Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Release notes

Red Hat Satellite 6.17

New features, deprecated and removed features, Technology Previews, known issues, and bug fixes

Red Hat Satellite Documentation Team

Abstract

This document contains the release notes for Red Hat Satellite.

Chapter 1. Overview

Release notes include links to the original tickets. Private tickets have no links and instead feature the following footnote[1].

1.1. Advisories

You can view all advisories, including security and bug fixes, for major and minor versions of this release on the Red Hat Customer Portal.

1.2. Major changes in 6.17

  • Satellite is no longer supported on RHEL 8 (SAT-29890).
  • Satellite now supports RHEL 10 hosts (SAT-24693).
  • Multiple content view environments in hosts and activation keys (SAT-20889).
  • Deployment and operation in IPv6-only networks (SAT-19573).
  • Secure Boot provisioning (SAT-23035).
  • Invalidating JSON Web Tokens (JWT) for global registration (SAT-27385).
  • Registering and managing image mode hosts (SAT-27153).
  • Enabling repositories for Flatpak content (SAT-20673).
  • External authentication with Red Hat build of Keycloak (SAT-29434).
  • Documentation on planning for disaster recovery (SAT-17448).
  • Locally-installed Insights advisor is available as Technology Preview (SAT-27257).

1.3. Red Hat Satellite

Red Hat Satellite is a system management solution that enables you to deploy, configure, and maintain your systems across physical, virtual, and cloud environments. Red Hat Satellite provides provisioning, remote management and monitoring of multiple Red Hat Enterprise Linux deployments with a single, centralized tool.

  • Red Hat Satellite Server synchronizes content from the Red Hat Customer Portal and other sources. It provides detailed lifecycle management, user and group role-based access control, integrated subscription management, and advanced GUI, CLI, and API access.
  • Red Hat Satellite Capsule Server mirrors content from the Red Hat Satellite Server and distributes it to different geographical locations. Host systems pull content and configurations from the Capsule Server in their location instead of the central Satellite Server. The Capsule Server also provides localized services such as Puppet server, DHCP, DNS, or TFTP, assisting in scaling Red Hat Satellite as the number of managed systems in your environment grows.

1.4. Red Hat Customer Portal Labs

Red Hat Customer Portal Labs provide applications to improve performance, troubleshoot issues, identify security problems, and quickly deploy and configure complex applications.

The following applications are available for Red Hat Satellite:

1.5. Additional resources


[1] This ticket does not have a link because it is private.

Chapter 2. New features

This section describes new features and major enhancements introduced in Red Hat Satellite 6.17.

2.1. Host provisioning and management

Image mode host registration and management

You can now register image mode hosts, view their Bootc status information, and remotely execute Bootc commands in Red Hat Satellite. The Booted Container Images page provides an overview of the container images that hosts boot from, supporting management of image mode hosts.

Jira:SAT-27153

Support for RHEL 10 hosts has been added

You can now manage RHEL 10 hosts with Satellite.

Jira:SAT-24693

Remote execution in pull mode is now compatible with clients running yggdrasil versions 0.2.z and 0.4.z

The remote execution pull provider has been updated to be compatible with all versions of the yggdrasil package that can be installed on a host. As a result, remote execution jobs in pull mode work on Satellite hosts that run any of the currently supported versions of RHEL. This applies also to hosts with the Extra Packages for Enterprise Linux (EPEL) repository enabled.

The pull-based transport mode relies on the Yggdrasil service and requires different Yggdrasil configuration based on the version of the yggdrasil package that is installed on the host. If weak dependencies are enabled on your hosts, the Yggdrasil client configuration is automatically updated and no further steps are required. If weak dependencies are disabled on your hosts, you must install the foreman_ygg_migration package manually to ensure that the Yggdrasil client configuration is updated. For detailed instructions, see Remote jobs timing out after yggdrasil update in Managing hosts.

Jira:SAT-27476

The Template Sync plugin supports using an HTTP proxy to connect to a repository

You can now use an HTTP proxy to synchronize templates between your Satellite server and a git repository. Configuring an HTTP proxy for template synchronization ensures that Satellite routes the Template Sync request to the repository through the specified proxy server.

For more information, see Synchronizing template repositories in Administering Red Hat Satellite.

Jira:SAT-27349

The auditing system now records adding and removing Ansible roles on a host

Audit logs have been expanded to include records on adding or removing Ansible roles on a host. To view the audit logs, navigate to Monitor > Audits in the Satellite web UI.

