CIQ

Rocky Linux 9: What’s New?

August 29, 2022

Rocky Linux 9 was recently released with a host of exciting features and support for new architectures. The most buzzworthy tool is Peridot, a completely cloud-native build system for managing and updating Rocky Linux. What this means is that anyone can build, enhance, and reproduce Rocky Linux independently using Peridot; it also means that the entire Rocky Linux build process and pipelines are transparent and out in the open. Given to the RESF and released as an open source project, it helps ensure that Rocky Linux will always be freely available and community controlled. 

We gathered a panel of CIQ experts to share their expertise and excitement over the latest upgrades. Hosted by Zane Hamilton, director of sales engineering, the webinar featured the founder of Rocky Linux and CEO of CIQ, Gregory Kurtzer, along with Skip Grube, senior Linux engineer, and Neil Hanlon, solutions architect.

Rocky Linux is worth the wait

Rocky Linux 9 took time to release, as Gregory explained, because it’s not simply “some binaries and some repository metadata and installers. We felt as though we’d be doing a disservice to the community if we released just the binaries that nobody else could replicate or build easily.” He affirmed, “Our goal is to create a sustainable project that can last and sustain for decades to come,” becoming “an extraordinary, stable foundation for everybody who wants to use it.”

Peridot, the new Rocky Linux build system, was developed to solidify that foundation. Neil calls it “our distribution forge” because it “takes Git and forges our distribution. It is a place where packages go to be built and presented as a repository.” Peridot, written in Golang, offers a process for building and integrating similar to Koji, “using all the same tools under the hood.” What has changed, however, is “how it gets done and the speed at which we can do builds.” As an example, Neil shared, “We were able to build over 2500 packages in parallel for x86 and AArch64,” and so “we are building these packages in a time frame that we never would’ve been able to consider before. In addition to running in Kubernetes, it means that we can essentially consume Kubernetes on any architecture that we want to, as long as we can run Kubernetes on it, and that’s how we’re building, for example, on x390x and PowerPC.”

Another primary goal in developing Peridot was to ensure that future versions of Rocky can be released in very short order after each Enterprise Linux new version release. 

Peridot’s perks

The team highlighted some of the perks of Peridot: 

  • Project structure. Skip Grube appreciates that Peridot “has a structure to it that divides things into projects.” These projects can be big, like Rocky Linux 9 with over 3,000 packages, or small with only one package. 

  • Project personalization. Special interest groups can create their own projects, like SIG Cloud, which builds special kernels for cloud infrastructure, or Skip’s new group that intends to build Raspberry Pi kernels and related packages. Neil anticipates companies using Peridot to patch or build their own Enterprise Linux packages and distributions. Even if you are not “derivating at all from the upstream or patching” but “have a certain set of RPMs that you build for internal use and you want to have a better way to orchestrate the building and integrating of those into your CI,” Peridot should be the go-to solution for companies, Neil asserted.

  • Open patch. With Peridot, we no longer need to manually apply patches and release updates. This solution, which Skip describes as a “meta patching system,” enables changes to be applied automatically, and “really, really shines for ease of use.” You can even completely replace files at build time. Neil explained how that flexibility “allows us to quickly make the changes we need to without being overly verbose. We don’t want to construct diffs and patches by hand. We just want to write it in a simple language and say, ‘We want to replace CentOS with Rocky’ or whatever else it is.”

Favorite new features of Rocky Linux 9

The team also shared their favorite new features:

  • Architecture support. Skip explained that “one of the biggest things that we have improved upon in Rocky 9 is our architecture support. In addition to running on “x86-46 Intel processors, your bread and butter, and AArch64, [which] runs a lot of phones, your Raspberry Pi, and all kinds of embedded devices, now we have architecture parity with the upstream—which means ppc64 and x390x, the IBM mainframe Z series processors. So Rocky on mainframe is here!” 

  • Default desktop environment. GNOME 40 makes it easy to use Rocky Linux as a desktop operating system. 

  • Security enhancements. Neil sees the modern Linux 5.14 kernel as a “great advancement for a lot of security changes,” enabling improvements that address Spectre and minor Spectre vulnerabilities in the hardware of newer processors as well as performance improvements. Skip is “personally very excited” because with the 5.14 kernel “you have exponentially more hardware support.” 

  • Networking changes. Linux 5.14 kernel provides built-in WireGuard support, which Neil states “could certainly be a welcome change if you’re doing site-to-site VPN connections or road warrior things with your people connecting to different servers.” In addition, “the biggest change is that the iptables-nft integration point as well as ipset are deprecated now,” replaced by the nftables framework.

  • New programming languages. Skip touts that “we’ve got Python 3.9 by default now, which I know a lot of people are excited about, including myself,” in addition to new versions of Node.js 16, Perl 5.32, PHP 8.0, and Ruby 3.0.

  • Updated toolchains. “For the compile-minded among you,” Skip shares that GCC 11.2.1 is “nice and shiny as far as Enterprise Linux is concerned.” There are also “more modern, better, bigger, major versions” of compiler toolsets including LLVM 13.0.1, CLANG, Rust 1.58.1, and Go 1.17.7, which “a lot of developers really appreciate.”

  • Audio networking upgrade. Neil is “greatly enjoying the improved functionality of PipeWire and WirePlumber over PulseAudio, especially around Bluetooth devices.”

To hear more about the nuts and bolts of the Rocky Linux 9 release, watch the webinar replay in its entirety. And, if you haven’t done so already, go try Rocky Linux 9! The CIQ team also invites you to join the already large community (7,872 members and counting!) in our MatterMost channel, https://chat.rockylinux.org/login, where you can get help from other people or offer up your own assistance.