Chapter 20. Red Hat Enterprise Linux Atomic Host 7.5.3

20.1. Atomic Host

OStree update:

New Tree Version: 7.5.3 (hash: 03d524a16c8d76897f097565ca7452c1a5e2541f8c2beab145adf622499c7c64)
Changes since Tree Version 7.5.2 (hash: 7eae04224d894f6f0b57bf3c77f78c749d64813bd1543290f4b0276c81082617)

Updated packages:

  • microdnf-2-5.el7
  • cockpit-ostree-172-2.el7

20.2. Extras

Updated packages:

  • buildah-1.2-2.gitbe87762.el7
  • cockpit-172-2.el7
  • container-selinux-2.68-1.el7
  • container-storage-setup-0.11.0-2.git5eaf76c.el7
  • containernetworking-plugins-0.7.1-1.el7
  • docker-1.13.1-74.git6e3bb8e.el7
  • oci-systemd-hook-0.1.17-2.git83283a0.el7
  • podman-0.7.3-1.git0791210.el7
  • rhel-system-roles-1.0-2.el7 *
  • runc-1.0.0-37.rc5.dev.gitad0f525.el7

The asterisk (*) marks packages that are available for Red Hat Enterprise Linux only.

20.2.1. Container Images

Updated:

  • Red Hat Enterprise Linux 7 Init Container Image (rhel7/rhel7-init)
  • Red Hat Enterprise Linux Atomic Identity Management Server Container Image (rhel7/ipa-server)
  • Red Hat Enterprise Linux Atomic Image (rhel-atomic, rhel7-atomic, rhel7/rhel-atomic)
  • Red Hat Enterprise Linux Atomic Net-SNMP Container Image (rhel7/net-snmp)
  • Red Hat Enterprise Linux Atomic SSSD Container Image (rhel7/sssd)
  • Red Hat Enterprise Linux Atomic Support Tools Container Image (rhel7/support-tools)
  • Red Hat Enterprise Linux Atomic Tools Container Image (rhel7/rhel-tools)
  • Red Hat Enterprise Linux Atomic cockpit-ws Container Image (rhel7/cockpit-ws)
  • Red Hat Enterprise Linux Atomic etcd Container Image (rhel7/etcd)
  • Red Hat Enterprise Linux Atomic flannel Container Image (rhel7/flannel)
  • Red Hat Enterprise Linux Atomic open-vm-tools Container Image (rhel7/open-vm-tools)
  • Red Hat Enterprise Linux Atomic openscap Container Image (rhel7/openscap)
  • Red Hat Enterprise Linux Atomic rsyslog Container Image (rhel7/rsyslog)
  • Red Hat Enterprise Linux Atomic sadc Container Image (rhel7/sadc)
  • Red Hat Enterprise Linux Container Image (rhel7.5, rhel7, rhel7/rhel, rhel)

20.3. New Features

  • L1 Terminal Fault Attack vulnerability fixed in a new 7.5.3 image

    The RHEL Atomic Host 7.5.3 image has been updated to include security fixes for the L1 Terminal Fault Attack vulnerability. For more information, see this article.

  • RHEL Atomic Host will not be supported on OpenShift 4.0 and later

    Beginning with Red Hat OpenShift 4.0, RHEL Atomic Host will not be supported on Red Hat OpenShift.

  • Container images are now available for PowerPC 8 & 9 and s390x

    Beginning with RHEL Atomic Host 7.5.3, many of the container images are available not only for AMD64 and Intel 64 (X86_64), but also for the little-endian variant of IBM Power Systems (PowerPC 8 & 9, also known as ppc64le) and IBM z Systems (s390x).

    See Supported Architectures for Containers on RHEL if you need:

    • details about this change
    • architecture support information for individual images
    • comprehensive information on architectures support for containers
  • Distribution of architecture-specific base images will change in 7.6

    Currently, the multi-architecture base OS images are available in the rhel7 repository and in the architecture-specific repository, for example rhel7/ppc64le. This will continue until RHEL Atomic Host 7.6.

    With RHEL Atomic Host 7.6, base images for all architectures will be available in the rhel7 repository. When you pull the base image, the image for the correct architecture will be pulled automatically based on the architecture you are using. Users of the architecture-specific repositories will need to update the from line in dockerfiles.

  • Some users might not be able to access certain SRPMs using yum install

    For architectures other than AMD64 and Intel 64 (X86_64), installing source RPMs from the Atomic Host and Extras channels is not possible using yum install. On the other hand, the source code is the same for all these architectures, and so is available using AMD64 and Intel 64 SRPMs.

    However, depending on your customer subscription, you might not be able to yum install AMD64 and Intel 64 SRPMs. In that case, follow the instructions in How to obtain source for Red Hat products shipped as container images.

    Also, if you only have IBM Power Systems (PowerPC 8 & 9, also known as ppc64le) or IBM z Systems (s390x) subscriptions, you might need to request source code for the microdnf package directly from Red Hat.