Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 15. Installer and image creation

The following chapters contain the most notable changes to installer and image creation between RHEL 9 and RHEL 10.

15.1. Graphical User Interface
Copy link

Redesigned the Time & Date spoke in the Installer GUI
The Time and Date spoke of the installer UI is now completely redesigned and does not have a map to select the timezone. For more information, see the installation documentation.
The initial-setup package now has been removed
The initial-setup package has been removed in Red Hat Enterprise Linux 10. As a replacement, use gnome-initial-setup for the graphical user interface.
For new storage devices, the LUKS2 version is used by default
By default, all the new storage devices are now encrypted with the LUKS2 version. No changes are made to the existing devices' LUKS version. You can use the Kickstart method to select different LUKS versions.
Adding additional repositories from GUI is now removed
Previously, when configuring the installation source, you were able to configure the additional repositories for the package installation. Starting RHEL 10, this support has been removed. However, you can use the Kickstart installation method or the inst.addrepo boot option if you want to specify additional repositories.
Anaconda built-in help has been removed
The built-in documentation from spokes and hubs of all Anaconda user interfaces, which was available during Anaconda installation, has been removed. For more information, see the official RHEL documentation.
New users created in Anaconda are administrators by default
Previously, while creating new users from the installer, the Make this user administrator option in graphical installation was deselected. Starting RHEL 10, this option is selected by default. As a result, the newly created users will have administrative privileges by default. You can deselect this option to remove the administrative privileges of the new users, if required.
Removed automatic bug reporting system from Anaconda
The installer no longer supports reporting problems to the Red Hat issue tracking system automatically. You can collect the installation logs and report problems manually, as described in the troubleshooting section.
Capturing screenshots from the Anaconda GUI with a global hot key is removed
Previously, you could capture screenshots of the Anaconda GUI by using a global hot key. This meant that users could extract the screenshots manually from the installation environment for any further usage. This functionality has been removed.
Remote Desktop Protocol (RDP) replaces VNC for graphical remote access

The protocol for graphical remote access has been changed from VNC to remote desktop protocol (RDP). RDP offers a reliable and encrypted connection, overcoming the limitations of VNC, which lacked encryption support and enforced password length restrictions. As part of this change, the following new kernel options have been introduced:

  • inst.rdp
  • inst.rdp.password
  • inst.rdp.username
Removed NVDIMM reconfiguration support during the installation process
The support for reconfiguring NVDIMM devices during the Kickstart and GUI installation has been removed in RHEL 10. However, you can still use the NVDIMM devices in the sector mode in the installation program.
Removed inst.nompath, dmraid and nodmraid boot options
The inst.nompath, dmraid and nodmraid boot options have been removed now and are no longer available for use.
The inst.gpt boot option is now deprecated
The inst.gpt boot option is now deprecated and will be removed in the future major RHEL release. To specify a preferred disk label type, use the inst.disklabel boot option. To create GPT or MBR disk labels, specify gpt or mbr option respectively.
The inst.xdriver and inst.usefbx options have been removed

The graphical system for the installation image switched from the Xorg server to a Wayland compositor. As a consequence, the inst.xdriver boot option has been removed. Wayland operates without relying on X drivers, making it incompatible with loading any such drivers. As a result, the inst.xdriver option is no longer applicable.

Additionally, the inst.usefbx boot option, previously used to load a generic framebuffer X driver, has also been removed.

Logical volume devices in /etc/fstab use UUID in the fs_spec field

After installation, the system writes logical volume (LV) devices in the /etc/fstab file by using UUID in the fs_spec field. This change provides the following benefits:

  • Ensures consistency across all device entries in /etc/fstab.
  • Supports LV or volume group (VG) renaming without changes in /etc/fstab.
  • Keeps /etc/fstab valid after re-encrypting devices with LUKS.
  • Preserves correct mapping of the root (/) and other mounts across re-provisioning, even if device-mapper paths change.
  • Offers predictable and portable configs as UUIDs are globally unique identifiers stored in the file system superblock.

