此内容没有您所选择的语言版本。
Chapter 3. Updates
Red Hat recommends that you back up your system before you perform any updates. See the backup instructions in the Red Hat Update Infrastructure 3.1.9 System Administrator’s Guide for more details.
As of version 3.1, RHUI will not be supported on RHEL 6. This and future updates will only be made available for RHEL 7. Users of RHUI on RHEL 6 are encouraged to migrate to RHEL 7.
3.1. Updates for Red Hat Update Infrastructure 3.1.0
This update includes the following enhancements, deletions, or revisions:
-
The
MongoDBpackages have been upgraded to upstream version 2.6, which provides a number of bug fixes and enhancements over the previous version. (BZ#1487523) The
Pulppackages have been upgraded to upstream version 2.18, which provides a number of bug fixes and enhancements over the previous version. The following list includes notable bug fixes:-
When an updated version of
updateinfo.xml.gzis found in the Red Hat CDN, the previously savedupdateinfo.xml.gzfile is no longer kept locally to save disk space. Note thatupdateinfo.xml.gzfiles saved prior to this update will not be deleted after the next synchronization by Pulp 2.18. Remove them by hand or using the script described in the solution article that is linked in the References section. (BZ#1593218) -
If an erratum affects multiple repositories, the
updateinfo.xml.gzfiles are correctly generated for all of them so that theyum updateinfocommand can correctly display the relevant errata information. (BZ#1599116) - The Red Hat Enterprise Linux 7 Server from the RHUI repository has recently started to fail to synchronize, with an error message stating "DocumentTooLarge: BSON document too large." As a consequence, kernel-3.10.0-957.12.1.el7 was not available in RHUI. This problem has been fixed, and the repository can be synchronized correctly. (BZ#1707778)
-
When an updated version of
- As a Pulp-based solution, RHUI can serve as an alternate content source for another systems management product. A RHUI administrator can now create a configuration RPM containing files that allow the other product to download packages from RHUI. (BZ#1695464)
- Legacy Certificate Authority (CA) certificates can be installed on CDS nodes to keep clients from losing access to entitled repositories after a new CA certificate is deployed in RHUI 3. (BZ#1698806)
Complete the update
Before applying this update, make sure all previously released errata relevant to your system have been applied.
See How do I apply package updates to my RHEL system? for more details.
Before applying this update on CDS nodes, be sure to remount the shared file system, typically mounted at /var/lib/rhui/remote_share, read-write. This is necessary to allow the pulp-server package to update. Remount the files ystem read-only again after the update. Restart the httpd service in the end.
There are several steps to take after applying this update on the RHUA node:
-
Perform database migrations by running
sudo -u apache pulp-manage-db. -
Restart RHUI services by running
rhui-services-restart.
Migrations may take several minutes to finish, depending on the number of repositories and packages you have in your RHUI. Be sure to pay attention to the output from the migrations. If you have RHEL 8 repositories in your RHUI, you may need to republish some of them. Follow the instructions in the output.
3.2. Updates for Red Hat Update Infrastructure 3.1.1
This update includes the following enhancements, deletions, or revisions:
- Previously, when a CDS node was unregistered from RHUI, it was not removed from HAProxy configuration. It is now removed from the configuration so that HAProxy does not keep track of the unregistered node anymore. (BZ#1454542)
-
Prior to this update, when a CDS or a HAProxy node was unregistered from RHUI using the command line, the relevant RHUI services,
httpdandhaproxy, respectively, were not stopped on the nodes. In addition, the RHUI remote file system was left mounted on the unregistered CDS node. The command line interface was fixed to correctly clean up unregistered CDS or HAProxy nodes. (BZ#1640002) - Previously, only Red Hat repositories could be used when generating entitlement certificates on the command line. Any protected custom repositories also specified on the command line were ignored. With this update, protected custom repositories can be included when generating entitlement certificates on the command line. (BZ#1663422)
-
Client configuration RPMs can now be generated with custom proxy settings for Yum. The settings will be saved for each RHUI repository in the
rh-cloud.repofile. Consult the RHUI 3.1 System Administrators Guide, linked to in the References section, for more information about this feature. (BZ#1658088) -
When multiple repositories are scheduled to be synchronized, only a few of them can be actively synchronized at a time. The rest are waiting, but information about them is only kept in the system’s memory. If the system is rebooted or the
Qpidservice is restarted, the information about the repositories waiting for synchronization is lost. To allow the information to be saved on the disk, theQpid persistenceextension has been added. This feature is also described in the RHUI 3.1 System Administrators Guide. (BZ#1702254) - Client configuration RPMs used to be generated with a fixed release of "1". They can now be generated with any other release; the default release remains "1". This is useful if you have to generate a new configuration RPM containing updated certificates or repository data, and you do not want to use a higher version for any reason. (BZ#1715139)
Users of RHUI are advised to upgrade to these updated packages that fix these bugs and add these enhancements.
