Release Notes

Red Hat CloudForms 4.6

Summary of new features, corrections, and known bugs for Red Hat CloudForms Management Engine 5.9

Red Hat CloudForms Documentation Team

Abstract

A summary of enhancements, known bugs, and support information for Red Hat CloudForms 4.6.
If you have a suggestion for improving this guide or have found an error, please submit a Bugzilla report at http://bugzilla.redhat.com against Red Hat CloudForms Management Engine for the Documentation component. Please provide specific details, such as the section number, guide name, and CloudForms version so we can easily locate the content.

1. Introduction

Red Hat CloudForms Management Engine (CFME) delivers the insight, control, and automation enterprises need to address the challenges of managing virtual environments, which are far more complex than physical ones. This technology enables enterprises with existing virtual infrastructures to improve visibility and control, and those just starting virtualization deployments to build and operate a well-managed virtual infrastructure.

Red Hat CloudForms 4.6 is comprised of a single component, the CloudForms Management Engine. It has the following feature sets:

  • Insight: Discovery, Monitoring, Utilization, Performance, Reporting, Analytics, Chargeback, and Trending.
  • Control: Security, Compliance, Alerting, Policy-Based Resource and Configuration Management.
  • Automate: IT Process, Task and Event, Provisioning, Workload Management and Orchestration.
  • Integrate: Systems Management, Tools and Processes, Event Consoles, CMDB, RBA, and Web Services.

1.1. Getting Support

If you experience difficulty with a procedure described in this documentation, visit the Red Hat Customer Portal at http://access.redhat.com. Through the customer portal, you can:

  • Search or browse through a knowledgebase of technical support articles about Red Hat products
  • Submit a support case to Red Hat Global Support Services (GSS)
  • Access other product documentation

Red Hat also hosts a large number of electronic mailing lists for discussion of Red Hat software and technology. You can find a list of publicly available mailing lists at https://www.redhat.com/mailman/listinfo. Click on the name of any mailing list to subscribe to that list or to access the list archives.

1.2. Red Hat CloudForms Life Cycle

For an overview of the life cycle phases for Red Hat CloudForms and the status of support for this product, see Red Hat Cloudforms Life Cycle.

2. Migration Considerations

2.1. Migrating to a New Appliance

If you are migrating from an existing appliance to a new one, the target appliance must be able to accommodate the new 12 Gb resource profile used by Red Hat CloudForms 4.6, even if the source appliance only uses 8 Gb.

2.2. Migrating on the same appliance

If you are migrating from a previous version of Red Hat CloudForms to Red Hat CloudForms 4.6 using the same appliance, the resource profile will remain the same. Before installing or starting any providers, however, you must assess your memory needs and adjust the resource profile accordingly to avoid performance issues.

3. Technology Preview

The following enhancements are available with this release of Red Hat CloudForms as technology preview only.

Note

For more information on the support scope for features marked as technology previews, see Technology Preview Features Support Scope

Alert Management
  • Red Hat CloudForms can receive alerts from Prometheus in OpenShift Container Platform
  • Alerts generated by Prometheus are visible in the Red Hat CloudForms user interface
  • Ability to assign alerts to a user and add notes
Integration with ServiceNow CMDB
You can integrate Red Hat CloudForms into ServiceNow to enable authentication with an existing ServiceNow database and add/amend items in the ServiceNow database during state machine processing, such as the virtual machine provisioning state machine.
Red Hat Insights Plug-In
You can access Red Hat Insights directly from the Red Hat CloudForms appliance web user interface. Red Hat Insights is an automated service that provides information that helps you to rapidly identify key issues in your Red Hat CloudForms deployment.

4. Enhancements

The following enhancements are available with Red Hat CloudForms 4.6 (CFME 5.9).

4.1. Ansible

Red Hat CloudForms continues to build on its next generation automation and management features, adding the following functionality to its Ansible Automation Inside role:

  • Call Ansible playbooks as methods in state machines, allowing for hybrid Ruby and Ansible orchestration.
  • Compute resource linking in services, providing visibility of Ansible deployed compute items.
  • A foundational layer to curate Ansible modules, adding secure authentication for Ansible callbacks to CloudForms.
  • Support for additional Ansible credentials, including OpenStack, Azure, Google, Satellite, Subversion, GitLab, as well as Ansible Networking.
  • Several field reported enhancements such as state machine timeouts, instructions to back up the CloudForms appliance to include CloudForms and Ansible Automation Inside PostgreSQL databases, and privilege escalation.

4.2. Dynamic Resource Objects

This release of Red Hat CloudForms introduces dynamic resource objects, designed to manage objects other than those related to private infrastructure, and public or private cloud providers. Dynamic resource objects are object-like entities, defined at runtime, that have unique names and user-defined attributes and relationships. Using automate requests, services and catalog items, dynamic resource objects can be directly accessed or passed, during any step, as a parameter to a service state machine. As a result, dynamic resource objects can be used to quickly add the capability to provision and collect data on resources not supported by Red Hat CloudForms.

4.3. Providers

The following section outlines enhancements to existing providers.

