Red Hat Customer Portal

Satellite 6.3.3 has just been released.

The main driver for the 6.3.3 release is ongoing performance and stability improvements.
There are 24 bugs squashed in this release - the complete list is below.

The most notable issue is there was a critical Pulp maintenance routine that never executed that is now resolved with this update. 6.3.3 adds a weekly cron schedule to ensure execution of the maintenance job. For customers with large numbers of content hosts (10,000+) there may be a possible reduction in disk consumption in /var/lib/pulp after this maintenance task executes.

If you wish to find out how to reclaim this space, please open a support ticket for guidance

There is one erratum for the server [1] and one
for the hosts [2]. The install ISOs will be updated next week.

Customers who have already upgraded to Satellite 6.3 should follow the instructions in the errata.
Customers who are on older versions of Satellite should refer to the Upgrading and Updating Red Hat Satellite Guide.

You may also want to consider using the Satellite Upgrade Helper if moving from Satellite 6.x to Satellite 6.3.

Customers who have received hotfixes should verify the list below to ensure their hotfix is contained in the release before upgrading. Please reach out to Red Hat Support in these cases.

This update fixes the following bugs:

• There was a critical Pulp maintenance routine that never executed. This update adds a weekly cron schedule to ensure execution. (BZ#1609928)
• The Pulp regenerate applicability of consumer tasks took several minutes to complete. This update improves execution times. (BZ#1573892)
• With a large installation of around 20,000 content hosts, the Applicable Package List froze and the action consumed more resources than was necessary. (BZ#1608597)
• Uploading a package to a repository produced the error: NoMethodError: undefined method `to_hash'. (BZ#1583545)
• Host registration failed with the error: "Validation failed: Host has already been taken". (BZ#1605188)
• During a Content View publish, the Puppet module completed publishing before yum, causing provisioning problems. (BZ#1579381)
• The foreman-rake foreman_tasks:cleanup scripts did not remove tasks from foreman_tasks_locks table. (BZ#1585890)
• Docker registry sync did not use an HTTP proxy configuration, which left no route to the host for new Docker registries within a network. (BZ#1333595)
• When a custom certificate had non-unicode characters, users received UnicodeEncodeError during the CapsuleGenerateAndSync task. (BZ#1449418)
• The katello-restore script was not restoring full incremental backups. (BZ#1497858)
• While running katello-backup with a cron job, sudo required a tty. (BZ#1540382)
• Copying the activation key resulted in only a partial copy, the missing configuration information then caused failure with "undefined method" and Internal Server Error. (BZ#1553338)
• Trying to update the host produced an error: ERF42-6324 [Foreman::Exception]: Could not find network dvportgroup-56 on VMWare compute resource. (BZ#1557613)
• Running bootstrap script to migrate hosts failed with error: Content view cannot be blank. (BZ#1559703)
• The volume canceljobjob logging was reduced. (BZ#1563225)
• Users experienced Tomcat java.lang.OutOfMemoryError: GC overhead limit exceeded. (BZ#1572604)
• Cannot edit user photos when using LDAP datasource. (BZ#1573243)
• Virtual Datacenter subscription was unavailable to hosts registering again. (BZ#1575056)
• Failed to delete hosts when the host name was missing from the Candlepin database. (BZ#1575140)
• The action history of Content Views was missing after upgrading to 6.3. (BZ#1575999)
• Exclude Satellite FQDN and localhost from possible proxying when a user set the foreman http proxy. (BZ#1585069)
• Qpidd deadlocked because of linearstore inactivity timer. (BZ#1588015)
• The foreman-rake katello:regenerate_repo_metadata command failed with "NoMethodError: undefined method `in_default_view' for #". (BZ#1589646)
• BZ - 1559703 - Running bootstrap fails: Content view can't be blank

[1] https://access.redhat.com/errata/RHBA-2018:2550

[2] https://access.redhat.com/errata/RHBA-2018:2551

Satellite Migration from RHEL 6 to RHEL 7

As a reminder, Red Hat continues to strongly recommend your Satellite and Capsule Servers only be run on RHEL 7. There are several reasons why you should move your Satellite environment from RHEL 6 to RHEL 7 including enhanced performance and long-term supportability.

