Chapter 1. Summary of changes

You can view security and bug fix advisories for major and minor versions of this release on the Red Hat Customer Portal.

The 6.15 release of Red Hat Satellite features the following changes:

Removed katello-agent subsystem

katello-agent, qpid messaging system, and related Content settings have been removed from Satellite.
You have to migrate your hosts from katello-agent to remote execution before the upgrade. Remote execution is now the only way to perform remote package actions.
Red Hat recommends you to disable katello-agent on your Satellite Server and Capsule Servers before the upgrade.
Optionally, you can remove the katello-agent package from hosts. Red Hat recommends you to do so and verify that you can perform remote package actions by using remote execution.
See also katello-agent.

Security hardening support

You can enable fapolicyd on Satellite Server and Capsule Servers. For more information, see fapolicyd on Satellite and Capsule is now available.

Improved user experience

The main Satellite menu in the Satellite web UI now reveals items on click instead of hover, it has three levels, and is searchable. For more information, see Vertical navigation changes.
The Satellite web UI displays a banner if the Satellite version is nearing or even past the end-of-life date. For more information, see Satellite EOL date in the web UI.
Users can subscribe to new email notifications for failed tasks. For more information, see Satellite sends email notifications after certain background actions fail.
Satellite can use Redis as the WebUI cache, which can handle greater load in larger setups. For more information, see Redis cache.
Satellite auto-selects the activation key during host registration in the Web UI. For more information, see Satellite auto-selects the activation key during host registration.

Improved documentation

An updated version of the guide Monitoring Satellite performance by using the Performance Co-Pilot has been reintroduced.
Upgrade instructions are provided for connected and disconnected Red Hat Satellite separately:
- Upgrading connected Red Hat Satellite to 6.15
- Upgrading disconnected Red Hat Satellite to 6.15

See the following chapters for detailed changes in Red Hat Satellite 6.15.

1.1. Changes in satellite-installer parameters

The following parameters have been removed in this release:

--foreman-proxy-content-enable-katello-agent: Enables Katello Agent on Capsule Server.
--foreman-proxy-content-qpid-router-agent-addr: Listener address for the goferd agents.
--foreman-proxy-content-qpid-router-agent-port: Listener port for the goferd agents.
--foreman-proxy-content-qpid-router-broker-addr: Address of the qpidd broker to connect to.
--foreman-proxy-content-qpid-router-broker-port: Port of the qpidd broker to connect to.
--foreman-proxy-content-qpid-router-hub-addr: Address for dispatching router hub.
--foreman-proxy-content-qpid-router-hub-port: Port for dispatching router hub.
--foreman-proxy-content-qpid-router-logging: Whether to log to a file or syslog.
--foreman-proxy-content-qpid-router-logging-level: Logging level of the dispatch router (for eg., info+ or debug+).
--foreman-proxy-content-qpid-router-logging-path: Directory for the dispatch router logs, if using a file logging.
--foreman-proxy-content-qpid-router-ssl-ciphers: SSL Ciphers to support the dispatch router.
--foreman-proxy-content-qpid-router-ssl-protocols: Protocols to support the dispatch router (e.g. TLSv1.2).
--katello-qpid-hostname: Configure the hostname to connect to the qpidd.
--katello-qpid-interface: Specify the network interface for the qpidd other than loopback.
--katello-qpid-wcache-page-size: qpidd sets the page size in the cache for Katello.

The following parameters have been added in this release:

--[no-]enable-apache-mod-status: Enable 'apache_mod_status' puppet module.
--apache-mod-status-extended-status: Determines whether to track the extended status information for each request by using the ExtendedStatus directive.
--apache-mod-status-requires: Monitor web server load and the current HTTP connections.
--apache-mod-status-status-path: Path assigned to the Location directive that defines the URL to access the server status.
--foreman-plugin-remote-execution-cockpit-ensure: Ensures that the Foreman Remote Execution plugin integrates with Cockpit.
--foreman-provisioning-ct-location: The location of the binary to call when transpiling CoreOS templates.
--foreman-provisioning-fcct-location: The location of the binary to call when transpiling Fedora CoreOS templates.
--foreman-proxy-content-pulpcore-import-workers-percent: What percentage of available workers pulpcore uses for import tasks at a time.
--foreman-proxy-content-reverse-proxy-backend-protocol: Configure the protocol used by the reverse proxy to connect to Foreman.
--foreman-proxy-manage-service: Control the management of the Foreman Proxy services.
--katello-candlepin-loggers: Configure the Candlepin loggers.
--puppet-certificate-revocation: Manage the list of revoked certificates.
--puppet-server-git-repo-umask: Umask used during git operations.
--puppet-server-jolokia-metrics-allowlist: Configure the allowlist of Jolokia endpoints that Puppet Server exposes.

The following parameters have been replaced in this release:

--puppet-server-admin-api-whitelist has been replaced with --puppet-server-admin-api-allowlist : Configure the allowlist of clients that can query the puppet-admin-api endpoint
--puppet-server-ca-client-whitelist has been replaced with --puppet-server-ca-client-allowlist: Configure the allowlist of client certificates
--puppet-server-git-repo-mode has been replaced with --puppet-server-git-repo-hook-mode: Git repository hook mode.