OpenShift Container Platform

This release of Red Hat CloudForms contains the following new features and enhancements for OpenShift Container Platform providers:

  • OpenSCAP:

    • Ability to specify per provider the location of OpenSCAP CVEs and image-inspector images
    • Environment variable to configure OpenSCAP CVE definitions URL
    • Advanced settings available per provider on instances
  • Chargeback:

    • Chargeback reports based on limits defined in pods for CPU and memory
  • Alert management:

    • CloudForms can receive alerts from Prometheus in OpenShift
    • Alerts generated by Prometheus are visible in the CloudForms user interface
    • Ability to assign alerts to a user and add notes
  • Performance:

    • Inventory graph refresh for OpenShift to improve collection performance
  • User experience:

    • Dashboard available at project level
    • Report for container projects by quota
    • Configuration of the OpenShift proxy per provider in the user interface
    • Metrics endpoints detection when adding an OpenShift provider
Red Hat OpenStack Platform

This release of Red Hat CloudForms contains the following new features and enhancements for OpenStack cloud providers:

  • Targeted graph refresh based on entity events to improve performance
  • Security group management for network providers and instances
  • Flavor management and creation from the CloudForms user interface
  • SmartState analysis for instances booted from a volume
  • Force option for volume backup and restore
  • Ability to charge volume types differently in chargeback
  • Support for provisioning instances from volumes, volume snapshot and image snapshots
Red Hat Virtualization

This release of Red Hat CloudForms contains the following new features and enhancements for Red Hat Virtualization providers:

  • Targeted refresh improvements for template and host events
  • Targeted graph refresh to improve performance
  • Support for using Sysprep to prepare Windows templates for deploying virtual machines
  • Open Virtual Network (OVN) network switch visualization and control
  • Ability to create a template from a virtual machine
  • Restart functionality for virtual machines

4.4. Physical Providers

This release adds the following physical infrastructure providers:

  • Lenovo XClarity

4.5. Administrative User Interface

The following section outlines enhancements to the administrative user interface.

OpenShift Template Provisioning
This release of CloudForms adds the ability to create a service dialog to expose OpenShift template parameters, create a catalog item based on the template, and provision the OpenShift template from a service catalog.
Dynamic Resource Objects

This release adds support for dynamic resource objects to the following:

  • Service
  • Create, read, update, and delete operations
Alert Management

This release enhances the alert management features in CloudForms, adding the ability to:

  • Send alerts to the alert user interface.
  • Set an alert to critical, warning, info.
  • See all alerts in the dashboard related to a particular entity.
  • Assign an alert to another user.
  • Add a note to an alert in the alert user interface.
Service Dialog
  • Ability to add service dialogs using a new drag-and-drop service dialog editor.
  • Advanced validation of dialog fields as you type.
  • More tool tips including a help icon for every element.
Custom Button
  • Ability to add a custom button at any level, enabled only in certain conditions.
  • Ability to set a custom icon to the custom button.

4.6. Self Service User Interface

The following section outlines enhancements to the service user interface, including parity of certain user experience improvements with the administrative user interface.

Snapshot management
This release adds the ability to see all snapshots in a list and timeline view on the snapshot level page. It also adds the ability to create and view snapshots from service level and resource details level.
Utilization
  • Reworked resource details level page for improved user experience.
  • Show details of dynamic resource objects at the service level.
Service Dialog
  • Advanced validation of dialog fields as you type.
  • More tool tips including a help icon for every element.
Custom Button
  • Ability to add a custom button at any level that will be enabled only in certain conditions.
  • Ability to set a custom icon to the custom button.
User Interface Customization
  • The service user interface adds the ability to perform certain user interface customizations in terms of branding, including a custom logo and a background image on the login screen.
  • Adds role-based access control to the help menu.
User Experience Improvements
  • Ability to filter services by tags.
  • Ability to modify dialog inputs when duplicating an existing order.
  • Automatic refresh of updates without having to click anywhere on the user interface.
  • Adds a visual progress of requests and orders during service provisioning.

5. Known Issues

These known issues exist in Red Hat CloudForms at this time:

BZ#1600642

After completing a fast-forward upgrade from Red Hat OpenStack Platform 10 to Red Hat OpenStack Platform 13, validation of OpenStack infrastructure and cloud providers fails under certain circumstances. This issue occurs when Red Hat OpenStack Platform 10 environments using Keystone API v2 are upgraded to Keystone API v3 as part of the upgrade process. To resolve this issue, edit the infrastructure and cloud providers associated with your Red Hat OpenStack Platform environment and update the value of the 'API Version' field to 'Keystone v3', and the value of the 'Keystone V3 Domain ID' field (by default, the value is 'default').

BZ#1283772

If you select the legacy network adapter setting when configuring a Red Hat CloudForms virtual machine on Hyper-V, it is not possible to access the virtual machine externally such as via SSH. The network adapter setting must be selected instead. For more information, see the following TechNet article -

https://technet.microsoft.com/en-us/library/ee941153.aspx

BZ#1344557

Presently, SmartState Analysis does not accept a wildcard character ("*") for directory names, causing CloudForms to fail to collect the specified file(s). To work around this, specify the directory's full path without wildcard characters. For example, when attempting to collect all users' public SSH keys using the filename "/home/*/.ssh/id_rsa.pub" in an Analysis Profile will fail, however, specifying the path "/home/user/.ssh/id_rsa.pub" succeeds. This known issue is an RFE for next release.