Jira:SAT-29715

Secure Boot

You can now provision Secure Boot enabled hosts by using PXE booting and UEFI HTTP booting. You can use Secure Boot on bare metal, VMware, and KVM (Libvirt). Secure Boot is currently unsupported in Discovery and boot disks.

Jira:SAT-23035

Invalidation of registration tokens

You can now invalidate registration JSON Web Tokens (JWTs) that are used to authenticate the registration call from a host to Satellite or Capsule. Once you invalidate the JWTs, users can no longer use their existing JWTs to register hosts.

Jira:SAT-27385

Discovery image updated with RHEL 9

The Discovery image now uses the Red Hat Enterprise Linux 9.5.0 base.

Jira:SAT-27541

Select resources in global registration by title

You can select certain resources in the global registration API call by the resource title. The following resources are available:

  • Organization
  • Location
  • Host group
  • Operating system

The values must be URL encoded.

Jira:SAT-28832

ansible_tower_api_url replaces ansible_tower_fqdn when configuring provisioning callback in Ansible Automation Platform

The ansible_tower_api_url parameter has been introduced to ensure compatibility with Ansible Automation Platform 2.5. The parameter defines the URL of your Ansible Automation Platform, including the required API path, for the purposes of configuring provisioning callback. It replaces the previously used ansible_tower_fqdn parameter.

By default, the API path is set to /api/controller/v2. Note that if you are using Ansible Automation Platform 2.4 or earlier, you must update the API path manually to /api/v2. To confirm which Ansible Automation Platform version you are using, check the API endpoints on your Ansible Automation Platform instance to verify the correct API path.

Jira:SAT-30761

Virtual TPM option in VMware provisioning

When creating virtual machines in a VMware compute resource, you can now enable the Virtual Trusted Platform Module in the attributes of the virtual machine for enhanced security.

Jira:SAT-30464

ELS option in Convert2RHEL job templates

You can now use the Extended Lifecycle Support (ELS) Add-On subscription during host conversion to Red Hat Enterprise Linux.

Jira:SAT-26076

2.2. Web UI

Red Hat Offline Knowledge Portal is now available

Satellite now offers Red Hat Offline Knowledge Portal, a lightweight, secure, offline version of the online Red Hat Customer Portal and Knowledgebase. This capability enables users in air-gapped or disconnected environments to access an offline version of Red Hat’s support knowledge and documentation alongside the existing content in Satellite. For more information, see the Red Hat Offline Knowledge Portal documentation.

Jira:SAT-31166

Option to automatically update the default content HTTP proxy

When you create a new HTTP proxy, the Satellite web UI now provides an option to set this new HTTP proxy as default. If you select the option and save your new HTTP proxy, Satellite updates the Default HTTP Proxy global Content setting automatically.

Jira:SAT-28860

Improved Capsule content counting

Capsule content counting is improved to increase efficient content counting and precision.

  • You can now manually trigger the Capsule content counting task for a specific environment or content view directly from the Capsule content page.
  • Automatic Capsule synchronizations now count content only for the relevant content view or environment instead of running a global content counting task.

These enhancements improve performance, reduce task sizes, and optimize content counting.

The Calculate content counts on smart proxies automatically setting remains available. You can disable content counting on Capsules if needed. If you disabled this feature in 6.16 for performance reasons, consider re-enabling it after upgrading to 6.17 to take advantage of these improvements.

Jira:SAT-26058

2.3. Installation and upgrade

Red Hat Satellite Installation Helper app is now available on the Red Hat Customer Portal

With the Red Hat Satellite Installation Helper application, you can generate interactive customized instructions for installing a Satellite Server or Capsule Server. For more information, see Red Hat Satellite Installation Helper on Red Hat Customer Portal.

Jira:SAT-32443

satellite-installer now verifies that CA does not use SHA-1 certificates

The certificate authority (CA) that signs the Satellite API certificates can no longer use SHA-1 as the signature algorithm. The satellite-installer utility has been enhanced with a check to verify whether the CA used by Satellite uses SHA-1 certificates. If your internal CAs or custom certificates use SHA-1, attempting to install or upgrade now fails with the following message:

Copy to Clipboard Toggle word wrap 
Server CA certificate /etc/pki/katello/certs/katello-default-ca.crt signed with sha1 which will break on upgrade.
Update the server CA certificate with one signed with sha256 or stronger then proceed with the upgrade.

