RHEL 9.4 Delves into Automation to Address the Complexity of IT

RHEL 9.4 has been released as the new version of Red Hat's corporate and paid distribution. As expected in a release of this type, the most prominent features are the accumulated fixes during the life cycle of the major version and certain minor updates and new features, but the IBM subsidiary has tried to delve deeper into one particular aspect.

The first thing mentioned about RHEL 9.4 is that the image creator, starting with this release, allows specifying arbitrary custom mount points except for specific paths reserved for the operating system. It is possible to create different partition modes such as auto-lvm, lvm, and raw, and users can now customize the customization options of a profile and add them to the cyanotype customizations using selected and deselected options to add and remove rules.

Regarding security, the 3.6 release of the SELinux user space has introduced denial rules as a way to further customize the security module policies; the server components, the verifier, and the Kelime logger are available as containers; and the Rsyslog log processing system has introduced customizable TLS/SSL encryption settings and additional options related to capability drop.

Continuing with more security-related news, version 1.4.0 of the Linux kernel cryptography API (libkcapi) has included new options and tools, with special mention to the -T option that allows specifying target file names in hash sum calculations, and version 5.71 of the TLS/SSL tunnel service stunnel changes the behavior of OpenSSL 1.1 and later versions in FIPS mode and provides support for modern PostgreSQL clients.

In RHEL 9.4, the user will encounter the following server and programming-oriented technologies: Python 3.12, Ruby 3.3, PHP 8.2, nginx 1.24, MariaDB 10.11, PostgreSQL 16, Git 2.43.0, and Git LFS 3.4.1. As compilers, there are the GCC 13, LLVM 17.0.6, Rust 1.75.1, and Go 1.21.7 toolsets, while Valgind 3.22, SystemTap 5.0, and elfutil 0.190 are the updated versions of the performance and debugging tools, and PCP 6.2.0 is now available as the updated version of the performance monitoring tool.

Containers have gained a lot of prominence in the last decade, so it should not be surprising that they are an important aspect of a Red Hat Enterprise Linux release. Here we find the preview presence of the podman build farm command to create multi-architecture container images, support for containers.conf modules in Podman to load a set of default configurations, and the update of the container tool packages (Container Tools).

More container-related features are that the Podman 4.9 RESTful API now shows progress data when pulling or pushing an image to the registry, SQLite is now fully supported as the default database backend for Podman, and Containerfile supports multiline HereDoc instructions. The parts that have been marked as obsolete are the use of paste as a network name, the BoldDB database backend, the container-tools:4.0 module, and the Container Network Interface (CNI) network stack.

As a final point to highlight among the system-specific features is identity management, which from the release in question allows "enabling and configuring passwordless authentication in SSSD to use a biometric device that is compatible with the FIDO2 specification, for example, a YubiKey."

Apart from the specific components, Red Hat explains through its official blog that RHEL 9.4 "offers a wide range of new and improved capabilities to better manage the complexity of hybrid cloud computing in an increasingly AI-focused world, including refined management and automation and proactive support in creating standard operating environments (SOE) for distributed systems."

According to a survey conducted by Dynatrace, a Red Hat partner, 88% of organizations responded that their technology stack has become more complex in the last twelve months, with more than half saying that this complexity will continue to increase in the future. This underscores the need to create platforms that are accessible, manageable, and more user-friendly, aspects that Red Hat says it is working on.

In order to make the increasing complexity of IT structures more manageable, the IBM subsidiary will soon provide through Insights recommendations and information for creating SOE images based on RHEL.

Furthermore, Red Hat aims to lower barriers by promoting automation, which has been a focus in RHEL 9.4 with system roles at the edge through rpm-ostree, a fapolicyd system role to automate allowing or denying application executions on a scale, a system role for snapshots for administrators to create and manage point-in-time storage volume snapshots from the logical volume manager (LVM), and a system role for the bootloader to help configure the kernel command line.

Gunnar Hellekson, Vice President and General Manager of RHEL at Red Hat, has said that "Linux is no longer just about the kernel or the command line, it's about making the platform more accessible, more manageable, and more responsive, especially as technology organizations scale across the hybrid cloud. Whether exploring the potential of AI workloads or simply trying to optimize existing resources, the latest version of Red Hat Enterprise Linux helps to limit complexity and improve efficiency, while making the most of existing skills and tools."

All details about RHEL 9.4 are available in the release notes, while the system can be obtained from the Red Hat developer portal.