Red Hat Enterprise Linux 8.2 | Stefanie Chiras

In this special edition of TFiR Newsroom, we are offering exclusive interviews from the Red Hat Summit. In this interview Stefanie Chiras, Vice president, and general manager, Red Hat Enterprise Linux talks about not only RHEL (Red Hat Enterprise Linux 8.2), but also how RHEL has evolved over time to serve customers running workloads like AI & ML.

An abridged transcript of the interview.

Swapnil Bhartiya: As companies try to remain operations during this crisis. IT, Cloud, and remote work have become the lifeline. How prepared for RHEL for such a scenario?
Stefanie Chiras: I think we’re clearly facing unprecedented times and not only for people personally but of course for the IT and how businesses run. And I think you touched on a couple of points. I think the use cases are changing because everyone has gone fully remotely.

Some businesses need to burst their ability to use infrastructure, that’s causing additional challenges. And on the flip side, to your point on the infrastructure level, it’s much harder to get your folks standing there in front of the hardware and being able to do things like updates and so forth. I would say there are some fundamental things when we’ve always approached RHEL to be an enterprise Linux. I mean, that’s our focus. So, things like security and resiliency have always been important to us.

Dating back to our RHEL roots, with things like SELinux in there. We have continuously progressed in that space in driving those aspects of it. So, I’d say one thing that, and we announced in October actually, an update to our security policy. Our focus, with our security team,on looking at things like CVEs and our ability to help customers mitigate those CVEs across the entire lifecycle of the product.

We have classified our CVEs into criticals and importance and so forth. We have always guaranteed that we will help mitigate criticals. In the past, we had committed to mitigating certain importance, but it was not a blanket statement of all importance. In October, we changed that policy. So now, we mitigate all supported versions of RHEL from six going forward for all criticals and importance. And that was based upon… and this is one thing that’s important to me, that was based upon customer asks.

That was us engaging with customers and them saying, listen, we’re chasing tools that are popping flags based upon CVE scores and we don’t know how to understand which ones we need to mitigate in our implementation and which ones we don’t. That was a big step forward for us and that will to continue to pay off and focuses subscriptions. I think the other piece that I’d really like to highlight is, back when we did RHEL 8, we announced what we call insights. And insights were put into and is available in every subscription, RHEL 6.4 and forward.

But what that is, is it’s our ability in an opt-in SAS environment for us to help bring Red Hat expertise and knowledge directly into the data center and that piece, while we launched it last year with one capability called adviser, which gave some visibility to how the infrastructure is running, this announcement here, we have expanded that capability dramatically with things like drift monitoring and things like CVE coverage to a much deeper granularity, patching and checking patches.

What this does is it really amplifies the skills that are in an ops team already and that what the skills within a sysadmin team already, and this provides a Red Hat consultation, if you will, directly into the data center. To me, as we look at our current situation, never has it been more important to have an operating system that is resilient and secure, and we’re focused on that. But also this insights capability allows much more efficient operational advancement.

The third piece, which you touched on too is the need for Public Cloud. Now, our focus has always been to provide a consistent Linux experience across a Hybrid Cloud and that Hybrid Cloud is open, with choice across multiple Public Clouds. We have added in things like subscription watch. Subscription watch allows you to look at the subscriptions you’ve purchased and how are they deployed on-prem in a cloud and get a single view of that. So that’s really focusing on that hybrid capability and being able to get full knowledge of how you’re deploying it.

Our focus in our subscriptions is for us to continue to add value and for customers to be able to get the most value out of their subscription. I think insights is a huge step forward in that. Us adding the security capabilities is a huge step forward in that. And then, of course, we’ve partnered with the rest of the portfolio. Things like OpenShift- all of that comes together in a Red Hat story.

Swapnil Bhartiya: And if you look at the version 8.2, I think it was released last week. How many of these features made into 8.2 or to simplify it for you, can you talk about some of the major highlights or major features of this release in the context of what we just talked about?
Stefanie Chiras: Yeah, I think there are some key things that… I think 8.2 marks our commitment and delivery on the promises we made last year when we announced RHEL 8. When we announced RHEL 8, it was a real bit of a game-changer for us. We wanted to redefine the value that an operating system provides to a customer in many aspects. One is, how does it help you run the business better? And secondly, how does it help you grow the business with innovation. And we’ve really positioned it in those two spaces.

We did some things around that operational efficiency aspect. What we heard from customers was the predictability of minor releases and major releases. Them not knowing when they were coming was causing disruptions for them. So 8.2 is now the second time we have delivered on our commitment to having minor releases every six months. That’s a big deal for us.

