Release Notes


Red Hat Insights 1-latest

Release Notes for Red Hat Insights

Red Hat Insights Documentation Team

Abstract

These release notes highlight the latest features and improvements implemented in the Red Hat Insights application and services.
Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright's message.

Chapter 1. About Red Hat Insights

Red Hat Insights is a Software-as-a-Service (SaaS) application included with almost every subscription to Red Hat Enterprise Linux, Red Hat OpenShift, and Red Hat Ansible Automation Platform.

Powered by predictive analytics, Red Hat Insights gets smarter with every additional piece of intelligence and data. It can automatically discover relevant insights, recommend tailored, proactive, next actions, and even automate tasks. Using Red Hat Insights, customers can benefit from the experience and technical knowledge of Red Hat Certified Engineers, making it easier to identify, prioritize and resolve issues before business operations are affected.

As a SaaS offering, located at Red Hat Hybrid Cloud Console, Red Hat Insights is regularly updated. Regular updates expand the Insights knowledge archive in real time to reflect new IT challenges that can impact the stability of mission-critical systems.

Chapter 2. November 2024

2.1. Product-wide updates

2.1.1. Basic Authorization reaches End-Of-Life

Important

Red Hat is implementing a crucial security enhancement on our cloud service APIs on console.redhat.com. Beginning December 31, 2024, we will discontinue support for basic authorization as a route of connecting to our services' APIs. This includes the Insights client basic authorization option, which is described as follows:

Insights client

Basic authentication is not the default authentication mechanism but has been an option for a select set of workflows. If your hosts are using Basic authentication, ensure you switch to certificate authentication instead. This is necessary for those hosts to continue to connect to Insights.

Hybrid Cloud Console APIs

The Red Hat Hybrid Cloud Console is integrating service accounts with User Access functionality, to support you in transitioning from Basic authentication to token-based authentication. This will provide you with granular control over access permissions and enhance security. See the following article for more details:

2.1.2. Published blogs and resources

2.2. Red Hat Insights for Red Hat Enterprise Linux

2.3. General

We are proud to announce the Insights proxy service. Insights proxy is a lightweight intermediary solution, designed to simplify connectivity between your environment and Insights services. This solution offers you enhanced security, seamless integration, and improved performance. It accomplishes this by managing data traffic between your systems and Red Hat services. It is ideal in high-security environments because it eliminates the need for a direct Internet connection and exerts control over data transfers. See the following for more details:

2.4. Advisor

New recommendations

The Insights advisor service now detects and recommends solutions for the following issues:

2.5. Compliance

API version 2 is now live

A refresh of the compliance API version 2 is now available. The refresh includes the following enhancements:

  • Adding one or more systems to an existing policy using the Insights client command line interface (CLI)
  • Creating multiple policy types for the same major RHEL version

2.6. Image Builder

Support for RHEL 10 public beta

Image Builder can now build images of RHEL 10, public beta for testing and evaluation. This includes support for physical, all hybrid cloud image types, and Microsoft Windows Subsystem for Linux (WSL) images.

Support for generation 2 Azure images

Image Builder has added support for Azure’s generation 2 image types. A hybrid boot loader approach accommodates both generation 1 and 2. When importing the image into Azure, you are able to choose which version. This is an important decision since generation version is immutable.

Azure generation 2 images feature increased memory, OS disks > 2 tebibyte (TiB), and virtualized persistent memory (vPMEM). The images create a Unified Extensible Firmware Interface (UEFI) boot loader compatible with Azure’s Secure Boot and Trusted Platform Module (TPM) implementations. To learn more about Azure’s generation 2 images, see the following:

Incorporation of compliance’s tailored policies

Image Builder can now incorporate tailored security policies generated by the compliance service. This allows you to create your own custom security compliance requirements. The integration of Image Builder and compliance helps you to configure, deploy, and report on regulatory compliance requirements with minimal friction. You can use this feature by enabling preview mode.

2.7. Inventory

Service account authentication for Ansible inventory plugin

The latest Insights collection is now included in the execution environment container images, for Ansible Automation Platform (AAP) (e.g. the default ansible-automation-platform-25/ee-supported-rhel8 in AAP 2.5). This update enhances your service accounts with support for token-based authentication. Pull the latest image in your current AAP environment to start using this feature. See the following for more details:

Note

Red Hat Hybrid Cloud Console APIs are transitioning from Basic authentication to token-based authentication using service accounts. See the following for more details:

2.8. Insights for OpenShift Container Platform

2.8.1. Advisor

Rapid recommendations

Rapid recommendations is an enhancement for the conditional gathering functionality. It enables the Insights operator to be dynamically updated with data collection specifications. This enables us to quickly deliver new recommendations without updating the operator or cluster version.

