Chapter 23. Red Hat Enterprise Linux Atomic Host 7.5.0
23.1. Atomic Host
OStree update:
New Tree Version: 7.5.0 (hash: 5df677dcfef08a87dd0ace55790e184a35716cf11260239216bfeba2eb7c60b0)
Changes since Tree Version 7.4.5 (hash: 6cb4d618030f69aa4a5732aa0795cb7fe2c167725273cffa11d0357d80e5eef0)
Updated packages:
- openscap-daemon-0.1.10-1.el7
- rpm-ostree-client-2018.1-1.atomic.el7
23.2. Extras
Updated packages:
- buildah-0.15-1.gitd1330a5.el7
- cockpit-160-3.el7
- container-selinux-2.55-1.el7
- container-storage-setup-0.9.0-1.rhel75.gite0997c3.el7
- docker-1.13.1-58.git87f2fab.el7
- docker-latest-1.13.1-58.git87f2fab.el7
- dpdk-17.11-7.el7
- etcd-3.2.15-2.el7
- flannel-0.7.1-3.el7
- ostree-2018.1-4.el7
- rhel-system-roles-0.6-3.el7 *
- skopeo-0.1.29-1.dev.gitb08350d.el7
The asterisk (*) marks packages which are available for Red Hat Enterprise Linux only.
23.2.1. Container Images
Updated:
- Red Hat Enterprise Linux 7 Init Container Image (rhel7/rhel7-init)
- Red Hat Enterprise Linux 7.5 Container Image (rhel7.5, rhel7, rhel7/rhel, rhel)
- Red Hat Enterprise Linux Atomic Identity Management Server Container Image (rhel7/ipa-server)
- Red Hat Enterprise Linux Atomic Image (rhel-atomic, rhel7-atomic, rhel7/rhel-atomic)
- Red Hat Enterprise Linux Atomic Net-SNMP Container Image (rhel7/net-snmp)
- Red Hat Enterprise Linux Atomic OpenSCAP Container Image (rhel7/openscap)
- Red Hat Enterprise Linux Atomic SSSD Container Image (rhel7/sssd)
- Red Hat Enterprise Linux Atomic Support Tools Container Image (rhel7/support-tools)
- Red Hat Enterprise Linux Atomic Tools Container Image (rhel7/rhel-tools)
- Red Hat Enterprise Linux Atomic cockpit-ws Container Image (rhel7/cockpit-ws)
- Red Hat Enterprise Linux Atomic etcd Container Image (rhel7/etcd)
- Red Hat Enterprise Linux Atomic flannel Container Image (rhel7/flannel)
- Red Hat Enterprise Linux Atomic open-vm-tools Container Image (rhel7/open-vm-tools)
- Red Hat Enterprise Linux Atomic rsyslog Container Image (rhel7/rsyslog)
- Red Hat Enterprise Linux Atomic sadc Container Image (rhel7/sadc)
23.3. New Features
overlay2
is now the default storage driverThe default storage driver for Docker has changed from
devicemapper
tooverlay2
. In existing installations of versions of Atomic Host prior to 7.5.0,devicemapper
remains the default driver. Upgrading such existing installations does not change the configured driver.For more information on the
overlay2
driver and for instructions on switching fromdevicemapper
tooverlay2
, see Using the Overlay Graph Driver.Red Hat container registry will require authentication
In future, the Red Hat container registry will move from
registry.access.redhat.com
toregistry.redhat.io
. As part of this change, containers will eventually become available only to subscribed and authenticated systems.For more information, see Red Hat Container Registry Authentication.
Buildah is now fully supported
The
buildah
tool has been upgraded from a Technology Preview to a fully supported feature.The
buildah
tool facilitates building of OCI container images. It enables you to:- Create a working container, either from scratch or using an image as a starting point.
- Create an image, either from a working container or using the instructions in a Dockerfile.
- Build both Docker and OCI images.
- Mount a working container’s root filesystem for manipulation.
- Unmount a working container’s root filesystem.
- Use the updated contents of a container’s root filesystem as a filesystem layer to create a new image.
- Delete a working container or an image.
See Building container images with buildah for more information and usage instructions.
User namespaces in
docker
now fully supportedWhile the user namespaces features is fully supported beginning with the RHEL 7.4 kernel, the implementation of user namespaces associated with the
docker
service was a Technology Preview until RHEL Atomic Host 7.5. Now it is fully supported.See User namespaces options for more information and usage instructions.
Manual setup of Kubernetes is deprecated
As announced earlier, beginning with RHEL 7.5 and RHEL Atomic Host 7.5 Red Hat will no longer support the manual setup of Kubernetes. Manual Kubernetes setups from previous releases, likewise, are not supported. Components impacted by this change include the following deprecated Kubernetes RPM packages, images, and associated documentation:
RPM Packages:
- kubernetes
- kubernetes-devel
- kubernetes-client
- kubernetes-master
- kubernetes-node
- kubernetes-unit-test
- cadvisor
Container Images:
- registry.access.redhat.com/rhel7/kubernetes-apiserver
- registry.access.redhat.com/rhel7/kubernetes-controller-mgr
- registry.access.redhat.com/rhel7/kubernetes-scheduler
- registry.access.redhat.com/rhel7/pod-infrastructure
Documentation:
From now on, none of the software or documentation listed will be updated. For information on Red Hat’s officially supported Kubernetes-based products, see the following documentations sets:
docker-latest
deprecated, to be removed laterThe
docker-latest
version of Docker is still available, but is now deprecated. In a later release, it will be removed.docker
anddocker-latest
are now the same version (1.13)docker
anddocker-latest
are now the same version, which is 1.13.
ansible
removed from the Extras channelAnsible and its dependencies have been removed from the Extras channel. Instead, the Red Hat Ansible Engine product has been made available and will provide access to the official Ansible Engine channel. Customers who have previously installed Ansible and its dependencies from the Extras channel are advised to enable and update from the Ansible Engine channel, or uninstall the packages as future errata will not be provided from the Extras channel.
Ansible was previously provided in Extras (for AMD64 and Intel 64 architectures, and IBM POWER, little endian) as a runtime dependency of, and limited in support to, the Red Hat Enterprise Linux (RHEL) System Roles. Ansible Engine is available today for AMD64 and Intel 64 architectures, with IBM POWER, little endian availability coming soon.
Note that Ansible in the Extras channel was not a part of the Red Hat Enterprise Linux FIPS validation process.
The following packages have been deprecated from the Extras channel:
-
ansible
-
ansible-doc
-
libtomcrypt
-
libtommath
-
libtommath-devel
-
python2-crypto
-
python2-jmespath
-
python-httplib2
-
python-paramiko
-
python-paramiko-doc
-
python-passlib
-
sshpass
The
python2-crypto
,libtomcrypt
, andlibtommath
packages are no longer needed as Ansible dependencies in the new Red Hat Ansible Engine product and will probably not be updated. Customers are advised to uninstall them.For more information and guidance, see this Knowledgebase article.
Note that Red Hat Enterprise Linux System Roles, available as a Technology Preview, continue to be distributed through the Extras channel. Although Red Hat Enterprise Linux System Roles no longer depend on the
ansible
package, installingansible
from the Ansible Engine repository is still needed to run playbooks that use Red Hat Enterprise Linux System Roles.-