Jira:SAT-29322

IPv6 support

Satellite deployment and operation in IPv6-only networks are now fully supported. Dual-stack deployments have not been tested and are not supported.

Provisioning over IPv6 is supported on bare metal hosts. Satellite communication with compute resources over IPv6 has not been tested and is not supported. For compute resources, you can define the machine outside Satellite on the compute resource and then you can provision the machine as a bare-metal host in Satellite. Defining hosts with IPv6 support directly on compute resources is not supported.

For more information about known issues, see Section 5.4, “IPv6”.

Jira:SAT-19573

2.4. Content management

Flatpak support for applications

Satellite now supports Flatpak, enabling users to install, manage, and run portable applications, primarily for desktop environments. Flatpak repositories function similarly to other content repositories in Satellite allowing you to synchronize them, manage access permissions, and assign repositories to specific lifecycle environments to control application availability. Managing Flatpak repositories is done using Hammer CLI. After you mirror a repository, you can manage it in the web UI like any other repository. Remote execution (REX) jobs are available to help automate the setup and installation of Flatpak applications on hosts. Capsule support is limited in this release and lifecycle environment isolation is not enforced for Flatpak repositories served from Capsules.

Jira:SAT-20673

2.5. Server administration

Collecting usage metrics to understand how customers use Satellite

Satellite now collects information on product usage to improve how Red Hat prioritizes future development and to help with debugging. The collected usage metrics include information such as which Satellite features are used and the number of objects in the database.

A systemd timer runs weekly to collect the usage metrics by executing the satellite-maintain report generate command on your Satellite Server and storing the data in the /var/lib/foreman-maintain/satellite_metrics.yml file. When you use the sos report command to generate a report for Red Hat Technical Support, the report now includes satellite_metrics.yml along with the other configuration, diagnostics, and troubleshooting data that sos collects.

Note that with the exception of sos reports, the collected metrics remain only in /var/lib/foreman-maintain/satellite_metrics.yml and are not shared automatically. In addition, you can review the metrics by running the satellite-maintain report generate command manually, which displays the complete set of information that is being collected.

To opt out of the usage metrics collection, use the systemctl mask satellite-usage-metrics-generate.timer command on your Satellite Server.

Jira:SAT-24116[1]

Documentation has been added on preparing for disaster recovery and recovering from data loss

New documentation is available on preparing a disaster recovery plan to ensure the continuity of Satellite services in case of a disruptive event. These guidelines help ensure that you can restore your Satellite deployment to an operational state after an incident. See Preparing for disaster recovery and recovering from data loss in Administering Red Hat Satellite.

Jira:SAT-17448

2.6. Users and roles

External authentication with Red Hat build of Keycloak

You can now configure Satellite to use Red Hat build of Keycloak as an external authentication source. For more information, see Configuring SSO and 2FA with Red Hat build of Keycloak in Satellite.

Jira:SAT-29434[1]

2.7. Localization and internationalization

Enhanced web UI and Hammer CLI localization

The Satellite web UI and Hammer command-line interface are now available in Korean. Additionally, the French, Japanese, and Simplified Chinese translations have been updated.

Jira:SAT-16392

Chapter 3. Removed functionality

This section lists functionality that has been removed in Red Hat Satellite 6.17.

3.1. Installation and upgrade

Running Satellite on RHEL 8 is no longer supported

You can no longer run Satellite and Capsules on Red Hat Enterprise Linux 8. Before upgrading to Satellite 6.17, make sure to upgrade the operating systems of your Satellite and Capsules to RHEL 9. For information on upgrading to RHEL 9, see Upgrading connected Red Hat Satellite to 6.16 and Upgrading disconnected Red Hat Satellite to 6.16.

Note that RHEL 8 is still supported on hosts.

Jira:SAT-29890, Jira:SAT-27387

Capsule port 8443 is no longer supported for client traffic

Port 8443, previously used when communicating through a Capsule, has been removed. It is no longer an accessible endpoint on Capsules. If your existing clients use port 8443, reconfigure them to use port 443 in one of the following ways:

  • Remote execution
  • The katello-ca-consumer RPM
  • Updating the /etc/rhsm/rhsm.conf file: In the [server] section of the file, ensure that the port option is set to 443

Note that API access through port 443 is restricted to specific endpoints. The following paths are available:

  • https://<capsule.example.com>/rhsm/
  • https://<capsule.example.com>/redhat_access/

Jira:SAT-22981

3.2. Security and authentication

OVAL-only contents and policies

Management of the Open Vulnerability and Assessment Language (OVAL) contents and policies, which were provided as Technology Previews, are no longer available. If you used an OVAL policy on your clients, you must reconfigure them.