BZ#1391095

In highly available CloudForms environments, data synchronization to the global region ceases to function after a remote region failover event. This occurs because of an issue with both primary to standby database (HA) replication configured along with region-to-region (remote/global) replication. To work around this, remove and re-create the subscription in the global region web user interface to point to the new primary database server in the remote region. After applying the workaround, replication to the global region will be restored.

BZ#:1427653

At current, Red Hat CloudForms is unable to correctly collect inventory details from Red Hat Virtualization environments that have been upgraded from Red Hat Enterprise Virtualization 3.X to Red Hat Virtualization 4.X. This is caused by Red Hat CloudForms attempting to collect inventory details from the old FQDN for the environment and the new FQDN for the environment after the FQDN has been updated for that provider. As a workaround, restart the evmserverd on the appliance.

BZ#1435468

Certain users (MIQ LDAP - OpenLDAP) with special attributes are unable to log in to the Red Hat CloudForms Services User Interface.

Steps to Reproduce:
1. Configure MIQ LDAP - OpenLDAP provider
2. Navigate to self-service UI and try to log in.

Result: The user is unable to log in and there is not an error message to let the user know that they are not able to log in.

BZ#1451300

A known issue exists presently where different CloudForms tenants can create catalogs with the same name, and consequently, CloudForms displays multiple catalogs with the same name in the Catalog dropdown menu. This can result in difficulty differentiating catalog items when an administrative user creates a service catalog item, as the user interface does not display the name of the tenant that owns the catalog. This will be fixed in a later release.

BZ#1490641

Attempting to connect to the VMware WebMKS console for a virtual machine fails when the server security type is set to '2' for that virtual machine.

BZ#1513592

NPAPI support has been removed from all major browsers and VMware no longer supports this console type. As a result, the `VMware MKS plugin` option has been disabled in CloudForms.

BZ#1516757

At current, provisioning virtual machines via life cycle can exceed quota if a value in the Automate method is invalid. As a workaround, ensure that all values specified in or passed to the Automate method are valid.

BZ#1518613

At current, the results of running a compliance policy on a provider can be accessed from the 'Policy' menu, but are not displayed in the inventory page for that provider. This issue will be resolved in a future update of Red Hat CloudForms.

BZ#1540641

The hostnamectl tool, as used by the ipa-client-install command and in the appliance console, is limited by the 'HOST_NAME_MAX (64)' kernel variable. Because of this limitation in the underlying technology, Red Hat CloudForms  cannot support fully qualified domain names longer than 64 characters.

BZ#1550024

At current, attempting to open the appliance console using the 'ap' command fails under certain circumstances after upgrading from Red Hat CloudForms 5.8 to Red Hat CloudForms 5.9. As a workaround, log out of and back in to the appliance, or enter the full command 'appliance_console'.

6. Release Notes

This section outlines important details about the release, including recommended practices and notable changes to Red Hat CloudForms. You must take this information into account to ensure the best possible outcomes for your deployment.

BZ#1392415

If you configure a Red Hat CloudForms appliance to act as a dedicated database instance when you configure the database, you can enable the EVM server and user interface on that appliance via the following procedure -

If you have already configured a region on the appliance and other appliances connect to that region, use the 'Join Region in External Database' option to enable the EVM server. Enter 'localhost' as the database host name.

If you have not already configured a region on the appliance, use the 'Create Region in External Database' option to enable the EVM server. Enter 'localhost' as the database host name.

7. Deprecated Functionality

The following are deprecated with Red Hat CloudForms 4.6 (CFME 5.9).

  • Due to VMware licensing restrictions we are not able to ship with WebMKS starting in version 4.5.3. However, it can be easily added to the UI appliances by following the steps in this documentation. https://access.redhat.com/solutions/3376081

8. Changing the User Interface Locale

Red Hat CloudForms allows you to change the locale of the user interface to one of several preset locales.

This procedure outlines how to change the user interface locale.

  1. Navigate to SettingsMy Settings from the navigation bar.
  2. Select the user interface locale from the Locale list in the Display Settings area.
  3. Click Save.

8.1. User Interface Locales

This table outlines the user interface locales provided in this release of Red Hat CloudForms.

Table 1. User Interface Locales

LocaleLanguage

English

English

Español

Spanish

Français

French

日本語

Japanese

简体中文

Simplified Chinese

9. Changes in the Core Set of Ruby Gems

Users of Red Hat CloudForms can construct custom automation methods in Ruby to extend the product. Red Hat CloudForms ships with a core set of Ruby gems used by the CloudForms Management Engine (CFME) Rails Application. The Ruby gems in this set are subject to change, and have changed since the previous release. If you are calling gems using Automate that are no longer in the CloudForms Management Engine Appliance, you can install them by using the gem install command.

While gems can be imported into automation methods using require, it is recommended that the authors of the automation methods clearly document the use of gems either in the core set or a custom set. It is the responsibility of the author of such custom automation to own the life cycle of any gem being referenced in those methods.

