Menu Close
Settings Close

Upgrading from RHEL 7 to RHEL 8

Red Hat Enterprise Linux 8

Instructions for an in-place upgrade from Red Hat Enterprise Linux 7 to Red Hat Enterprise Linux 8

Red Hat Customer Content Services

Abstract

This document provides instructions on how to perform an in-place upgrade from Red Hat Enterprise Linux 7 to Red Hat Enterprise Linux 8 using the Leapp utility. During the in-place upgrade, the existing RHEL 7 operating system is replaced by a RHEL 8 version.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Providing feedback on Red Hat documentation

We appreciate your feedback on our documentation. Let us know how we can improve it.

Submitting comments on specific passages

  1. View the documentation in the Multi-page HTML format and ensure that you see the Feedback button in the upper right corner after the page fully loads.
  2. Use your cursor to highlight the part of the text that you want to comment on.
  3. Click the Add Feedback button that appears near the highlighted text.
  4. Add your feedback and click Submit.

Submitting feedback through Bugzilla (account required)

  1. Log in to the Bugzilla website.
  2. Select the correct version from the Version menu.
  3. Enter a descriptive title in the Summary field.
  4. Enter your suggestion for improvement in the Description field. Include links to the relevant parts of the documentation.
  5. Click Submit Bug.

Key migration terminology

While the following migration terms are commonly used in the software industry, these definitions are specific to Red Hat Enterprise Linux (RHEL).

Update

Sometimes called a software patch, an update is an addition to the current version of the application, operating system, or software that you are running. A software update addresses any issues or bugs to provide a better experience of working with the technology. In RHEL, an update relates to a minor release, for example, updating from RHEL 8.1 to 8.2.

Upgrade

An upgrade is when you replace the application, operating system, or software that you are currently running with a newer version. Typically, you first back up your data according to instructions from Red Hat. When you upgrade RHEL, you have two options:

  • In-place upgrade: During an in-place upgrade, you replace the earlier version with the new version without removing the earlier version first. The installed applications and utilities, along with the configurations and preferences, are incorporated into the new version.
  • Clean install: A clean install removes all traces of the previously installed operating system, system data, configurations, and applications and installs the latest version of the operating system. A clean install is ideal if you do not need any of the previous data or applications on your systems or if you are developing a new project that does not rely on prior builds.

Operating system conversion

A conversion is when you convert your operating system from a different Linux distribution to Red Hat Enterprise Linux. Typically, you first back up your data according to instructions from Red Hat.

Migration

Typically, a migration indicates a change of platform: software or hardware. Moving from Windows to Linux is a migration. Moving a user from one laptop to another or a company from one server to another is a migration. However, most migrations also involve upgrades, and sometimes the terms are used interchangeably.

  • Migration to RHEL: Conversion of an existing operating system to RHEL
  • Migration across RHEL: Upgrade from one version of RHEL to another

Chapter 1. Supported upgrade paths

The in-place upgrade replaces the RHEL 7 operating system on your system with a RHEL 8 version.

Currently, it is possible to perform an in-place upgrade from RHEL 7 to the following target RHEL 8 minor versions:

Table 1.1. Supported upgrade paths

Architecture and product variantSource OS versionTarget OS version

64-bit Intel, IBM POWER 8 (little endian), and 64-bit IBM Z

RHEL 7.9

RHEL 8.4

RHEL 8.6 (default)

IBM POWER 9 (little endian) and IBM Z (structure A)

RHEL 7.6

RHEL 8.4

RHEL for SAP

RHEL 7.9

RHEL 8.2 (default)

RHEL 8.6

For more information on supported upgrade paths, see Supported in-place upgrade paths for Red Hat Enterprise Linux.

Chapter 2. Planning an upgrade

An in-place upgrade is the recommended and supported way to upgrade your system to the next major version of RHEL.

You should consider the following before upgrading to RHEL 8:

  • Operating system - The operating system is upgraded by the Leapp utility under the following conditions:

    • The Server variant installed of the latest available RHEL 7 version, which currently is:

      • RHEL 7.9 on the 64-bit Intel, IBM POWER 8 (little endian), and 64-bit IBM Z architectures and, when on SAP HANA, on the 64-bit Intel architecture

      • RHEL 7.6 on architectures that require kernel version 4.14: IBM POWER 9 (little endian) or 64-bit IBM Z (Structure A)

        Note

        The IBM POWER 9 (little endian) and 64-bit IBM Z (Structure A) architectures have reached end of life. The final upgrade path for these architectures is from RHEL 7.6 to RHEL 8.4. Subsequent releases to the in-place upgrade, including new upgrade paths, features, and bug fixes, will not include these architectures.

        See Supported in-place upgrade paths for Red Hat Enterprise Linux for more information.

    • Minimum hardware requirements for RHEL 8 met
    • Access to up-to-date RHEL 7.9 and the target OS version (for example, RHEL 8.6) content provided; see Preparing a RHEL 7 system for the upgrade, step 1 for details.
  • Applications - You can migrate applications installed on your system using Leapp. However, in certain cases, you have to create custom actors, which specify actions to be performed by Leapp during the upgrade, for example, reconfiguring an application or installing a specific hardware driver. For more information, see Handling the migration of your custom and third-party applications. Note that custom actors are unsupported by Red Hat.

  • Security - You should evaluate this aspect before the upgrade and take additional steps when the upgrade process completes. Consider especially the following:

    • Before the upgrade, define the security standard your system needs to comply with and understand the security changes in RHEL 8.
    • During the upgrade process, the Leapp utility sets SELinux mode to permissive.
    • In-place upgrades of systems in FIPS mode are not supported.
    • After the upgrade is finished, re-evaluate and re-apply your security policies. For information about applying security policies that have been disabled during the upgrade or newly introduced in RHEL 8, see Applying security policies.
  • Storage and file systems - You should always back up your system prior to upgrading. For example, you can use the Relax-and-Recover (ReaR) utility, LVM snapshots, RAID splitting, or a virtual machine snapshot.
  • High Availability - Upgrades of systems using the High Availability add-on are unsupported.
  • Downtime - The upgrade process can take from several minutes to several hours.
  • Satellite - If you manage your hosts through Satellite, you can upgrade multiple hosts simultaneously from RHEL 7 to RHEL 8 using the Satellite web UI. For more information, see Upgrading Hosts from RHEL 7 to RHEL 8.
  • SAP HANA - If you are using SAP HANA, follow How to in-place upgrade SAP environments from RHEL 7 to RHEL 8 instead. Note that the upgrade path for RHEL with SAP HANA might differ.
  • Public clouds - The in-place upgrade is supported for on-demand Pay-As-You-Go (PAYG) instances on Amazon Web Services (AWS) and Microsoft Azure with Red Hat Update Infrastructure (RHUI). The in-place upgrade is also supported for Bring Your Own Subscription instances on all public clouds that use RHSM for a RHEL subscription.
  • Language - All Leapp reports, logs, and other generated documentation are in English, regardless of the language configuration.
  • Bootloader - It is not possible to switch the bootloader from BIOS to UEFI on RHEL 7 or RHEL 8. If your RHEL 7 system uses BIOS and you want your RHEL 8 system to use UEFI, perform a fresh install of RHEL 8 instead of an in-place upgrade. For more information, see Is it possible to switch the BIOS boot to UEFI boot on preinstalled Red Hat Enterprise Linux machine?