And so, as we look at the features that come in and we’ll talk about some of those. I think we have become very disciplined internal to say, there is value to customers to having predictability of minor releases on a six-month cycle. We drive as much feature function as we can in that and then we know that in six months we’ll be adding new innovation. So that’s key to us and I think that was a big step for us to take.

When you look at the capabilities that are in there, I mentioned the security updates, that, of course, will continue and that was a big step for us. We added the insights capability. To me, that’s probably one of the most impactful adds to the subscription, because now even between minor releases, we continuously add better rules, more rules, more capabilities. So that’s like this subscription gift that keeps on giving and we’re very committed to having that provide better operational efficiency, tying back to situations like now where it’s really tough to get your skills into the data center.

And then if we move forward now into the new innovation areas, you’ll see we’ve had application streams which we announced in RHEL 8. We have now added in updated versions of Buildah and Scopia, which are container tools native into RHEL. We now have containerized versions of those. So we’ll continue to progress there.

And then we’ve done some things about in-place upgrades, being able to directly in-place upgrade from a RHEL 7 version into 8.2. We made a set of commitments to ourselves and to the market and to our customers when we announced RHEL 8, I feel like 8.2 is our delivering upon that promise on many aspects of where we see an operating system really can provide value.

Swapnil Bhartiya: Right. And if you do look at these modern workloads and where the modern OS adds value, we also look at emerging technologies like AI & ML. I mean, I don’t know if machine learning or AI is emerging anymore, but if you look at the OS itself, how is it evolving to serve the needs of such workloads? Or it doesn’t really matter, because the way Linux or RHEL has been developed, it has been evolving in a very organic manner.
Stefanie Chiras: Yeah. That’s a great question. And to your point on AI and ML right, it’s hard to say that it’s not emerging, because there’s so much more that can be done with it. It’s like, yes, there’s stuff being done, but there’s so much more that can be done. I think one of the great things about AI and machine learning is, first off, it starts with the fact that innovation like machine learning, deep learning, artificial intelligence, all being built upon Linux.

So Linux has become that foundation for innovation, Public Cloud, all built on Linux. The AI learning, all built on Linux. So Linux is kind of this foundation and it has now become the springboard of innovation. What our role is, is to make sure that Linux, when it’s ready to be deployed in production in an environment that we’re facing today with resiliency and stability and security issues, that’s where RHEL plays.

So, as we look at these emerging and ever-developing things come into production, that’s where we play. The second piece, I think, and this is probably one of the most interesting things about that particular space you brought up is, AI and machine learning and deep learning is driving a real change in the hardware aspect of what’s being done. Not only the software but the hardware.

So now, you look at what we do in RHEL and at Red Hat. We are all about the ecosystem and we have been partnering with multiple architectures for a long time. That’s part of our core value proposition. Providing that choice across multiple architectures. Whether it be an x86 architecture, ARM, Power, mainframe with IBM Z. We want to provide customers that choice. Now you pull in capabilities like FPGAs, GPU capability, our partnership with Nvidia.

When you look into space like machine learning and deep learning and AI, it’s really how do you bridge that evolving and ever-evolving and more complex ecosystem, but make that consumable into an enterprise. And that’s what gets me so excited about it. I come from a hardware background, so I really appreciate when the hardware provides differentiation for those workloads. And that’s where all of this is coming together. So we’re very focused on our ecosystem, making sure that we’re working in the right upstream communities with the right ISVs, with the right hardware partners to make all of that magic come together.

And I think what we’re also seeing is our presence in the technical computing space as AI is progressing and technical computing, they’re coming to this point where they’re becoming more and more similar because of this really aggressive analytics type of work. Our work and our background there is really providing us help. You look at some key systems like Summit and Sierra, leading the top 500 supercomputers. That was work that we did. It’s built upon Power architecture and now thankfully, some of those systems are working on the COVID work.

So, I think it comes down when it comes to AI, it comes down to having an ecosystem being there when the hardware is progressing when the ISVs are progressing. But, boy, it’s just the start of the opportunity that’s available there.

Swapnil Bhartiya: And since we are talking about emerging technologies, I can’t not talk about edge computing. So, where is edge computing in the radar of RHEL.
Stefanie Chiras: I think, and you’ll hear it at the summit when we look edge computing and now I think the use cases are becoming clear because even two years ago it was like people said edge and there are so many different aspects of what’s the use case you mean? I think we’re really approaching it at Red Hat as a portfolio story around the edge. When you look at the area like Telco, and you’ll be hearing a lot about this at the summit, when we look at the area of Telco where containers are really driving a lot of the new advancements, we have a really strong focus with OpenShift there bringing in our Kubernetes capabilities.

