Release Notes

Red Hat CloudForms 4.5

Summary of new features, corrections, and known bugs for Red Hat CloudForms Management Engine 5.8

Red Hat CloudForms Documentation Team

Abstract

A summary of enhancements, known bugs, and support information for Red Hat CloudForms 4.5.
If you have a suggestion for improving this guide or have found an error, please submit a Bugzilla report at http://bugzilla.redhat.com against Red Hat CloudForms Management Engine for the Documentation component. Please provide specific details, such as the section number, guide name, and CloudForms version so we can easily locate the content.

1. Introduction

Red Hat CloudForms Management Engine (CFME) delivers the insight, control, and automation enterprises need to address the challenges of managing virtual environments, which are far more complex than physical ones. This technology enables enterprises with existing virtual infrastructures to improve visibility and control, and those just starting virtualization deployments to build and operate a well-managed virtual infrastructure.

Red Hat CloudForms 4.5 is comprised of a single component, the CloudForms Management Engine. It has the following feature sets:

  • Insight: Discovery, Monitoring, Utilization, Performance, Reporting, Analytics, Chargeback, and Trending.
  • Control: Security, Compliance, Alerting, Policy-Based Resource and Configuration Management.
  • Automate: IT Process, Task and Event, Provisioning, Workload Management and Orchestration.
  • Integrate: Systems Management, Tools and Processes, Event Consoles, CMDB, RBA, and Web Services.

1.1. Important Changes

Beginning in this release of Red Hat CloudForms, the minimum amount of memory for each instance has been raised from 8Gb to 12Gb. This change affects the resources required for side-by-side upgrades.

1.2. Getting Support

If you experience difficulty with a procedure described in this documentation, visit the Red Hat Customer Portal at http://access.redhat.com. Through the customer portal, you can:

  • Search or browse through a knowledgebase of technical support articles about Red Hat products
  • Submit a support case to Red Hat Global Support Services (GSS)
  • Access other product documentation

Red Hat also hosts a large number of electronic mailing lists for discussion of Red Hat software and technology. You can find a list of publicly available mailing lists at https://www.redhat.com/mailman/listinfo. Click on the name of any mailing list to subscribe to that list or to access the list archives.

1.3. Red Hat CloudForms Life Cycle

For an overview of the life cycle phases for Red Hat CloudForms and the status of support for this product, see Red Hat Cloudforms Life Cycle.

2. Migration Considerations

2.1. Migrating to a New Appliance

If you are migrating from an existing appliance to a new one, the target appliance must be able to accommodate the new 12Gb resource profile used by Red Hat CloudForms 4.5, even if the source appliance only uses 8Gb.

2.2. Migrating on the same appliance

If you are migrating from a previous version of Red Hat CloudForms to Red Hat CloudForms 4.5 using the same appliance, the resource profile will remain the same. Before installing or starting any providers, however, you must assess your memory needs and adjust the resource profile accordingly to avoid performance issues.

3. Technology Preview

The following enhancements are available in release of Red Hat CloudForms as technology preview only.

Note

For more information on the support scope for features marked as technology previews, see Technology Preview Features Support Scope

Integration with ServiceNow CMDB
You can integrate Red Hat CloudForms into ServiceNow to enable authentication with an existing ServiceNow database and add/amend items in the ServiceNow database during state machine processing, such as the virtual machine provisioning state machine.
Red Hat Insights Plug-In
You can access Red Hat Insights directly from the Red Hat CloudForms appliance web user interface. Red Hat Insights is an automated service that provides information that helps you to rapidly identify key issues in your Red Hat CloudForms deployment.
CloudForms Container Image

Red Hat CloudForms is available as a container image in docker format from https://registry.access.redhat.com. With this container image, you can now host Red Hat CloudForms on the following platforms:

  • Red Hat Atomic Host (7.2 or higher)
  • Red Hat Enterprise Linux (7.2 or higher)
  • Anywhere using docker
Middleware Providers

Red Hat CloudForms supports Hawkular middleware providers. The following capabilities are available for middleware providers:

  • Inventory
  • Metrics
  • Events
  • Cross-linked relationships
  • Topology view of middleware inventory
  • Power operations on EAP servers
  • Deployment operations on middleware servers
  • Datasource operations on middleware servers

4. Enhancements

The following enhancements are available with Red Hat CloudForms 4.5 (CFME 5.8).