Future releases of Satellite (6.3 and above) will only support RHEL 7 and above. In preparation for newer versions of Satellite, you need to start thinking about how to move from older versions of RHEL to RHEL 7.
While RHEL 6 does support an in-place migration from RHEL 6 to RHEL 7, this migration mechanism is not supported when running Satellite on the RHEL host. Instead, you will need to clone your Satellite environment from a host running RHEL 6 to another host running RHEL 7.

Review the Satellite 6.2.13 release blog for more detailed information about moving your Satellite environment from RHEL 6 to RHEL 7. 6.2.13 includes some important features for capsule backup and recovery which helps to ease the movement from RHEL 6 to RHEL 7.

Satellite 6.3.2 has just been released.
The main driver for the 6.3.2 release is allowing customers to disable weak ciphers, but there are several other new features and fixes.
There are two errata for the server [1][3] and one
for the hosts [2]. The install ISOs will be updated later this week.

Customers who have already upgraded to Satellite 6.3 should follow the instructions in the errata.
Customers who are on older versions of Satellite should refer to the Upgrading and Updating Red Hat Satellite Guide.

You may also want to consider using the Satellite Upgrade Helper if moving from Satellite 6.x to Satellite 6.3

Customers who have received hotfixes should verify the list below to ensure their hotfix is contained in the release before upgrading. Please reach out to Red Hat Support in these cases.

This update fixes the following bugs:

• Users can now disable weak ciphers across Satellite 6's series of
  services and restrict to only TLS 1.2. For more information, see How to
  disable weak encryption (SSL 2.0 and SSL 3.0) on Red Hat Satellite:
  https://access.redhat.com/solutions/26833 (BZ#1553875, BZ#1318973)

  NOTE: If you are still using RHEL 5 Servers note that restricting communications to only TLS 1.2 will prevent RHEL5 from communicating with Satellite. Refer to Known Issues and Attacks Against SSL/TLS in OpenSSL/NSS/gnutls on Red Hat Enterprise Linux 5 for full details about supported TLS versions with RHEL 5.

• The foreman-debug command now collects additional information to help
  with debugging, including passenger statistics. (BZ#1540493, BZ#1558545)

• Satellite 6.3 could not sync containers from the Google or Quay
  registry because of differences in version 2 of the API. Satellite now
  supports these differences. (BZ#1555165)

• Performance improvements, which arose from experiences with customer
  upgrades, are now available for the UI and CLI. (BZ#1511503, BZ#1567978,
  BZ#1553263, BZ#1560740, BZ#1563002, BZ#1575113)

• Certain future-dated subscriptions could not be enabled based on the
  products they enable. This is now fixed. (BZ#1553264)

• Authentication for OpenStack v3 was failing because Satellite did not
  use the domain field. This is now fixed. (BZ#1513932)

• Problems that relate to migrating and upgrading, for example the
  content_source_id not migrating and template history disappearing, are
  now fixed. (BZ#1584874, BZ#1559108)

• Intermittent segmentation faults in the Pulp stack are now fixed.
  (BZ#1516481)

• Provisioning templates in RHEV 3.6 ignored the disk settings specified
  in the template. This is now fixed. (BZ#1399102)

• The boot disk provisioning option was omitted from the hammer host
  create command. This is now fixed. (BZ#1544498)

• Remote execution failed on host collections. This is now fixed.
  (BZ#1553017)

• Intermittent segmentation faults in the qpid stack are now fixed.
  (BZ#1561819)

• The initial remote execution command after a restart failed with the
  error message: "Could not use any Capsule". This is now fixed. (BZ#1558069)

• Pulp workers became deadlocked when the PULP_MAX_TASKS_PER_CHILD setting was enabled. These workers now reconnect correctly. (BZ#1590906)

[1] https://access.redhat.com/errata/RHBA-2018:1950

[2] https://access.redhat.com/errata/RHBA-2018:1951

[3]https://access.redhat.com/errata/RHBA-2018:1956

Satellite Migration from RHEL 6 to RHEL 7

As a reminder, Red Hat continues to strongly recommend your Satellite and Capsule Servers only be run on RHEL 7. There are several reasons why you should move your Satellite environment from RHEL 6 to RHEL 7 including enhanced performance and long-term supportability.

