It has been about six months since Red Hat released its last update to Red Hat Enterprise Linux (RHEL) which was 6.2. Right on time, today they released RHEL 6.3. This next point release of Red Hat's flagship Linux distro is chock full of new and improved features.

For those few of you not familiar with Red Hat's release schedule, don't be fooled into thinking this is just a minor point release. Red Hat releases an update to RHEL about every six months. Each release incorporates all of the patches and updates included from the last release, plus some more. In case you were interested though, the next major release of RHEL, 7.0, is scheduled for the second half of 2013. That means there will probably be one or two more point releases until then.

I had a chance to speak with Tim Burke, VP of Linux engineering at Red Hat about the new release. Tim is really excited about this latest version. It has significant improvements in security, virtualization and scalability. Here is a list of some of the great features crammed into RHEL 6.3:

Enhanced KVM Virtualization Features

KVM scalability enhancements in Red Hat Enterprise Linux 6.3 are bountiful. The maximum supported virtual guest size more than doubled from 64 to 160 virtual CPUs (vCPUs). This new limit is 5x the vCPUs of VMware ESX 5.0. Also vastly increased is the maximum supported memory in a KVM guest. This was upped from 512GB to 2TB. The memory increase is 4x the size of VMware ESX 5.0.

New KVM Virtualization Features

Physical to KVM Virtual Machine conversion, or Virt-P2V, is also new to this release. Virt-P2V is an ISO image that converts Microsoft Windows and Red Hat Enterprise Linux physical machines into KVM virtual machines, which can subsequently be deployed as a guest on a Red Hat Enterprise Virtualization host. The P2V ISO image runs the P2V client, which reads local disks and sends data across the network to a conversion host. The conversion host converts the source image to run on KVM and writes it out to a target hypervisor. The P2V ISO image allows customers to easily convert their physical systems into KVM guests. This conversion tool automates the laborious conversion and creation process. With a verbatim copying system, the integrity of the newly created virtual guest is preserved.

There are other significant updates to the KVM virtualization feature set as well.

Enhanced Support for VMware vSphere 5.x Feature

Support for High Availability and Resilient Storage Add-Ons for VMware vSphere has been extended to include VMWare vSphere 5.x with Red Hat Enterprise Linux 6.3. Customers electing to deploy guests on VMware vSphere 5.x can also use the available Add-Ons. In prior releases this feature was limited to KVM and vSphere 4.x installations.

Enhanced GFS2 Feature

The shared storage file system, GFS2 has received several enhancements with the Red Hat Enterprise Linux 6.3 release. GFS2 now includes read-ahead capabilities for sequentially reading directories. The data write speed has been improved even when data writes are simultaneously targeting the same node. In addition, file system check utilities for GFS2 can now be used to check the integrity of the older GFS1 file system. Along with the benefit of easing the transition from GFS1 to GFS2, this enhanced file system check results on much faster data reads, writes data faster than in previous releases, and works on all generations of the file system.

New LVM Snapshot Feature

When provisioning a new Red Hat Enterprise Linux system, a system administrator can reserve unused disk space to take advantage of the Logical Volume Manager’s snapshot merge capability. This functionality is supported for both attended and unattended scripted installations. When using LVM, the ability to provide merge snapshots with their origin givesprovides a very useful backup-restore mechanism. To take advantage of the snapshots, free space must be reserved when a system is deployed, especially when the exact size of the disk is not known to the system administrator configuring a kickstart file. Using this new feature, a customer can specify unused space either by an absolute size or by a percentage before configuring the LVM snapshots to utilize this space.

Enhanced IP Sets Feature

With the Red Hat Enterprise Linux 6.3 release, firewalls can now be configured using fewer rules. These rules can be dynamically updated without incurring a performance penalty. The storage of IP addresses, port numbers or IP addresses with MAC addresses has been improved to provide extremely fast look-ups. This makes it easier to define rules and process them at enforcement time.

Enhanced EAP-FAST Authentication Feature

Users now have the flexibility to deploy a strong authentication protocol without the overhead of digital certificates. This is possible thanks to the Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST). This alternative to the LEAP protocol provides customers with support for an array of user and password database types.