  • Known limitations - Notable known limitations of Leapp currently include:

    • Encryption of the whole disk or a partition, or file-system encryption currently cannot be used on a system targeted for an in-place upgrade.
    • No network-based multipath and no kind of network storage mount can be used as a system partition (for example, iSCSI, or NFS).
    • The in-place upgrade is currently unsupported for on-demand PAYG instances on the remaining Public Clouds (Huawei Cloud, Alibaba Cloud, Google Cloud) that use Red Hat Update Infrastructure but not Red Hat Subscription Manager (RHSM) for a RHEL subscription.

See also Known Issues.

You can use Red Hat Insights to determine which of the systems you have registered to Insights is on a supported upgrade path to RHEL 8. To do so, navigate to the respective Advisor recommendation in Insights, enable the recommendation under the Actions drop-down menu, and inspect the list under the Affected systems heading. Note that the Advisor recommendation considers only the RHEL 7 minor version and does not perform a pre-upgrade assessment of the system. See also Advisor Service Recommendations.

Chapter 3. Preparing for the upgrade

To prevent issues after the upgrade and to ensure that your system is ready to be upgraded to the next major version of RHEL, complete all necessary preparation steps before upgrading.

You must perform the preparation steps described in Preparing a RHEL 7 system for the upgrade on all systems. In addition, on systems that are registered to Satellite Server, you must also perform the preparation steps described in Preparing a Satellite system for the upgrade.

3.1. Preparing a RHEL 7 system for the upgrade

This procedure describes the steps that are necessary before performing an in-place upgrade to RHEL 8 using the Leapp utility.

If you do not plan to use Red Hat Subscription Manager during the upgrade process, follow instructions in Upgrading to RHEL 8 without Red Hat Subscription Manager.

Prerequisites

Procedure

  1. Ensure your system has been successfully registered to the Red Hat Content Delivery Network (CDN) or Red Hat Satellite using the Red Hat Subscription Manager.
  2. If your system is registered to Satellite Server, complete the steps in Preparing a Satellite system for the upgrade to ensure that your system meets the requirements for the upgrade.

  3. Verify that you have the Red Hat Enterprise Linux Server subscription attached: 

    # subscription-manager list --installed
+-------------------------------------------+
    	  Installed Product Status
+-------------------------------------------+
Product Name:  	Red Hat Enterprise Linux Server
Product ID:     69
Version:        7.9
Arch:           x86_64
Status:         Subscribed

    You should see Server in the product name and Subscribed as the status.

  4. Ensure you have appropriate repositories enabled. The following commands list repositories for the 64-bit Intel architecture; for other architectures, see RHEL 7 repositories.

    1. Enable the Base repository: 

      # subscription-manager repos --enable rhel-7-server-rpms

    2. Enable the Extras repository where Leapp and its dependencies are available: 

      # subscription-manager repos --enable rhel-7-server-extras-rpms
      Note

      You can also have the Optional or Supplementary repositories enabled; see their list in RHEL 7 repositories. In such a case, Leapp enables the RHEL 8 CodeReady Linux Builder or the RHEL 8 Supplementary repositories, respectively.

  5. Set the Red Hat Subscription Manager to consume the latest RHEL 7 content: 

    # subscription-manager release --unset
  6. Optional: If you want to use custom repositories, configure them per instructions in Configuring custom repositories.

  7. If you use the yum-plugin-versionlock plug-in to lock packages to a specific version, clear the lock by running: 

    # yum versionlock clear

    See How to restrict yum to install or upgrade a package to a fixed specific package version? for more information.

  8. If you are upgrading using Red Hat Update Infrastructure (RHUI) on a public cloud, enable required RHUI repositories and install required RHUI packages to ensure your system is ready for upgrade.

    1. For AWS: 

      # yum-config-manager --enable rhui-client-config-server-7
# yum-config-manager --enable rhel-7-server-rhui-extras-rpms
# yum -y install rh-amazon-rhui-client leapp-rhui-aws

    2. For Microsoft Azure: 

      # yum-config-manager --enable rhui-microsoft-azure-rhel7
# yum-config-manager --enable rhui-rhel-7-server-rhui-extras-rpms
# yum -y install rhui-azure-rhel7 leapp-rhui-azure
      Note

      If you locked the Azure virtual machine (VM) to a minor release, remove the version lock. For more information, see Switch a RHEL 7.x VM back to non-EUS.

  9. If you manage containers in Docker, recreate those containers with the appropriate container images using Podman and then attach any in-use volumes. For more information, see How do I migrate my Docker containers to Podman prior to moving from Red Hat Enterprise Linux 7 to Red Hat Enterprise Linux 8?

  10. Update all packages to the latest RHEL 7 version: 

    # yum update

  11. Reboot the system: 

    # reboot

  12. Install the Leapp utility: 

    # yum install leapp-upgrade

    Note that currently you need version 0.14.0 or later of the leapp package and version 0.16.0 or later of the leapp-repository package, , which contains the leapp-upgrade-el7toel8 RPM package.

    Note

    If your system does not have internet access, you can download the Preupgrade Assistant and Red Hat Upgrade Tool from the Red Hat Customer Portal.

  13. Ensure you have access to the latest version of additional required data files, including RPM package changes, RPM repository mapping, and unsupported drivers and devices.

    1. If you are using RHSM for the upgrade, the system has access to cloud.redhat.com, and you have not downloaded an earlier version of the required data files, no further action is required from you. The data files are automatically downloaded from cloud.redhat.com. This also applies to developer subscriptions.

    2. Download the data files attached to the Knowledgebase article Leapp utility metadata in-place upgrades of RHEL for disconnected upgrades and place them in the /etc/leapp/files/ directory. Note that currently you need data files from the leapp-data17.tar.gz archive or later. This is necessary for a successful upgrade in the following scenarios:

      1. You are upgrading on a public cloud using RHUI. If you do not have a Red Hat subscription or Red Hat Customer Portal account, create a no-cost RHEL developer subscription so that you can access the Knowledgebase article and download required data packages. For more information, see How do I get a no-cost Red Hat Enterprise Linux Developer Subscription or renew it?
      2. Your system does not have internet access.
      3. You are using RHSM for the upgrade and you previously downloaded an older version of the required data files but did not perform the upgrade, for example to create automated scripts. You can also delete your older version of the data files to initiate the automatic download of the latest file version.
  14. Temporarily disable antivirus software to prevent the upgrade from failing.