2.8.2. Cost Management

Cost analysis of OpenShift Virtualization

We are releasing this feature as a preview that includes the cost of CPU and memory. Cost Management now calculates the cost of your virtual machines running on OpenShift Virtualization. Cost data is displayed for the following:

  • All virtual machines
  • All operating systems (including third-party)
  • All environments (OpenShift on-premise, ROSA, and so on).

Additionally, a new virtualization tab has been added to the OpenShift cluster, node and project views. Storage costs will be calculated in the near future.

Chapter 3. October 2024

3.1. Product-wide updates

3.1.1. Errata subscription services for Red Hat Insights have moved

Red Hat is consolidating and enhancing system and subscription management capabilities. In Q4 of 2024, between October 28 and December 20, core subscription services for Red Hat products and services are moving from the Customer Portal to the notifications service on the Hybrid Cloud Console.

This change aims to enhance the Red Hat support experience and provides the following new capabilities:

  • Richer permissions through RBAC tools
  • Simplification of client registration tools
  • Better alignment with cloud-native management tools

On October 25th 2024, Red Hat Insights for Red Hat Enterprise Linux moved Errata subscription services from the existing Errata system (access.redhat.com) to the Hybrid Cloud Console (console.redhat.com), including the following notification types:

  • System-level errata notifications (“send me an email if my registered system is affected by errata”)
  • Subscription-level errata notifications (“send me an email if any of my subscribed products are affected by errata”)

Your existing errata subscription preferences were automatically migrated over to the new notification service, regardless of how you deployed or registered them. Unless you applied custom filtering to your subscription preferences, you do not need to take any actions to continue receiving errata notifications.

3.1.1.1. Changes to system-level errata notifications
  • System-level errata notifications, delivered as Patch notifications on console.redhat.com, now include all systems that are connected to Red Hat through Red Hat Subscription Manager (RHSM), Satellite, and Red Hat Update Infrastructure (RHUI). Before the change, only systems connected to Red Hat through Red Hat Subscription Management were included.
3.1.1.2. Changes to subscription-level errata notifications
  • Subscription-level errata notifications are now batched and sent daily by errata type, for example, Security, Bug Fix, or Enhancement.
  • You can also now choose how you want to receive notifications. You can integrate these types of notifications with 3rd-party applications such as Event-driven Ansible, webhooks, Slack, and Microsoft Teams.
3.1.1.3. Changes to email notifications

You will also see the following changes to errata email notifications for Red Hat Insights:

  • The sender has changed from errata@redhat.com to noreply@redhat.com
  • The format now includes a list of errata with links to where you can find more information instead of the full text
  • The frequency of emails aligns with the notification settings on the Hybrid Cloud Console

For more information, see Transition of Red Hat’s subscription services to the Red Hat Hybrid Cloud Console (console.redhat.com).

3.1.2. Reminder: Upcoming End of Life for Basic HTTP Authentication mechanism

Red Hat is implementing a crucial security enhancement for cloud service APIs on console.redhat.com.

Effective December 31, 2024, Red Hat is ending support for Basic HTTP Authentication. Therefore, Basic authentication will no longer be supported as an option for connecting a host with Red Hat Insights through the Insights client (insights-client) or the Hybrid Cloud Console APIs.

For the Insights client:

Basic authentication is not the default authentication mechanism, but it has been available as a manually configured option for a select set of workflows. Red Hat recommends that you modify host systems that use Basic authentication to use certificate authentication instead. Otherwise, systems that continue to use Basic authentication will not be able to connect to Red Hat Insights from January 1, 2025.

For more information, see the Red Hat Knowledgebase article How to switch from Basic Auth to Certificate Authentication for Red Hat Insights and the Life Cycle & Update Policies page for Red Hat Insights.

For the Hybrid Cloud Console APIs:

To support the change from Basic authentication to token-based authentication, service accounts will be integrated with the User Access feature. User Access is an implementation of role-based access control (RBAC) in the Red Hat Hybrid Cloud Console. This change provides you with more granular control over access permissions to services hosted on the Hybrid Cloud Console and also enhances security in the change to token-based authentication.

