Upstart Plans to Ease Linux Management - page 3
Streamlining the init Processes
The 2.6 Linux kernel has undergone amazing progress in a short time frame, so much so that I don't bother with reporting on every point release. But the latest release, 2.6.20, caught my interest initially because of Linus' typically droll introduction:
"As ICD head analyst Walter Dickweed put it: 'Releasing a new kernel on Superbowl Sunday means that the important 'pasty white nerd' constituency finally has something to do while the rest of the country sits comatose in front of their 65" plasma screens'."
And then because of shiny features like KVM, the Kernel-based Virtual Machine. Xen is the virtualization media darling, but it's not the only game in town. KVM runs unmodified Linux and Windows guest operating systems. Yeah, right, you say, slow like early versions of VMWare. Actually, performance should be pretty good because KVM requires Intel CPUs that have VT (which is a clever abbreviation for "Virtualization Technology") extensions, or AMD CPUs with AMD-V, which is the same thing with a different name. If you're wondering if your system is equipped with either of these, run this command to find out:
$ egrep '^flags.*(vmx|svm)' /proc/cpuinfo
This release includes official support for the Sony Playstation 3, with patches contributed by Sony engineers, so for you folks who like running Linux on Playstations, this one's for you. It's not complete support--it doesn't include drivers, but it does save you from having to patch the kernel.
2.6.20 incorporates multi-threaded USB probing, which should shave a few seconds off boot times. The new improved generic HID (Human Interface Device) layer replaces the old not-generic HID layer, which only supported USB devices. Now it's capable of supporting any subsystem: Bluetooth, PS/2, serial ports, and whatever else you want to throw at it.
The minimum required compiler is now gcc 3.2.
The current Netfilter implementation may cause woe and cause your existing ruleset to not work anymore, because of changed configuration names. The kernel developers are unamused by these changes. To quote Linus Torvalds:
"I do think that the netfilter team has been very irritating in changing the config names, even if it 'is logical.' Somebody should stop the madness, and tell people what config options they need for a regular iptables setup like this."
This shouldn't affect anyone who relies on distribution kernels, which presumably are tested, but could bite users who download and build iptables from sources. The easy workaround is "enable everything."
The good news about iptables is more improvements to VoIP-related connection tracking- a SIP helper port, and a H.323 helper port. SIP is notoriously difficult to get through NAT firewalls. Fortunately the Netfilter team have been hard at work adding and improving SIP connection-tracking to iptables, which has been in the mainline kernel since 2.6.18.
The last thing I deem noteworthy is the addition of a sizable number of hardware drivers. Check out the complete change list at Kernelnewbies.org to see if anything you need is in there.
- Upstart in Universe
- Linux: 2.6.20 Kernel Released
- regression: iptables failed to load rules
- Complete change list at Kernelnewbies.org
- Tips and Tricks for the Linux Network Admin includes some sample iptables rules for SIP connection-tracking.
This article originally appeared on Enterprise Networking Planet, a JupiterWeb site.