There is more than one type of application container technology that enterprises can choose as they build out cloud-native applications.
Linux vendor Red Hat announced this week the beta release of the latest update for its Red Hat Enterprise Linux (RHEL) platform with the 8.7 and 9.1 milestones. Both RHEL 8.7 and 9.1 add new features and capabilities designed to help organizations more effectively use Podman containers, which is an open source effort led by Red Hat.
Red Hat has been a business unit of IBM since it was acquired for $34 billion in 2018.
Red Hat Enterprise Linux is the company’s flagship Linux platform on which enterprises and government users run all types of applications. Red Hat supports multiple versions of its enterprise platform with a series of incremental updates every year.
Red Hat Enterprise Linux 9 debuted in May, and its first update is now getting a preview, while RHEL 8 was launched in 2019 and is up to its seventh incremental release. Red Hat competes in the Linux market against multiple vendors including SUSE Linux and Ubuntu, which is led by Canonical Inc.
“Red Hat Enterprise Linux 8.0 introduced a new, predictable lifecycle for RHEL,” Eric Hendricks, operations advocate, Red Hat Enterprise Linux, Red Hat, told VentureBeat. “We now produce a new minor version every six months and a new major version every three years.”
Security remains a primary focus for Red Hat Enterprise Linux
Hendricks explained that currently, at a surface level, there aren’t a significant number of differences between RHEL 8 and RHEL 9. He noted that RHEL 8 will continue to be fully supported until May 2024, with support that can include the addition of new features. After that, RHEL 8 will be in maintenance mode.
That’s not to say there aren’t differences between RHEL 9 and RHEL 8. One key difference that the RHEL 9.1 milestone introduces is a security capability for remote attestation.
“With 9.1 beta, administrators are now able to validate that a remote system’s boot environment has not been tampered with,” Hendricks said. “This includes confirming that the expected kernel and associated modules are being called instead of a compromised boot image.”
The remote attestation capability is based on the open source Keylime project. RHEL 9.1 also enables better support for multilevel security (MLS), a critical requirement in some government agencies. MLS can be used to classify different components by the level of secrecy and privacy required.
Podman vs Docker
Docker is a container technology that helped to pioneer the modern use of application containers. (Docker is also the vendor’s name.) However, Docker is not the container technology that Red Hat is working to improve in RHEL 8.7 and 9.1.
Over the past several years, Red Hat has been continuing to develop the open source Podman container technology which it leads, with a number of enhancements now available in preview as part of the RHEL updates.
As part of the RHEL web console for system configuration and management, enterprise users will now be able to monitor and check Podman containers for health and availability. The web console now also lists CPU and memory utilization for Podman containers, providing better visibility for enterprise users.
“Podman is almost at feature parity with Docker,” Hendricks said. “However, it has several major feature sets that are not available in Docker.”
Among the capabilities that Hendricks sees as helping to differentiate Podman is the ability to export markup code for importing a container configuration into Kubernetes systems. Kubernetes is a widely deployed container orchestration system. Going a step further, Red Hat is also introducing Sigstore digital signing and authentication for supply chain security into Podman, enabling the container technology to both sign and verify applications.
Hendricks commented that Red Hat sees Sigstore as becoming a more integral part of application development.
“The IT Industry, developers, and even government organizations are very concerned with the concept of a Software Bill of Materials as well as Secure Software Supply Chain methodologies,” he said. “These two initiatives have led Red Hat to adopt Sigstore both for our build pipelines as well as a supported tool on our product.”