  15. Ensure that any configuration management system does not interfere with the in-place upgrade process:

  16. Ensure your system does not use more than one Network Interface Card (NIC) with a name based on the prefix used by the kernel (eth). For instructions on how to migrate to another naming scheme before an in-place upgrade to RHEL 8, see How to perform an in-place upgrade to RHEL 8 when using kernel NIC names on RHEL 7.
  17. Ensure you have a full system backup or a virtual machine snapshot. You should be able to get your system to the pre-upgrade state if you follow standard disaster recovery procedures within your environment. For example, you can use the Relax-and-Recover (ReaR) utility. For more information, see the ReaR documentation and What is Relax and Recover (ReaR) and how can I use it for disaster recovery?. Alternatively, you can use LVM snapshots, or RAID splitting. In case of upgrading a virtual machine, you can create a snapshot of the whole VM.

3.2. Preparing a Satellite system for the upgrade

This procedure describes the steps that are necessary to prepare a system that is registered to Satellite for the upgrade to RHEL 8.

Important

Users on Satellite systems must complete the preparatory steps described both in this procedure and in Preparing a RHEL 7 system for the upgrade.

Prerequisites

  • You have administrative privileges for the Satellite Server.

Procedure

  1. Verify that Satellite is on a version in full or maintenance support. For more information, see Red Hat Satellite Product Life Cycle.
  2. Import a subscription manifest with RHEL 8 repositories into Satellite Server. For more information, see the Managing Subscriptions chapter in the Content Management Guide for the particular version of Red Hat Satellite, for example, for version 6.10.

  3. Enable and synchronize all required RHEL 7 and RHEL 8 repositories with the latest updates for RHEL 7.9 and the target OS version, for example RHEL 8.6.

    Note

    For RHEL 8 repositories, make sure to enable the target OS version of each repository, for example 8.6. If you have enabled only the RHEL 8 version of the repositories, the in-place upgrade is inhibited.

    For example, for the Intel architecture without an Extended Update Support (EUS) subscription, enable at minimum the following repositories:

    • Red Hat Enterprise Linux 7 Server (RPMs)

      rhel-7-server-rpms

      x86_64 7Server or x86_64 7.9

    • Red Hat Enterprise Linux 7 Server - Extras (RPMs)

      rhel-7-server-extras-rpms

      x86_64

    • Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)

      rhel-8-for-x86_64-appstream-rpms

      x86_64 <target_os_version>

    • Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)

      rhel-8-for-x86_64-baseos-rpms

      x86_64 <target_os_version>

      Replace target_os_version with the target OS version, for example 8.6.

      For other architectures, see RHEL 7 repositories and RHEL 8 repositories.

      For more information, see the Importing Content chapter in the Content Management Guide for the particular version of Red Hat Satellite, for example, for version 6.10.

  4. Attach the content host to a Content View containing the required RHEL 7 and RHEL 8 repositories.

    For more information, see the Managing Content Views chapter in the Content Management Guide for the particular version of Red Hat Satellite, for example, for version 6.10.

Verification

  • Verify that the latest RHEL 8 repositories have been enabled on Satellite Server. For example, to verify repositories in the Library lifecycle environment: 

    hammer repository list --search 'content_label ~ rhel-8' --content-view <content_view_name> --organization <organization> --lifecycle-environment Library

    Replace content_view_name with the name of the content view and organization with the organization.

Chapter 4. Reviewing the pre-upgrade report

To assess upgradability of your system, start the pre-upgrade process by the leapp preupgrade command. During this phase, the Leapp utility collects data about the system, assesses upgradability, and generates a pre-upgrade report.

The pre-upgrade report is available both in the /var/log/leapp/leapp-report.txt file and in the web console. The report summarizes potential problems and proposes recommended solutions. The report also helps you decide whether it is possible or advisable to proceed with the upgrade.

In certain configurations, Leapp generates true/false questions to determine how to proceed. All questions are stored in /var/log/leapp/answerfile and in the pre-upgrade report in the Missing required answers in the answer file message. Leapp inhibits the upgrade if you do not provide answers to all the questions.

You have two options when assessing upgradability in the pre-upgrade phase:

  1. Review the pre-upgrade report in the generated leapp-report.txt file and manually resolve reported problems using the command-line interface.
  2. Use the web console to review the report, apply automated remediations where available, and fix remaining problems using the suggested remediation hints.
Important

During the pre-upgrade phase, Leapp neither simulates the whole in-place upgrade process nor downloads all RPM packages.

Reviewing a pre-upgrade report is useful also if you decide or need to redeploy a RHEL 8 system without the in-place upgrade process.

Note

You can process the pre-upgrade report using your own custom scripts, for example, to compare results from multiple reports across different environments. For more information, see Automating your Red Hat Enterprise Linux pre-upgrade report workflow.

4.1. Assessing upgradability from the command line

Identify potential upgrade problems during the pre-upgrade phase using the command-line interface.

Prerequisites

Procedure

  1. On your RHEL 7 system, perform the pre-upgrade phase: 

    # leapp preupgrade --target <target_os_version>

    Replace target_os_version with the target OS version, for example 8.6. If no target OS version is defined, Leapp uses the default target OS version specified in the table 1.1 in Supported upgrade paths.

    Note

    If you are going to use custom repositories from the /etc/yum.repos.d/ directory for the upgrade, enable the selected repositories as follows: 

    # leapp preupgrade --enablerepo repository_id1 --enablerepo repository_id2 ...

    If you are going to upgrade without RHSM or using RHUI, add the --no-rhsm option.

    If you have an Extended Upgrade Support (EUS), Advanced Update Support (AUS), or Update Services for SAP Solutions (E4S) subscription, add the --channel channel option. Replace channel with the channel, for example eus, aus, or e4s. Note that SAP HANA customers should perform the in-place upgrade using the How to in-place upgrade SAP environments from RHEL 7 to RHEL 8 Knowledgebase article.

  2. Provide answers to each question required by Leapp by either of the following methods:

    1. Execute the leapp answer command, specifying the question you are responding to and your confirmed answer. 

      # leapp answer --section question_section.confirm=answer

      For example, to confirm a True response to the question Disable pam_pkcs11 module in PAM configuration?, execute the following command: 

      # leapp answer --section remove_pam_pkcs11_module_check.confirm=True
    2. Manually edit the /var/log/leapp/answerfile file, uncomment the confirm line of the file by deleting the # symbol, and confirm your answer as True or False; see Leapp answerfile.
  3. Examine the report in the /var/log/leapp/leapp-report.txt file, and manually resolve all the reported problems before proceeding with the in-place upgrade.