Jira:SAT-23806

3.3. Host provisioning and management

Telemetry disablement in Convert2RHEL job templates

You cannot disable telemetry when you use the Convert2RHEL utility.

Jira:SAT-24654

use-slaac host parameter

The use-slaac host parameter has been removed. Host network interfaces in IPv6 environments are now configured automatically.

Jira:SAT-30602

3.4. Backup and restore

Snapshot backup

satellite-maintain no longer supports snapshot backups. You can use online backups instead.

Jira:SAT-20955

Chapter 4. Deprecated functionality

This part provides an overview of functionality that has been deprecated in Red Hat Satellite 6.17.

Deprecated functionality will likely not be supported in future releases of this product and is not recommended for new deployments. For the most recent list of deprecated functionality within a particular major release, refer to the latest version of release documentation.

The support status of deprecated functionality remains unchanged within Red Hat Satellite 6.17. For information about the length of support, see Red Hat Enterprise Linux Life Cycle and Red Hat Enterprise Linux Application Streams Life Cycle.

Deprecated hardware components are not recommended for new deployments on the current or future releases. Hardware driver updates are limited to security and critical fixes only. Red Hat recommends replacing this hardware as soon as reasonably feasible.

A package can be deprecated and not recommended for further use. Under certain circumstances, a package can be removed from a product. Product documentation then identifies more recent packages that offer functionality similar, identical, or more advanced to the one deprecated, and provides further recommendations.

External authentication with Red Hat Single Sign-On

Configuring Satellite with Red Hat Single Sign-On (RH SSO) as an external authentication source is deprecated in 6.17. The RH SSO 7 product family has reached End of Full Support. Instead of RH SSO, you can configure Red Hat build of Keycloak as an external authentication source for Satellite.

To migrate from using RH SSO in your Satellite deployment, reconfigure the authentication source settings on your 6.17 Satellite Server to follow the requirements for Red Hat build of Keycloak. For more information, see Configuring SSO and 2FA with Red Hat build of Keycloak in Satellite.

For information on the current support policy for RH SSO, see Red Hat Application Services Product Update and Support Policy.

Jira:SAT-27644

Legacy remote execution job form in the Satellite web UI

The option to use the legacy web UI form to run remote execution jobs is deprecated and will be removed in a future version. The new job invocation wizard will be the only available option. Note that the new job invocation wizard has been the default method to run remote execution jobs since Satellite 6.13.

First deprecated in Satellite 6.17.

Jira:SAT-30410

Overriding organizations and locations on the filter level

The ability for a filter to override organizations and locations associated with a role is deprecated in 6.16. When the functionality is removed, filters will honor the organizations and locations set at the role level.

Jira:SAT-28820

hammer host subscription attach and hammer host subscription auto-attach commands

The hammer host subscription attach and hammer host subscription auto-attach commands are deprecated in 6.16. The commands are non-functional and do not result in attaching a subscription.

Note: Entitlement-based subscription management was removed in 6.16.

Jira:SAT-28367

Asynchronous SSH remote execution mode

The async-ssh remote execution mode was deprecated in 6.13. If you have unstable connectivity between Capsules and managed hosts, use the pull mode instead. For more information about pull mode, see Transport Modes for Remote Execution in Managing hosts.

Provisioning on Red Hat Virtualization

The integration of Red Hat Virtualization (RHV) with Satellite was deprecated in 6.13. All the existing compute resources of RHV type will be removed and the hosts associated with RHV will be disconnected. The RHV provider will be removed in the Satellite 6.18 release.

Package Group Actions

The Package Group Actions option in the web UI was deprecated in 6.10.

Bootstrap.py host registration script

The bootstrap.py script for registering a host to Satellite or Capsule was deprecated in 6.9. It has been replaced by the curl command created by using the global registration template.

Jira:SAT-21137

katello-ca-consumer package and katello-rhsm-consumer script

The katello-ca-consumer package and katello-rhsm-consumer script were deprecated in 6.9. You must use the global registration template to register a host.

Jira:SAT-21372

iPXE firmware

Using iPXE firmware for network-boot provisioning was deprecated in 6.17. Instead, use HTTP booting for hosts in UEFI mode to reduce provisioning times. Note that iPXE firmware has never been officially supported in Red Hat Satellite.