4.1. Ansible Inside

Ansible integrates with Red Hat CloudForms to provide automation solutions, using Playbooks, for Service, Policy and Alert actions. Ansible Playbooks consist of series of plays or tasks that define automation across a set of hosts, known as the inventory.

Ranging from simple to complex tasks, Ansible Playbooks can support cloud management:

  • Services - allow a Playbook to back a CloudForms service catalog item.
  • Control Actions - CloudForms policies can execute Playbooks as actions based on events from providers.
  • Control Alerts - set a Playbook to launch prompted by a CloudForms alert.

4.2. Providers

The following section outlines enhancements to providers.

Amazon AWS Storage

This release of Red Hat CloudForms adds Amazon Elastic Block Store (Amazon EBS) to CloudForms that provides persistent block storage volumes for use with Amazon EC2 instances. This includes breaking out AWS storage as its own provider, with the following capabilities:

  • Inventory: Add a new Amazon EBS provider as part of an Amazon EC2 account with the ability to see the inventory, including all volumes associated to the Amazon EC2 account and the relationships to EC2 instances.
  • CloudWatch event integration: AWS storage adds the ability to use CloudWatch for events (instead of metrics).
  • Provisioning: Ability to provision EBS volumes in an Amazon EC2 account.
OpenShift Container Platform

This release of Red Hat CloudForms contains the following new features and enhancements for OpenShift Container Platform providers:

  • Live ad-hoc metrics: CloudForms can query Heapster metrics from the user interface, and graph metrics from the last Hawkular collection.
  • Inventory update: CloudForms shows relationships between containers and persistent volumes.
  • Roles: Operator and Administrator roles have been added for container management.
  • Dashboard widgets and reporting: CloudForms includes OpenShift Container Platform dashboard widgets, and more reporting out of the box.
  • SSL support is included to connect to OpenShift Container Platform providers securely. As SSL authentication is now selected by default, after upgrading to CloudForms 4.5, any existing OpenShift providers must be edited to select the authentication method and specify a certificate. See Section 5, “Known Issues” and Editing a Containers Provider in Managing Providers for details.
OpenStack Cloud

This release of Red Hat CloudForms contains the following new features and enhancements for OpenStack cloud providers:

  • Tenant and user mapping: Tenant to object relationships (network and storage) are retained when syncing tenants between OpenStack and CloudForms.
  • Tasks and notifications: OpenStack day two operations tasks are shown in the Tasks area of the user interface, while asynchronous tasks use notifications.
  • Ceilometer eventing: Ceilometer’s eventing technology is replaced by Panko.
  • Networking: The inventory of OpenStack floating IPs are now collected and updated in the VMDB.
Middleware Management

This release of Red Hat CloudForms contains the following new features and enhancements for Middleware Management providers:

  • Ability to limit Red Hat JBoss Enterprise Application Platform server operations.
  • Ability to show an event when a new JBoss EAP server is connected.
  • Ability to show relationships in JBoss EAP server summary page and in Topology view, if CloudForms is monitoring OpenShift and JBoss EAP servers.
  • SSL support included to connect the middleware provider.
Red Hat Virtualization

This release of Red Hat CloudForms contains the following new features and enhancements for Red Hat Virtualization providers:

  • SSL/TLS support is included to connect to Red Hat Virtualization providers securely. As TLS cerfificate verification is now selected by default, after upgrading to CloudForms 4.5, any existing Red Hat Virtualization providers must be edited to select the authentication method and specify a certificate. See Section 5, “Known Issues” and Red Hat Enterprise Virtualization Manager Providers in Managing Providers for details.

5. Known Issues

These known issues exist in Red Hat CloudForms at this time:

BZ#1455063

At current, there is a potential race condition that can occur when the Embedded Ansible role is enabled for the first time. When the worker is started for the first time, Ansible must be set up and configured on the appliance. As part of this process, the Ansible services are restarted. There is a small chance that these services are still in the process of restarting when the initial setup and configuration completes. When this happens, the worker encounters failures while communicating with Embedded Ansible, causing the worker to exit and restart. It may go through several iterations of this before the worker properly starts and comes online. Due to this issue, it can take up to 30 minutes for Embedded Ansible services to be fully online, resulting in the Embedded Ansible role being active and the worker in the started state, but the services not being available.