Future releases of Satellite (6.3 and above) will only support RHEL 7 and above. In preparation for newer versions of Satellite, you need to start thinking about how to move from older versions of RHEL to RHEL 7.
While RHEL 6 does support an in-place migration from RHEL 6 to RHEL 7, this migration mechanism is not supported when running Satellite on the RHEL host. Instead, you will need to clone your Satellite environment from a host running RHEL 6 to another host running RHEL 7.

Review the Satellite 6.2.13 release blog for more detailed information about moving your Satellite environment from RHEL 6 to RHEL 7. 6.2.13 includes some important features for capsule backup and recovery which helps to ease the movement from RHEL 6 to RHEL 7.

Greetings!

I’m John Spinks, Technical Marketing Manager for Satellite.
While I’m relatively new to Red Hat, I get to work with Red Hat Satellite engineers and customers every day. Next week is my first Red Hat Summit so I’m excited to get to see so many of both in one place.

Not only is this my first Summit as an attendee, I’m honored to say that this will also be my first time at Summit as a speaker. Brent Midwood and I will be presenting the session: Live Demonstration: Find it. Fix it. Before it breaks. That has of course captured a lot of my interest of late, but I’m also looking forward to attending some other breakout sessions about how Satellite enables customers and businesses to meet their goals.

Breakout Sessions

Summit has a packed and exciting agenda, so I’ve highlighted a few of the sessions and their description from the Summit agenda that I am most interested in attending and that I think will be of great interest to users of Red Hat Satellite:

Live demonstration: Find it. Fix it. Before it breaks.

A common saying is, "If it ain’t broke, don't fix it." But what if it is broken and you just don't know it? Waiting for something to break means late nights, lunches at your desk, or waiting for a maintenance window to fix issues. However, there are ways for you to automate how you predict, resolve, and manage issues before they cause you headaches. Read more.

How Walmart uses systems management tools to manage its massive IT operation at scale

To power the largest retailer in the world, Walmart’s IT operation must manage systems at unprecedented scale. Walmart’s IT leaders will share how they use various automation tools, including Red Hat Satellite, to give them the capacity they need. Darin Lively, Staff Systems Engineer, and Brian Ameling, Staff Systems Engineer, will offer a look into Walmart’s complex architecture and… Read more.

A problem's not a problem, until it's a problem (Red Hat Insights)

Find out how using predictive analytics from Red Hat Insights, you can assess the impact of a potential system issue and the likelihood of it becoming a problem. Read more.

Red Hat Management roadmap and strategy

Attend this session to learn the latest on the strategy and roadmap for Red Hat Management, including details on Red Hat Ansible Automation, Red Hat CloudForms, Red Hat Insights, and Red Hat Satellite. Read more.

If you’re going to Red Hat Summit next week, I encourage you to add these sessions to your agenda now-- before they fill up!

Automation and Management Booth

As much as possible I’ll be spending time in the Automation & Management pod in the Red Hat booth during the Ecosystem Expo hours. Please stop by to say “Hello” to me or to any of our Satellite experts and see some demos of Red Hat Satellite 6.3 and some sneak peeks into what’s coming next.

For those of you fortunate enough to go - safe travels and hope to see you there!
If you can’t make it I hear that content (slides and recordings) will be posted after Summit at http://redhat.com/summit

John Spinks
@jbspinks

Red Hat Satellite 6.3.1 includes packages that supports Red Hat Enterprise Linux 7.5 as well as a variety of performance enhancements and general bug fixes.

