Chapter 1. Overview
1.1. Major changes in RHEL 8.5
Installer and image creation
In RHEL 8.5, Image Builder supports the following features:
- Ability to customize filesystem configuration.
- Ability to override official repositories available
- Ability to create bootable installer images and install them to a bare metal system.
For more information, see Section 4.1, “Installer and image creation”.
RHEL for Edge
RHEL 8.5 introduces RHEL for Edge Simplified Installer image, optimized for unattended installation to a device, and provisioning the image to a RHEL for Edge image.
For more information, see Section 4.2, “RHEL for Edge”.
Security
The system-wide cryptographic policies support scopes and wildcards for directives in custom policies. You can now enable different sets of algorithms for different back ends.
The Rsyslog log processing application has been updated to version 8.2102.0-5. This update introduces, among other improvements, the OpenSSL network stream driver. This implements TLS-protected transport using the OpenSSL library into Rsyslog.
The SCAP Security Guide project now includes several new profiles and improvements of existing profiles:
- A new profile aligned with the Australian Cyber Security Centre Information Security Manual (ACSC ISM).
- The Center for Internet Security (CIS) profile restructured into four different profiles (Workstation Level 1, Workstation Level 2, Server Level 1, Server Level 2).
- The Security Technical Implementation Guide (STIG) security profile updated to version V1R3.
-
A new STIG profile compatible with
Server with GUI
installations. - A new French National Security Agency (ANSSI) High Level profile, which completes the availability of profiles for all ANSSI-BP-028 v1.2 hardening levels in the SCAP Security Guide.
With these enhancements, you can install a system that conforms with one of these security baselines and use the OpenSCAP suite for checking security compliance and remediation using the risk-based approach for security controls defined by the relevant authorities.
See New features - Security for more information.
The new RHEL VPN System Role makes it easier to set up secure and properly configured IPsec tunneling and virtual private networking (VPN) solutions on large numbers of hosts. For more information, see New Features - Red Hat Enterprise Linux System Roles.
Networking
NetworkManager now supports configuring a device to accept all traffic. You can configure this feature using, for example, the nmcli
utility.
The firewalld
service supports forwarding traffic between different interfaces or sources within a zone.
The firewalld
service supports filtering traffic that is forwarded between zones.
Dynamic programming languages, web and database servers
Later versions of the following components are now available as new module streams:
- Ruby 3.0
- nginx 1.20
- Node.js 16
The following components have been upgraded:
- PHP to version 7.4.19
- Squid to version 4.15
- Mutt to version 2.0.7
See New features - Dynamic programming languages, web and database servers for more information.
Compilers and development tools
The following compiler toolsets have been updated:
- GCC Toolset 11
- LLVM Toolset 12.0.1
- Rust Toolset 1.54.0
- Go Toolset 1.16.7
See New features - Compilers and development tools for more information.
OpenJDK updates
- Open Java Development Kit 17 (OpenJDK 17) is now available. For more information about the features introduced in this release and changes in the existing functionality, see OpenJDK documentation.
- OpenJDK 11 has been updated to version 11.0.13. For more information about the features introduced in this release and changes in the existing functionality, see OpenJDK documentation.
- OpenJDK 8 has been updated to version 8.0.312. For more information about the features introduced in this release and changes in the existing functionality, see OpenJDK documentation.
Red Hat Enterprise Linux System Roles
The Postfix RHEL System Role is fully supported.
The Network Time Security (NTS) option is now added to the Timesync RHEL System Role.
The Storage RHEL System Role now supports LVM VDO volumes and expresses volume sizes as a percentage.
The new RHEL VPN System Role makes it easier to set up secure and properly configured IPsec tunneling and virtual private networking (VPN) solutions on large numbers of hosts.
High Availability Cluster RHEL System Role is available as a Technology Preview for the 8.5 GA Release.
See New features - Red Hat Enterprise Linux System Roles and Technology Previews - Red Hat Enterprise Linux System Roles for more information.
1.2. In-place upgrade and OS conversion
In-place upgrade from RHEL 7 to RHEL 8
The supported in-place upgrade paths currently are:
- From RHEL 7.9 to RHEL 8.4 on the 64-bit Intel, IBM POWER 8 (little endian), and IBM Z architectures
- From RHEL 7.6 to RHEL 8.4 on architectures that require kernel version 4.14: IBM POWER 9 (little endian) and IBM Z (Structure A). This is the final in-place upgrade path for these architectures.
- From RHEL 7.7 to RHEL 8.2 on systems with SAP HANA. To ensure your system with SAP HANA remains supported after upgrading to RHEL 8.2, enable the RHEL 8.2 Update Services for SAP Solutions (E4S) repositories.