As a workaround, wait for embedded Ansible to come online. This can take up to approximately 30 minutes. The other option is to restart EVM on the affected appliance.

BZ#1454884

At current, upgrading from Red Hat CloudForms 4.1 or Red Hat CloudForms 4.2 to Red Hat CloudForms 4.5 might result in a disk space error when running yum update after enabling the repositories for the Red Hat CloudForms 4.5 release. As a workaround, adjust the size of the partitions on the appliance to ensure there is sufficient disk space available. See Resizing the Disk Space in Migrating to Red Hat CloudForms 4.5 for more details.

BZ#1435468

Certain users (MIQ LDAP - OpenLDAP) with special attributes are unable to log in to the Red Hat CloudForms Services User Interface.

Steps to Reproduce:
1. Configure MIQ LDAP - OpenLDAP provider
2. Navigate to self-service UI and try to log in.

Result: The user is unable to log in and there is not an error message to let the user know that they are not able to log in.

BZ#1429891

The addition of default SSL authentication for OpenShift Container Platform and Red Hat Virtualization providers may break existing connections to these providers after upgrading to Red Hat CloudForms 4.5.

If an existing provider has a valid SSL certificate signed by a trusted Certificate Authority, CloudForms automatically authenticates to it, with no further action needed. However, if an existing provider has a self-signed SSL certificate, the Schedule Worker or an attempt to collect inventory will render the provider connection invalid.

A broken connection is indicated by an authentication status error, or an error similar to "Credential validation was not successful:SSL_connect_returned=1 errno=0 state=SSSlv3 read server certificate B:certificate verify failed".

To fix this issue, edit the provider's connection details to configure a certificate authority to trust, or disable SSL certificate validation (not recommended) for that provider. See Managing Providers for details on editing providers.

BZ#1404354

At current, connecting to virtual machines using HTML5 console access inconsistently fails. This is due to an issue in the underlying Apache web server related to web socket connections, which are used for remote console access to virtual machines. As a workaround, retry the connection. In the event that the connection fails again, wait a minute and retry again. This issue is currently being investigated by engineering.

BZ#1274376

This release of Red Hat CloudForms corrects a delay between enabling the SmartProxy server role, and its visibility to users in the UI when SmartPRoxy Affinity is selected under Zones.

6. Deprecated Functionality

The following are deprecated with Red Hat CloudForms 4.5 (CFME 5.8).

  • Internet Explorer 10 is no longer supported for all user interfaces in Red Hat CloudForms 4.5.

7. Changing the User Interface Locale

You can use this procedure to change the user interface locale to specify either English, Japanese, or Simplified Chinese.

  1. Navigate to SettingsMy Settings from the navigation bar.
  2. From the Locale list in the Display Settings area, select the user interface locale to specify either English, 日本語, or 简体中文.

    Cloudforms SCH

  3. You can also change the time zone from the Time Zone list as required. The default is (GMT+00:00) UTC.
  4. Click Save.

8. Changes in the Core Set of Ruby Gems

Users of Red Hat CloudForms can construct custom automation methods in Ruby to extend the product. Red Hat CloudForms ships with a core set of Ruby gems used by the CloudForms Management Engine (CFME) Rails Application. The Ruby gems in this set are subject to change, and have changed since the previous release. If you are calling gems using Automate that are no longer in the CloudForms Management Engine Appliance, you can install them by using the gem install command.

While gems can be imported into automation methods using require, it is recommended that the authors of the automation methods clearly document the use of gems either in the core set or a custom set. It is the responsibility of the author of such custom automation to own the life cycle of any gem being referenced in those methods.

You can find a list of all gems included in the appliance in /var/www/miq/vmdb/log/gem_list.txt

To get lists of all gems for different CloudForms Management Engine releases, see the following resource:

8.1. Red Hat CloudForms 4.5.0

This section outlines the changes to the core set of Ruby gems included in this release in comparison to the Ruby gems included in Red Hat CloudForms 4.2.2. This is the latest version of Red Hat CloudForms 4.2 as of the release of Red Hat CloudForms 4.5.0.

