RHEL 6.9 just released.

The RHEL 6.9 distribution has just been released and brings the following main benefits:

  • TLS 1.2 support has been added to all system components,
  • several SSSD improvements have been made in connection with AD forests and PAM services,
  • the cpuid utility is now available and dumps detailed information about the CPU(s) gathered from the CPUID instruction. It supports Intel, AMD, and VIA CPUs.

You will find all the details in the RHEL 6.9 Releases Notes & RHEL 6.9 Technical Notes.

In addition, on May 10, 2017, Red Hat Enterprise Linux 6 enters Production Phase 3, meaning that subsequent updates to Red Hat Enterprise Linux 6 will be limited to qualified critical security fixes and business-impacting urgent issues.

Finally, according to the Red Hat Enterprise Linux lifecycle, RHEL 6 will be supported until at least November 2020.

Posted in RHEL6

Death of Docker?

Back in September 2016, an event went unnoticed, although it was a fundamental change. Google and RedHat declared the game is over: they decided to fork Docker.

Why did they decide to do that?

Redhat had several reasons:

  • Container conception: Solomon Hykes from Docker couldn’t agree with Lennart ‘Systemd’ Poettering from RedHat on the container vision,
  • Container security: frustration in the RedHat security team was high because of difficulties to integrate patches into the Docker product,
  • Container stability: the Docker company was always adding new features based on new Linux kernels into its product, triggering an insane amount of work to backport all these features into the 3.10 kernel used by most of RedHat products (RHEL 7, Atomic, OpenShift, etc),
  • Container support: the Docker company didn’t consider compatibilities between versions a priority and problems regularly occurred, this didn’t please RedHat that makes a living by supporting customers.

On the Google‘s side, things were even easier to understand. The company has been working on an in-house orchestrator called Kubernetes for years and wanted it to be at the heart of all the container ecosystem. When Google‘s team heard that the Docker company was promoting its own product named Swarm as reference orchestrator, the decision to fork was almost made.

At the end of January 2017 at DevConf.cz, Dan Walsh from RedHat gave a very interesting presentation about Containers in Production (container standardization, read-only container images, CRI-O, COW filesystem problems, etc). At 40 minutes from the beginning, he acknowledged that the Docker replacement was in the testing stage.

At first called OCID, then renamed CRI-O, it already owns its logo. Fully compatible at the format level with Docker, this new Open Source product will bring its own set of tools like skopeo to get an image from a container registry.

If for developers things may continue as usual, in production environments you should see the following change in the coming months:

RedHat people never say that CRI-O is a Docker replacement, they only say they are building an alternative option that will become their reference solution …

Now, you can’t say you didn’t know.

Posted in Others

New interesting articles.

Several technical articles were recently published:

Happy reading!

Posted in RHEL7

New interesting videos

If you are new to OpenStack and want to get some basic knowledge about it, Red Hat recently published three interesting videos:

Also, FOSDEM 2017 happened last week publishing a lot of interesting videos (the list is available here).

Among all these videos, some are very interesting:

Still about FOSDEM 2017, if you are interested in databases, you will certainly find some useful information in these pages:

Enjoy watching!

Posted in Others

2017 DevConf.cz interesting videos

Last week was organized the free annual community conference for developers, admins, and users of Open Source technologies called DevConf.cz. The conference happened over three days in Czech Republic at Brno.

Around 170 workshops were recorded, sorted according to the following categories: JUDcon (software development), Virtualization, Linux, Containers, OpenStack, Fedora, DevOps, Cloud, Testing, ConfigMgmt, Agile, OpenShift, Security, .net, Networking, Storage, Meetups and DevTools.

A description of all the workshops is available here. All the recordings can be watched on YouTube here.

Among all these videos, here is a selection that can interest you:


Posted in Others

Python dependency hell.

At the beginning there was the Bourne Shell. Then, Perl was created to better deal with character strings and regular expressions.

Linux came and the Bourne Shell was replaced with Bash (Bourne Again SHell) with many built-in features like integer arithmetic.

Because of its unusual syntax and its lack of object-oriented capabilities, Perl is now replaced with Python.

Today, Python is almost everywhere: tools like yum, tuned or Firewalld are all written in Python.

As the CPAN (Comprehensive Perl Archive Network) offered an incredible number of modules for Perl, Python modules have also been created to provide additional features.

They can be installed through RPM packages or with the pip install command.

Here is a potential problem. When you install a Python module through an RPM package, you get all the work done by the maintainer behind (RedHat, CentOS, EPEL, etc) to make sure that this module and all its dependencies will work fine together.

On the contrary, when you run the pip install command, you don’t know where the Python module will be installed and what exact dependency will be activated. In my experience, this doesn’t work very well. You can get the same Python module in different versions on the same server. In this situation, everything becomes very complicated. And this is not a RHEL/CentOS specific problem but concerns most of the Linux distributions (see details for Ubuntu here).

Furthermore, the pip install method sometimes requests that you compile modules locally. To compile Python modules, you need to install the gcc compiler: this is not a good practice in a production environment.

Conclusion: If you are not an expert in Python, stay away from the pip install command.

Posted in Others

New interesting articles.

There were several interesting articles recently published:

Happy reading!

Posted in Others

Happy new year 2017!

This week was the opportunity for two new tutorials:

I wish you a happy new year 2017 and a lot of success in everything you try!

Posted in Others

Merry Christmas!

Several very interesting articles were recently posted by Red Hat employees:

In addition, after a few months without any new tutorials (but with updates on existing ones), three new tutorials have been written:

I wish you a Merry Christmas!

Posted in RHEL7

CentOS 7.3 released.

More than a month after the announcement of RHEL 7.3, it is now time for the release of CentOS 7.3, also called CentOS 7 (1611).

In the Releases Notes appear the following major changes:

  • Support for the 7th-generation Core i3, i5, and i7 Intel processors and I2C on 6th-generation Core Processors has been added.
  • SHA2 is now supported by OpenLDAP.
  • ECC-support has been added to OpenJDK-8, PerlNet:SSLeay and PerlIO::Socket::SSL.
  • Bluetooth LE is now supported.
  • virt-p2v is now fully supported. virt-v2v and virt-p2v add support for the latest windows releases.
  • Lots of updated storage, network and graphics drivers.
  • Technology Preview: Among others support of Btrfs, OverlayFS, CephFS, DNSSEC, kpatch, the Cisco VIC and usNIC kernel driver, nested virtualization with KVM and multi-threaded xz compression with rpm-builds.

At least two serious issues have already been reported:

  • SElinux received major changes in this release, which might break certain functionality on your system.
  • The 4 STIG Security Profiles in the anaconda installer produce a broken sshd_config that must be edited before sshd will start (BZ 1401069).

The CentOS 7 (1611) distribution can be downloaded here as usual.

Posted in RHEL7

RHCSA7: Task of the day

Allowed time: 5 minutes.
Create a user account named "tony" with password “redhat” and belonging to a secondary group called “team”.

RHCE7: Task of the day

Allowed time: 10 minutes.
Configure a system to forward all email to a central mail server at (change the IP address accordingly).

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...