For more information, see the Red Hat Knowledgebase article Transition of Red Hat Hybrid Cloud Console APIs from Basic authentication to token-based authentication via service accounts.

3.1.3. Published blogs and resources

3.2. Red Hat Insights for Red Hat Enterprise Linux

3.2.1. Advisor

New recommendations

The Red Hat Insights for Red Hat Enterprise Linux advisor service now identifies additional problems and provides you with recommendations in the Hybrid Cloud Console for mitigating critical issues.

In October, the following recommendations were added:

3.2.2. Inventory

3.2.2.1. Enhancements and bug fixes in the inventory UI

The Red Hat Insights inventory UI has been enhanced to give you a better and more consistent experience and several bugs have also been fixed.

Enhancements

When you open the main Red Hat Insights inventory page in the Hybrid Cloud Console, you will now see a new help tooltip, which provides a quick overview and links to relevant product documentation, making it easier for you to find and understand what you need.

A screen capture of the new helper icon in the Insights Inventory UI

Bug fixes

The following known issues in the inventory UI have also been fixed:

  • Display issues related to system tagging
  • Filtering enhancements for consistency
  • Whitespace is handled more effectively in hostname fields
3.2.2.2. Automating Discovery report uploads by using Ansible (Developer Preview)

Using a new experimental feature together with Ansible, you can now automate the upload of Discovery reports to the Red Hat Insights inventory component, saving you time and simplifying the process.

Before this enhancement, you could only upload Discovery reports manually by using dsc, the Red Hat Discovery command-line interface, and the procedure outlined in the Sending reports to the Hybrid Cloud Console chapter of the Using Discovery guide.

For detailed instructions and a demo to help you get started, see "Red Hat Discovery - Ansible Playbook for Automated Upload to Red Hat Insights Inventory" in the insights-discovery GitHub repository.

This feature is still in the experimental stage, and your feedback is crucial in shaping future improvements. We hope this will make managing Discovery reports more efficient and effortless for all of you.

Important

The Discovery report upload automation feature is available as Developer Preview software. Developer Preview software provides early access to upcoming product software in advance of its possible inclusion in a Red Hat product offering. Customers can use this software to test functionality and provide feedback during the development process. This software might not have any documentation, is subject to change or removal at any time, and has received limited testing. We welcome your feedback, which you can provide by creating an issue in the insights-discovery GitHub repository. For more information about the support scope of Red Hat Developer Preview software, see Developer Preview Support Scope.

3.3. Insights for OpenShift Container Platform

3.3.1. Advisor

Incident Detection (Developer Preview)

In October, Red Hat Insights for OpenShift introduced new capabilities in incident detection.

Incident Detection is a new feature that uses analytics to group alerts into incidents and help you quickly and easily understand what the underlying issue might be and how to mitigate it.

Important

Incident Detection feature is available and supported by Red Hat in Developer Preview mode.

For more information about how to set up and use Incident Detection in Red Hat Insights for OpenShift, see the additional resources.

Chapter 4. September 2024

4.1. Product-wide updates

4.1.1. Published blogs and resources

4.2. Red Hat Insights for Red Hat Enterprise Linux

4.2.1. Advisor

New recommendations

Red Hat Insights' advisor service now detects and recommends solutions for critical issues. Here is a list of newly released solutions:

4.2.2. Drift

Drift service discontinued

As of September 30 2024, the drift service, provided in Red Hat Insights for Red Hat Enterprise Linux, has been removed from the product. You can no longer access the drift service from the Hybrid Cloud Console or use the associated API endpoints. For more information about the discontinuation of the drift service, contact: Red Hat customer service

4.2.3. Insights image builder

Image builder package recommendations powered by RHEL Lightspeed

Image builder now analyzes the packages you have selected and recommends additional, relevant packages. Image builder is available in the Red Hat Insights preview environment.

4.2.4. Inventory

Export your inventory as CSV and JSON files

You can export your registered systems from inventory using our new export service. Create a request and download your inventory in either CSV or JSON formats.

This feature is accessible through both the Red Hat Insights inventory UI and the Export service API, and adheres to the Role Based Access Control (RBAC) permissions you have configured. The export process runs asynchronously in the background. For more details on how to use this feature, visit our inventory product documentation or try it for yourself using preview mode:

4.2.5. Malware detection service

Review and set status for malware detection signature matches

You can review and set the status for malware detection signature matches at both the system and signature levels. You can also remove irrelevant matches and information from your environment before viewing malware detection results. A new Total matches column is available. You can use this to view the number of matches on a system and the history of those matches. Red Hat Insights retains matches indefinitely, providing you with a robust historical record.

