This content is part of the Essential Guide: What's the best Linux OS for your enterprise data center?
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

RHEL 7 and Fedora 19 updates for simpler configuration and management

With firefalld and system init daemons, and XFS new to RHEL 7, system administration could be easier. See how these changes affect you.

The major changes released with Red Hat Enterprise Linux 7 (beta) and Fedora 19 Linux server distributions are chronicled in the seventh edition of A Practical Guide to Fedora and Red Hat Enterprise Linux.

Mark SobellMark Sobell

We spoke with the book's author, Mark Sobell, about some of the major changes in RHEL 7 and Fedora 19 Linux distributions. Sobell, president of the Linux/Unix consulting firm Sobell Associates Inc., updated the practical guide after two years to include these new details.

How does firewalld differ from its predecessor iptables service for firewall configuration?

Mark Sobell: Reloading the iptables service frequently broke established connections. The firewalld service does not need to be reloaded with every change; it accepts changes to the firewall while it is running.

The firewalld daemon introduces a level of abstraction that makes setting up a Linux firewall simpler and more intuitive. Instead of writing firewall rules as iptables, firewalld uses firewall-config [graphical user interface] or firewall-cmd [command-line interface] to set up a firewall. 

D-bus is an interprocess communication system -- also called a message bus system -- that allows applications and processes to communicate and request services over a bus. The d-bus service, which runs dbus-daemon, notifies processes of events, [such as] when a new device is added or when a user logs in. The firewalld daemon's d-bus interface allows it to communicate with processes and also allows applications, daemons and administrators to enable or disable a firewalld feature. These features include opening ports, forwarding ports or packets and performing more advanced tasks. 

As the default file system, what does XFS bring to the party in RHEL 7?

Sobell: XFS is a high-performance, journaling, 64-bit file system created by Silicon Graphics Inc. It supports file systems as large as 64 exabytes, containing files up to 8 exabytes in size and directory structures with tens of millions of entries. XFS allows you to defragment and expand a mounted, active file system and provide backup and restore facilities specific to XFS.

Compared to other Linux file systems, XFS improves performance -- especially for large files -- by using B+ trees that contain metadata that describe extents. It also supports parallel (simultaneous) I/O on multiple application threads, enhancing file system throughput on multiprocessor systems, with better throughput on multi-device files than previous generations of RHEL and Fedora.

What are the differences between system init daemon and SysVinit daemon?

Sobell: The RHEL 6 Upstart init daemon is gone. RHEL 7, Debian and Ubuntu have moved to systemd, so life will be much easier for Linux administrators who go between systems. 

In Fedora, the systemd init daemon has matured quite nicely over the past couple of years. For a typical system administrator, the changes are mostly about how to control the daemons. A new systemctl command replaces chkconfig and service, although scripts allow you to still use the legacy commands.

Fedora has a nice cheat sheet:

Editor's note: This interview is in relation to A Practical Guide to Fedora and Red Hat Enterprise Linux, Seventh Edition, authored by Mark Sobell, published by Pearson/Prentice Hall Professional, January 2014, ISBN 978-0-13-347743-6, Copyright 2014 Mark G. Sobell.

Dig Deeper on Configuration Management and DevOps

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Do you host enterprise workloads on Fedora servers rather than RHEL? Why or why not?
I think you should be very honest and clearly state that nearly all of what is considered "new" in RH7 has been in place and in production in other distributions.

This reminds me so much of the days when Microsoft would pretend to present "innovations" and "new developments" to its user base, while in for many other OS' it was mundane.

We have a hosting company that insists on providing RH6 because of "accountability" which, as long as I have been at the company, has never been an issue. The only time that company contacted RH relative to our account was when I asked them to do something at the kernel level. It had to do with RH providing it's kernels with preempt enable and the kernel timing at 1000hz for a "responsive desktop," when we are running a server. The response RH gave them had nothing to do with what I had asked and I also disproved it factually. That company, still didn't want to make a change which would have been beneficial to us based on their ineptitude and that or RH. So the "support" failed. Debian provides a preempt kernel set at 250Hz, without support. There are times when you will need support having to do with the Kernel and RH is not the "kernel," so any company or individual which has a good understanding of its working should be able to help.

At a hedge fund located in midtown Manhattan, the only RH machine was running version 4 because of a Bloomberg application, so it was moved inside of a VM running on Debian. After that all of the systems were running on Debian because it made our lives much easier due to flexibility and package availability. XFS was the filesystem of choice also and that was in 2001; so financial firm with high volume traffic running on Debian. That was possible because our CTO and lead admin were serious and dedicated UNIX/Linux users who understood the technology well enough to not be swayed by FUD. If there was a problem they understood what to do.

I'm not denying the need for possible support, simply not based on criteria whose bases seem to result from the post traumatic stress of havig to deal with Windows.

When comprehension is present, there is hardly any need to defer to another's authority in the majority of cases.

By the way, the binary journal is still a major issue with systemd.

By the way, it should also be noted that being that most other distributions are not late in adopting newer kernels, they have had greater opportunities to use containers.

Here is a the Ubuntu page: Notice their use of AppArmor as opposed to SELinux to add a form of security to the containers. That is been as such since late 2012 if I'm not mistaken. Sorry but no GUI.

Also as a side note, there is LXC web panel; I haven't tried it.

I think docker is a great project and I hope that it will bring LXC to the same level as zones in Solaris and SmartOS and make a lot of people realize that in most cases, full machine virtualization is not needed and if work is done of making LXC secure and iproute features such as macvlan's much faster, LXC can be an amazing thing.

RH does a lot of great things for the Linux community; at the same time to tout certains things as advancement or worse give the impression that it's something new, is a bit disingenous on the part of anyone who know that they are not truly in the rest of the community.