New Recommendations

The following new recommendations were added in February:

New Recommendations

During January, the team made four releases, introducing 14 brand new recommendations in Advisor, mostly focused on remediating risks in the kernel.

New Recommendations

Six new recommendations are available in Advisor:

RHEL lifecycle visualization available in Image Builder

You can now see a visualization of the RHEL 8 and RHEL 9 support lifecycle in Image Builder. When you select RHEL 8 for your image build, you will see a visualization that shows you how much time is left to receive full support for RHEL 8 and 9. Full support for RHEL 8 is ending in 2024. You can select RHEL 9 to receive full support through 2027.

End of Life for Basic Authentication for Insights client

Effective February 29th, 2024, the insights-client will no longer support Basic Authentication (authmethod=basic) as an option for connecting a host with Red Hat Insights. For more information, and guidance about how to switch to alternative options, see the Red Hat Insights lifecycle and update page.

CentOS 7 pre-conversion analysis and conversion experience launched

On June 30, 2024, CentOS Linux 7 will reach End of Life (EOL), requiring users to migrate to a new operating system to continue receiving updates, security patches and new features. As this date rapidly approaches, determining a path for migration and scope will be key as you work to assign resources and meet completion dates. With a recent update to Red Hat Insights, CentOS 7 users can now:

Example of output from running a conversion task in Insights

New recommendations released

Fourteen new recommendations are available:

New InterSystems topic

Red Hat Insights currently has ten Advisor recommendations available for the InterSystems workload. You can find the InterSystems recommendations in a new Advisor topic at Advisor > topics > Intersystems on the Red Hat Hybrid Console. Insights will continue to add InterSystems-focused recommendations to this new topic. To see all Advisor topics, go to Advisor > topics.

Improved patch reporting for Satellite-managed hosts

You can now check in Satellite-managed hosts with a new –build-packagecache flag for better reporting of installable updates. With the flag set, the host will self-report the list of updates that should be installed based on the content available in the Satellite content view to which that system is subscribed. You can find more information in:

Support for new Red Hat Enterprise Linux variants in Subscriptions

The subscriptions service now supports reporting for the following Red Hat Enterprise Linux variants on x86:

Known issue: Insights image builder fails to build RHEL for Edge images when npm is included

When building RHEL 8 images within Insights image builder, you cannot customize your RHEL for Edge image with the npm package. The NPM package manager expects its configuration to be in the {prefix}/etc/npmrc directory but the npm RPM packages a symlink in the /usr/etc/npmrc directory that links to /etc/npmrc. To work around this problem, include the npm package inside of the OSTree system.

Insights image builder now supports building images for the aarch64 architecture

This enhancement to image builder extends support to the aarch64 architecture, which allows you to select the architecture that you want to build. The compatible target images that you can build for the aarch64 architecture are Amazon Web Service (AWS), Bare Metal, and Guest Images.

Support to build images suitable for Windows Subsystem Linux (WSL)

You can use the Red Hat Insights image builder to create an image suitable for Windows Subsystem Linux (WSL). You can use that image to run a Linux environment directly on your Windows machine. You can use most of the command-line tools, utilities, and applications. The kernel is supplied by Microsoft, and developed on WSL2-Linux-Kernel. This is supported only for the Red Hat Enterprise Linux (RHEL) 8 release. For more information, see Create customized RHEL images for the WSL environment.

Advanced Cluster Manager 2.9 fleet Insights integration

Red Hat Advanced Cluster Manager (ACM) 2.9 has introduced a new overview dashboard, and detailed views that improve navigation, when viewing critical information emitted by OpenShift Container Platform clusters. This revamped experience is similar to the one that Red Hat’s Site Reliability Engineering (SRE) team uses to manage Red Hat clusters.

Security-focused Frequently Asked Questions (FAQ) published

Red Hat Insights cost management service uses its own operator (Cost Management Metrics Operator), to gather and upload data to Red Hat. The data is then processed in its own data pipeline. As a result, there are some differences related to what data is collected, how it is processed and stored. A Frequently Asked Questions (FAQ) article about Cost Management security is available to help answer your questions regarding how the operator handles this data. You can find the FAQ at Cost Management Software as a Service [SAAS]-Security FAQ.

Support for new service account authentication

Project Koku, the upstream of Red Hat Insights cost management, released the Koku Metrics Operator version 3.1.0. This adds support for token-based service authentication, for service accounts in the Hybrid Cloud Console.

Sources and Integrations UI Overhaul

To simplify the user experience and consolidate services, sources and integrations have now been combined into Integrations. You can now connect all integrations (for example, external AWS cloud integration, Slack integration, and so on) in a single place.

Notifications UI Refresh

Previously, notifications were grouped by product family. The notifications service now offers an Overview landing page as a single place to configure all events, as well as a separate page to view events.

Inventory Groups now available

The Inventory Groups feature enables you to set permissions on specific inventory objects, such as inventory groups and systems. You can organize systems inventory into different groups, as well as restrict access to specific users for each group. Once you configure user access, those system permissions take effect across all Insights services.

Users can now view CVEs without Errata/Advisories that affect their environment

You can now view and assess CVEs that do not have associated Errata/Advisories, but which could still affect your environment. This capability allows your organization to understand its full exposure to CVEs, and to take the necessary steps to mitigate any risks.