8.1.1. New Ruby Gems in Red Hat CloudForms 4.5.0

The following Ruby gems have been added:

Table 1. New Ruby Gems in Red Hat CloudForms 4.5.0

Ruby GemVersion in Red Hat CloudForms 4.5.0

aws-sigv4

1.0.0

macaddr

1.7.1

manageiq-content

0.1.0

manageiq-gems-pending

0.1.0

manageiq-providers-azure

0.1.0

manageiq-providers-lenovo

0.2.0

manageiq-providers-vmware

0.1.0

manageiq-ui-classic

0.1.0

pg-pglogical

1.1.0

systemu

2.6.5

uuid

2.3.8

xclarity_client

0.4.1

8.1.2. Updated Ruby Gems in Red Hat CloudForms 4.5.0

The following Ruby gems have been updated:

Table 2. Updated Ruby Gems in Red Hat CloudForms 4.5.0

Ruby GemVersion in Red Hat CloudForms 4.5.0

actioncable

5.0.3

actionmailer

5.0.3

actionpack

5.0.3

actionview

5.0.3

activejob

5.0.3

activemodel

5.0.3

activerecord

5.0.3

activesupport

5.0.3

amq-protocol

2.2.0

ansible_tower_client

0.12.2

autoprefixer-rails

7.1.1

aws-sdk

2.8.14

aws-sdk-core

2.8.14

aws-sdk-resources

2.8.14

azure-armrest

0.7.0

bundler

1.15.0

coffee-rails

4.2.2

fog-core

1.44.3

globalid

0.4.0

hawkular-client

3.0.1

high_voltage

3.0.0

http-form_data

1.0.3

linux_admin

0.20.1

logging

2.2.2

mail

2.6.5

memoist

0.15.0

minitest

5.10.2

oauth

0.5.3

ovirt

0.17.0

patternfly-sass

3.23.2

pkg-config

1.1.9

rack

2.0.3

rails

5.0.3

rails-controller-testing

1.0.2

rails-dom-testing

2.0.3

rails-i18n

5.0.4

railties

5.0.3

rake

12.0.0

rbvmomi

1.9.5

responders

2.4.0

rest-client

2.0.2

ruby_parser

3.9.0

rubyntlm

0.6.2

sass

3.4.24

sexp_processor

4.9.0

winrm

2.2.3

winrm-elevated

1.0.1

winrm-fs

1.0.1

8.1.3. Removed Ruby Gems in Red Hat CloudForms 4.5.0

The following Ruby gems have been removed:

Table 3. Removed Ruby Gems in Red Hat CloudForms 4.5.0

Ruby Gem

activemodel-serializers-xml

angular-ui-bootstrap-rails

cache

cache_method

climate_control

cocaine

draper

ezcrypto

mimemagic

outfielding-jqplot-rails

paperclip

request_store

8.2. Red Hat CloudForms 4.5.1

This section outlines the changes to the core set of Ruby gems included in this release.

8.2.1. New Ruby Gems in Red Hat CloudForms 4.5.1

No Ruby gems were added to the appliance in Red Hat CloudForms 4.5.1.

8.2.2. Updated Ruby Gems in Red Hat CloudForms 4.5.1

The following Ruby gems have been updated:

Table 4. Updated Ruby Gems in Red Hat CloudForms 4.5.1

Ruby GemVersion in Red Hat CloudForms 4.5.1

azure-armrest

0.7.4

bundler

1.15.3

kubeclient

2.4.0

linux_admin

0.20.2

8.2.3. Removed Ruby Gems in Red Hat CloudForms 4.5.1

The following Ruby gems have been removed:

Table 5. Removed Ruby Gems in Red Hat CloudForms 4.5.1

Ruby Gem

pkg-config

8.3. Red Hat CloudForms 4.5.2

This section outlines the changes to the core set of Ruby gems included in this release.

8.3.1. New Ruby Gems in Red Hat CloudForms 4.5.2

No Ruby gems were added to the appliance in Red Hat CloudForms 4.5.2.

