Chapter 1. Overview

1.1. Major changes in RHEL 8.5

Installer and image creation

In RHEL 8.5, Image Builder supports the following features:

  • Ability to customize filesystem configuration.
  • Ability to override official repositories available
  • Ability to create bootable installer images and install them to a bare metal system.

For more information, see Section 4.1, “Installer and image creation”.

RHEL for Edge

RHEL 8.5 introduces RHEL for Edge Simplified Installer image, optimized for unattended installation to a device, and provisioning the image to a RHEL for Edge image.

For more information, see Section 4.2, “RHEL for Edge”.

Security

The system-wide cryptographic policies support scopes and wildcards for directives in custom policies. You can now enable different sets of algorithms for different back ends.

The Rsyslog log processing application has been updated to version 8.2102.0-5. This update introduces, among other improvements, the OpenSSL network stream driver. This implements TLS-protected transport using the OpenSSL library into Rsyslog.

The SCAP Security Guide project now includes several new profiles and improvements of existing profiles:

  • A new profile aligned with the Australian Cyber Security Centre Information Security Manual (ACSC ISM).
  • The Center for Internet Security (CIS) profile restructured into four different profiles (Workstation Level 1, Workstation Level 2, Server Level 1, Server Level 2).
  • The Security Technical Implementation Guide (STIG) security profile updated to version V1R3.
  • A new STIG profile compatible with Server with GUI installations.
  • A new French National Security Agency (ANSSI) High Level profile, which completes the availability of profiles for all ANSSI-BP-028 v1.2 hardening levels in the SCAP Security Guide.

With these enhancements, you can install a system that conforms with one of these security baselines and use the OpenSCAP suite for checking security compliance and remediation using the risk-based approach for security controls defined by the relevant authorities.

See New features - Security for more information.

The new RHEL VPN System Role makes it easier to set up secure and properly configured IPsec tunneling and virtual private networking (VPN) solutions on large numbers of hosts. For more information, see New Features - Red Hat Enterprise Linux System Roles.

Networking

NetworkManager now supports configuring a device to accept all traffic. You can configure this feature using, for example, the nmcli utility.

The firewalld service supports forwarding traffic between different interfaces or sources within a zone.

The firewalld service supports filtering traffic that is forwarded between zones.

Dynamic programming languages, web and database servers

Later versions of the following components are now available as new module streams:

  • Ruby 3.0
  • nginx 1.20
  • Node.js 16

The following components have been upgraded:

  • PHP to version 7.4.19
  • Squid to version 4.15
  • Mutt to version 2.0.7

See New features - Dynamic programming languages, web and database servers and Technology Previews - Dynamic programming languages, web and database servers for more information.

Compilers and development tools

The following compiler toolsets have been updated:

  • GCC Toolset 11
  • LLVM Toolset 12.0.1
  • Rust Toolset 1.54.0
  • Go Toolset 1.16.7

See New features - Compilers and development tools for more information.

OpenJDK updates
  • Open Java Development Kit 17 (OpenJDK 17) is now available. For more information about the features introduced in this release and changes in the existing functionality, see OpenJDK features.
  • OpenJDK 11 has been updated to version 11.0.13. For more information about the features introduced in this release and changes in the existing functionality, see Release notes for OpenJDK 11.0.13.
  • OpenJDK 8 has been updated to version 8.0.312. For more information about the features introduced in this release and changes in the existing functionality, see Release notes for OpenJDK 8.0.312.

Red Hat Enterprise Linux System Roles

The Postfix RHEL System Role is fully supported.

The Network Time Security (NTS) option is now added to the Timesync RHEL System Role.

The Storage RHEL System Role now supports LVM VDO volumes and expresses volume sizes as a percentage.

The new RHEL VPN System Role makes it easier to set up secure and properly configured IPsec tunneling and virtual private networking (VPN) solutions on large numbers of hosts.

High Availability Cluster RHEL System Role is available as a Technology Preview for the 8.5 GA Release.

