Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa kugawa kwa Red Hat Enterprise Linux 8.2

Kutulutsidwa kwa kugawa kwa Red Hat Enterprise Linux 8.2

Kampani ya Red Hat losindikizidwa zida zogawa Red Hat Enterprise Linux 8.2. Misonkhano yoyikirayi yakonzedwa kuti x86_64, s390x (IBM System z), ppc64le ndi Aarch64 zomangamanga, koma zilipo chifukwa kutsitsa kwa olembetsa okha a Red Hat Customer Portal. Magwero a Red Hat Enterprise Linux 8 rpm phukusi amagawidwa kudzera Git repository CentOS. Nthambi ya RHEL 8.x idzathandizidwa mpaka osachepera 2029.

Poyambirira, kulengeza kwa RHEL 8.2 kunali losindikizidwa pa tsamba la Red Hat pa Epulo 21, koma chilengezocho chidapangidwa nthawi isanakwane ndipo zosungirako zoyika zosintha zikadali. sanali okonzeka, koma kwenikweni kumasulidwa kunatuluka lero lokha. Nthambi ya 8.x ikupangidwa motsatira njira yatsopano yodziwikiratu, yomwe imaphatikizapo kupanga zotulutsa miyezi isanu ndi umodzi iliyonse panthawi yokonzedweratu. Chatsopano chitukuko mkombero Zogulitsa za RHEL zimakhala ndi zigawo zingapo, kuphatikiza Fedora ngati choyambira champhamvu zatsopano, Mtsinje wa CentOS kuti mupeze ma phukusi opangira RHEL (RHEL rolling version), chithunzithunzi chokhazikika chapadziko lonse lapansi (UBI, Universal Base Image) chogwiritsa ntchito m'miphika yokhayokha komanso Kulembetsa kwa Wopanga RHEL kuti mugwiritse ntchito kwaulere RHEL pakupanga chitukuko.

Chinsinsi kusintha:

  • Wotetezedwa kuthandizira kwathunthu kwa kasamalidwe kazinthu pogwiritsa ntchito utsogoleri wogwirizana magulu v2, yomwe poyamba inali pa siteji yoyesera yotheka. Π‘magulu v2 angagwiritsidwe ntchito, mwachitsanzo, kuchepetsa kukumbukira, CPU ndi I/O kumwa. Kusiyana kwakukulu pakati pa cgroups v2 ndi v1 ndikugwiritsa ntchito magulu amtundu wamba pamitundu yonse yazinthu, m'malo mwa magawo osiyana pakugawira zida za CPU, pakuwongolera kugwiritsa ntchito kukumbukira, ndi I/O. Kusiyanasiyana kosiyana kudapangitsa kuti pakhale zovuta pakulinganiza kulumikizana pakati pa ogwira ntchito komanso ndalama zowonjezera za kernel mukamagwiritsa ntchito malamulo pamachitidwe omwe amatchulidwa m'magawo osiyanasiyana.
  • Awonjezedwa Convert2RHEL chida chosinthira makina pogwiritsa ntchito magawo ngati RHEL, monga CentOS ndi Oracle Linux, kukhala RHEL.
  • Adawonjezera kuthekera kosintha makonda amitundu yonse ya cryptographic subsystem (crypto-policy), kuphimba ma protocol a TLS, IPSec, SSH, DNSSec ndi Kerberos. Woyang'anira tsopano akhoza kufotokozera ndondomeko yake kapena kusintha magawo ena omwe alipo. Onjezani mapaketi awiri atsopano setools-gui ndi setools-console-analyses posanthula mfundo za SELinux ndikuwunika kuyenda kwa data. Anawonjezera mbiri yachitetezo yomwe ikugwirizana ndi malingaliro a DISA STIG (Defense Information Systems Agency). Ntchito yatsopano, oscap-podman, yawonjezedwa kuti ifufuze zomwe zili m'mitsuko ya mapulogalamu omwe ali pachiwopsezo.
  • Zida zowongolera ma Identity tsopano zikuphatikiza chida chatsopano cha Healthcheck chomwe chimakupatsani mwayi wozindikira zovuta m'malo a IdM (Identity Management). Amapereka chithandizo cha Ansible maudindo ndi ma modules kuti muchepetse kuyika ndi kasamalidwe ka IdM.
  • Mapangidwe a web console asinthidwa, omwe asinthidwa kuti agwiritse ntchito mawonekedwe a PatternFly 4, ofanana ndi mawonekedwe a OpenShift 4. Kutha kwa ntchito kwa wogwiritsa ntchito kwawonjezeredwa, pambuyo pake gawoli ndi web console yatha. Thandizo lowonjezera pakutsimikizira pogwiritsa ntchito satifiketi ya kasitomala. Magawo oyang'anira zosungirako ndi makina enieni asinthidwa.
  • Mawonekedwe osinthira ma desktops owoneka bwino m'malo a GNOME Classic asinthidwa; batani losinthira lasunthidwa kukona yakumanja yakumanja ndipo lapangidwa ngati mzere wokhala ndi tizithunzi.
  • Dongosolo lazithunzi la DRM (Direct Rendering Manager) limalumikizidwa ndi Linux kernel version 5.1. Madalaivala a Graphics asinthidwa kuti aphatikizepo thandizo la Intel Comet Lake H ndi U (HD Graphics 610, 620, 630), Intel Ice Lake U (HD Graphics 910, Iris Plus Graphics 930, 940, 950), AMD Navi 10, Nvidia. Chithunzi cha TU116,
  • Gawo la GNOME lochokera ku Wayland limathandizidwa ndi makina omwe ali ndi ma GPU angapo (kale X11 idagwiritsidwa ntchito pamakina okhala ndi zithunzi zosakanizidwa).
  • Thandizo lowonjezera la magawo atsopano a Linux kernel okhudzana ndi kuwongolera kuphatikizika kwa chitetezo pakuwukiridwa kwatsopano pamakina ongoyerekeza a CPU: mds, tsx, mitigations. Wowonjezera parameter
    mem_encrypt kuti muwongolere kuthandizira kwa AMD SME (Secure Memory Encryption) zowonjezera. Anawonjezera cpuidle.governor parameter kuti musankhe chogwirizira cha CPU idle state (kazembe wa cpuidle). Onjezani /proc/sys/kernel/panic_print parameter kuti mukonze zomwe zimachokera pakagwa dongosolo (panic state). Wowonjezera parameter
    /proc/sys/kernel/threads-max kufotokoza kuchuluka kwa ulusi womwe foloko () ingathe kupanga. Onjezani /proc/sys/net/bpf_jit_enable njira yoyang'anira ngati JIT compiler yathandizidwa ndi BPF.