8.3.2. Updated Ruby Gems in Red Hat CloudForms 4.5.2

The following Ruby gems have been updated:

Table 6. Updated Ruby Gems in Red Hat CloudForms 4.5.2

Ruby GemVersion in Red Hat CloudForms 4.5.2

azure-armrest

0.9.1

bundler

1.15.4

linux_admin

1.0.0

mini_portile2

2.3.0

ovirt

0.18.0

parallel

1.12.0

8.3.3. Removed Ruby Gems in Red Hat CloudForms 4.5.2

No Ruby gems were removed from the appliance in Red Hat CloudForms 4.5.2.

9. Technical Notes

This chapter contains the summary text for bug fixes and enhancements in Red Hat CloudForms errata advisories. The information and procedures in this chapter are relevant to Red Hat CloudForms administrators.

9.1. Red Hat CloudForms 4.5.0

9.1.1. RHSA-2017-1367: CFME 5.8.0 Bug Fixes and Enhancement Update

The bugs contained in this section are addressed by advisory RHSA-2017:1367. Further information about this advisory is available at https://access.redhat.com/errata/RHSA-2017:1367.html.

9.1.1.1. Appliance

BZ#1442888

This release of CloudForms corrects a configuration issue whereby the self-service UI did not time out when a custom session timeout was reached. Inactive users in the self-service UI will now be logged out when the established session time has expired.
9.1.1.2. Providers

BZ#1442768

Previously when upgrading Red Hat Virtualization providers from versions 3.x to 4.x, CloudForms sometimes attempted to access the Red Hat Virtualization API at /api, which caused provider refresh failures. To avoid this issue, the API path has been updated in this CloudForms release to use /ovirt-engine/api instead of /api. As a result, CloudForms connects to Red Hat Virtualization 3.5 and newer providers successfully; however, Red Hat Virtualization 3.4 environments are no longer supported.
9.1.1.3. Vulnerability

BZ#1341308

CloudForms includes a default SSL/TLS certificate for the web server. This certificate is replaced at install time, however if an attacker were able to man-in-the-middle an administrator while installing the new certificate the attacker could get a copy of the private key uploaded allowing for future attacks.

BZ#1429632

It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with RHEV and OpenShift. This would allow an attacker to spoof RHEV or OpenShift systems and potentially harvest sensitive information from CloudForms.

9.1.2. RHBA-2017-1366: CFME 5.8.0 Images for OpenShift

The bugs contained in this section are addressed by advisory RHBA-2017:1366. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2017:1366.html.

9.1.3. RHBA-2017-1650: Updated CFME 5.8.0 container images

Information about this advisory is available at https://access.redhat.com/errata/RHBA-2017:1650.html.

9.2. Red Hat CloudForms 4.5.1

9.2.1. RHBA-2017-1757: CFME 5.8.1 images for OpenShift

Information about this advisory is available at https://access.redhat.com/errata/RHBA-2017:1757.html.

9.2.2. RHSA-2017-1758: CFME 5.8.1 Security, Bug Fixes and Enhancement Update

The bugs contained in this section are addressed by advisory RHSA-2017:1758. Further information about this advisory is available at https://access.redhat.com/errata/RHSA-2017:1758.html.

9.2.2.1. Providers

BZ#1468275

This release of Red Hat CloudForms includes an enhancement to event switchboard configuration for Amazon EBS volumes and snapshot events that triggers a storage manager refresh upon receiving the events.

The following two CloudWatch event rules were configured on the AWS console to fire the EBS events using the CloudWatch service. The configuration parameters for each event are as follows:

Service Name - EC2
Event Type - EBS Volume Notification
Target - SNS Topic
Topic - AWSConfig_topic

and

Service Name - EC2
Event Type - EBS Snapshot Notification
Target - SNS Topic
Topic - AWSConfig_topic

See https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/WhatIsCloudWatchEvents.html for more information on Amazon CloudWatch events.

9.3. Red Hat CloudForms 4.5.2

9.3.1. RHBA-2017-3006: CFME 5.8.2 Images for OpenShift.

Information about this advisory is available at https://access.redhat.com/errata/RHBA-2017:3006.html.

9.3.2. RHSA-2017-3005: CFME 5.8 Red Hat CloudForms security, bug fix, and enhancement update.

Information about this advisory is available at https://access.redhat.com/errata/RHSA-2017:3005.html.