4.2. Assessing upgradability and applying automated remediations through the web console

Identify potential problems in the pre-upgrade phase and how to apply automated remediations using the web console.

Prerequisites

Procedure

  1. Install the cockpit-leapp plug-in: 

    # yum install cockpit-leapp
  2. Navigate to the web console in your browser and log in as root or as a user configured in the /etc/sudoers file. See Managing systems using the RHEL 7 web console for more information about the web console.

  3. On your RHEL 7 system, perform the pre-upgrade phase either from the command-line interface or from the web console terminal: 

    # leapp preupgrade --target <target_os_version>

    Replace target_os_version with the target OS version, for example 8.6. If no target OS version is defined, Leapp uses the default target OS version specified in the table 1.1 in Supported upgrade paths.

    Note

    If you are going to use custom repositories from the /etc/yum.repos.d/ directory for the upgrade, enable the selected repositories as follows: 

    # leapp preupgrade --enablerepo repository_id1 --enablerepo repository_id2 ...

    If you are going to upgrade without RHSM or using RHUI, add the --no-rhsm option.

    If you have an Extended Upgrade Support (EUS), Advanced Update Support (AUS), or Update Services for SAP Solutions (E4S) subscription, add the --channel channel option. Replace channel with the channel, for example eus, aus, or e4s. Note that SAP HANA customers should perform the in-place upgrade using the How to in-place upgrade SAP environments from RHEL 7 to RHEL 8 Knowledgebase article.

  4. In the web console, select In-place Upgrade Report from the left menu.

    Figure 4.1. In-place upgrade report in the web console

    In-place upgrade report in the web console

    The report table provides an overview of the problems found, their risk assessment, and remediations (if available).

    • Risk factor:

      • High - very likely to result in a deteriorated system state
      • Medium - can impact both the system and applications
      • Low - should not impact the system but can have an impact on applications
      • Info - informational with no expected impact to the system or applications
    • Inhibitor - will inhibit (hard stop) the upgrade process, otherwise the system could become unbootable, inaccessible, or dysfunctional

    • Remediation - an actionable solution to a reported problem:

      • Remediation command - can be executed directly through the web console
      • Remediation hint - instructions on how to resolve the problem manually

  5. Examine the content of the report. You can sort the table by clicking a header. To open a detail pane, click a selected row.

    Figure 4.2. Detail pane

    Detail pane

    The detail pane displays the following additional information:

    • Summary of the problem and links to Knowledgebase articles describing the problem in more detail
    • Remediations - you can run or schedule an automated remediation (if available), and see its results when applied
    • Affected system resources: packages, repositories, files (configuration, data), disks, volumes

  6. Optionally filter the results. Click the Filters button in the top left corner above the report and apply a filter based on your preferences. Filter categories are applied in conjunction with one another.

    Figure 4.3. Filters

    Filters

  7. Select issues for which you want to apply an automated remediation. You have two options:

    1. Choose individual items by clicking the Add to Remediation Plan button in the detail pane. Alternatively, you can execute individual remediations directly by clicking Run Remediation in the detail pane.
    2. Select all items for which a remediation is available by clicking the Add all remediations to plan button in the top right corner above the report.

  8. Review and answer questions required by Leapp in the web console. Each unanswered question appears as a Missing required answers in the answer file title in the Upgrade Report. Select a title to answer the question:

    1. To confirm the default True answer, select Add to Remediation Plan to execute the remediation later or Run Remediation to execute the remediation immediately.

    2. To select the non-default answer instead, perform either of the following:

      1. Execute the leapp answer command, specifying the question you are responding to and your confirmed answer. 

        # leapp answer --section question_section.confirm=answer

        For example, to confirm a False response to the question Disable pam_pkcs11 module in PAM configuration?, execute the following command: 

        # leapp answer --section remove_pam_pkcs11_module_check.confirm=False

      2. Manually edit the /var/log/leapp/answerfile file, uncomment the confirm line of the file by deleting the # symbol, and confirm your answer as True or False; see Leapp answerfile example.

        Figure 4.4. Missing unanswered Leapp question

        Unanswered Leapp question

  9. Open the remediation plan by clicking the Remediation plan link in the top right corner above the report. The remediation plan provides a list of all executed or scheduled remediations.

    Figure 4.5. Remediation plan

    Remediation plan

  10. Process all scheduled remediations by clicking Execute Remediation Plan. The following information is displayed for each remediation entry:

    • A unique ID of the remediation
    • Exit status of the command
    • Elapsed time of the executed remediation
    • Standard output
    • Standard error
  11. After executing selected remediations, generate the pre-upgrade report again by using the leapp preupgrade command, examine the new report, and take additional remediation steps if needed.

Chapter 5. Performing the upgrade from RHEL 7 to RHEL 8

Upgrade to RHEL 8 using the Leapp utility.

Prerequisites

Procedure

  1. On your RHEL 7 system, start the upgrade process: 

    # leapp upgrade --target <target_os_version>

    Replace target_os_version with the target OS version, for example 8.6. If no target OS version is defined, Leapp uses the default target OS version specified in the table 1.1 in Supported upgrade paths.

    Note

    If you are going to use custom repositories from the /etc/yum.repos.d/ directory for the upgrade, enable the selected repositories as follows: 

    # leapp upgrade --enablerepo repository_id1 --enablerepo repository_id2 ...

    If you are going to upgrade without RHSM or using RHUI, add the --no-rhsm option.

    If you have an Extended Upgrade Support (EUS), Advanced Update Support (AUS), or Update Services for SAP Solutions (E4S) subscription, add the --channel channel option. Replace channel with the value you used with the leapp preupgrade command, for example eus, aus, or e4s. Note that you must use the same value with the --channel option in both the leapp preupgrade and leapp upgrade commands.

    At the beginning of the upgrade process, Leapp performs the pre-upgrade phase described in Reviewing the pre-upgrade report

    If the system is upgradable, Leapp downloads necessary data and prepares an RPM transaction for the upgrade.

    If your system does not meet the parameters for a reliable upgrade, Leapp terminates the upgrade process and provides a record describing the issue and a recommended solution in the /var/log/leapp/leapp-report.txt file. For more information, see Troubleshooting.

  2. Manually reboot the system: 

    # reboot

    In this phase, the system boots into a RHEL 8-based initial RAM disk image, initramfs. Leapp upgrades all packages and automatically reboots to the RHEL 8 system.

