nyocha ọdịda ohere n'ihi enweghị ebe nchekwa na ịzaghachi ozugbo iji dozie nsogbu ndị dị otú ahụ.
  • A na-enye ndị ọrụ nke SELinux amachibidoro ikike ijikwa ọrụ metụtara oge onye ọrụ. Semanage agbakwunyela nkwado maka ịlele na ịgbanwe ọdụ ụgbọ mmiri netwọk SCTP na DCCP (na mbụ TCP na UDP kwadoro). A na-ahazi ọrụ lvmdbusd (D-Bus API maka LVM), lldpd, rrdcached, stratisd, timedatex n'okpuru ngalaba SELinux ha.
  • Ebugharịla Firewalld na libnftables JSON interface mgbe ya na nftables na-emekọrịta ihe, nke butere mmụba na arụmọrụ yana ntụkwasị obi. nftables na-agbakwụnye nkwado maka ụdị multidimensional na IP set, nke nwere ike ịgụnye otu na spans. Iwu Firewalld nwere ike iji ndị na-ahụ maka njikwa nyochaa njikọ maka ọrụ ndị na-agba na ọdụ ụgbọ mmiri na-abụghị ọkọlọtọ.
  • Tc (Traffic Control) kernel subsystem na-enye nkwado zuru oke
    eBPF, nke na-enye gị ohere iji tc utility tinye mmemme eBPF iji hazie ngwugwu na hazie ahịrị mbata na ọpụpụ.

  • E mejuputala nkwado kwụsiri ike maka ụfọdụ sistemụ eBPF: ngwa ngwa BCC (BPF Compiler Collection) na ọba akwụkwọ maka ịmepụta usoro nchọta na nbibi BPF, nkwado eBPF na tc. Ngwa bpftrace na eXpress Data Path (XDP) ka dị na ọkwa nlele teknụzụ.
  • A na-emekọrịta ihe ndị na-eme n'ezie (kernel-rt) ya na patches maka kernel 5.2.21-rt13.
  • Ọ ga-ekwe omume ugbu a ịme usoro rngd (daemon maka inye entropy n'ime onye na-emepụta nọmba pseudo-random) na-enweghị ikike mgbọrọgwụ.
  • LVM agbakwunyela nkwado maka usoro caching dm-writecache na mgbakwunye na cache dm dị na mbụ. Ihe nchekwa Dm-cache nke a na-ejikarị dee ma na-agụ ọrụ, yana cache dm-writecache na-ede naanị ọrụ site na idobe ha na ngwa ngwa SSD ma ọ bụ mgbasa ozi PMEM wee bugharịa ha na diski nwayọ n'azụ.
  • XFS agbakwunyela nkwado maka ụdị ndeghachi nke otu-maara nke ọma.
  • FUSE agbakwunyela nkwado maka ọrụ copy_file_range (), nke na-enye gị ohere ịmegharị data site na otu faịlụ gaa na nke ọzọ site n'ịrụ ọrụ ahụ naanị n'akụkụ kernel n'ebughị ụzọ gụọ data n'ime ebe nchekwa. A na-ahụ njikarịcha nke ọma na GlusterFS.
  • Agbakwunyere nhọrọ "--preload" na njikọ dị ike, na-enye gị ohere ịkọwapụta ụlọ akwụkwọ n'ezoghị ọnụ ka a ga-amanye ibunye ngwa ahụ. Nhọrọ a na-eme ka o kwe omume izere iji LD_PRELOAD mgbanwe gburugburu ebe obibi, nke usoro ụmụaka ketara.
  • KVM hypervisor na-enye nkwado zuru oke maka ịgba ọsọ nke igwe mebere akwụrụ.
  • Agbakwunyela ndị ọkwọ ụgbọ ala ọhụrụ, gụnyere
    gVNIC, Broadcom UniMAC MDIO, Software iWARP, DRM VRAM, cpuidle-haltpoll, stm_ftrace, stm_console,
    Intel Trace Hub, PMEM DAX,
    Intel PMC Core,
    Intel RAPL
    Ogologo oge ike nke Intel Runtime (RAPL).

  • DSA emebiela, TLS 1.0 na TLS 1.1 nwere nkwarụ site na ndabara yana naanị dị na suite LEGACY.
  • Enyere nnwale (nleba anya teknụzụ) maka nmstate, AF_XDP, XDP, KTLS, dracut, kexec ngwa ngwa reboot, eBPF, libbpf, igc, NVMe n'elu TCP/IP, DAX na ext4 na xfs, OverlayFS, Stratis, DNSSEC, GNOME na sistemụ ARM , AMD SEV maka KVM, Intel vGPU

isi: opennet.ru

Tinye a comment