Chapter 1. Overview
1.1. Major changes in RHEL 8.7
Installer and image creation
Following are image builder key highlights in RHEL 8.7-GA:
Image builder on-premise now supports:
- Uploading images to GCP
-
Customizing the
/boot
partition - Pushing a container image directly to a registry
- Users can now customize their blueprints during the image creation process
For more information, see Section 4.1, “Installer and image creation”.
Security
The DISA STIG for Red Hat Enterprise Linux 8 profile available in the scap-security-guide
(SSG) package is now better aligned with DISA’s content. This leads to fewer findings against DISA content after SSG remediations.
The Center for Internet Security (CIS) profiles available in the scap-security-guide
(SSG) package are now aligned with CIS Red Hat Enterprise Linux 8 Benchmark version 2.0.0. This version of the benchmark adds new requirements, removed requirements that are no longer relevant, and reordered some existing requirements. The update impacts the references in the relevant rules and the accuracy of the respective profiles.
Changes in the system configuration and the clevis-luks-systemd
subpackage enable the Clevis encryption client to unlock also LUKS-encrypted volumes that mount late in the boot process without using the systemctl enable clevis-luks-askpass.path
command during the deployment process.
See New features - Security for more information.
Shells and command-line tools
RHEL 8.7 introduces a new package xmlstarlet
. With XMLStarlet, you can parse, transform, query, validate, and edit XML files.
The following command-line tools have been updated in RHEL 8.7:
-
opencryptoki
to version 3.18.0 -
powerpc-utils
to version 1.3.10 -
libva
to version 2.13.0
For more information, see New Features - Shells and command-line tools
Infrastructure services
The following infrastructure services tools have been updated in RHEL 8.7:
-
chrony
to version 4.2 -
unbound
to version 1.16.2
For more information, see New Features - Infrastructure services.
Dynamic programming languages, web and database servers
Later versions of the following components are now available as new module streams:
- Ruby 3.1
- Mercurial 6.2
- Node.js 18
In addition, Redis 6 has been upgraded to version 6.2.7.
See New features - Dynamic programming languages, web and database servers for more information.
Compilers and development tools
Updated performance tools and debuggers
The following performance tools and debuggers have been updated in RHEL 8.7:
- Valgrind 3.19
- SystemTap 4.7
- Dyninst 12.1.0
- elfutils 0.187
Updated performance monitoring tools
The following performance monitoring tools have been updated in RHEL 8.7:
- PCP 5.3.7
- Grafana 7.5.13
Updated compiler toolsets
The following compiler toolsets have been updated in RHEL 8.7:
- GCC Toolset 12
- LLVM Toolset 14.0.6
- Rust Toolset 1.62
- Go Toolset 1.18
See New features - Compilers and development tools for more information.
Java implementations in RHEL 8
The RHEL 8 AppStream repository includes:
-
The
java-17-openjdk
packages, which provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. -
The
java-11-openjdk
packages, which provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. -
The
java-1.8.0-openjdk
packages, which provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
For more information, see OpenJDK documentation.
Java tools
RHEL 8.7 introduces Maven 3.8 as a new module stream.
For more information, see New features - Compilers and development tools. information.
Identity Management
Identity Management (IdM) in RHEL 8.7 introduces a Technology Preview where you can delegate user authentication to external identity providers (IdPs) that support the OAuth 2 Device Authorization Grant flow. When these users authenticate with SSSD, and after they complete authentication and authorization at the external IdP, they receive RHEL IdM single sign-on capabilities with Kerberos tickets.
For more information, see Technology Previews - Identity Management
Red Hat Enterprise Linux System Roles
Notable new features in 8.7 RHEL System Roles:
- RHEL System Roles are now available also in playbooks with fact gathering disabled.
-
The
ha_cluster
role now supports SBD fencing, configuration of Corosync settings, and configuration of bundle resources. -
The
network
role now configures network settings for routing rules, supports network configuration using thenmstate API
, and users can create connections with IPoIB capability. -
The
microsoft.sql.server
role has new variables, such as variables to control configuring a high availability cluster, to manage firewall ports automatically, or variables to search formssql_tls_cert
andmssql_tls_private_key
values on managed nodes. -
The
logging
role supports various new options, for examplestartmsg.regex
andendmsg.regex
in files inputs, ortemplate
,severity
andfacility
options. -
The
storage
role now includes support for thinly provisioned volumes, and the role now also has less verbosity by default. -
The
sshd
role verifies the include directive for the drop-in directory, and the role can now be managed through /etc/ssh/sshd_config. -
The
metrics
role can now export postfix performance data. -
The
postfix
role now has a new option for overwriting previous configuration. -
The
firewall
role does not require the state parameter when configuring masquerade or icmp_block_inversion. In thefirewall
role, you can now add, update, or remove services using absent and present states. The role can also provide Ansible facts, and add or remove an interface to the zone using PCI device ID. Thefirewall
role has a new option for overwriting previous configuration. -
The
selinux
role now includes setting ofseuser
andselevel
parameters.
