- Chapter 1. The Linux kernel
- 1.1. What the kernel is
- 1.2. RPM packages
- Types of RPM packages
- 1.3. The Linux kernel RPM package overview
- 1.4. Displaying contents of the kernel package
- 1.5. Updating the kernel
- 1.6. Installing specific kernel versions
- What is the latest kernel release for my version of Red Hat Enterprise Linux?
- Getting the latest kernel for your RHEL systems
- Summary
- Additional comments
- Chapter 4. Kernel features
- 4.1. Control groups
- 4.1.1. What is a control group?
- 4.1.2. What is a namespace?
- 4.1.3. Supported namespaces
Chapter 1. The Linux kernel
Learn about the Linux kernel and the Linux kernel RPM package provided and maintained by Red Hat (Red Hat kernel). Keep the Red Hat kernel updated, which ensures the operating system has all the latest bug fixes, performance enhancements, and patches, and is compatible with new hardware.
1.1. What the kernel is
The kernel is a core part of a Linux operating system that manages the system resources and provides interface between hardware and software applications. The Red Hat kernel is a custom-built kernel based on the upstream Linux mainline kernel that Red Hat engineers further develop and harden with a focus on stability and compatibility with the latest technologies and hardware.
Before Red Hat releases a new kernel version, the kernel needs to pass a set of rigorous quality assurance tests.
The Red Hat kernels are packaged in the RPM format so that they are easily upgraded and verified by the dnf package manager.
Kernels that have not been compiled by Red Hat are not supported by Red Hat.
1.2. RPM packages
An RPM package is a file containing other files and their metadata (information about the files that are needed by the system).
Specifically, an RPM package consists of the cpio archive.
The cpio archive contains:
- Files
- RPM header (package metadata) The rpm package manager uses this metadata to determine dependencies, where to install files, and other information.
Types of RPM packages
There are two types of RPM packages. Both types share the file format and tooling, but have different contents and serve different purposes:
- Source RPM (SRPM) An SRPM contains source code and a SPEC file, which describes how to build the source code into a binary RPM. Optionally, the patches to source code are included as well.
- Binary RPM A binary RPM contains the binaries built from the sources and patches.
1.3. The Linux kernel RPM package overview
The kernel RPM is a meta package that does not contain any files, but rather ensures that the following required sub-packages are properly installed:
- kernel-core — contains the binary image of the Linux kernel ( vmlinuz ).
- kernel-modules-core — contains the basic kernel modules to ensure core functionality. This includes the modules essential for the proper functioning of the most commonly used hardware.
- kernel-modules — contains the remaining kernel modules that are not present in kernel-core .
The kernel-core and kernel-modules-core sub-packages together can be used in virtualized and cloud environments to provide a RHEL 9 kernel with a quick boot time and a small disk size footprint. kernel-modules sub-package is usually unnecessary for such deployments.
Optional kernel packages are for example:
- kernel-modules-extra — contains kernel modules for rare hardware and modules which loading is disabled by default.
- kernel-debug — contains a kernel with numerous debugging options enabled for kernel diagnosis, at the expense of reduced performance.
- kernel-tools — contains tools for manipulating the Linux kernel and supporting documentation.
- kernel-devel — contains the kernel headers and makefiles sufficient to build modules against the kernel package.
- kernel-abi-stablelists — contains information pertaining to the RHEL kernel ABI, including a list of kernel symbols that are needed by external Linux kernel modules and a dnf plug-in to aid enforcement.
- kernel-headers — includes the C header files that specify the interface between the Linux kernel and user-space libraries and programs. The header files define structures and constants that are needed for building most standard programs.
- kernel-uki-virt — contains the Unified Kernel Image (UKI) of the RHEL kernel. UKI combines the Linux kernel, initramfs , and the kernel command line into a single signed binary which can be booted directly from the UEFI firmaware. kernel-uki-virt contains the required kernel modules to run in virtualized and cloud environments and can be used instead of the kernel-core sub-package.