4.2.6. Tasks

Live connection status

You might have experienced issues when executing task jobs, due to an inactive remote host configuration (RHC) connection. A live connection status is now provided so that you know to fix a connection before executing a job.

4.2.7. Vulnerability

Migration of security data source from OVAL to CSAF/VEX

Our Red Hat Product Security team is now publishing CSAF data with VEX files. For more information, see the following:

The vulnerability service is the first to migrate to CSAF and VEX across both the internal and external user base. The migration to CSAF and VEX continues to improve the accuracy of the vulnerability service and the performance of backend processing. Red Hat does not publish OVAL data files for future major RHEL releases, for example, version 10 and later.

4.3. Insights for OpenShift Container Platform

Observability intelligence

Development preview of incident detection is now available for OpenShift Container Platform. This alert will help you perform root cause analysis. It identifies incidents and initiates debugging. You can see a history of incidents, easily identify critical ones, and reduce the number of signals received while debugging cluster issues. Signals are system messages describing application and operating system activity. For more information about installation and features see the following:

Chapter 5. August 2024

5.1. Product-wide updates

5.1.1. Published blogs and resources

5.2. Red Hat Insights for Red Hat Enterprise Linux

5.2.1. advisor

Recommended guidance for the End of Red Hat Enterprise Linux 6 Extended Lifecycle Support (ELS) period

In light of the official end of the Extended Lifecycle Support (ELS) for RHEL 6, it is strongly recommended that all Red Hat Enterprise Linux 6 systems upgrade to Red Hat Enterprise Linux 7 or Red Hat Enterprise Linux 8. This is necessary to obtain full support. No other recommendations are available for these systems. For more information, see the following:

Issue prevention recommendations

We released 9 new recommendations to prevent issues across various Red Hat Enterprise Linux system components. This includes issues such as firmware, kernel, SSSD, RAID5, in-place upgrade, NIC firmware, and grub2, which can cause system failures, crashes, or other challenges:

5.2.2. drift

Drift end-of-life

As of September 30 2024, the drift service, provided in Red Hat Insights for RHEL, will be removed from the product. For more information about the discontinuation of the drift service, contact: Red Hat customer service

5.2.3. Insights image builder

Harness the power of image builder

Image builder has a convenient landing page with an overview, interactive labs, links to documentation, blog posts and videos. Learn how this feature can help you ensure consistent provisioning and deployment across all environments.

Manage images with the blueprints feature

Insights image builder now enables you to alter an image with the blueprints feature. This feature is available in developer preview mode and is displayed in the left sidebar. You can save, edit, and download blueprints to share with colleagues.

First boot scripts feature

The first boot scripts feature is now in full production support mode. For more information, see the following:

5.2.4. inventory

Notifications and integrations events in inventory

The inventory service now triggers New system registered and System deleted events. These occur when a system is newly registered in inventory or removed. These events are triggered both manually and automatically. You can manually trigger these alerts when you add a new system to your inventory. Events might be automatically triggered when a system’s state changes.

For more information about system states and staleness and deletion, see the following:

You can configure responses to these events for each account. You can send emails to groups of users, if they allow subscriptions in their user preferences. You can also forward these events to third-party applications such as Splunk, ServiceNow, Event-Driven Ansible, Slack, Microsoft Teams, and Google Chat. You can also forward these events by using a generic webhook. For more information, see the following resources:

These new events are particularly useful for driving automation and integrating Red Hat Insights into your operational workflows. They can automatically launch compliance or malware detection checks, validate systems assignments to Workspaces, update external configuration management database (CMDB) records, or continuously monitor your Red Hat Enterprise Linux environment.