See New features - Red Hat Enterprise Linux System Roles and Technology Previews - Red Hat Enterprise Linux System Roles for more information.

1.2. In-place upgrade and OS conversion

In-place upgrade from RHEL 7 to RHEL 8

The supported in-place upgrade paths currently are:

  • From RHEL 7.9 to RHEL 8.4 on the 64-bit Intel, IBM POWER 8 (little endian), and IBM Z architectures
  • From RHEL 7.6 to RHEL 8.4 on architectures that require kernel version 4.14: IBM POWER 9 (little endian) and IBM Z (Structure A). This is the final in-place upgrade path for these architectures.
  • From RHEL 7.7 to RHEL 8.2 on systems with SAP HANA. To ensure your system with SAP HANA remains supported after upgrading to RHEL 8.2, enable the RHEL 8.2 Update Services for SAP Solutions (E4S) repositories.

To ensure your system remains supported after upgrading to RHEL 8.4, either update to the latest RHEL 8.5 version or ensure that the RHEL 8.4 Extended Update Support (EUS) repositories have been enabled. On systems with SAP HANA, enable the RHEL 8.2 Update Services for SAP Solutions (E4S) repositories.

For more information, see Supported in-place upgrade paths for Red Hat Enterprise Linux. For instructions on performing an in-place upgrade, see Upgrading from RHEL 7 to RHEL 8. For instructions on performing an in-place upgrade on systems with SAP environments, see How to in-place upgrade SAP environments from RHEL 7 to RHEL 8.

Notable enhancements include:

  • It is now possible to perform an in-place upgrade with SAP HANA on Pay-As-You-Go instances on AWS with Red Hat Update Infrastructure (RHUI).
  • It is now possible to enable EUS or E4S repositories during the in-place upgrade.
  • The Leapp utility can now be installed using the yum install leapp-upgrade command. As part of this change, the leapp-repository and leapp-repository-deps RPM packages have been renamed leapp-upgrade-el7toel8 and leapp-upgrade-el7toel8-deps respectively. If the old packages are already installed on your system, they will be automatically replaced by the new packages when you run yum update.
  • Leapp reports, logs, and other generated documentation are in English, regardless of the language configuration.
  • After the upgrade, leftover Leapp packages must be manually removed from the exclude list in the /etc/dnf/dnf.conf configuration file before they can be removed from the system.
  • The repomap.csv file, which is located in the leapp-data15.tar.gz archive, has been deprecated and has been replaced with the repomap.json file. The deprecated file will remain available until March 2022.
  • The IBM POWER 9 (little endian) and IBM Z (Structure A) architectures have reached end of life. Subsequent releases to the in-place upgrade, including new upgrade paths, features, and bug fixes, will not include these architectures.

In-place upgrade from RHEL 6 to RHEL 8

To upgrade from RHEL 6.10 to RHEL 8.4, follow instructions in Upgrading from RHEL 6 to RHEL 8.

Conversion from a different Linux distribution to RHEL

If you are using CentOS Linux 8 or Oracle Linux 8, you can convert your operating system to RHEL 8 using the Red Hat-supported Convert2RHEL utility. For more information, see Converting from an RPM-based Linux distribution to RHEL.

If you are using an earlier version of CentOS Linux or Oracle Linux, namely versions 6 or 7, you can convert your operating system to RHEL and then perform an in-place upgrade to RHEL 8. Note that CentOS Linux 6 and Oracle Linux 6 conversions use the unsupported Convert2RHEL utility. For more information on unsupported conversions, see How to perform an unsupported conversion from a RHEL-derived Linux distribution to RHEL.

For information regarding how Red Hat supports conversions from other Linux distributions to RHEL, see the Convert2RHEL Support Policy document.

1.3. Red Hat Customer Portal Labs

Red Hat Customer Portal Labs is a set of tools in a section of the Customer Portal available at https://access.redhat.com/labs/. The applications in Red Hat Customer Portal Labs can help you improve performance, quickly troubleshoot issues, identify security problems, and quickly deploy and configure complex applications. Some of the most popular applications are:

1.4. Additional resources