Jira:SAT-28823

OpenShift Virtualization compute resource

Adding OpenShift Virtualization as a compute resource to Satellite was deprecated in 6.17. The OpenShift Virtualization provider will be removed in a future release.

Jira:SAT-29985

Chapter 5. Known issues

This section describes known issues in Red Hat Satellite 6.17.

5.1. Security and authentication

Unable to upload an OpenSCAP report from hosts that run RHEL 9.3 or earlier with FIPS mode enabled

On Satellite hosts that run RHEL 9.3 or earlier with FIPS mode enabled, uploading an OpenSCAP report fails with the following error:

Copy to Clipboard Toggle word wrap 
Unable to load certs
Neither PUB key nor PRIV key

For more details, see a related Knowledgebase solution. Note that the problem has been fixed for hosts that run RHEL 9.4 or later.

Jira:SAT-28297

5.2. Host provisioning and management

OpenShift Virtualization cannot be added as a compute resource

You cannot add OpenShift Virtualization as a compute resource because the OpenShift Virtualization API has changed and is incompatible with Satellite 6.16 and later.

Jira:SAT-29384

5.3. Users and roles

Newly created filters do not inherit organizations and locations associated with the role

When an organization and location are defined for a role, these organizations and locations are not propagated to the filters created within the role. Consequently, users with a role assigned can access resources in any other organization or location that they have sufficient permissions to view instead of only organizations and locations defined for the role.

To work around the problem:

  1. Create your filter.
  2. Start editing the filter.
  3. Save the filter without making any changes. This ensures that organizations and locations defined on the role level are propagated to filters correctly.

This known issue does not affect cloned roles. If you clone an existing role and assign organizations and locations to the cloned role, the organizations and locations are propagated to filters correctly.

Note that defining organizations and locations on the filter level is deprecated. See Overriding organizations and locations on the filter level.

Jira:SAT-28731[1]

5.4. IPv6

virt-who is not supported on IPv6 networks in Satellite

Satellite does not support virt-who in an IPv6 network.

Jira:RHEL-40069

Additional configuration is required in IPv6-only networks when using kinit for IdM and AD users

When Identity Management (IdM) or Active Directory (AD) are configured as external authentication sources for a Satellite Server that has only IPv6 connectivity, Kerberos authentication for external users fails. This known issue is caused by a bug in the System Security Services Daemon (SSSD) and occurs when the DNS name of the IdM or AD server can be translated to both an IPv4 and IPv6 address but the IPv4 address is not accessible, for example because it is blocked by a firewall.

To work around this problem, configure the lookup_family_order option in the [domain/<domain_name>] in the /etc/sssd/sssd.conf file:

Copy to Clipboard Toggle word wrap 
[domain/_<example.com>_]
lookup_family_order = ipv6_only

Jira:SAT-32530, Jira:SSSD-2511

IPv6 address entry in Satellite does not match the IPv6 address of a provisioned host

When you provision a host in an IPv6 network, Satellite contains an IPv6 address that does not match the actual IPv6 address of the host. This mismatch impairs host management capabilities, such as remote execution.

As a workaround, you can execute subscription-manager facts --upload on the host or wait for the next facts upload to resolve the issue.

Jira:SAT-30601

Host Discovery fails in an IPv6 network

When you attempt to discover an unknown host in an IPv6 network, the discovery fails with Error: 1001: Failed to open TCP connection to satellite.example.com:443.

Jira:SAT-30796

Failure to provision hosts in PXE-less Discovery over IPv6

After PXE-less host discovery on an IPv6 Satellite, when the host starts provisioning, it fails to resolve Satellite. As a result, the host fails to fetch Kickstart and the required files.

Jira:SAT-30794

Chapter 6. Bug fixes

This section describes bugs fixed in Red Hat Satellite 6.17 that have a significant impact on users.

Reconfiguration script does not install pull provider on push mode hosts after host content source change

Previously, when you changed the content source of a host and ran the manual reconfiguration script, the script attempted to install the foreman_ygg_worker package even if the host was in push mode for remote execution. This resulted in the failure of the script on hosts in push mode. Katello has been fixed to install the package on pull-mode hosts only. As a result, the reconfiguration script does not attempt to install the pull provider on hosts in push mode and the script succeeds.