You can find a list of all gems included in the appliance in /var/www/miq/vmdb/log/gem_list.txt

To get lists of all gems for different CloudForms Management Engine releases, see the following resource:

9.1. Red Hat CloudForms 4.6.0

This section outlines the changes to the core set of Ruby gems included in this release in comparison to the Ruby gems included in Red Hat CloudForms 4.5.3. This is the latest version of Red Hat CloudForms 4.5 as of the release of Red Hat CloudForms 4.6, and this section shall be replaced with the details of the Ruby gems included in Red Hat CloudForms 4.6.0 in line with the general availability of the release.

9.1.1. New Ruby Gems in Red Hat CloudForms 4.6.0

The following Ruby gems have been added:

Table 2. New Ruby Gems in Red Hat CloudForms 4.6.0

Ruby GemVersion in Red Hat CloudForms 4.6.0

activerecord-id_regions

0.2.0

amazon_ssa_support

0.1.0

crass

1.0.3

docker-api

1.33.6

dry-configurable

0.7.0

dry-container

0.6.0

dry-core

0.4.2

dry-equalizer

0.2.0

dry-logic

0.4.2

dry-types

0.12.2

dry-validation

0.11.1

faker

1.8.3

faraday-cookie_jar

0.0.6

font-fabulous

1.0.0

hashdiff

0.3.7

inflecto

0.0.2

log_decorator

0.1.0

manageiq-api

3.0.0

manageiq-appliance_console

1.2.4

manageiq-automation_engine

0.1.0

manageiq-consumption

0.0.1

manageiq-messaging

0.1.0

manageiq-network_discovery

0.1.2

manageiq-postgres_ha_admin

1.0.0

manageiq-providers-ansible_tower

0.1.0

manageiq-providers-foreman

0.1.0

manageiq-providers-google

0.1.0

manageiq-providers-kubernetes

0.1.0

manageiq-providers-openshift

0.1.0

manageiq-providers-openstack

0.1.0

manageiq-providers-ovirt

0.1.0

manageiq-providers-scvmm

0.1.0

manageiq-schema

0.1.0

manageiq-smartstate

0.2.7

mini_mime

1.0.0

minitar

0.6.1

monetize

1.7.0

money

6.10.1

money-rails

1.10.0

prometheus-alert-buffer-client

0.2.0

prometheus-api-client

0.6.0

ripper_ruby_parser

1.1.2

socksify

1.7.1

stomp

1.4.4

vmware_web_service

0.2.5

webpacker

2.0

9.1.2. Updated Ruby Gems in Red Hat CloudForms 4.6.0

The following Ruby gems have been updated:

Table 3. Updated Ruby Gems in Red Hat CloudForms 4.6.0

Ruby GemVersion in Red Hat CloudForms 4.6.0

actioncable

5.0.6

actionmailer

5.0.6

actionpack

5.0.6

actionview

5.0.6

activejob

5.0.6

activemodel

5.0.6

activerecord

5.0.6

activerecord-session_store

1.1.0

activesupport

5.0.6

acts_as_tree

2.7.1

akami

1.3.1

amq-protocol

2.3.0

autoprefixer-rails

7.2.5

aws-sdk

2.9.44

aws-sdk-core

2.9.44

aws-sdk-resources

2.9.44

aws-sigv4

1.0.2

config

1.6.1

default_value_for

3.0.3

event_emitter

0.2.6

excon

0.60.0

ffi-vix_disk_lib

1.0.4

fog-core

1.45.0

fog-google

0.5.4

gettext

3.2.6

globalid

0.4.1

gyoku

1.3.1

httpclient

2.8.3

httpi

2.4.2

i18n

0.9.3

iniparse

1.4.4

jbuilder

2.7.0

linux_admin

1.2.0

loofah

2.1.1

mail

2.7.0

method_source

0.9.0

mime-types

2.6.1

minitest

5.11.3

more_core_extensions

3.5.0

multi_json

1.13.1

net-ldap

0.16.1

net-ssh

4.2.0

nori

2.6.0

oauth

0.5.4

ovirt_metrics

2.0.0

parallel

1.12.1

pg-pglogical

2.1.2

rails

5.0.6

railties

5.0.6

rake

12.3.0

rbvmomi

1.11.6

ruby-dbus

0.14.1

rufus-scheduler

3.1.10.2

sass

3.4.25

sass-rails

5.0.7

savon

2.11.2

sexp_processor

4.10.0

signet

0.8.1

sprockets-rails

3.2.1

sys-proctable

1.1.5

thor

0.20.0

tilt

2.0.8

tzinfo

1.2.4

useragent

0.16.9

wasabi

3.5.0

websocket

1.2.5

websocket-extensions

0.1.3

winrm-fs

1.2.0

xclarity_client

0.5.9

9.1.3. Removed Ruby Gems in Red Hat CloudForms 4.6.0

The following Ruby gems have been removed:

Table 4. Removed Ruby Gems in Red Hat CloudForms 4.6.0

Ruby Gem

acts_as_list

daemons

hashie

log4r

multi_xml

oauth2

omniauth

omniauth-google-oauth2

omniauth-oauth2

rails-controller-testing

ruby_parser

rubywbem

zip-zip

9.2. Red Hat CloudForms 4.6.1

This section outlines the changes to the core set of Ruby gems included in this release.