Especially notable is the improvements in the performance of content views. In our tests we've seen publishing of a single content view on RHEL7 redunce in time by 43% and publishing of composite views reduced 95%. To put numbers to this 6.3.0 took 320 seconds to publish a composite view while 6.3.1 took 14 seconds to publish the same CV.
Promotion also was significantly improved. A group of 16 CVs were promoted in 977 seconds in 6.3.0 to 5.78 seconds in 6.3.1 - a 99% reduction in time to promote!

There are two errata for the server [1][3] and one for the hosts [2]. The install ISOs will be updated next week.

Customers who have already upgrade to Satellite 6.3 should follow the instructions in the errata.
Customers who are on older versions of Satellite should refer to the Upgrading and Updating Red Hat Satellite Guide.

You may also want to consider using the Satellite Upgrade Helper if moving from Satellite 6.x to Satellite 6.3

Customers who have received hotfixes should verify the list below to ensure their hotfix is contained in the release before upgrading. Please reach out to Red Hat Support in these cases.

Fixes included in 6.3.1

• The performance of Content View publishing and promotion has been improved. (BZ#1522912)

• The performance of Ansible Tower inventory collection has been improved. (BZ#1437197)

• Various performance and scale improvements have been made. (BZ#1553881, BZ#1553879, BZ#1532348, BZ#1553871)

• Several upgrade issues from 6.2.x to 6.3 have been resolved. (BZ#1549502, BZ#1547607, BZ#1553279)

• The installer now allow users to configure the SSL protocols used by Tomcat. (BZ#1544995)

• Disconnected installations no longer attempt to install the oauth gem from a remote server. (BZ#1541885)

• Users can now configure custom products not to use an HTTP Proxy when syncing content, and to only use the proxy for Red Hat Content. (BZ#1132980)

• Restarting a pulp worker with running tasks caused the tasks to be in a broken state. This problem has been fixed. In such cases, tasks are stopped with warning "Task cancelled". (BZ#1552118)

• Puppet modules which were built on MacOS machines can now be imported into Satellite. (BZ#1445625)

• Previously, an API endpoint used by the SCAP Satellite plug-in failed to provide generated guides based on the selected profile. Consequently, Red Hat Satellite was not able to get information from the plug-in, and the Satellite UI was broken. With this update, handling of the API endpoint has been updated, and it is now possible to generate guides using this API endpoint again. (BZ#1480595)

• Backups were failing with relative paths since 6.2.13. This regression has been fixed. (BZ#1544401)

• Pulp workers became deadlocked when the PULP_MAX_TASKS_PER_CHILD setting was enabled. These workers now reconnect correctly. (BZ#1590906)

• When installing the katello-ca-consumer package, the script restarted Docker. Consequently, running containers where stopped. With this update, the Docker service is reloaded not restarted. (BZ#1518289)

Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.

[1] https://access.redhat.com/errata/RHBA-2018:1126
[2] https://access.redhat.com/errata/RHBA-2018:1127
[3]https://access.redhat.com/errata/RHBA-2018:1956

Satellite Migration from RHEL 6 to RHEL 7

As a reminder, Red Hat continues to strongly recommend your Satellite and Capsule Servers only be run on RHEL 7. There are several reasons why you should move your Satellite environment from RHEL 6 to RHEL 7 including enhanced performance and long term supportability.

Future releases of Satellite (6.3 and above) will only support RHEL 7 and above. In preparation for newer versions of Satellite you need to start thinking about how to move from older versions of RHEL to RHEL 7.
While RHEL 6 does support an in-place migration from RHEL 6 to RHEL 7, this migration mechanism is not supported when running Satellite on the RHEL host. Instead you will need to clone your Satellite environment from a host running RHEL 6 to another host running RHEL 7 .

Review the Satellite 6.2.13 release blog for more detailed information about moving your Satellite environment from RHEL 6 to RHEL 7. 6.2.13 includes some important features for capsule backup and recovery which helps to ease the movement from RHEL 6 to RHEL 7.