Ability to disable/enable malware signatures

The Malware service now allows you to disable signatures that are not relevant to your environment, in order to reduce noise and to enable you to focus on important and relevant signatures.

Workload recommendations ready for OpenShift Shared Control Plane

The Advisor service offers recommendations that follow best practices for deploying and running managed OpenShift workloads. These recommendations check for correct limit settings, working with budgets, and implementing best practices that do not harm the underlying cluster.

Tag inheritance

A common reporting practice involves tagging every (OpenShift and non-OpenShift) resource that an application uses as application=X, and then requesting a cost report based on application=X from Cost Management.

AWS external ID authentication

AWS now supports the use of a unique external ID when creating IAM roles with cross-account access, and suggests using the unique ID as a best practice. You create the role in the Cost Management AWS source flow.

Automatic OpenShift source name

To get per-cluster, per-namespace, and per-tag costs in an OpenShift cluster, install the Cost Management Metrics Operator (CMMO) and configure it to submit data to Red Hat.

Daily email notification time can now be configured per account

The time at which daily email notifications are sent out every day is now configurable under Hybrid Cloud Console > the Settings icon (⚙) > Settings > Notifications for OpenShift, Red Hat Enterprise Linux, and Console. A new Settings tab allows each account to override the default 00:00 UTC time with the time of their choice. This enhancement was implemented based on feedback received from EMEA customers wishing to receive their daily notifications every morning before they start work.

User Preferences are consolidated for centralized configuration

All settings related to email notifications are now consolidated under Hybrid Cloud Console > User Preferences > Email Preferences. Weekly report configuration and event notifications (e.g. instant and daily digest) can all be configured in the same location. This enhancement was implemented based on feedback received from customers for ease of use.

Deployment Validation Operator (DVO) to be released on Red Hat OpenShift for AWS (ROSA) hosted control planes (hypershift)

DVO, serving Insights workload analysis, is now available on managed clusters and is ready to be shipped with ROSA Hosted Control planes alongside OpenShift 4.14.

Deployment Validation Operator data de-anonymization

On our route to better user experience, DVO for on-premise customers allows opting-in for a non-anonymized form of data collection. This reduces the number of steps required to apply fixes suggested by a recommendation.

New RHEL management capabilities are GA

At Red Hat Summit, you heard the announcement about the expansion of Insights beyond analytics. Red Hat designed the new and enhanced management capabilities to help reduce enterprise Linux complexity across the hybrid cloud without slowing innovation. With this release, all the Insights features and enhancements announced at Red Hat Summit are generally available (GA).

Export recommendations for a single system

You can now export a list of recommendations for a single system to either CSV or JSON. This provides an easy way to create a to-do list if you have not adopted a more automated means of addressing found issues.

New systemd facts available for Drift and Policies

When setting up baselines and comparisons for system drift, or creating internal system policies, now you can access a set of systemd facts. These facts include systemd.failed, systemd.jobs_queued, and `systemd.state.

Now Generally Available (GA)!

With the latest Insights Image Builder, you can add third-party Red Hat Package Manager (RPM) repositories to include third-party software and deploy hosts to the cloud easily by launching custom image builds directly to AWS, Azure, and Google Cloud.

Update Risk - Generally Available (GA)

Update Risk is now available in the Red Hat Hybrid Cloud Console for all OpenShift customers as part of your OpenShift subscription. Update Risk (previously available in the preview environment as “Upgrade risk”), allows customers with self-managed OpenShift clusters to assess the state of your clusters before running updates. A machine model trained on data from all connected clusters shows a list of known risks on your cluster. This includes failing operator conditions, alerts, and other metrics. Insights provides you with instructions on removing these blockers on your path to a smoother and safer update.

Report vCPU count, RAM, and storage capacity

By default, Cost Management distributes costs based on effective CPU usage. When an OpenShift cost model is added, you can change this to distributing based on requested, used, or effective CPU or RAM usage, for the costs that Cost Management is aware of.

Settings page: redesigned and moved

The Settings page is now inside Cost Management for easier discoverability. The Tag Management and Cost Categories subpages also have enhancements. The cost models page is now inside the Settings page too. While moving the Settings page inside Cost Management, Insights also relaxed the permissions so only Cost Price List Administrator permissions are now needed. In the past, modifying the Cost Management Settings required Hybrid Cloud Console-wide Organization Administrator permissions, which made some customers uncomfortable because tag managers had too much control and visibility.

Option to show overhead costs

When running your workloads on OpenShift, you are likely interested in the cost of the workload, but you also need to consider the cost of the control plane and the cost of the unallocated capacity (the “overhead costs”). Insights Cost Management enhanced cost models and is now reporting those costs as of early 2023. With this update, you can distribute the costs, and also dynamically switch to viewing costs with or without overhead cost distribution.

Large customer data pipeline

Many organizations that use Insights Cost Management are big customers, but no matter your infrastructure size, Insights can handle your needs.

Additional resources

Blog: What’s new in Red Hat Insights Cost Management in Q3 2023 by Pau Garcia Quiles (October 3, 2023)