9.2.1. New Ruby Gems in Red Hat CloudForms 4.6.1

No Ruby gems were added to the appliance in Red Hat CloudForms 4.6.1.

9.2.2. Updated Ruby Gems in Red Hat CloudForms 4.6.1

No Ruby gems were updated in Red Hat CloudForms 4.6.1.

9.2.3. Removed Ruby Gems in Red Hat CloudForms 4.6.1

No Ruby gems were removed from the appliance in Red Hat CloudForms 4.6.1.

9.3. Red Hat CloudForms 4.6.2

This section outlines the changes to the core set of Ruby gems included in this release.

9.3.1. New Ruby Gems in Red Hat CloudForms 4.6.2

The following Ruby gems have been added:

Table 5. New Ruby Gems in Red Hat CloudForms 4.6.2

Ruby GemVersion in Red Hat CloudForms 4.6.2

public_suffix

3.0.2

9.3.2. Updated Ruby Gems in Red Hat CloudForms 4.6.2

The following Ruby gems have been updated:

Table 6. Updated Ruby Gems in Red Hat CloudForms 4.6.2

Ruby GemVersion in Red Hat CloudForms 4.6.2

addressable

2.5.2

ansible_tower_client

0.13.0

azure-armrest

0.9.10

fog-openstack

0.1.25

fog-vcloud-director

0.1.10

http

2.2.2

kubeclient

2.5.2

linux_admin

1.2.1

manageiq-api-client

0.3.0

manageiq-appliance_console

2.0.0

manageiq-smartstate

0.2.10

more_core_extensions

3.6.0

vmware_web_service

0.2.8

9.3.3. Removed Ruby Gems in Red Hat CloudForms 4.6.2

The following Ruby gems have been removed:

Table 7. Removed Ruby Gems in Red Hat CloudForms 4.6.2

Ruby Gem

manageiq-network_discovery

9.4. Red Hat CloudForms 4.6.3

This section outlines the changes to the core set of Ruby gems included in this release.

9.4.1. New Ruby Gems in Red Hat CloudForms 4.6.3

The following Ruby gems have been added:

Table 8. New Ruby Gems in Red Hat CloudForms 4.6.3

Ruby GemVersion in Red Hat CloudForms 4.6.3

declarative

0.0.10

declarative-option

0.1.0

miq_v2v_ui

0.0.1

representable

3.0.4

uber

0.1.0

9.4.2. Updated Ruby Gems in Red Hat CloudForms 4.6.3

The following Ruby gems have been updated:

Table 9. Updated Ruby Gems in Red Hat CloudForms 4.6.3

Ruby GemVersion in Red Hat CloudForms 4.6.3

fog-google

1.5.0

fog-vcloud-director

0.2.2

google-api-client

0.23.0

manageiq-appliance_console

2.0.3

mime-types

3.0.0

retriable

3.1.1

vmware_web_service

0.2.9

9.4.3. Removed Ruby Gems in Red Hat CloudForms 4.6.3

The following Ruby gems have been removed:

Table 10. Removed Ruby Gems in Red Hat CloudForms 4.6.3

Ruby Gem

autoparse

extlib

launchy

10. Technical Notes

This chapter contains the summary text for bug fixes and enhancements in Red Hat CloudForms errata advisories. The information and procedures in this chapter are relevant to Red Hat CloudForms administrators.

10.1. Red Hat CloudForms 4.6.0

10.1.1. RHSA-2018-0380: Moderate: Red Hat CloudForms security, bug fix, and enhancement update

The bugs contained in this section are addressed by advisory RHSA-2018:0380. Further information about this advisory is available at https://access.redhat.com/errata/RHSA-2018:0380.html.

10.1.2. RHBA-2018-0381: CloudForms 4.6 Amazon EC2 SmartState Client

The bugs contained in this section are addressed by advisory RHBA-2018:0381. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:0381.html.

10.1.3. RHBA-2018-0382: CloudForms 4.6 images for OpenShift

The bugs contained in this section are addressed by advisory RHBA-2018:0382. Information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:0382.html.

10.2. Red Hat CloudForms 4.6.1

10.2.1. RHBA-2018-0554: CloudForms 4.6 Amazon EC2 SmartState Client

The bugs contained in this section are addressed by advisory RHBA-2018:0554. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:0554.html.

10.2.2. RHBA-2018-0555: CloudForms 4.6 Images for OpenShift

The bugs contained in this section are addressed by advisory RHBA-2018:0555. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:0555.html.

10.2.3. RHBA-2018-0556: CloudForms 4.6.1 Bug Fix Update

The bugs contained in this section are addressed by advisory RHBA-2018:0556. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:0556.html.

10.2.3.1. Appliance

BZ#1560578

This update corrects an issue when upgrading rh-ruby from 2.3.1 to 2.3.6, including its dependent packages. The error was caused when a unexpected, newer version of rubygem-psych was picked up by CloudForms Management Engine.