Jira:SAT-24795

hammer scap-content bulk-upload --type default now updates previously uploaded default compliance guidelines

Before this update, when an updated version of the default compliance guidelines was installed on the system where Satellite server was running, using the hammer scap-content bulk-upload --type default command did not update the guidelines on the Satellite server if the command was already used to upload a previous version of the guidelines before. As a consequence, Satellite in some cases did not include the latest SCAP content after hammer scap-content bulk-upload --type default was run. Now, when an updated version of the default compliance guidelines is available locally, running hammer scap-content bulk-upload --type default properly updates the guidelines on the Satellite server, even when the command was used to upload a previous version of the guidelines before.

Jira:SAT-27369

Compute profile not applied on host update when using Hammer or API

Previously, when you used Hammer to change a host group associated with a different compute profile, Hammer attempted to update the hardware of your virtual machine. The Foreman core has been fixed to prevent compute profile application when a host is updated. As a result, when you change a host group of a virtual machine by using Hammer or API, Satellite no longer attempts to update the hardware. This behavior is now consistent with the Satellite web UI.

Jira:SAT-24282

Provisioning uses correct hostname for RHEL 9 hosts

Previously, when you provisioned RHEL 9 to a host, Satellite registered the host with the localhost entry as the hostname. This resulted in consequent failures to provision other RHEL 9 hosts. The provisioning templates have been fixed to use the correct hostname. As a result, provisioning RHEL 9 hosts works as expected.

Jira:SAT-30715

Specifying a custom organization label is now again possible in the Satellite web UI

Before this update, when creating a new organization in the Satellite web UI, the field to specify a custom label for the organization was missing. This update adds the missing field, and as a result, you can now specify a custom label when creating new organizations in the web UI.

Jira:SAT-27703

RPM installation resolves pulpcore-api core dumps during concurrent repository synchronization

Previously, when synchronizing multiple large repositories to a Capsule concurrently, the pulpcore-api could crash and cause core dumps. Despite the crash, synchronization completed successfully. This issue is resolved by installing the python3.11-psycopg_c-3.2.3 RPM to avoid crashes.

Jira:SAT-32604

Organization deletion failure caused by container push repositories

Previously, deleting an organization failed if any of its products included container push repositories. This issue occurred due to an error in the code that attempted to delete those repositories incorrectly which has been fixed. You can now delete organizations that include container push repositories.

Jira:SAT-32605

On-demand repositories accessible after syncing

Previously, when you synchronized a repository by using the on-demand download policy and attempted to access the repository at the Published At URL, Satellite returned a 500 server error. Pulpcore has been fixed to handle content directory listing. As a result, you can access the repositories at the Published At URL .

Jira:SAT-29670

Chapter 7. Technology previews

This part provides a list of all Technology Previews available in Red Hat Satellite 6.17.

For information on Red Hat scope of support for Technology Preview features, see Technology Preview Features Support Scope.

7.1. Web UI

Support for Multiple Content View Environments in Hosts and Activation Keys in Hammer CLI

Hosts and activation keys now support multiple content view environments instead of being limited to a single content view and lifecycle environment. This is done in the Hammer CLI.

For more information, see Managing content view environments in Managing content.

Jira:SAT-20889

Enable Insights advisor in Satellite recommendations without connecting to console.redhat.com

Satellite includes an installation option for enabling Insights advisor in Satellite recommendation capabilities without connecting to console.redhat.com. Enable this feature through the installer to use insights-client, which sends data exclusively to Satellite. Satellite then generates Insights advisor in Satellite recommendations based on the findings.

Jira:SAT-27257

Job details page

The Job details page has been redesigned for enhanced user experience. By default, the web UI displays the previous design. To view the new design, navigate to Monitor > Jobs, click a job name in the Description column and then click New UI.

Jira:SAT-26605

All Hosts page

The new All Hosts page has the following features:

  • Bulk actions: You can now select one or more hosts and use the options menu to perform actions such as such as Build management, Change host group, Delete, Manage content, Packages (install/remove/upgrade), Errata, Content source, and Content view environments to change the content view and lifecycle environment of hosts.
  • Single-host actions: You can perform actions on a single host by using the options menu to Edit, Clone, Delete, and Change content view environments.

To use the new page by default, navigate to Administer > Settings and set Show new host overview page to Yes. The legacy and the new All Hosts pages are linked so that you can switch between them.

Jira:SAT-20041

7.2. Host provisioning and management

Kernel execution template

You can use the kernel execution (kexec) provisioning template for PXE-less boot methods.