  • Dongosolo la dnf-automatic.timer launch algorithm lasinthidwa kuti liyimbire njira yosinthira yokha. M'malo mogwiritsa ntchito chowerengera chochititsa chidwi chomwe chimachititsa kuti ayambitse nthawi yosayembekezereka pambuyo pa boot, gawo lomwe latchulidwalo likuyamba pakati pa 6 ndi 7 am. Ngati panthawiyi dongosolo lazimitsidwa, koma limayamba mkati mwa ola limodzi mutatha kuyatsa.
  • Ma module okhala ndi nthambi zatsopano za Python 3.8 (anali 3.6) ndi Maven 3.6 awonjezedwa kumalo osungirako a AppStream. Maphukusi osinthidwa ndi GCC 9.2.1, Clang/LLVM 9.0.1, Rust 1.41 ndi Go 1.13.
  • Zosinthidwa phukusi Powertop 2.11 (mothandizidwa ndi EHL, TGL, ICL/ICX nsanja), opencv 3.4.6, tuned 2.13.0, rsyslog 8.1911.0, audit 3.0-0.14, fapolicyd 0.9.1-2, sudo 1.8.29 -3.el8,
    firewalld 0.8, tpm2-tools 3.2.1, mod_md (ndi thandizo la ACMEv2), grafana 6.3.6, pcp 5.0.2, elfutils 0.178, SystemTap 4.2, 389-ds-base 1.4.2.4,
    samba 4.11.2.