10.3. Red Hat CloudForms 4.6.2

10.3.1. RHSA-2018-1328: Important: Red Hat CloudForms 4.6.2 Bug Fix and Enhancement Update

The bugs contained in this section are addressed by advisory RHSA-2018:1328. Further information about this advisory is available at https://access.redhat.com/errata/RHSA-2018:1328.html.

10.3.1.1. Appliance

BZ#1562777

This release of Red Hat CloudForms corrects restrictions for Request visibility when the role is set to "Only User or Group Owned" or "Only User Owned".

10.3.2. RHBA-2018-1329: CloudForms 4.6.2 Images for OpenShift Bug Fix and Enhancement Update

The bugs contained in this section are addressed by advisory RHBA-2018:1329. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:1329.html.

10.3.3. RHBA-2018-1330: CloudForms 4.6.2 Amazon EC2 SmartState Client Bug Fix Update

The bugs contained in this section are addressed by advisory RHBA-2018:1330. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:1330.html.

10.3.4. RHBA-2018-1371: Red Hat CloudForms 4.6.2 App and App UI OpenShift Images Bug Fix Update

The bugs contained in this section are addressed by advisory RHBA-2018:1371. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:1371.html.

10.4. Red Hat CloudForms 4.6.3

10.4.1. RHSA-2018-2184: Moderate: Red Hat CloudForms 4.6.3 bug fix, and enhancement update

The bugs contained in this section are addressed by advisory RHSA-2018:2184. Further information about this advisory is available at https://access.redhat.com/errata/RHSA-2018:2184.html.

10.4.1.1. Vulnerability

BZ#1588855

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.

10.4.2. RHBA-2018-2183: CloudForms 4.6.3 images for OpenShift

The bugs contained in this section are addressed by advisory RHBA-2018:2183. Information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:2183.html.

10.4.3. RHBA-2018-2182: CloudForms 4.6.3 Amazon EC2 SmartState Client

The bugs contained in this section are addressed by advisory RHBA-2018:2182. Further information about this advisory is available at https://access.redhat.com/errata/RHBA-2018:2182.html.

11. Changes in the Default Roles

This section outlines the changes to the default roles included in Red Hat CloudForms with each release.

11.1. Red Hat CloudForms 4.6.0

This section outlines the changes to the default roles included in Red Hat CloudForms in comparison to those included in Red Hat CloudForms 4.5.3. This is the latest version of Red Hat CloudForms 4.5 as of the release of Red Hat CloudForms 4.6.

11.1.1. EvmRole-administrator

Added
  • ems_infra_admin_ui
  • physical_server
  • physical_infra_topology
  • sui_services
Removed
  • ontap_storage_system
  • ontap_logical_disk
  • cim_base_storage_extent
  • ontap_storage_volume
  • job_all_smartproxy
  • job_my_smartproxy
  • storage_manager
  • ontap_file_share
  • snia_local_file_system

11.1.2. EvmRole-approver

Added
  • control_explorer
  • ems_physical_infra_console
  • ems_physical_infra_view
  • physical_infra_topology_view
  • physical_server_view
  • service_view
  • sui_services_view
  • sui_vm_details_view
  • sui_vm_console
  • sui_vm_web_console
  • sui_vm_tags
  • sui_orders_view
Removed
  • cim_base_storage_extent_show
  • cim_base_storage_extent_show_list
  • cim_base_storage_extent_tag
  • ontap_storage_system_show
  • ontap_storage_system_show_list
  • ontap_storage_system_tag
  • ontap_logical_disk_show
  • ontap_logical_disk_show_list
  • ontap_logical_disk_tag
  • cim_storage_extent_show
  • cim_storage_extent_show_list
  • cim_storage_extent_tag
  • ontap_storage_volume_show
  • ontap_storage_volume_show_list
  • ontap_storage_volume_tag
  • control_explorer_view
  • ems_physical_infra_show
  • ems_physical_infra_show_list
  • ems_physical_infra_timeline
  • job_my_smartproxy
  • storage_manager_new
  • storage_manager_edit
  • storage_manager_refresh_inventory
  • storage_manager_refresh_status
  • storage_manager_show
  • storage_manager_show_list
  • service_show
  • service_show_list
  • ontap_file_share_show
  • ontap_file_share_show_list
  • ontap_file_share_tag
  • snia_local_file_system_show
  • snia_local_file_system_show_list
  • snia_local_file_system_tag

11.1.3. EvmRole-auditor

Added
  • control_explorer
  • ems_physical_infra_console
  • ems_physical_infra_view
  • physical_infra_topology_view
  • physical_server_view
  • service_view
  • sui_services_view
  • sui_vm_details_view
  • sui_vm_console
  • sui_vm_web_console
  • sui_vm_tags
Removed
  • cim_base_storage_extent_show
  • cim_base_storage_extent_show_list
  • cim_base_storage_extent_tag
  • ontap_storage_system_show
  • ontap_storage_system_show_list
  • ontap_storage_system_tag
  • ontap_logical_disk_show
  • ontap_logical_disk_show_list
  • ontap_logical_disk_tag
  • cim_storage_extent_show
  • cim_storage_extent_show_list
  • cim_storage_extent_tag
  • ontap_storage_volume_show
  • ontap_storage_volume_show_list
  • ontap_storage_volume_tag
  • control_explorer_view
  • ems_physical_infra_show
  • ems_physical_infra_show_list
  • ems_physical_infra_timeline
  • job_my_smartproxy
  • storage_manager_new
  • storage_manager_edit
  • storage_manager_refresh_inventory
  • storage_manager_refresh_status
  • storage_manager_show
  • storage_manager_show_list
  • service_show
  • service_show_list
  • ontap_file_share_show
  • ontap_file_share_show_list
  • ontap_file_share_tag
  • snia_local_file_system_show
  • snia_local_file_system_show_list
  • snia_local_file_system_tag

