Beta: CloudLinux 8 with 4.18 kernel is here

b2ap3_large_CLOS8Beta
In these Christmas days, I’m very happy to announce that a new version of CloudLinux 8 with a 4.18 kernel has been released to our beta repository.

Besides a lot of new features and opportunities, CloudLinux 8 brings a fresh way of managing CloudLinux-specific features. CloudLinux 8 follows the upstream (RHEL) 4.18 kernel mainline. All CloudLinux-specific features were added as a separate module (lve-kmod) and will be updated independently.

Warning!
Please note that this CloudLinux 8 Beta is not intended for use on production servers!

In the first quarter of 2020, we will continue our work on making CloudLinux OS 8 more stable and reliable based on CloudLinux OS 7 hybrid kernel which is already in production.

How to install

The best way to install CloudLinux 8 is to convert a CentOS 8 server.

  1. Get either by getting trial subscription or by purchasing subscription.
  2. Download the conversion script: cldeploy.
  3. If you have an activation key, run the following commands: 

    $ wget https://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy
    $ sh cldeploy -k
  4. If you have an IP-based license, run the following commands:

    $ sh cldeploy -i

     

  5. Reboot by running the following command:

    $ reboot

     

Once you reboot, you are running CloudLinux kernel with LVE enabled.

Alternatively, you can download and install CloudLinux 8 beta from this ISO image. Mount and boot the image, then follow the following steps.

  1. Configure a network connection as shown below.

    b2ap3_medium_network_settings
  2. Configure installation sources: select the On the network installation source and enter the following repository URL: https://www.repo.cloudlinux.com/cloudlinux/8/BaseOS/x86_64/. Also, add the additional AppStream repository URL: https://www.repo.cloudlinux.com/cloudlinux/8/AppStream/x86_64/.
    b2ap3_medium_repository_settings
  3. Select software: select the Minimal install environment.
    b2ap3_medium_software_selection

CloudLinux 8 kernel-related features

Memory

  • Memory management supports 5-level page tables, increasing the physical memory upper limit to 64 TB.
  • Non-Uniform Memory Access (NUMA) node count has been increased from 4 NUMA nodes to 8 NUMA nodes, for even bigger servers.

Security

  • Code implementing the ext4 file system has been cleaned up, making it better at preventing malicious file system images.
  • The TCP listener handling is now completely lockless, making TCP servers faster and more scalable, and improving protection against DDoS attacks.

Performance

  • Spectre V2 mitigation default changed from IBRS to Retpolines for better performance.
  • Intel Omni-Path Architecture (OPA) provides Host Fabric Interface (HFI) hardware with initialization and setup for high-performance data transfers. This gives you high bandwidth, high message rates, and low latency between compute and I/O nodes in clustered environments.
  • IOMMU passthrough is now enabled by default. This is beneficial for customers who want to pass-through hardware devices to virtual machines.
  • A new writecache module has been implemented for the Device Mapper, allowing SSD drives or other persistent memory to be used as a cache for block write operations. (Note, Caching of read operations is not implemented, since such operations are cached in the RAM pages cache.)
  • A flexible process flow control mode (cgroup.type threaded) was added to the cgroup mode to allow process threads to be managed as a single entity. With this mode, threads in the same process don’t have to belong to the same group. They can be separated into different groups, but they must be threaded and placed in the same cgroup hierarchy.
  • Improvements were made to on-the-fly resizing of file systems that use bigalloc.
  • On ext4 file systems, inode generation scalability on SMP systems is improved.

Additional notes

  • CRIU for mod_lsapi is not supported yet in CloudLinux 8 beta. The CRIU workability for mod_lsapi will be provided in the next releases.

Further reading

 

Beta: CloudLinux 8 with 4.18 kernel is here

b2ap3_large_CLOS8Beta
In these Christmas days, I’m very happy to announce that a new version of CloudLinux 8 with a 4.18 kernel has been released to our beta repository.

Besides a lot of new features and opportunities, CloudLinux 8 brings a fresh way of managing CloudLinux-specific features. CloudLinux 8 follows the upstream (RHEL) 4.18 kernel mainline. All CloudLinux-specific features were added as a separate module (lve-kmod) and will be updated independently.

Warning!
Please note that this CloudLinux 8 Beta is not intended for use on production servers!

In the first quarter of 2020, we will continue our work on making CloudLinux OS 8 more stable and reliable based on CloudLinux OS 7 hybrid kernel which is already in production.

How to install

The best way to install CloudLinux 8 is to convert a CentOS 8 server.

  1. Get either by getting trial subscription or by purchasing subscription.
  2. Download the conversion script: cldeploy.
  3. If you have an activation key, run the following commands: 

    $ wget https://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy
    $ sh cldeploy -k
  4. If you have an IP-based license, run the following commands:

    $ sh cldeploy -i

     

  5. Reboot by running the following command:

    $ reboot

     

Once you reboot, you are running CloudLinux kernel with LVE enabled.

Alternatively, you can download and install CloudLinux 8 beta from this ISO image. Mount and boot the image, then follow the following steps.

  1. Configure a network connection as shown below.

    b2ap3_medium_network_settings
  2. Configure installation sources: select the On the network installation source and enter the following repository URL: https://www.repo.cloudlinux.com/cloudlinux/8/BaseOS/x86_64/. Also, add the additional AppStream repository URL: https://www.repo.cloudlinux.com/cloudlinux/8/AppStream/x86_64/.
    b2ap3_medium_repository_settings
  3. Select software: select the Minimal install environment.
    b2ap3_medium_software_selection

CloudLinux 8 kernel-related features

Memory

  • Memory management supports 5-level page tables, increasing the physical memory upper limit to 64 TB.
  • Non-Uniform Memory Access (NUMA) node count has been increased from 4 NUMA nodes to 8 NUMA nodes, for even bigger servers.

Security

  • Code implementing the ext4 file system has been cleaned up, making it better at preventing malicious file system images.
  • The TCP listener handling is now completely lockless, making TCP servers faster and more scalable, and improving protection against DDoS attacks.

Performance

  • Spectre V2 mitigation default changed from IBRS to Retpolines for better performance.
  • Intel Omni-Path Architecture (OPA) provides Host Fabric Interface (HFI) hardware with initialization and setup for high-performance data transfers. This gives you high bandwidth, high message rates, and low latency between compute and I/O nodes in clustered environments.
  • IOMMU passthrough is now enabled by default. This is beneficial for customers who want to pass-through hardware devices to virtual machines.
  • A new writecache module has been implemented for the Device Mapper, allowing SSD drives or other persistent memory to be used as a cache for block write operations. (Note, Caching of read operations is not implemented, since such operations are cached in the RAM pages cache.)
  • A flexible process flow control mode (cgroup.type threaded) was added to the cgroup mode to allow process threads to be managed as a single entity. With this mode, threads in the same process don’t have to belong to the same group. They can be separated into different groups, but they must be threaded and placed in the same cgroup hierarchy.
  • Improvements were made to on-the-fly resizing of file systems that use bigalloc.
  • On ext4 file systems, inode generation scalability on SMP systems is improved.

Additional notes

  • CRIU for mod_lsapi is not supported yet in CloudLinux 8 beta. The CRIU workability for mod_lsapi will be provided in the next releases.

Further reading

 

imunify-logo

WEB SERVER SECURITY BLOG

Subscribe to CloudLinux Newsletter