    Alternatively, you can run the leapp upgrade command with the --reboot option and skip this manual step.

    If a failure occurs, investigate logs as described in Troubleshooting.

  3. Log in to the RHEL 8 system and verify its state as described in Verifying the post-upgrade state of the RHEL 8 system.
  4. Complete post-upgrade tasks as described in Performing post-upgrade tasks. Especially, re-evaluate and re-apply your security policies.

Chapter 6. Verifying the post-upgrade state of the RHEL 8 system

This procedure lists verification steps recommended to perform after an in-place upgrade to RHEL 8.

Prerequisites

Procedure

After the upgrade completes, determine whether the system is in the required state, at least:

  • Verify that the current OS version is Red Hat Enterprise Linux 8: 

    # cat /etc/redhat-release
Red Hat Enterprise Linux release <target_os_version> (Ootpa)

    Replace target_os_version with the target OS version, for example 8.6.

  • Check the OS kernel version: 

    # uname -r
4.18.0-305.el<target_os>.x86_64

    The target_os should be either 8 or the target OS version, for example 8_6. Note that .el8 is important and the version should not be earlier than 4.18.0-305.

  • If you are using the Red Hat Subscription Manager:

    • Verify that the correct product is installed: 

      # subscription-manager list --installed
+-----------------------------------------+
    	  Installed Product Status
+-----------------------------------------+
Product Name: Red Hat Enterprise Linux for x86_64
Product ID:   479
Version:      <target_os_version>
Arch:         x86_64
Status:       Subscribed

      Replace target_os_version with the target OS version, for example 8.6.

    • Verify that the release version is set to the target OS version immediately after the upgrade: 

      # subscription-manager release
Release: <target_os_version>

      Replace target_os_version with the target OS version, for example 8.6.

  • Verify that network services are operational, for example, try to connect to a server using SSH.
  • Check the post-upgrade status of your applications. In some cases, you may need to perform migration and configuration changes manually. For example, to migrate your databases, follow instructions in RHEL 8 Database servers documentation.

Chapter 7. Performing post-upgrade tasks

This procedure lists major tasks recommended to perform after an in-place upgrade to RHEL 8.

Prerequisites

Procedure

After performing the upgrade, complete the following tasks:

  1. Remove any remaining Leapp packages from the exclude list in the /etc/dnf/dnf.conf configuration file, including the snactor package. During the in-place upgrade, Leapp packages that were installed with the Leapp utility are automatically added to the exclude list to prevent critical files from being removed or updated. After the in-place upgrade, these Leapp packages must be removed from the exclude list before they can be removed from the system.

    • To manually remove packages from the exclude list, edit the /etc/dnf/dnf.conf configuration file and remove the desired Leapp packages from the exclude list.

    • To remove all packages from the exclude list: 

      # dnf config-manager --save --setopt exclude=''

  2. Remove remaining RHEL 7 packages, including remaining Leapp packages.

    1. Determine old kernel versions: 

      # cd /lib/modules && ls -d *.el7*

    2. Remove weak modules from the old kernel. If you have multiple old kernels, repeat this step for each kernel: 

      # [ -x /usr/sbin/weak-modules ] && /usr/sbin/weak-modules --remove-kernel <version>

      Replace version with the kernel version determined in the previous step, for example: 

      #  [ -x /usr/sbin/weak-modules ] && /usr/sbin/weak-modules --remove-kernel 3.10.0-1160.25.1.el7.x86_64
      Note

      Ignore the following error message, which is generated if the kernel package has been previously removed: 

      /usr/sbin/weak-modules: line 1081: cd: /lib/modules/<version>/weak-updates: No such file or directory

    3. Remove the old kernel from the bootloader entry. If you have multiple old kernels, repeat this step for each kernel: 

      # /bin/kernel-install remove <version> /lib/modules/<version>/vmlinuz

      Replace version with the kernel version determined in the previous step, for example: 

      # /bin/kernel-install remove 3.10.0-1160.25.1.el7.x86_64 /lib/modules/3.10.0-1160.25.1.el7.x86_64/vmlinuz

    4. Locate remaining RHEL 7 packages: 

      # rpm -qa | grep -e '\.el[67]' | grep -vE '^(gpg-pubkey|libmodulemd|katello-ca-consumer)' | sort
    5. Remove remaining RHEL 7 packages, including old kernel packages, and the kernel-workaround package from your RHEL 8 system.

    6. Remove remaining Leapp dependency packages: 

      # dnf remove leapp-deps-el8 leapp-repository-deps-el8

    7. Remove any remaining empty directories: 

      # rm -r /lib/modules/*el7*
  3. Re-evaluate and re-apply your security policies. Especially, change the SELinux mode to enforcing. For details, see Applying security policies.

Verification steps

  • Verify that the old kernels have been removed from the bootloader entry: 

    # grubby --info=ALL | grep "\.el7" || echo “Old kernels are not present in the bootloader.”

Chapter 8. Applying security policies

During the in-place upgrade process, certain security policies must remain disabled. Furthermore, RHEL 8 introduces a new concept of system-wide cryptographic policies and also security profiles might contain changes between major releases. This section guides you when securing your upgraded RHEL systems.

8.1. Changing SELinux mode to enforcing

During the in-place upgrade process, the Leapp utility sets SELinux mode to permissive. When the system is successfully upgraded, you have to manually change SELinux mode to enforcing.

Prerequisites

Procedure

  1. Ensure that there are no SELinux denials, for example, by using the ausearch utility: 

    # ausearch -m AVC,USER_AVC -ts boot

    Note that the previous step covers only the most common scenario. To check for all possible SELinux denials, see the Identifying SELinux denials section in the Using SELinux title, which provides a complete procedure.

  2. Open the /etc/selinux/config file in a text editor of your choice, for example: 

    # vi /etc/selinux/config

  3. Configure the SELINUX=enforcing option: 

    # This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
#       targeted - Targeted processes are protected,
#       mls - Multi Level Security protection.
SELINUXTYPE=targeted

  4. Save the change, and restart the system: 

    # reboot

Verification

  1. After the system restarts, confirm that the getenforce command returns Enforcing: 

    $ getenforce
Enforcing

Additional resources

8.2. Setting system-wide cryptographic policies

The system-wide cryptographic policies is a system component that configures the core cryptographic subsystems, covering the TLS, IPSec, SSH, DNSSec, and Kerberos protocols.

After a successful installation or an in-place upgrade process, the system-wide cryptographic policy is automatically set to DEFAULT. The DEFAULT system-wide cryptographic policy level offers secure settings for current threat models.