11.1.4. EvmRole-desktop

Added
  • ems_physical_infra
  • physical_server
  • physical_infra_topology
  • physical_server_view
  • sui_services_view
  • sui_vm_details_view
  • sui_vm_console
  • sui_vm_web_console
  • sui_vm_start
  • sui_vm_stop
  • sui_vm_suspend
  • sui_orders_view
  • sui_orders_operations

11.1.5. EvmRole-operator

Added
  • ems_physical_infra_console
  • ems_physical_infra_discover
  • ems_physical_infra_view
  • physical_server_timeline
  • service_view
  • sui_services_view
  • sui_vm_details_view
  • sui_vm_console
  • sui_vm_web_console
  • sui_vm_tags
  • sui_vm_start
  • sui_vm_stop
  • sui_vm_suspend
Removed
  • cim_base_storage_extent_show
  • cim_base_storage_extent_show_list
  • cim_base_storage_extent_tag
  • ontap_storage_system_show
  • ontap_storage_system_show_list
  • ontap_storage_system_tag
  • ontap_logical_disk_show
  • ontap_logical_disk_show_list
  • ontap_logical_disk_tag
  • cim_storage_extent_show
  • cim_storage_extent_show_list
  • cim_storage_extent_tag
  • ontap_storage_volume_show
  • ontap_storage_volume_show_list
  • ontap_storage_volume_tag
  • ontap_storage_volume_tag
  • ems_physical_infra_show
  • ems_physical_infra_show_list
  • ems_physical_infra_timeline
  • job_my_smartproxy
  • storage_manager_new
  • storage_manager_edit
  • storage_manager_refresh_inventory
  • storage_manager_refresh_status
  • storage_manager_show
  • storage_manager_show_list
  • service_show
  • service_show_list
  • ontap_file_share_show
  • ontap_file_share_show_list
  • ontap_file_share_tag
  • snia_local_file_system_show
  • snia_local_file_system_show_list
  • snia_local_file_system_tag

11.1.6. EvmRole-security

Added
  • control_explorer
  • ems_physical_infra_view
  • physical_server_timeline
  • service_view
  • sui_services_view
  • sui_vm_details_view
  • sui_vm_snapshot_create
  • sui_vm_snapshot_delete
  • sui_vm_tags
Removed
  • cim_base_storage_extent_show
  • cim_base_storage_extent_show_list
  • ontap_storage_system_show
  • ontap_storage_system_show_list
  • ontap_logical_disk_show
  • ontap_logical_disk_show_list
  • cim_storage_extent_show
  • cim_storage_extent_show_list
  • cim_storage_extent_tag
  • ontap_storage_volume_show
  • ontap_storage_volume_show_list
  • ontap_storage_volume_tag
  • control_explorer_view
  • ems_physical_infra_show
  • ems_physical_infra_show_list
  • ems_physical_infra_timeline
  • job_my_smartproxy
  • storage_manager_show
  • storage_manager_show_list
  • service_show
  • service_show_list
  • ontap_file_share_show
  • ontap_file_share_show_list
  • ontap_file_share_tag
  • snia_local_file_system_show
  • snia_local_file_system_show_list
  • snia_local_file_system_tag

11.1.7. EvmRole-support

Added
  • control_explorer
  • ems_physical_infra_console
  • ems_physical_infra_view
  • physical_infra_topology_view
  • physical_server_view
  • service_view
  • sui_services_view
  • sui_vm_details_view
  • sui_vm_console
  • sui_vm_web_console
  • sui_vm_tags
Removed
  • cim_base_storage_extent_show
  • cim_base_storage_extent_show_list
  • ontap_storage_system_show
  • ontap_storage_system_show_list
  • ontap_logical_disk_show
  • ontap_logical_disk_show_list
  • cim_storage_extent_show
  • cim_storage_extent_show_list
  • ontap_storage_volume_show
  • ontap_storage_volume_show_list
  • control_explorer_view
  • ems_physical_infra_show
  • ems_physical_infra_show_list
  • ems_physical_infra_timeline
  • job_my_smartproxy
  • storage_manager_show
  • storage_manager_show_list
  • service_show
  • service_show_list
  • ontap_file_share_show
  • ontap_file_share_show_list
  • snia_local_file_system_show
  • snia_local_file_system_show_list