Now, OpenShift runs on RHEL. RHEL is the Linux that underpins it. So the things that we do in security and the tooling that we provide, that all feeds up into the OpenShift environment. But as you span out across that edge environment, what we’re seeing is in that core space where containers are being deployed, we’ve really positioned OpenShift again, all built on RHEL and RHEL CoreOS, but there’s an area out at the edge where [inaudible 00:12:53] What I call device edge. It’s that first aggregation point of all your sensors. That is a small, takes hardware often from the data center, but it’s a small server like footprint that can provide even acceleration capabilities but aggregates that data.

Those are really unique use case where sometimes those systems go out, there deployed for a long time, they need a tailored RHEL. So, it may be smaller, but we allow that with tools like image builder, you can pull that down into a tailored version of RHEL. You can launch that and you still bring in the security, resiliency, the consistency by using things like image builder. That’s a place where long life cycle is important and that’s where RHEL plays.

I think what you’ll see is a Red Hat story around Edge, where OpenShift built on RHEL has a huge extension, but then we bring an operational consistency in the use cases where the life cycle is required. It’s either a single container, but it’s single-server deployments, not cluster deployments. That’s where RHEL can really play. And then you bring Ansible. I really like the edge story from Red Hat, because it really is a portfolio story. I don’t think you can talk about the edge in any one single use case anymore. It’s very comprehensive.

Swapnil Bhartiya: And as you said, you have to bring all these things and you have to bring at some point Kubernetes also into the discussion, though the Linux of the cloud is to Linux, sometimes people do say that Kubernetes is the Linux of the cloud in a way or because of its popularity and everything else. So can you talk a bit about how these two adjacent technologies are keeping a up with each other. Because Kubernetes is being developed at their own pace and the Kernel is being developed at its own pace, but you have to serve some of those common goals. So talk about that work.
Stefanie Chiras: Sure, absolutely. And I think we’re driving a very tight partnership, of course, with the OpenShift team. So, if you look at how Linux is deployed within a Kubernetes environment, it’s very different. It’s actually much more complicated than in a traditional deployment. I think we’ve made some key changes here that it’s helpful to step through. When you look at OpenShift and its ability in Kubernetes to be updated and pull new updates. It needed to be updated with the kernel. And because the Kubernetes calls into the kernel are so tightly wound, it’s just like they work together so tightly. And so that’s why we created RHEL CoreOS. Red Hat Enterprise Linux CoreOS.

And what that is, is really an optimized version of RHEL for the OpenShift experience. It’s deployed as an immutable, it is a feature within OpenShift, the packages are selected in order to optimize the OpenShift experience. So it’s tailored, it’s narrow, and it gets updated as part of your OpenShift update to provide that single comprehensive because when you look at security, you need that Kubernetes and that kernel to be updated together. And that was key for us.

Now, if you look at that Linux deployment up into the container, and this is where it starts to get unique, is that in a Kubernetes based or container environment, you have Linux in your container. That user space is captured in the container. So, if you look at a security issue that touches the user space, you really need to know what is in that container and what’s the userspace. And for that reason we released a universal base image, which is a, anyone can use it, you can redistribute it. But once that userspace is used on RHEL or on OpenShift, that full-stack, we fully support it, because now we know we can provide that consistent Linux experience that you know about on RHEL. But we can provide that across the kernel, the Kubernetes and the userspace.

And that’s key because as you said, Kubernetes is a new way to deploy Linux. That’s what it is. And so we’re very focused on providing operational consistency by leveraging our technology in RHEL and then bringing in that incredible capability of Kubernetes within our OpenShift product line. So it really is a tight collaboration. I think it’s moving forward, but what we’re really focused on, what is the customer experience so that they know they get easy updates with consistency and reliability, resiliency and security. We’re pulling all of that together, but it’s a fascinating space to watch. Such great advancements going on.

You may also like

What IBM’s acquisition of HashiCorp means for Terraform licensing

Apiiro wants to be the Diamond Standard for Application Security Posture Management

Akamai further fortifies its API Security with latest PCI DSS Compliance

If Iron Man has Jarvis, Transposit has Tanya

Bringing vCluster to Rancher is healthy competition: Lukas Gentele

How to choose best observability practices: Julian Fischer