To view or change the current system-wide cryptographic policy, use the update-crypto-policies tool: 

$ update-crypto-policies --show
DEFAULT

For example, the following command switches the system-wide crypto policy level to FUTURE, which should withstand any near-term future attacks: 

# update-crypto-policies --set FUTURE
Setting system policy to FUTURE

You can also customize system-wide cryptographic policies. For details, see the Customizing system-wide cryptographic policies with policy modifiers and Creating and setting a custom system-wide cryptographic policy sections.

Additional resources

8.3. Upgrading the system hardened to a security baseline

To get a fully hardened system after a successful upgrade to RHEL 8, you can use automated remediation provided by the OpenSCAP suite. OpenSCAP remediations align your system with security baselines, such as PCI-DSS, OSPP, or ACSC Essential Eight. The configuration compliance recommendations differ among major versions of Red Hat Enterprise Linux due to the evolution of the security offering.

When upgrading a hardened RHEL 7 system, the Leapp tool does not provide direct means to retain the full hardening. Depending on the changes in the component configuration, the system might diverge from the recommendations for the RHEL 8 during the upgrade.

Note

You cannot use the same SCAP content for scanning RHEL 7 and RHEL 8. Update the management platforms if the compliance of the system is managed by the tools like Red Hat Satellite or Red Hat Insights.

As an alternative to automated remediations, you can make the changes manually by following an OpenSCAP-generated report. For information on generating a compliance report, see Scanning the system for security compliance and vulnerabilities.

Follow the procedure to automatically harden your system with the PCI-DSS profile.

Important

Automated remediations support RHEL systems in the default configuration. Because the system upgrade has been altered after the installation, running remediation might not make it fully compliant with the required security profile. You might need to fix some requirements manually.

Prerequisites

  • The scap-security-guide package is installed on your RHEL 8 system.

Procedure

  1. Find the appropriate security compliance data stream .xml file: 

    $ ls /usr/share/xml/scap/ssg/content/
ssg-firefox-cpe-dictionary.xml  ssg-rhel6-ocil.xml
ssg-firefox-cpe-oval.xml        ssg-rhel6-oval.xml
...
ssg-rhel6-ds-1.2.xml          ssg-rhel8-oval.xml
ssg-rhel8-ds.xml              ssg-rhel8-xccdf.xml
...

    For additional information, see section Viewing compliance profiles.

  2. Remediate the system according to the selected profile from the appropriate data stream: 

    # oscap xccdf eval --profile pci-dss --remediate /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml

    You can replace the pci-dss value in the --profile argument with the ID of the profile according to which you want to harden your system. For a full list of profiles supported in RHEL 8, see SCAP security profiles supported in RHEL.

    Warning

    If not used carefully, running the system evaluation with the Remediate option enabled might render the system non-functional. Red Hat does not provide any automated method to revert changes made by security-hardening remediations. Remediations are supported on RHEL systems in the default configuration. If your system has been altered after the installation, running remediation might not make it compliant with the required security profile.

  3. Restart your system: 

    # reboot

Verification

  1. Verify that the system is compliant with the profile, and save the results in an HTML file: 

    $ oscap xccdf eval --report pcidss_report.html --profile pci-dss /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml

Additional resources

Chapter 9. Troubleshooting

You can refer to the following tips to troubleshoot upgrading from RHEL 7 to RHEL 8.

9.1. Troubleshooting resources

You can refer to the following troubleshooting resources.

Console output

By default, only error and critical log level messages are printed to the console output by the Leapp utility. To change the log level, use the --verbose or --debug options with the leapp upgrade command.

  • In verbose mode, Leapp prints info, warning, error, and critical messages.
  • In debug mode, Leapp prints debug, info, warning, error, and critical messages.

Logs

  • The /var/log/leapp/leapp-upgrade.log file lists issues found during the initramfs phase.
  • The /var/log/leapp/dnf-debugdata/ directory contains transaction debug data. This directory is present only if the leapp upgrade command is executed with the --debug option.
  • The /var/log/leapp/answerfile contains questions required to be answered by Leapp.
  • The journalctl utility provides complete logs.

Reports

9.2. Troubleshooting tips

You can refer to the following troubleshooting tips.

Pre-upgrade phase

  • Verify that your system meets all conditions listed in Planning an upgrade.
  • Make sure you have followed all steps described in Preparing for the upgrade for example, your system does not use more than one Network Interface Card (NIC) with a name based on the prefix used by the kernel (eth).

  • Make sure you have answered all questions required by Leapp in the /var/log/leapp/answerfile file. If any answers are missing, Leapp inhibits the upgrade. Example questions:

    • Disable pam_pkcs11 module in PAM configuration?
    • Disable pam_krb5 module in PAM configuration?
    • Configure PAM and nsswitch.conf with the following authselect call?
  • Make sure you have resolved all problems identified in the pre-upgrade report, located at /var/log/leapp/leapp-report.txt. To achieve this, you can also use the web console, as described in Assessing upgradability and applying automated remediations through the web console.

Example 9.1. Leapp answerfile

The following is an example of an unedited /var/log/leapp/answerfile file that has one unanswered question: 

[remove_pam_pkcs11_module_check]
# Title:          	None
# Reason:         	Confirmation
# =================== remove_pam_pkcs11_module_check.confirm ==================
# Label:          	Disable pam_pkcs11 module in PAM configuration? If no, the upgrade process will be interrupted.
# Description:    	PAM module pam_pkcs11 is no longer available in RHEL-8 since it was replaced by SSSD.
# Type:           	bool
# Default:        	None
# Available choices: True/False
# Unanswered question. Uncomment the following line with your answer
# confirm =

The Label field specifies the question that requires an answer. In this example, the question is Disable pam_pkcs11 module in PAM configuration?

To answer the question, uncomment the confirm line and enter an answer of True or False. In this example, the selected answer is True: 

[remove_pam_pkcs11_module_check]
...
# Available choices: True/False
# Unanswered question. Uncomment the following line with your answer
confirm = True

Download phase

  • If a problem occurs during downloading RPM packages, examine transaction debug data located in the /var/log/leapp/dnf-debugdata/ directory.

    Note

    The /var/log/leapp/dnf-debugdata/ directory is empty or does not exist if no transaction debug data was produced. This might occur when the required repositories are not available.

initramfs phase

  • During this phase, potential failures redirect you to the Dracut shell. Check the Journal log: 

    # journalctl

    Alternatively, restart the system from the Dracut shell using the reboot command and check the /var/log/leapp/leapp-upgrade.log file.

Post-upgrade phase

  • If your system seems to be successfully upgraded but booted with the old RHEL 7 kernel, restart the system and check the kernel version of the default entry in GRUB.
  • Make sure you have followed the recommended steps in Verifying the post-upgrade state of the RHEL 8 system.