11.1.8. EvmRole-user

Added
  • ems_physical_infra_console
  • physical_infra_topology_view
  • physical_server_view
  • service_view
  • sui_services_view
  • sui_vm_details_view
  • sui_vm_console
  • sui_vm_web_console
  • sui_vm_tags
  • sui_orders_view
  • sui_orders_operations
Removed
  • cim_base_storage_extent_show
  • cim_base_storage_extent_show_list
  • ontap_storage_system_show
  • ontap_storage_system_show_list
  • ontap_logical_disk_show
  • ontap_logical_disk_show_list
  • cim_storage_extent_show
  • cim_storage_extent_show_list
  • ontap_storage_volume_show
  • ontap_storage_volume_show_list
  • job_my_smartproxy
  • storage_manager_show
  • storage_manager_show_list
  • service_show
  • service_show_list
  • ontap_file_share_show
  • ontap_file_share_show_list
  • snia_local_file_system_show
  • snia_local_file_system_show_list

11.1.9. EvmRole-user_limited_self_service

Added
  • sui_core
  • sui_services
  • sui_vm
  • sui_orders
  • sui_svc_catalog_view
  • sui_svc_catalog_cart
  • sui_cart

11.1.10. EvmRole-user_self_service

Added
  • ems_physical_infra_console
  • sui

11.1.11. EvmRole-vm_user

  • sui_vm_details_view
  • sui_vm_console
  • sui_vm_web_console
  • sui_vm_tags
  • sui_vm_retire
  • sui_vm_start
  • sui_vm_stop
  • sui_vm_suspend
  • sui_orders_view
  • sui_orders_operations

11.1.12. EvmRole-tenant_administrator

Added
  • sui_services
Removed
  • ontap_storage_system
  • ontap_logical_disk
  • cim_base_storage_extent
  • ontap_storage_volume
  • job_all_smartproxy
  • job_my_smartproxy
  • storage_manager
  • ontap_file_share
  • snia_local_file_system

11.1.13. EvmRole-tenant_quota_administrator

Added
  • sui_services
Removed
  • ontap_storage_system
  • ontap_logical_disk
  • cim_base_storage_extent
  • ontap_storage_volume
  • job_all_smartproxy
  • job_my_smartproxy
  • storage_manager
  • ontap_file_share
  • snia_local_file_system

11.1.14. EvmRole-consumption_administrator

Added
  • storage
  • generic_object
  • generic_object_definition
  • monitor
  • monitor_alerts
  • alert_status
  • alert_action
  • ems_infra
  • rbac_user
  • ops_settings
Removed
  • generic_object_explorer
  • ontap_storage_system
  • ontap_storage_volume
  • ontap_logical_disk
  • cim_base_storage_extent
  • ontap_file_share
  • snia_local_file_system
  • storage_manager
  • blueprint

11.1.15. EvmRole-container_operator

Added
  • monitor
  • monitor_alerts
  • alert_status
  • alert_action
  • ems_infra
  • rbac_user
  • ops_settings

11.1.16. EvmRole-reader

Added
  • ems_physical_infra_view

11.2. Red Hat CloudForms 4.6.1

This section outlines the changes to the default roles included in Red Hat CloudForms with this release.

11.2.1. EvmRole-super_administrator

Added
  • sui_notifications

11.2.2. EvmRole-approver

Added
  • ems_physical_infra_tag
  • sui_notifications

11.2.3. EvmRole-auditor

Added
  • ems_cluster_view
  • ems_infra_view
  • ems_infra_check_compliance
  • infra_networking_view
  • infra_networking_tag
  • instance_view
  • instance_check_compliance
  • instance_policy_sim
  • instance_tag
  • image_view
  • image_check_compliance
  • image_policy_sim
  • image_tag
  • iso_datastore_view
  • host_view
  • host_check_compliance
  • miq_template_view
  • miq_template_snapshot_view
  • vm_view
  • vm_compare
  • vm_drift
  • sui_notifications
Removed
  • all_vm_rules
  • ems_cluster_show
  • ems_cluster_show_list
  • ems_cluster_perf
  • ems_cluster_timeline
  • ems_infra_show
  • ems_infra_show_list
  • ems_infra_timeline
  • host_timeline
  • miq_template_perf
  • miq_template_show
  • miq_template_show_list
  • miq_template_snapshot
  • miq_template_timeline

11.2.4. EvmRole-desktop

Added
  • sui_notifications

11.2.5. EvmRole-operator

Added
  • physical_server_view
  • physical_infra_topology_view
  • sui_notifications
Removed
  • physical_server_timeline

11.2.6. EvmRole-security

Added
  • sui_notifications

11.2.7. EvmRole-support

Added
  • sui_notifications

11.2.8. EvmRole-user

Added
  • sui_notifications

11.2.9. EvmRole-user_limited_self_service

Added
  • sui_notifications

11.2.10. EvmRole-tenant_administrator

Added
  • sui_notifications

11.2.11. EvmRole-tenant_quota_administrator

Added
  • sui_notifications

11.2.12. EvmRole-consumption_administrator

Added
  • sui_notifications

11.3. Red Hat CloudForms 4.6.2

There were no changes to the default roles with this release.

11.4. Red Hat CloudForms 4.6.3

There were no changes to the default roles with this release.