Jira:SAT-21012

Chapter 8. Changes in satellite-installer parameters, Hammer CLI, and REST API

8.1. satellite-installer parameters

New satellite-installer parameters

The following satellite-installer parameters have been added:

  • --checks-only
  • --foreman-plugin-rh-cloud-enable-iop-advisor-engine
  • --reset-foreman-plugin-rh-cloud-enable-iop-advisor-engine

Removed satellite-installer parameters

The following satellite-installer parameters have been removed:

  • --foreman-proxy-content-reverse-proxy
  • --reset-foreman-proxy-content-reverse-proxy
  • --foreman-proxy-content-reverse-proxy-port
  • --reset-foreman-proxy-content-reverse-proxy-port

8.2. Hammer CLI

New Hammer commands and subcommands

The following Hammer commands and subcommands have been added:

  • hammer content-view-environment, including the following subcommand:

    • hammer content-view-environment list

  • hammer flatpak-remote, including the following subcommands:

    • hammer flatpak-remote create
    • hammer flatpak-remote delete
    • hammer flatpak-remote info
    • hammer flatpak-remote list
    • hammer flatpak-remote remote-repository
    • hammer flatpak-remote remote-repository info
    • hammer flatpak-remote remote-repository list
    • hammer flatpak-remote remote-repository mirror
    • hammer flatpak-remote scan
    • hammer flatpak-remote update

  • hammer host bootc, including the following subcommand:

    • hammer host bootc images

  • hammer user registration-tokens, including the following subcommands:

    • hammer user registration-tokens invalidate
    • hammer user registration-tokens invalidate-multiple

New Hammer options

The following Hammer options have been added:

  • --force has been added to the following commands:

    • hammer activation-key content-override
    • hammer host subscription content-override

  • --content-view-environments and --content-view-environment-ids have been added to the following commands:

    • hammer activation-key create
    • hammer activation-key list
    • hammer activation-key update
  • --lifecycle-environment-id, --repository-id, --content-view, --content-view-id, and --repository have been added to the hammer capsule content update-counts command

  • --allow-other-types has been added to the following commands:

    • hammer content-view filter rule create
    • hammer content-view filter rule update
  • --versions-to-keep has been added to the hammer content-view purge command
  • --subnet6-id and --ip6 have been added to the hammer discovery provision command
  • --download-utility has been added to the hammer host-registration generate-command command

  • --content-default-http-proxy has been added to the following commands:

    • hammer http-proxy create
    • hammer http-proxy info

  • --http-proxy-id, --http-proxy, and --http-proxy-policy have been added to the following commands:

    • hammer export-templates
    • hammer import-templates
  • --path-id has been added to the hammer lifecycle-environment create command
  • --lifecycle-environment-id, --repository-id, --content-view, --content-view-id, and --repository have been added to the hammer proxy content update-counts command

  • --depth and --keep-latest-packages have been added to the following commands:

    • hammer repository create
    • hammer repository update

Removed Hammer commands and subcommands

No Hammer commands and subcommands have been removed.

Removed Hammer options

The following Hammer options have been removed:

  • --location-id, --organization-id, --organization-title, --organization, --location, and --location-title have been removed from the following commands:

    • hammer architecture create
    • hammer architecture delete
    • hammer architecture info
    • hammer architecture list
    • hammer architecture update
    • hammer settings info
    • hammer settings list
    • hammer settings set
    • hammer user-group create
    • hammer user-group delete
    • hammer user-group external create
    • hammer user-group external delete
    • hammer user-group external info
    • hammer user-group external list
    • hammer user-group external refresh
    • hammer user-group external update
    • hammer user-group info
    • hammer user-group list
    • hammer user-group update

  • --purpose-addons has been removed from the following commands:

    • hammer activation-key create
    • hammer activation-key update
    • hammer admin logging
    • hammer host update

Additional resources

For more information, see Using the Hammer CLI tool or enter the commands with the --help option.