Additional resources
1.4. Displaying contents of the kernel package
View the contents of the kernel package and its sub-packages without installing them using the rpm command.
Prerequisites
- Obtained kernel , kernel-core , kernel-modules , kernel-modules-extra RPM packages for your CPU architecture
$ rpm -qlp kernel_rpm>
(contains no files) …
$ rpm -qlp kernel-core_rpm>
… /lib/modules/5.14.0-1.el9.x86_64/kernel/fs/udf/udf.ko.xz /lib/modules/5.14.0-1.el9.x86_64/kernel/fs/xfs /lib/modules/5.14.0-1.el9.x86_64/kernel/fs/xfs/xfs.ko.xz /lib/modules/5.14.0-1.el9.x86_64/kernel/kernel /lib/modules/5.14.0-1.el9.x86_64/kernel/kernel/trace /lib/modules/5.14.0-1.el9.x86_64/kernel/kernel/trace/ring_buffer_benchmark.ko.xz /lib/modules/5.14.0-1.el9.x86_64/kernel/lib /lib/modules/5.14.0-1.el9.x86_64/kernel/lib/cordic.ko.xz …
$ rpm -qlp kernel-modules_rpm>
… /lib/modules/5.14.0-1.el9.x86_64/kernel/drivers/infiniband/hw/mlx4/mlx4_ib.ko.xz /lib/modules/5.14.0-1.el9.x86_64/kernel/drivers/infiniband/hw/mlx5/mlx5_ib.ko.xz /lib/modules/5.14.0-1.el9.x86_64/kernel/drivers/infiniband/hw/qedr/qedr.ko.xz /lib/modules/5.14.0-1.el9.x86_64/kernel/drivers/infiniband/hw/usnic/usnic_verbs.ko.xz /lib/modules/5.14.0-1.el9.x86_64/kernel/drivers/infiniband/hw/vmw_pvrdma/vmw_pvrdma.ko.xz …
$ rpm -qlp kernel-modules-extra_rpm>
… /lib/modules/5.14.0-1.el9.x86_64/extra/net/sched/sch_cbq.ko.xz /lib/modules/5.14.0-1.el9.x86_64/extra/net/sched/sch_choke.ko.xz /lib/modules/5.14.0-1.el9.x86_64/extra/net/sched/sch_drr.ko.xz /lib/modules/5.14.0-1.el9.x86_64/extra/net/sched/sch_dsmark.ko.xz /lib/modules/5.14.0-1.el9.x86_64/extra/net/sched/sch_gred.ko.xz …
Additional resources
1.5. Updating the kernel
Update the kernel using the dnf package manager.
- To update the kernel, enter the following command:
# dnf update kernel
Additional resources
1.6. Installing specific kernel versions
Install new kernels using the dnf package manager.
- To install a specific kernel version, enter the following command:
# dnf install kernel-
Additional resources
What is the latest kernel release for my version of Red Hat Enterprise Linux?
I read an interesting question on the Red Hat Learning Community forums recently. What is the latest kernel version for my version of Red Hat Enterprise Linux (RHEL)? In this post we’ll see how you can find out.
Some users, trying to be helpful, gave a specific version of the kernel package. Unfortunately, that might only be valid at the time of writing. A better approach would be to understand where to get that information about the latest kernel version for a given version of RHEL.
When Red Hat releases a major or minor update to RHEL, they ship it with a specific branch of the kernel version. This page in the customer portal shows the kernel version «branch» associated with a release of RHEL (e.g. RHEL7.6).
Figure 1: Listing of RHEL releases with kernel versions
That means, for example with RHEL7.6, that it shipped with the kernel version branch 3.10.0-957. From an operating system point of view, that kernel is built from source 3.10.0 available from the kernel package. The Red Hat distributed kernel package has its own versioning, in this case, 957.