15.2. Kickstart changes
Copy link

Added Kickstart support for CA certificates to enable encrypted DNS configuration during installation
Support for the %certificate in the Kickstart file is added to enable the installation of CA certificates into the installer environment and the installed system. This simplifies the setup process and ensures that the encrypted DNS is operational after installation, reducing manual configuration and security gaps. The certificates are inlined in the Base64 ASCII format and imported through the --dir and --filename options. This enhancement facilitates encrypted DNS configuration as part of Zero Trust Architecture requirements. The encrypted DNS set up during installation ensures secure DNS resolution from the start, improving security and compliance in automated deployments. For more information, see Kickstart certificates section.
pwpolicy and %anaconda Kickstart commands have been removed
The support for the pwpolicy and %anaconda Kickstart commands has been removed in Red Hat Enterprise Linux 10.
The --level parameter of the logging Kickstart command is removed
The --level parameter of the logging kickstart command has been removed. It is no longer possible to set the level of logging of the installation process.
Removed a few options of the timezone Kickstart command

The following options of the timezone Kickstart command has been removed in Red Hat Enterprise Linux 10:

  • --isUtc- instead use the --utc option.
  • --ntpservers- instead use the --ntp-server option of the timesource kickstart command instead.
  • --nontp - instead use the --ntp-disable option of the timesource kickstart command.
The module kickstart command has been deprecated
Anaconda has deprecated its support for DNF modularity, and as a consequence the module kickstart command has been deprecated. This might impact you if you are using modules in the %packages section of your kickstart files or the module kickstart command. This change is implemented for simplifying the installation process and ensuring a more consistent experience moving forward.
auth or authconfig commands are removed
The auth or authconfig Kickstart commands are removed now. As a replacement, use the authselect kickstart command.
The --excludeWeakdeps and --instLangs options from %packages have been removed
The --excludeWeakdeps and --instLangs options used in the %packages section have been removed. To maintain similar functionality, use the updated --exclude-weakdeps and --inst-langs options instead. These replacements ensure compatibility and provide the same dependency and language control within package management.
Removed teaming options from the network kickstart command
The --teamslaves and --teamconfig options used for configuring team devices in the network kickstart command have been removed. To configure similar network settings, use the --bondslaves and --bondopts options to set up a Bond device.
The %addon com_redhat_oscap Kickstart command has been removed
The support for the %addon com_redhat_oscap Kickstart command has been removed in Red Hat Enterprise Linux 10. With RHEL 10, you can use more flexible and customizable approach to hardening systems by using Anaconda and Kickstart, in addition to the already existing Image Builder option. For more information, see Performing a hardened installation of RHEL with Kickstart.

15.3. Image creation
Copy link

RHEL 10 introduces the following enhancements over the previous versions:

A new CLI experience for RHEL image builder is available (Technology Preview)
With this Technology Preview feature, you can install and use the new image-builder-cli package to build an image with just one command.
WSL2 image generation support in RHEL image builder
You can use RHEL image builder to create images for Windows Subsystem for Linux version 2 (WSL2). Image builder generates the images in the wsl format. You can deploy the images by double-clicking the image file to install it in your WSL2 environment.
A new plugin available for RHEL image builder
RHEL image builder cockpit-composer package has been deprecated and replaced with the new cockpit-image-builder package.
RHEL image builder supports creating disk images with advanced partitioning
You can customize partitioning in your blueprints, including custom mount options, LVM-based partitions and LVM-based SWAP, and create disk images with advanced partitioning layout.
You can inject your Kickstart files when creating ISO images
You can use the [customization.installer] blueprint customization field to inject your own Kickstart file when building ISO image. The customization enables you to choose an attended, partial, or fully unattended installation.
The openstack image type is dropped from on premise in RHEL 10
RHEL image builder no longer supports the Openstack image type. You can use the qcow2 image type to build Openstack images.
RHEL 10 Public disk images now have predictable network interface names
The net.ifnames=0 kernel parameter was removed from kernel arguments, causing all systems to use predictable network interface names.
RHEL 10 disk images no longer have the /boot partition from prebuilt disk images

Disk images, such as AWS or KVM, do not have a separate /boot partition, which provides the following enhancements:

  • Prevents errors such as insufficient space on the /boot partition.
  • Disk images with / on an LVM retain a /boot partition.
  • In RHEL images, this change targets confidential computing.
  • Prevents the /boot partition from running off disk space, which was often the case when /boot was on a separate partition. As a consequence, there are smaller chances for operational failures.
The squashfs package has been deprecated
The squashfs package has been deprecated and will be removed in a future major RHEL release. As an alternative, the dracut package now has support for mounting erofs.
Updates on RHEL image builder support to build the RHEL for Edge image types
RHEL image builder will continue to support building Edge images for RHEL 9, but not for RHEL 10. You can use RHEL image mode to build RHEL for Edge images. See Using image mode for RHEL to build, deploy, and manage operating systems.
gdisk has been deprecated from boot.iso
The gdisk program has been deprecated from the boot.iso image type. You can still use gdisk in your Kickstarts. However, for the boot.iso image type, other tools are available for handling GPT disks, for example, the parted utility.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2026 Red Hat