8.3. REST API

New API endpoints

The following API endpoints have been added:

  • Registration_tokens endpoints:

    • /api/registration_tokens
    • /api/users/:user_id/registration_tokens

  • Advisor_engine endpoints:

    • /api/advisor_engine/host_details
    • /api/advisor_engine/upload_hits

  • Advisor_engine_config endpoints:

    • /api/rh_cloud/advisor_engine_config

  • Content_view_environments endpoints:

    • /katello/api/content_view_environments

  • Flatpak Remote Repositories endpoints:

    • /katello/api/organizations/:organization_id/flatpak_remote_repositories
    • /katello/api/flatpak_remotes/:flatpak_remote_id/flatpak_remote_repositories
    • /katello/api/flatpak_remote_repositories/:id
    • /katello/api/flatpak_remote_repositories/:id/mirror

  • Flatpak Remotes endpoints:

    • /katello/api/organizations/:organization_id/flatpak_remotes
    • /katello/api/flatpak_remotes
    • /katello/api/flatpak_remotes/:id
    • /katello/api/organizations/:organization_id/flatpak_remotes/:id
    • /katello/api/flatpak_remotes/:id/scan

  • Host_bootc_images endpoints:

    • /api/hosts/bootc_images

  • Host_packages endpoints:

    • /api/host_packages/:id
    • /api/host_packages/compare
    • /api/host_packages/installed_packages

  • Job_invocations endpoints:

    • /api/job_invocations/:id/hosts

Removed API endpoints

No API endpoints have been removed.

Additional resources

For more information, see the full API reference on your Satellite Server at https://<satellite.example.com>/apidoc/v2.html.

Appendix A. Providing feedback on Red Hat documentation

We appreciate your feedback on our documentation. Let us know how we can improve it.

Use the Create Issue form in Red Hat Jira to provide your feedback. The Jira issue is created in the Red Hat Satellite Jira project, where you can track its progress.

Prerequisites

Procedure

  1. Click the following link: Create Issue. If Jira displays a login error, log in and proceed after you are redirected to the form.
  2. Complete the Summary and Description fields. In the Description field, include the documentation URL, chapter or section number, and a detailed description of the issue. Do not modify any other fields in the form.
  3. Click Create.

Appendix B. Revision history

0.0-1

Tue May 20 2025, Brian Angelica (bangelic@redhat.com)

  • Added a Feature SAT-31166 (Red Hat Offline Knowledge Portal is now available, Web UI)
0.0-0

Tue May 6 2025, Brian Angelica (bangelic@redhat.com)

  • Release of the Red Hat Satellite 6.17 Release Notes.

Appendix C. List of tickets by component

Bugzilla and JIRA tickets are listed in this document for reference. The links lead to the release notes in this document that describe the tickets.

ComponentTickets

Audit Log

Jira:SAT-29715

Authentication

Jira:SAT-29434, Jira:SAT-27644

Backup & Restore

Jira:SAT-20955

Compute Resources

Jira:SAT-24282

Compute Resources - CNV

Jira:SAT-29384

Content management

Jira:SAT-20673

Disaster recovery

Jira:SAT-17448

Discovery Image

Jira:SAT-27541

Hammer

Jira:SAT-28367

Host management

Jira:SAT-27153, Jira:SAT-24693, Jira:SAT-26076

IPv6-bug

Jira:RHEL-40069, Jira:SAT-32530, Jira:SAT-30601, Jira:SAT-30796, Jira:SAT-30794

Installation

Jira:SAT-29890, Jira:SAT-32443, Jira:SAT-29322, Jira:SAT-19573, Jira:SAT-22981, Jira:SAT-32604

Localization and Internationalization

Jira:SAT-16392

Metrics

Jira:SAT-24116

Organizations and Locations

Jira:SAT-27703, Jira:SAT-28820

Provisioning

Jira:SAT-23035, Jira:SAT-30464, Jira:SAT-24654, Jira:SAT-30602, Jira:SAT-21012, Jira:SAT-28823

Provisioning Templates

Jira:SAT-30761, Jira:SAT-30715

Pulp

Jira:SAT-32604, Jira:SAT-29670

Registration

Jira:SAT-27385, Jira:SAT-28832, Jira:SAT-24795

Remote Execution

Jira:SAT-27476, Jira:SAT-24795, Jira:SAT-30410

Repositories

Jira:SAT-32605, Jira:SAT-29670

SCAP Plugin

Jira:SAT-27369, Jira:SAT-28297

Security

Jira:SAT-23806

Templates Plugin

Jira:SAT-27349

Users & Roles

Jira:SAT-28731

Web UI

Jira:SAT-31166, Jira:SAT-28860, Jira:SAT-26058, Jira:SAT-20889, Jira:SAT-27257, Jira:SAT-26605, Jira:SAT-20041

other

Jira:SAT-29890, Jira:SAT-32443, Jira:SAT-27644, Jira:SAT-21137, Jira:SAT-21372, Jira:SAT-28823, Jira:SAT-29985

Legal Notice

Copyright © 2025 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat, Inc.