To ensure your system remains supported after upgrading to RHEL 8.4, either update to the latest RHEL 8.5 version or ensure that the RHEL 8.4 Extended Update Support (EUS) repositories have been enabled. On systems with SAP HANA, enable the RHEL 8.2 Update Services for SAP Solutions (E4S) repositories.
For more information, see Supported in-place upgrade paths for Red Hat Enterprise Linux. For instructions on performing an in-place upgrade, see Upgrading from RHEL 7 to RHEL 8. For instructions on performing an in-place upgrade on systems with SAP environments, see How to in-place upgrade SAP environments from RHEL 7 to RHEL 8.
Notable enhancements include:
- It is now possible to perform an in-place upgrade with SAP HANA on Pay-As-You-Go instances on AWS with Red Hat Update Infrastructure (RHUI).
- It is now possible to enable EUS or E4S repositories during the in-place upgrade.
-
The Leapp utility can now be installed using the
yum install leapp-upgrade
command. As part of this change, theleapp-repository
andleapp-repository-deps
RPM packages have been renamedleapp-upgrade-el7toel8
andleapp-upgrade-el7toel8-deps
respectively. If the old packages are already installed on your system, they will be automatically replaced by the new packages when you runyum update
. - Leapp reports, logs, and other generated documentation are in English, regardless of the language configuration.
-
After the upgrade, leftover Leapp packages must be manually removed from the exclude list in the
/etc/dnf/dnf.conf
configuration file before they can be removed from the system. -
The
repomap.csv
file, which is located in theleapp-data15.tar.gz
archive, has been deprecated and has been replaced with therepomap.json
file. The deprecated file will remain available until March 2022. - The IBM POWER 9 (little endian) and IBM Z (Structure A) architectures have reached end of life. Subsequent releases to the in-place upgrade, including new upgrade paths, features, and bug fixes, will not include these architectures.
In-place upgrade from RHEL 6 to RHEL 8
To upgrade from RHEL 6.10 to RHEL 8.4, follow instructions in Upgrading from RHEL 6 to RHEL 8.
Conversion from a different Linux distribution to RHEL
If you are using CentOS Linux 8 or Oracle Linux 8, you can convert your operating system to RHEL 8 using the Red Hat-supported Convert2RHEL
utility. For more information, see Converting from an RPM-based Linux distribution to RHEL.
If you are using an earlier version of CentOS Linux or Oracle Linux, namely versions 6 or 7, you can convert your operating system to RHEL and then perform an in-place upgrade to RHEL 8. Note that CentOS Linux 6 and Oracle Linux 6 conversions use the unsupported Convert2RHEL
utility. For more information on unsupported conversions, see How to perform an unsupported conversion from a RHEL-derived Linux distribution to RHEL.
For information regarding how Red Hat supports conversions from other Linux distributions to RHEL, see the Convert2RHEL Support Policy document.
1.3. Red Hat Customer Portal Labs
Red Hat Customer Portal Labs is a set of tools in a section of the Customer Portal available at https://access.redhat.com/labs/. The applications in Red Hat Customer Portal Labs can help you improve performance, quickly troubleshoot issues, identify security problems, and quickly deploy and configure complex applications. Some of the most popular applications are:
- Registration Assistant
- Product Life Cycle Checker
- Kickstart Generator
- Kickstart Converter
- Red Hat Enterprise Linux Upgrade Helper
- Red Hat Satellite Upgrade Helper
- Red Hat Code Browser
- JVM Options Configuration Tool
- Red Hat CVE Checker
- Red Hat Product Certificates
- Load Balancer Configuration Tool
- Yum Repository Configuration Helper
- Red Hat Memory Analyzer
- Kernel Oops Analyzer
- Red Hat Product Errata Advisory Checker
- Red Hat Out of Memory Analyzer
1.4. Additional resources
- Capabilities and limits of Red Hat Enterprise Linux 8 as compared to other versions of the system are available in the Knowledgebase article Red Hat Enterprise Linux technology capabilities and limits.
- Information regarding the Red Hat Enterprise Linux life cycle is provided in the Red Hat Enterprise Linux Life Cycle document.
- The Package manifest document provides a package listing for RHEL 8.
- Major differences between RHEL 7 and RHEL 8, including removed functionality, are documented in Considerations in adopting RHEL 8.
- Instructions on how to perform an in-place upgrade from RHEL 7 to RHEL 8 are provided by the document Upgrading from RHEL 7 to RHEL 8.
- The Red Hat Insights service, which enables you to proactively identify, examine, and resolve known technical issues, is now available with all RHEL subscriptions. For instructions on how to install the Red Hat Insights client and register your system to the service, see the Red Hat Insights Get Started page.