New Expanded RAID Feature

The 6.3 release also brings a new storage feature to the table with expanded software RAID support through the Logical Volume Manager (LVM). LVM now has the capability to create RAID 4/5/6 logical volumes and supports a new implementation of mirroring. The MD (software RAID) modules provide the back-end support for these new features.

Enhanced Fibre Channel of Ethernet Feature

In terms of storage enhancements, Red Hat Enterprise Linux 6.3 brings Full Support for Fibre Channel of Ethernet (FCoE) target. This feature was just bumped up from Technology Preview Status. Because of this feature, it is now possible to deploy Red Hat Enterprise Linux as a FCoE based storage server providing the same high level of reliability and performance as native Fibre Channel but at significantly lower cost.

New OpenSSH Security Features

Strong authentication is quickly becoming a standard industry practice and the availability of a two factor authentication mechanism introduces a higher level of security. This release will leverage this capability within OpenSSH to utilize two distinct inputs for authentication such as a password and a public key. Two-factor authentication will enable easier compliance with the Payment Card Industry Data Security Standards and other security regulations.

Another new security feature in the Red Hat Enterprise Linux 6.3 release is support for AES Counter Mode (AES-CTR) in OpenSSH. The Advanced Encryption Standard, also known as Rijndael specification, now includes AES-CTR Cipher for OpenSSH. Among the benefits of this feature are high-speed networking capabilities through pipelining, parallelization and key stream pre-computation. CTR mode is particularly well suited to operate on a multiprocessor machine where blocks can be encrypted in parallel.

Enhanced IBM System Z Features

The package called OpenSSL-IBMCA has been introduced with Red Hat Enterprise Linux 6.3, which makes calls directly to the hardware provided cryptography. One can now run OpenSSL and use currently available cryptography standards such as FIPS 140-2 available on System Z running Red Hat Enterprise Linux.

Enhanced SELinux Documentation

The documentation for SELinux has been significantly expanded. This update provides detailed and up-to-date documentation will make it easier for users and systems administrators to tackle day-to-day SELinux issues. For example, 400 man pages have been added to SELinux Confined System domains like httpd. These man pages can be accessed with the command ‘man -k selinux’.

New Identity Management Features

Identity Management was updates with the Red Hat Enterprise Linux 6.3 release. Support Managed Entries Management which provides the option to disable automatic private group creation for users was added. This feature simplifies the migration from NIS to IdM environments while preserving security best practices regarding UID/GID assignments.

The Red Hat Enterprise Linux 6.3 release delivers new IdM features.

Auto-membership plug-in: When users or hosts are added to the Directory Server, the administrator needs to assign them to a particular group. This plug-in automatically places users into user groups and hosts into host groups. By virtue of this feature, managing identities is easier and faster for the administrator.

Session data caching pprovides performance improvements over constant GSSAPI re-notification on every request in Web UI. The feature will reduce the load on identification/authentication servers for better performance.

Native support of Netgroups and the services map in SSSD. SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms, including Identity Management. SSSD now understands the internal Identity Management format for Netgroups. This provides better integration and eases the central management of the system users and resources.Session data caching, which provides performance improvements

New OpenJDK 7 Feature

Red Hat Enterprise Linux 6.3 introduces OpenJDK 7. This is the latest open source Java implementation and it includes extensions to support dynamically-typed languages. These can run on the JVM, class loader enhancements, support for Unicode 6.0 and updated I/OI and networking APIs. Customers will be able to develop and test applications on the most current open source Java implementation, which is provided as an integral part of the operating system for customer convenience.

New LibreOffice Feature

LibreOffice replaced OpenOffice as the standard office productivity suite in Red Hat Enterprise Linux 6. The 6.3 upgrade offers a new set of LibreOffice packages to replace remaining OpenOffice packages. There will be complete compatibility of documents between the older packages and LibreOffice’s newer ones. This offers faster bug fixes and improved MS Office compatibility