1.2. In-place upgrade and OS conversion
In-place upgrade from RHEL 7 to RHEL 8
The possible in-place upgrade paths currently are:
- From RHEL 7.9 to RHEL 8.4 and RHEL 8.6 on the 64-bit Intel, IBM POWER 8 (little endian), and IBM Z architectures
- From RHEL 7.6 to RHEL 8.4 on architectures that require kernel version 4.14: IBM POWER 9 (little endian) and IBM Z (Structure A). This is the final in-place upgrade path for these architectures.
- From RHEL 7.9 to RHEL 8.2 and RHEL 8.6 on systems with SAP HANA on the 64-bit Intel architecture.
To ensure your system remains supported after upgrading to RHEL 8.6, either update to the latest RHEL 8.7 version or ensure that the RHEL 8.6 Extended Update Support (EUS) repositories have been enabled.
For more information, see Supported in-place upgrade paths for Red Hat Enterprise Linux.
For instructions on performing an in-place upgrade, see Upgrading from RHEL 7 to RHEL 8.
For instructions on performing an in-place upgrade on systems with SAP environments, see How to in-place upgrade SAP environments from RHEL 7 to RHEL 8.
For the successful in-place upgrade of RHEL 7.6 for IBM POWER 9 (little endian) and IBM Z (structure A) architectures, you must manually download the specific Leapp data. For more information, see the Leapp data snapshots for an in-place upgrade Knowledgebase article.
Notable enhancements include:
- The in-place upgrade of SAP Apps systems is now possible on Microsoft Azure with Red Hat Update Infrastructure (RHUI).
- The in-place upgrade is now possible on Google Cloud Platform with Red Hat Update Infrastructure (RHUI).
In-place upgrade from RHEL 6 to RHEL 8
To upgrade from RHEL 6.10 to RHEL 8, follow instructions in Upgrading from RHEL 6 to RHEL 8.
In-place upgrade from RHEL 8 to RHEL 9
Instructions on how to perform an in-place upgrade from RHEL 8 to RHEL 9 using the Leapp utility are provided by the document Upgrading from RHEL 8 to RHEL 9. Major differences between RHEL 8 and RHEL 9 are documented in Considerations in adopting RHEL 9.
Conversion from a different Linux distribution to RHEL
If you are using CentOS Linux 8 or Oracle Linux 8, you can convert your operating system to RHEL 8 using the Red Hat-supported Convert2RHEL
utility. For more information, see Converting from an RPM-based Linux distribution to RHEL.
If you are using an earlier version of CentOS Linux or Oracle Linux, namely versions 6 or 7, you can convert your operating system to RHEL and then perform an in-place upgrade to RHEL 8. Note that CentOS Linux 6 and Oracle Linux 6 conversions use the unsupported Convert2RHEL
utility. For more information on unsupported conversions, see How to perform an unsupported conversion from a RHEL-derived Linux distribution to RHEL.
For information regarding how Red Hat supports conversions from other Linux distributions to RHEL, see the Convert2RHEL Support Policy document.
1.3. Red Hat Customer Portal Labs
Red Hat Customer Portal Labs is a set of tools in a section of the Customer Portal available at https://access.redhat.com/labs/. The applications in Red Hat Customer Portal Labs can help you improve performance, quickly troubleshoot issues, identify security problems, and quickly deploy and configure complex applications. Some of the most popular applications are:
- Registration Assistant
- Product Life Cycle Checker
- Kickstart Generator
- Kickstart Converter
- Red Hat Enterprise Linux Upgrade Helper
- Red Hat Satellite Upgrade Helper
- Red Hat Code Browser
- JVM Options Configuration Tool
- Red Hat CVE Checker
- Red Hat Product Certificates
- Load Balancer Configuration Tool
- Yum Repository Configuration Helper
- Red Hat Memory Analyzer
- Kernel Oops Analyzer
- Red Hat Product Errata Advisory Checker
1.4. Additional resources
- Capabilities and limits of Red Hat Enterprise Linux 8 as compared to other versions of the system are available in the Knowledgebase article Red Hat Enterprise Linux technology capabilities and limits.
- Information regarding the Red Hat Enterprise Linux life cycle is provided in the Red Hat Enterprise Linux Life Cycle document.
- The Package manifest document provides a package listing for RHEL 8.
- Major differences between RHEL 7 and RHEL 8, including removed functionality, are documented in Considerations in adopting RHEL 8.
- Instructions on how to perform an in-place upgrade from RHEL 7 to RHEL 8 are provided by the document Upgrading from RHEL 7 to RHEL 8.
- The Red Hat Insights service, which enables you to proactively identify, examine, and resolve known technical issues, is now available with all RHEL subscriptions. For instructions on how to install the Red Hat Insights client and register your system to the service, see the Red Hat Insights Get Started page.