The significance of enterprise open source

Red hat's container cloud is OpenShift, It contains K8S、CRI-O、EFK、OVS And so on . Before the red hat launch , There will be a lot of consolidation 、 Repair bug, And provide enterprise level technical support .

that , If someone jumps out and says , I can take it OpenShift These related open source components are installed one by one , And put it together , It's no better than OpenShift Less , Why do I have to pay for you OpenShift Subscription services for ?

What I want to say is : Decided to use K8S, still OpenShift The essence of , It's not whether we can install all these open source components , It depends on whether you have the energy to pursue dozens of upstream open source communities related to container cloud 、 Whether they have the ability to integrate components themselves 、 If something goes wrong, it's all on its own , And production business system problems , Is there so much time to allow yourself to locate the fault ? If you can , Then there's no problem .

So , The meaning of enterprise open source software , It's not about features . Only closed source software can close the source code , The formation of functional asymmetry . Enterprise open source in the enterprise does not have to spend a lot of time in a variety of open source software problem solving 、 Open source technology route selection . But more focused on doing their own business innovation .

Get down to business .

What is? Tomcat

Apache Tomcat By Apache Software Foundation(ASF) Developed an open source Java WEB application server . all the time ,Tomcat stay Web Server There is a high market share in all fields .


It's important to point out that :Tomcat At the heart of it is a Servlet Container , Instead of Application Server. common Application Server Usually embedded Servlet Container( Integrate Tomcat、Undertow etc. ). The second in the picture above JBoss/WildFly, It's red hat JBOSS EAP( application server ) Community version of .EAP Except for Servlet Container, Also contains EJB Container.

since Tomcat So popular 、 To use . So let's run some Web application , stay CentOS Up operation Tomcat, It looks like a good choice . in fact , Many enterprises have done so , Especially Internet companies .

then , It's this global fashion Web Server, A lot of security holes have been exposed . It's a problem , The only solution is , Follow the list , One by one .


that , Red hat is enough to provide tomcat How to fix the problem ?

Next, let's introduce red hat to Tomcat The question of support .

Red hat supports Tomcat

Before the introduction , First of all, we need to be clear about “ Support ” The meaning of two words , As shown in the figure below :


RHEL5、RHEL6、RHEL7 Our system contains Tomcat Of RPM package , This Tomcat And the community version of tomcat Not exactly the same . from RHEL8 Start , Will no longer contain Tomcat TPM package .

Red Hat Enterprise Linux (RHEL) RPM The package is as follows :

  • RHEL 5: RPM Package name is tomcat5. Based on upstream Tomcat 5.5.23

  • RHEL 6: RPM Package name is tomcat6. Based on upstream Tomcat 6.0.24

  • RHEL 7: RPM Package name is tomcat. Based on upstream Tomcat 7 and the latest package is based on 7.0.76

  • RHEL 8: The tomcat package is no longer present in RHEL 8 and later. Customers who need the supported version of tomcat needs to use JWS.

Red hat software collection (RedHat Software Collections,RHSCL), Yes RHEL5-7 The built-in tomcat RPM Provide technical support .

stay RHEL8 in , If you want to get the right Tomcat Technical support , Need to use JBoss Web Server, abbreviation JWS.

What is? JBoss Web Server

JWS It's red hat corporate Web Server, The latest version is 5.2.

that , Community Edition Tomcat、RHEL Bring their own Tomcat and JWS What's the difference between ? As shown in the figure below :


JWS5.2 It contains the following four main components , The core component is Tomcat9.


The version of all components is :


JWS5.2 The supported operating systems are as follows :

JWS5.2 The newly fixed security vulnerabilities are :

JWS5.2 The newly solved problems are :

Tomcat and JWS The difference in security

Different ways of dealing with security issues between upstream community software and enterprise software , As shown below . On the left is the community Tomcat Safe handling of , The right column is JWS And red hat RHEL Bring it with you Tomcat Treatment mode .


Red hat product safety team will timely release and update product safety related information on this page


How to view red hat related CVE? As shown in the figure below :



When a security vulnerability is found , How to confirm whether red hat products are affected by the vulnerability ?




How customers choose

  1.   If you are using CentOS Installed tomcat, There's no technical support for this from red hat .

  2. If you are using RHEL, And it has subscription support .

(1) If you are using RHEL6 or RHEL7, also RHEL The built-in Tomcat Meet version requirements , Can continue to use RHEL Self contained tomcat, With the support of red hat .

(2) If you are using RHEL6 or RHEL7, but RHEL The built-in Tomcat Unqualified , If the version is lower , So buy a subscription and use JWS 5.2 For support .

(3) If you are using RHEL8, To get support , Please buy a subscription and use JWS.

Last , Enclosed JWS The product life support cycle of :