People associate running pods with Kubernetes. And when they run containers in their development runtimes, they do not even think about the role pods could play—even in a localized runtime. Most people coming from the Docker world of running single containers do not envision the concept of running pods. There are several good reasons to consider using pods locally, other than using pods to naturally group your containers.
For example, suppose you have multiple containers that require the use of a MariaDB container. But you would prefer to not bind that database to a routable network; either in your bridge or further. Using a pod, you could bind to the
localhost address of the pod and all containers in that pod will be able to connect to it because of the shared network name space.
Continue reading “Podman: Managing pods and containers in a local container runtime”
Open vSwitch (OVS) can use the kernel datapath or the userspace datapath. There are interesting developments in the kernel datapath using hardware offloading through the TC Flower packet classifier, but in this article, the focus will be on the userspace datapath accelerated with the Data Plane Development Kit (DPDK) and its new feature—partial flow hardware offloading—to accelerate the virtual switch even more.
This article explains how the virtual switch worked before versus now and why the new feature can potentially save resources while improving the packet processing rate.
Continue reading “Speeding up Open vSwitch with partial hardware offloading”
OVN (Open Virtual Network) is a subcomponent of Open vSwitch (OVS). It allows for the expression of overlay networks by connecting logical routers and logical switches. Cloud providers and cloud management systems have been using OVS for many years as a performant method for creating and managing overlay networks.
Lately, OVN has come into its own because it is being used more in Red Hat products. The result has been an increased amount of scrutiny for real-world scenarios with OVN. This has resulted in new features being added to OVN. More importantly, this has led to tremendous changes to improve performance in OVN.
In this article, I will discuss two game-changing performance improvements that have been added to OVN in the past year, and I will discuss future changes that we may see in the coming year.
Continue reading “Performance improvements in OVN: Past and future”
Diving into XDP
In the first part of this series on XDP, I introduced XDP and discussed the simplest possible example. Let’s now try to do something less trivial, exploring some more-advanced eBPF features—maps—and some common pitfalls.
XDP is available in Red Hat Enterprise Linux 8 Beta, which you can download and run now.
Continue reading “Using eXpress Data Path (XDP) maps in RHEL 8 Beta: Part 2”
With Red Hat Enterprise Linux (RHEL) 8 Beta, two major versions of Java will be supported: Java 8 and Java 11. In this article, I’ll refer to Java 8 as JDK (Java Development Kit) 8 since we are focusing on the development aspect of using Java. JDK 8 and JDK 11 refer to Red Hat builds of OpenJDK 8 and OpenJDK 11 respectively. Through this article, you’ll learn how to install and run simple Java applications on RHEL 8 Beta, how to switch between two parallel installed major JDK versions via
alternatives and how to select one of the two JDKs on a per-application basis.
Continue reading “How to install Java 8 and 11 on Red Hat Enterprise Linux 8 Beta”
Open Virtual Network (OVN) is a subproject of Open vSwitch (OVS), a performant, programmable, multi-platform virtual switch. OVN adds to the OVS existing capabilities the support for overlay networks by introducing virtual network abstractions such as virtual switches and routers. Moreover, OVN provides native methods for setting up Access Control Lists (ACLs) and network services such as DHCP. Many Red Hat products, such as Red Hat OpenStack Platform and Red Hat Virtualization, are now using OVN, and Red Hat OpenShift Container Platform will be using OVN soon.
In this article, I’ll cover how OVN ARP/ND_NS actions work, the main limitations in the current implementation, and how to overcome those. First, I’ll provide a brief overview of OVN’s architecture to facilitate the discussion:
Continue reading “IP packet buffering in OVN”
XDP: From zero to 14 Mpps
In past years, the kernel community has been using different approaches in the quest for ever-increasing networking performance. While improvements have been measurable in several areas, a new wave of architecture-related security issues and related counter-measures has undone most of the gains, and purely in-kernel solutions for some packet-processing intensive workloads still lag behind the bypass solution, namely Data Plane Development Kit (DPDK), by almost an order of magnitude.
But the kernel community never sleeps (almost literally) and the holy grail of kernel-based networking performance has been found under the name of XDP: the eXpress Data Path. XDP is available in Red Hat Enterprise Linux 8 Beta, which you can download and run now.
Continue reading “Achieving high-performance, low-latency networking with XDP: Part I”
Networks are fun to work with, but often they are also a source of trouble. Network troubleshooting can be difficult, and reproducing the bad behavior that is happening in the field can be painful as well.
Luckily, there are some tools that come to the aid: network namespaces, virtual machines,
netfilter. Simple network setups can be reproduced with network namespaces and
veth devices, while more-complex setups require interconnecting virtual machines with a software bridge and using standard networking tools, like
tc, to simulate the bad behavior. If you have an issue with ICMP replies generated because an SSH server is down,
iptables -A INPUT -p tcp --dport 22 -j REJECT --reject-with icmp-host-unreachable in the correct namespace or VM can do the trick.
This article describes using eBPF (extended BPF), an extended version of the Berkeley Packet Filter, to troubleshoot complex network issues. eBPF is a fairly new technology and the project is still in an early stage, with documentation and the SDK not yet ready. But that should improve, especially with XDP (eXpress Data Path) being shipped in Red Hat Enterprise Linux 8 Beta, which you can download and run now.
Continue reading “Network debugging with eBPF (RHEL 8 Beta)”
In this article, I discuss containers, but look at them from another angle. We usually refer to containers as the best technology for developing new cloud-native applications and orchestrating them with something like Kubernetes. Looking back at the origins of containers, we’ve mostly forgotten that containers were born for simplifying application distribution on standalone systems.
In this article, we’ll talk about the use of containers as the perfect medium for installing applications and services on a Red Hat Enterprise Linux (RHEL) system. Using containers doesn’t have to be complicated, I’ll show how to run MariaDB, Apache HTTPD, and WordPress in containers, while managing those containers like any other service, through systemd and
Additionally, we’ll explore Podman, which Red Hat has developed jointly with the Fedora community. If you don’t know what Podman is yet, see my previous article, Intro to Podman (Red Hat Enterprise Linux 7.6) and Tom Sweeney’s Containers without daemons: Podman and Buildah available in RHEL 7.6 and RHEL 8 Beta.
Continue reading “Managing containerized system services with Podman”
TL;DR Of course we have Python! You just need to specify if you want Python 3 or 2 as we didn’t want to set a default. Give
yum install python3 and/or
yum install python2 a try. Or, if you want to see what we recommend you install
yum install @python36 or
yum install @python27. Read on for why:
For prior versions of Red Hat Enterprise Linux, and most Linux Distributions, users have been locked to the system version of Python unless they got away from the system’s package manager. While this can be true for a lot of tools (ruby, node, Perl, php) the Python use case is more complicated because so many Linux tools (like yum) rely on Python. In order to improve the experience for RHEL 8 users, we have moved the Python used by the system “off to the side” and we introduced the concept of Application Streams based on Modularity.
Continue reading “What, No Python in RHEL 8 Beta?”