  • If your application or a service stops working or behaves incorrectly after you have switched SELinux to enforcing mode, search for denials using the ausearch, journalctl, or dmesg utilities: 

    # ausearch -m AVC,USER_AVC -ts boot
# journalctl -t setroubleshoot
# dmesg | grep -i -e selinux -e type=1400

    The most common problems are caused by incorrect labeling. See Troubleshooting problems related to SELinux for more details.

9.3. Known issues

The following are Known Issues you may encounter when upgrading from RHEL 7 to RHEL 8.

  • Network teaming currently does not work when the in-place upgrade is performed while Network Manager is disabled or not installed.
  • If you use an HTTP proxy, Red Hat Subscription Manager must be configured to use such a proxy, or the subscription-manager command must be executed with the --proxy <hostname> option. Otherwise, an execution of the subscription-manager command fails. If you use the --proxy option instead of the configuration change, the upgrade process fails because Leapp is unable to detect the proxy. To prevent this problem from occurring, manually edit the rhsm.conf file as described in How to configure HTTP Proxy for Red Hat Subscription Management. (BZ#1689294)
  • If your RHEL 7 system uses a device driver that is provided by Red Hat but is not available in RHEL 8, Leapp inhibits the upgrade. However, if the RHEL 7 system uses a third-party device driver that Leapp does not have data for in the /etc/leapp/files/device_driver_deprecation_data.json file, Leapp does not detect such a driver and proceeds with the upgrade. Consequently, the system might fail to boot after the upgrade.

  • You cannot perform an in-place upgrade when the winbind and wins Samba modules are used in the /etc/nsswitch.conf file at the moment. The upgrade transaction fails with the following error messages and Leapp inhibits the upgrade: 

    upgrade[469]: STDERR:
upgrade[469]: Error in PREIN scriptlet in rpm package unbound-libs
upgrade[469]: Error: Transaction failed
upgrade[469]: Container el8userspace failed with error code 1.
unbound-libs has a PREIN failure

    To work around this problem, configure the system so that it uses only local providers for the user, groups, and hosts database during the update:

    1. Open the system /etc/nsswitch.conf configuration file and search for entries that contain the winbind or wins strings.
    2. If you find such entries, create a backup of /etc/nsswitch.conf.
    3. Edit /etc/nsswitch.conf and remove winbind or wins from the entries that contain them.
    4. Perform an in-place upgrade.

    5. After the upgrade, add the winbind and wins strings to the respective entries in /etc/nsswitch.conf, based on your system configuration requirements.

      (BZ#1410154)

  • The Leapp utility does not change customized authentication configuration during the upgrade process. If you used the deprecated authconfig utility to configure authentication on your RHEL 7 system, authentication on RHEL 8 might not work correctly. To ensure that your custom configuration functions properly on the RHEL 8 system, re-configure your RHEL 8 system with the authselect utility.

    Important

    During the in-place upgrade, the deprecated pam_krb5 or pam_pkcs11 pluggable authentication modules (PAM) are removed. Consequently, if the PAM configuration on your RHEL 7 system contains the pam_krb5 or pam_pkcs11 modules and if these modules have the required or requisite control values, performing the in-place upgrade might result in locking you out of the system. To work around this problem, reconfigure your RHEL 7 system to not use pam_krb5 or pam_pkcs11 before you start the upgrade process.

  • If the name of a third-party package (not signed by Red Hat) installed on your system is the same as the name of a package provided by Red Hat, the in-place upgrade fails. To work around this problem, choose one of the following options prior to upgrading:

    1. Remove the third-party package
    2. Replace the third-party package with the package provided by Red Hat

  • Due to security reasons, support for single-DES (DES) and triple-DES (3DES) encryption types has been removed from RHEL 8. RHEL 7 Identity Management (IdM), however, still supports 3DES encryption.
    Upgrading an IdM environment from RHEL 7 to RHEL 8 is possible because both versions of RHEL prefer stronger AES encryption types by default:

    Version of IdMDefault encryption typesAdditional supported encryption types

    RHEL 7

    aes256-cts
    aes128-cts

    camellia256-cts
    camellia128-cts
    des3-hmac
    arcfour-hmac

    RHEL 8

    aes256-cts
    aes128-cts

    aes256-sha2
    aes128-sha2
    camellia256-cts
    camellia128-cts
    arcfour-hmac [a]

    [a] RC4 encryption has been deprecated and disabled by default in RHEL 8, as it is considered less secure than the newer AES-128 and AES-256 encryption types. For more information on enabling RC4 support for compatibility with legacy Active Directory environments, see Ensuring support for common encryption types in AD and RHEL.

    If you manually configured a non-IdM Kerberos Distribution Center (KDC), any services, or any users to only use DES or 3DES encryption, you might experience service interruptions after updating to the latest Kerberos packages in RHEL 8, such as:

    • Kerberos authentication errors
    • unknown enctype encryption errors
    • KDCs with DES-encrypted Database Master Keys (K/M) fail to start

    Red Hat recommends you do not use DES or 3DES encryption in your environment. For more information on re-keying Kerberos principals to use stronger encryption types, see Retiring DES from MIT Kerberos Documentation.

  • The in-place upgrade fails on systems with Software Redundant Array of Independent Disks (RAID). (BZ#1957192)
  • Systems with a disabled GRUB bootloader specification, such as systems using Puppet, cannot create new initramfs for newer kernels. To work around this problem, manually remove packages and the old kernel from the bootloader entry as described in Chapter 6: Performing post-upgrade tasks. (BZ#1955099)
  • The Relax-and-Recover (ReaR) utility is not available on the IBM Z architecture. As a result, IBM Z systems cannot be completely remediated by the OpenSCAP suite and might not be fully compliant with security baselines. (BZ#1958939)
  • During the in-place upgrade, the Leapp utility usually preserves the network interface controller (NIC) names between RHEL 7 and RHEL 8. However, on some systems, for example systems with network bonding, the NIC names might need to be updated between RHEL 7 and RHEL 8. On those systems, set the LEAPP_NO_NETWORK_RENAMING=1 environment variable, perform the in-place upgrade, and then verify that your network is working as expected. If needed, manually update the network configuration. (BZ#1919382)

  • The in-place upgrade might be inhibited because the Leapp utility incorrectly detects that there is not enough free disk space. If your system contains partitions formatted with the XFS filesystem without ftype attributes, you can work around this issue by changing the default size in the LEAPP_OVL_SIZE environment variable to account for, at minimum, the specified missing disk space inside the container. It is recommended to increase the default size to greater than the specified missing disk space to prevent repeated error messages. For example, if the Leapp utility detects that an additional 400 MB is needed, increase the default size from 2048 MB to at least 2500 MB.

    Note

    This workaround can require a large amount of free space in the /var partition.