3.3. Updates for Red Hat Update Infrastructure 3.1.2
This update includes the following enhancements, deletions, or revisions:
-
The
rhui-managertool displays a numbered list of items to choose from when managing repositories or nodes. This list is numbered from1to the total number of items, and the RHUI administrator is expected to enter one or more numbers adjacent to the managed items. When the administrator entered0for some reason, the last item from the list got selected by mistake, or nothing got selected butrhui-managersubsequently crashed. This has been fixed so that entering0has no effect. (BZ#1305612) -
The
rhuicommand did not provide any error message and exited with a status of0when it was instructed to delete a CDS or an HAProxy node that was not registered in RHUI. With this update, an error message is printed and the exit code is not0. (BZ#1409697) - An unnecessary error message was logged on CDS nodes when a legacy CA certificate was configured but a client machine used the primary CA certificate. This message is no longer logged. (BZ#1731856)
-
When the
rhui-managertool displays repositories to delete or show detailed information about, it newly categorizes them as follows: Custom Repositories, Red Hat Repositories: Docker, Red Hat Repositories: OSTree, and Red Hat Repositories: Yum. This way the RHUI administrator can better understand which of the managed repositories belong in which category. (BZ#1402361)
Users of RHUI are advised to upgrade to these updated packages that fix these bugs and add this enhancement.
Complete the update
Before applying this update, make sure all previously released errata relevant to your system have been applied.
See How do I apply package updates to my RHEL system? for more details.
Apache must be restarted on CDS nodes for the rhui-oid-validator update to take effect. After applying the update, run the systemctl restart httpd command on your CDS nodes.
3.4. Updates for Red Hat Update Infrastructure 3.1.3
This update includes the following enhancements, deletions, or revisions:
-
After a change to Atomic metadata, the Red Hat Enterprise Linux Atomic Host (Trees) repository could not be synchronized. The following error message was logged:
OverflowError: MongoDB can only handle up to 8-byte ints. Thepulp-ostreepackage has been upgraded to upstream version 1.3.1, which resolves this issue. (BZ#1757764) -
With this update, RHUI leverages
registry.redhat.ioas the default container registry. Any previously added containers will still be synchronized fromregistry.access.redhat.com, but newly added containers will be synchronized from the new registry, unless a different registry is specified. Because the new registry requires authentication, a login and password must be supplied. See Add a Container to Red Hat Update Infrastructure for more information. (BZ#1692119)
Users of RHUI are advised to upgrade to these updated packages that fix these bugs and add these enhancements.
Complete the update
Before applying this update, make sure all previously released errata relevant to your system have been applied.
See How do I apply package updates to my RHEL system? for more details.
Before applying this update on CDS nodes, be sure to remount the shared file system, typically mounted at /var/lib/rhui/remote_share, read-write. This is necessary to allow the pulp-ostree-plugins package to update. Remount the file system read-only again after the update.
There are several steps to take after applying this update on the RHUA node:
-
Make sure
Pulpservices are stopped by runningsystemctl stop pulp\*. -
Perform database migrations by running
sudo -u apache pulp-manage-db. -
Restart RHUI services by running
rhui-services-restart.
In addition, for the fix for bug 1692119 to take effect, not only must the python2-crane package from this erratum be updated on CDS nodes, but the new configuration must be reapplied to them. To do so, on the RHUA node, use rhui-manager , or use the command line: rhui cds reinstall HOSTNAME; repeat for all your CDS host names.
As described in the System Administrator’s Guide, you may also want to copy the new docker section from /etc/rhui/rhui-tools.conf.rpmnew to /etc/rhui/rhui-tools.conf and edit it according to your needs.
3.5. Updates for Red Hat Update Infrastructure 3.1.4
This update includes the following enhancements, deletions, or revisions:
-
A
compsfile, which is an XML file containing package groups, environments, categories, and language packs, can now be imported and become part of metadata for a custom repository. The RHUI 3.1 System Administrator’s Guide has been updated with information about how to use this feature in RHUI. See the "groups" section in theyummanpage for instructions on how RHUI clients can leverage the information in this metadata. Also, see theyum-langpacksmanpage from theyum-langpackspackage for detailed information about working with language packs. (BZ#1697491) - Verbose reporting is turned on by default when adding and reinstalling CDS and HAProxy nodes. This way RHUI administrators can get more information about the process, especially if something fails. (BZ#1751378)
Users of RHUI are advised to upgrade to these updated packages that add these enhancements.