Looking at the kernel packages in Figure 2, one can see that at the time of writing, the latest version of that kernel package’s branch 3.10.0-957 is 3.10.0-957.38.3, found here:
There are newer kernel versions available in other branches, such as kernel version 3.10.0-1062 (for RHEL7.7), and 4.18.0-80 (for RHEL8). They are not from the same branch and are not intended for RHEL7.6.
Getting the latest kernel for your RHEL systems
Where to download the latest kernel? The latest kernel for a specific version of RHEL should be installed within the OS, using the yum command. The full command to list the kernel package available is:
The RHEL administrator, with a system that has the latest available kernel installed, should be confident that the system has updates installed that comply with their organization’s requirements. The Red Hat team makes the latest kernel version available in the RHEL repos. So it should be the question of only seeing what the latest version of the kernel package is available for that system using yum list kernel . But there are several reasons why your system’s view of the latest available kernel may be different than the one available directly from the Red Hat Customer Portal:
- The system is connected to Red Hat Satellite. Red Hat Satellite allows administrators to provide specific packages to systems within their organization. This is accomplished with a “Content View.” It could be that the system subscribed to a Red Hat Satellite is registered to some «Content Views» which are not updated. As a result, the command yum list kernel is not showing the latest version of that kernel package branch locally because an update is not available from the Satellite server.
- There is an add-on for the Red Hat Enterprise Linux subscription called Extended Update Support (EUS). EUS is used by organizations that want to stay on a minor or «dot» release of Red Hat Enterprise Linux for a longer period of time instead of moving to a new minor release.
(read the «Available from» and the «Repo label»)
Figure 2: Illustration to show the kernel 3.10.0-957.38.3.el7 if available from products in these repos label
Summary
The source of the information for knowing the latest kernel version of a given RHEL version is within RHEL.
The command yum list kernel shows what has been officially prepared and released for that version of RHEL. It is possible to see the latest version of the kernel packages for a given kernel version branch online. That might not be the latest version available for a given system depending on subscriptions, access to repositories and internal management if using Red Hat Satellite.
Additional comments
The information above is how it should be. Sometimes, at operational level it is possible to modify the kernel in order to support a specific device or not supported hardware. So it is possible to see that some RHEL users have installed a different kernel version branch on a given RHEL. Maybe that has an impact on official Red Hat support. Possibly, a better action if a newer kernel is required would be to upgrade RHEL itself.
Chapter 4. Kernel features
This chapter explains the purpose and use of kernel features that enable many user space tools and includes resources for further investigation of those tools.
4.1. Control groups
4.1.1. What is a control group?
Control Group Namespaces are a Technology Preview in Red Hat Enterprise Linux 7.5
Linux Control Groups (cgroups) enable limits on the use of system hardware, ensuring that an individual process running inside a cgroup only utilizes as much as has been allowed in the cgroups configuration.
Control Groups restrict the volume of usage on a resource that has been enabled by a namespace . For example, the network namespace allows a process to access a particular network card, the cgroup ensures that the process does not exceed 50% usage of that card, ensuring bandwidth is available for other processes.
Control Group Namespaces provide a virtualized view of individual cgroups through the /proc/self/ns/cgroup interface.
The purpose is to prevent leakage of privileged data from the global namespaces to the cgroup and to enable other features, such as container migration.
Because it is now much easier to associate a container with a single cgroup, containers have a much more coherent cgroup view, it also enables tasks inside the container to have a virtualized view of the cgroup it belongs to.
4.1.2. What is a namespace?
Namespaces are a kernel feature that allow a virtual view of isolated system resources. By isolating a process from system resources, you can specify and control what a process is able to interact with. Namespaces are an essential part of Control Groups.
4.1.3. Supported namespaces
The following namespaces are supported from Red Hat Enterprise Linux 7.5 and later
- The mount namespace isolates file system mount points, enabling each process to have a distinct filesystem space within wich to operate.