    If this workaround does not resolve the issue, or if your system does not contain these partitions without ftype attributes, contact Red Hat support.

    (BZ#1832730)

  • On systems with the NSFD service running on NFS servers, a non-existent NFS partition might be incorrectly detected during the in-place upgrade, inhibiting the upgrade. To prevent this issue, stop the NFSD service before running the in-place upgrade: 

    # systemctl stop /proc/fs/nfsd

    (BZ#2036069)

9.4. Known issues for IBM POWER 9 (little endian) and IBM Z (Structure A)

The IBM POWER 9 (little endian) and 64-bit IBM Z (Structure A) architectures have reached end of life. The final upgrade path for these architectures is from RHEL 7.6 to RHEL 8.4. Subsequent releases to the in-place upgrade do not include these architectures. As a result, known issues that are resolved in later releases of the in-place upgrade are not resolved for these architectures.

The following known issues affect only IBM POWER 9 (little endian) and 64-bit IBM-Z (Structure A) architectures:

  • During an in-place upgrade, the docker package is removed without a warning. If you use containers in RHEL, migrate to Podman prior to upgrading to RHEL 8. For instructions, see How do I migrate my Docker containers to Podman prior to moving from Red Hat Enterprise Linux 7 to Red Hat Enterprise Linux 8? (BZ#1858711)

  • During the pre-upgrade process, users might be required to answer true/false questions before they can proceed with the upgrade. If the pre-upgrade report was run prior to the release of the latest version of Leapp, the report might have incorrectly reported that all true/false questions had been answered and that it was safe to proceed with the upgrade. If you ran the pre-upgrade report prior to November 9, 2021, complete the following steps to prevent serious issues with the upgrade:

    1. Update all Leapp-related packages.

    2. Remove the /var/log/leapp/answerfile and /var/log/leapp/answerfile.userchoices files: 

      # rm -f /var/log/leapp/answerfile /var/log/leapp/answerfile.userchoices

    3. Run the leapp preupgrade command and answer any true/false questions again.

      (BZ#2014015)

9.5. Obtaining support

You can open a support case, select RHEL 7 as the product, and provide a sosreport from your system.

  • To generate a sosreport on your system, run: 
# sosreport

Note that you can leave the case ID empty.

For details on generating a sosreport, see the solution What is an sosreport and how to create one in Red Hat Enterprise Linux?.

For more information on opening and managing a support case on the Customer Portal, see the article How do I open and manage a support case on the Customer Portal?.

Appendix A. RHEL 7 repositories

Before the upgrade, ensure you have appropriate repositories enabled as described in step 4 of the procedure in Preparing a RHEL 7 system for the upgrade.

If you plan to use Red Hat Subscription Manager during the upgrade, you must enable the following repositories before the upgrade by using the subscription-manager repos --enable repository_id command:

ArchitectureRepositoryRepository ID

64-bit Intel

Base

rhel-7-server-rpms

Extras

rhel-7-server-extras-rpms

IBM POWER8 (little endian)

Base

rhel-7-for-power-le-rpms

Extras

rhel-7-for-power-le-extras-rpms

IBM POWER9 (little endian)

Base

rhel-7-for-power-9-rpms

Extras

rhel-7-for-power-9-extras-rpms

IBM Z

Base

rhel-7-for-system-z-rpms

Extras

rhel-7-for-system-z-extras-rpms

IBM Z (Structure A)

Base

rhel-7-for-system-z-a-rpms

Extras

rhel-7-for-system-z-a-extras-rpms

You can enable the following repositories before the upgrade by using the subscription-manager repos --enable repository_id command:

ArchitectureRepositoryRepository ID

64-bit Intel

Optional

rhel-7-server-optional-rpms

Supplementary

rhel-7-server-supplementary-rpms

IBM POWER8 (little endian)

Optional

rhel-7-for-power-le-optional-rpms

Supplementary

rhel-7-for-power-le-supplementary-rpms

IBM POWER9 (little endian)

Optional

rhel-7-for-power-9-optional-rpms

Supplementary

rhel-7-for-power-9-supplementary-rpms

IBM Z

Optional

rhel-7-for-system-z-optional-rpms

Supplementary

rhel-7-for-system-z-supplementary-rpms

IBM Z (Structure A)

Optional

rhel-7-for-system-z-a-optional-rpms

Supplementary

N/A

Note

If you have enabled a RHEL 7 Optional or a RHEL 7 Supplementary repository before an in-place upgrade, Leapp enables the RHEL 8 CodeReady Linux Builder or RHEL 8 Supplementary repositories, respectively.

If you decide to use custom repositories, enable them per instructions in Configuring custom repositories.

Appendix B. RHEL 8 repositories

If your system is registered to the Red Hat Content Delivery Network (CDN) using the Red Hat Subscription Manager (RHSM), RHEL 8 repositories are automatically enabled during the in-place upgrade. However, on systems registered to Red Hat Satellite using RHSM, you must manually enable and synchronize both RHEL 7 and RHEL 8 repositories before running the pre-upgrade report.

Note

Make sure to enable the target OS version of each repository, for example RHEL 8.6. If you have enabled only the RHEL 8 version of the repositories, the in-place upgrade is inhibited.

If you plan to use Red Hat Satellite during the upgrade, you must enable and synchronize at least the following RHEL 8 repositories before the upgrade using either the Satellite web UI or the hammer repository-set enable and hammer product synchronize commands:

Note

Replace target_os_version with the target OS version, for example 8.6.

Table B.1. RHEL 8 repositories

ArchitectureRepositoryRepository IDRepository nameRelease version

64-bit Intel

BaseOS

rhel-8-for-x86_64-baseos-rpms

Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)

x86_64 <target_os_version>

Appstream

rhel-8-for-x86_64-appstream-rpms

Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)

x86_64 <target_os_version>

IBM Power8 (little endian)/IBM Power9 (little endian)

BaseOS

rhel-8-for-ppc64le-baseos-rpms

Red Hat Enterprise Linux 8 for Power, little endian - BaseOS (RPMs)

ppc64le <target_os_version>

Appstream

rhel-8-for-ppc64le-appstream-rpms

Red Hat Enterprise Linux 8 for Power, little endian - AppStream (RPMs)

ppc64le <target_os_version>

IBM Z/IBM Z (Structure A)

BaseOS

rhel-8-for-s390x-baseos-rpms

Red Hat Enterprise Linux 8 for IBM z Systems - BaseOS (RPMs)

s390x <target_os_version>

Appstream

rhel-8-for-s390x-appstream-rpms

Red Hat Enterprise Linux 8 for IBM z Systems - AppStream (RPMs)

s390x <target_os_version>

Legal Notice

Copyright © 2022 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.