3.6. Updates for Red Hat Update Infrastructure 3.1.5
This update includes the following enhancements, deletions, or revisions:
- To tighten security, all SSL protocols as well as TLS protocols older than version 1.2 are now disabled. Clients running RHEL 6 and newer will use TLS 1.2 automatically. Note that for this change to take effect, you must reapply the configuration to existing CDS instances as described at https://access.redhat.com/solutions/4883961. (BZ#1637261)
Because RHEL 5 does not support TLS 1.2, clients running RHEL 5 will not be able to use Yum repositories from RHUI 3.1.5 after this change. If you have RHEL 5 clients, do not reapply the configuration, or remove "-TLSv1 -TLSv1.1" from the /etc/httpd/conf.d/ssl.conf file and restart the httpd service on your CDS instances to revert this change. You will not be able to enforce TLS 1.2.
-
Previously, when RHUI administrators were asked to log in to
rhui-manager, unnecessary and potentially confusing messages were displayed. Now,rhui-manageronly informs the administrators about the fact that a login is required, and if the password has not been changed yet, a change is recommended. (BZ#1805385)
Red Hat advises users of RHUI to upgrade to the updated packages that add these enhancements.
3.7. Updates for Red Hat Update Infrastructure 3.1.6
This update includes the following enhancements, deletions, or revisions:
-
You can upload packages stored on remote servers to custom repositories without having to download them beforehand. You can also use the new
uroption on the Repository Management screen or the newrhui-manager packages remotecommand to provide package URLs. (BZ#1204277)
Red Hat advises users of RHUI to upgrade to the updated packages that add this enhancement.
3.8. Updates for Red Hat Update Infrastructure 3.1.7
This update includes the following enhancements, deletions, or revisions:
-
The output from the
rhui-manager cert infocommand is now part of sosreport archives created on RHUA nodes. This command provides information about entitled products based on entitlement certificates used in RHUI. (BZ#1845238) -
Previously, when a RHUI administrator launched
rhui-managerto add new repositories, information about available repositories had to be obtained from the Red Hat CDN, which could take several minutes because hundreds of HTTP requests had to be processed. With this update, available repositories are cached when their list is needed for the first time. As a result, further attempts to add repositories to RHUI do not involve communication with the Red Hat CDN, and a list of available repositories is provided to the RHUI administrator immediately. (BZ#1873956)
Red Hat advises users of RHUI to upgrade to the updated packages that add these enhancements.
3.9. Updates for Red Hat Update Infrastructure 3.1.8
This update includes the following enhancements, deletions, or revisions:
-
Previously,
rhui-managerexpected entitlements from Red Hat Subscription Manager certificates to be based on so called pool IDs. Simple content access (SCA) does not use any pool IDs; consequently, an error occurred inrhui-managerwhen users who had enabled SCA for their accounts wanted to register their subscription inrhui-manager. With this update,rhui-managerhas been fixed to take SCA entitlements into account. As a result, the error no longer occurs and users can register their subscriptions. This change does not affect traditional entitlements with pool IDs, which can still be used as usual. (BZ#1940997)
Red Hat advises users of RHUI to upgrade to the updated packages that fix this issue.
3.10. Updates for Red Hat Update Infrastructure 3.1.9
This update includes the following enhancements, deletions, or revisions:
Entitlement certificates in the /etc/pki/rhui/redhat/ directory and in the importer directories for all active RHUI repositories are now correctly updated when the serial number of a certificate in the /etc/pki/entitlement/ directory changes. This allows RHUI to keep synchronizing repositories when a certificate from a registered subscription is updated or revoked for any reason. (BZ#1957870)
The sm screen and the corresponding subscriptions subcommand have been removed from rhui-manager. The synchronize-rhui-subscriptions cron job, which runs hourly, now keeps entitlement certificates current with system subscriptions.
- Section 6.8, Register a Red Hat Subscription in RHUI was removed in its entirety,
- Section 6.9, Enable Automatic Entitlement Certificate Updates was renumbered to 6.8 and revised to remove the mention of registering a Red Hat subscription.
-
Section 15.4.3, Manage Certificate and Keys was revised to remove the mention of registering a Red Hat subscription. An admonition was added regarding the
rhsmcertdservice. - Section b.6, subscriptions of Appendix B, Red Hat Update Infrastructure Command Line Interface was removed in its entirety.
- Section F.1.3.1. Entitlement Certificate Refresh of Appendix F, Red Hat Update Infrastructure was revised to remove mention of registering a Red Hat subscription.
-
Throughout the System Adminstrator’s Guide, all commands for
sm manage Red Hat subscriptionswere removed.