  • Onjezani mapaketi atsopano whois, graphviz-python3 (yogawidwa kudzera mu malo osavomerezeka a CRB (CodeReady Linux Builder)), perl-LDAP, perl-Convert-ASN1.
  • Seva ya BIND DNS yasinthidwa kukhala mtundu wa 9.11.13 ndikusintha kugwiritsa ntchito malo a GeoIP2 omangirira malo amtundu wa libmaxminddb m'malo mwa GeoIP yakale, yomwe siinagwiritsidwenso ntchito. Onjezani mawonekedwe a seva-stale (stale-yankho), omwe amakulolani kubweza ma DNS akale ngati sikungatheke kupeza zatsopano.
  • Pulagi ya omhttp yawonjezedwa ku rsyslog kuti igwirizane ndi mawonekedwe a HTTP REST.
  • Zosintha zogwirizana ndi Linux 5.5 kernel zasamutsidwa ku kachitidwe kakang'ono ka kafukufuku.
  • Setroubleshoot plugin yawonjezera chithandizo chowunikira zolephera zopezeka chifukwa cholephera kukumbukira ndikuyankha zokha kuti athetse mavuto otere.
  • Ogwiritsa ntchito oletsedwa ndi SELinux amapatsidwa mwayi wowongolera mautumiki okhudzana ndi gawo la ogwiritsa ntchito. Semanage yawonjezera thandizo pakuwunika ndikusintha madoko a SCTP ndi DCCP (kale TCP ndi UDP zidathandizidwa). Ntchito za lvmdbusd (D-Bus API ya LVM), lldpd, rrdcached, stratisd, timedatex zimakonzedwa pansi pa madera awo a SELinux.
  • Firewalld yasunthidwa ku mawonekedwe a libnftables JSON polumikizana ndi ma nftables, zomwe zapangitsa kuti ntchito ziwonjezeke komanso kudalirika. nftables imawonjezera chithandizo chamitundu yambiri mu IP seti, yomwe ingaphatikizepo migwirizano ndi magulu. Malamulo a Firewalld tsopano atha kugwiritsa ntchito zogwirira ntchito kuyang'anira maulumikizidwe azinthu zomwe zikuyenda pamadoko osagwirizana ndi netiweki.
  • The tc (Traffic Control) kernel subsystem imapereka chithandizo chonse
    eBPF, yomwe imakupatsani mwayi wogwiritsa ntchito chida cha tc kulumikiza mapulogalamu a eBPF kugawa mapaketi ndikukonza mizere yomwe ikubwera ndi yotuluka.

  • Thandizo lokhazikika la magawo ena a eBPF akhazikitsidwa: zida za BCC (BPF Compiler Collection) ndi laibulale yopanga mapulogalamu a BPF otsata ndi kukonza zolakwika, thandizo la eBPF mu tc. Zida za bpftrace ndi eXpress Data Path (XDP) zimakhalabe pagawo la Technology Preview.
  • Zigawo za nthawi yeniyeni (kernel-rt) zimagwirizanitsidwa ndi seti ya zigamba za 5.2.21-rt13 kernel.
  • Tsopano ndizotheka kuyendetsa njira ya rngd (daemon yodyetsa entropy mu jenereta ya pseudo-random number) popanda mizu.
  • LVM yawonjezera chithandizo cha dm-writecache caching njira kuwonjezera pa dm-cache yomwe inalipo kale. Dm-cache imasunga zolembera zomwe zimagwiritsidwa ntchito mobwerezabwereza, ndipo ma cache a dm-writecache amangolemba ntchito poziyika poyamba pa SSD kapena PMEM media ndikusunthira ku disk yochepera kumbuyo.
  • XFS yawonjezera chithandizo cha cgroup-aware writeback mode.
  • FUSE yawonjezera thandizo la ntchito ya copy_file_range (), yomwe imakulolani kuti mufulumizitse kukopera deta kuchokera ku fayilo imodzi kupita ku ina mwa kuchita opaleshoniyo pambali ya kernel popanda kuwerenga kaye deta mu kukumbukira. Kukhathamiritsa kumawoneka bwino mu GlusterFS.
  • Onjezani njira ya "--preload" ku cholumikizira champhamvu, kukulolani kuti mutchule mwatsatanetsatane malaibulale omwe amakakamizika kudzazidwa ndi pulogalamuyi. Izi zimapangitsa kuti zitheke kupewa kugwiritsa ntchito kusintha kwa chilengedwe kwa LD_PRELOAD, komwe kumatengera njira za ana.
  • Hypervisor ya KVM imapereka chithandizo chokwanira pamakina okhazikika.
  • Madalaivala atsopano awonjezedwa, kuphatikizapo
    gVNIC, Broadcom UniMAC MDIO, Software iWARP, DRM VRAM, cpuidle-haltpoll, stm_ftrace, stm_console,
    Intel Trace Hub, PMEM DAX,
    Intel PMC Core,
    Intel RAPL
    Intel Runtime Average Power Limit (RAPL).

  • DSA, TLS 1.0 ndi TLS 1.1 zolepheretsedwa ndizozimitsa mwachisawawa ndipo zimapezeka mu LEGACY suite.
  • Anapereka chithandizo choyesera (Technology Preview) cha nmstate, AF_XDP, XDP, KTLS, dracut, kexec fast reboot, eBPF, libbpf, igc, NVMe over TCP/IP, DAX mu ext4 ndi xfs, OverlayFS, Stratis, DNSSEC, GNOME pamakina a ARM , AMD SEV ya KVM, Intel vGPU

Source: opennet.ru

Kuwonjezera ndemanga