Chapter 6. July 2024

6.1. Product-wide updates

6.1.1. Published blogs and resources

6.2. Red Hat Insights for Red Hat Enterprise Linux

6.2.1. General

Inventory Groups renamed Workspaces

Inventory Groups has been renamed Workspaces, to better reflect the expanded functionality of the Red Hat Hybrid Cloud Console. Workspaces will help you organize RHEL hosts and other resources. This change supports our ongoing commitment to provide you with powerful and flexible ways to securely manage your assets. Learn more about this change in our KCS article: Inventory Groups are now Workspaces

6.2.2. Advisor

New recommendations released

We released 8 new Advisor recommendations in July for Red Hat Enterprise Linux system administrators:

6.3. Red Hat OpenShift Container Platform

6.3.1. Advisor

New integration

The Insights advisor service is now fully integrated into Advanced Cluster Manager. Insights detects issues and provides remediations recommendations.

6.3.2. Cost Management

Attribute Azure node attached storage to OpenShift projects

This feature allows Red Hat to better report and distribute OpenShift storage costs. This is especially applicable to running OpenShift on Azure. Enhancements for AWS and GCP will follow soon.

Cluster/Node networking costs for OpenShift in the cloud

A new project, Network Unattributed, has been created to clarify your networking costs. Costs associated with ingress and egress network traffic are now itemized. This applies to individual AWS, Azure and GCP nodes.

Chapter 7. June 2024

7.1. Product-wide updates

7.1.1. Published blogs and resources

7.2. Red Hat Insights for Red Hat Enterprise Linux

7.2.1. Advisor

New recommendations released

Two more CrowdStrike recommendations were added for smoother operations of the Falcon sensor:

Brand new IBM DB2 recommendations specifically focused on SAP environments were also added:

7.2.2. Image builder

Insights image builder has a new landing page

A new Knowledge Article on the Customer Portal, Learn about Red Hat Enterprise Linux and Insights image builder, now serves as a public-facing landing page. This page provides a convenient overview of Insights image builder, and provides a comprehensive list of the latest blogs and videos about Image builder.

The new landing page for the Insights image builder tool

Blueprints

Blueprints make it easier for you to manage your RHEL images. Images expire after two weeks, but blueprints last forever. Create a blueprint for your golden image, modify it over time as your needs change, and use it to build and deploy images on demand.

Users will notice a new announcement banner linking to a Getting Started quick-start guide. This capability was initially available in the on-premises RHEL image builder and is now available as part of the Insights experience. Future development will include the ability to import and export blueprint files.

The announcement of the blueprints feature in the Insights for RHEL inventory

Build security-hardened images

You can now apply Security Compliance benchmark policies, as provided from the trusted OpenSCAP tools, to your customized RHEL golden images for any target environment - complete with guided file system configurations! This ensures that security hardening changes are applied during image creation so that when launched, systems are more secure before they ever initialize CPU or memory, or even connect to a network.

This change makes it extremely easy for highly secure environments to meet their security compliance requirements. It also enables users who do not have deep security knowledge to achieve better security by default.

OpenSCAP profile for golden image

First-boot-script configuration

Provided as a Technology Preview, Insights image builder has added the first-boot-script configuration feature to embed scripts in the image that are run when an instance first starts up. This feature enables you to run your scripts to do any variety of custom tasks that you may require. Tasks could include shell or python scripts, as well as Ansible playbooks. Future blog posts will provide simple examples to help users use this feature quickly and easily.

The first boot script configuration page

7.3. OpenShift Container Platform

7.3.1. Cost Management

Resource Optimization for OpenShift GA

After a year in preview, Red Hat announced the general availability of the resource optimization service for OpenShift Cost Management.

View announcements about the release:

AWS Savings Plans enabled by default

Cost Management has supported AWS Savings Plans for years. However, users had to manually select the AWS Amortized cost view in the Settings page, or in each of the cost pages, leading to support cases due to customers seeing an unexpected cost (caused by looking at the incorrect view mode in Cost Management).

Cost Management now detects whether savings plans are in use in AWS accounts, and automatically shows data including the discounts from the savings plans in all cases. Configuring the Amortized view is no longer needed.

Providing feedback on Red Hat documentation

We appreciate and prioritize your feedback regarding our documentation. Provide as much detail as possible, so that your request can be quickly addressed.

Prerequisites

  • You are logged in to the Red Hat Customer Portal.

Procedure

To provide feedback, perform the following steps:

  1. Click the following link: Create Issue
  2. Describe the issue or enhancement in the Summary text box.
  3. Provide details about the issue or requested enhancement in the Description text box.
  4. Type your name in the Reporter text box.
  5. Click the Create button.

This action creates a documentation ticket and routes it to the appropriate documentation team. Thank you for taking the time to provide feedback.

Legal Notice

Copyright © 2024 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.