Chapter 4. RHEL 8.3.1 release

Red Hat makes Red Hat Enterprise Linux 8 content available quarterly, in between minor releases (8.Y). The quarterly releases are numbered using the third digit (8.Y.1). The new features in the RHEL 8.3.1 release are described below.

4.1. New features

Flatpak packages for several desktop applications

Flatpak is a system for running graphical applications as containers. Using Flatpak, you can install and update an application independently of the host operating system.

This update provides Flatpak container images of the following applications in the Red Hat Container Catalog:

Application nameFlatpak container ID

Firefox

org.mozilla.firefox

GIMP

org.gimp.GIMP

Inkscape

org.inkscape.Inkscape

Thunderbird

org.mozilla.Thunderbird

To install Flatpak containers available in the Red Hat Container Catalog, use the following procedure:

  1. Make sure that the latest version of the Flatpak client is installed on your system: 

    # yum update flatpak

  2. Enable the RHEL Flatpak repository: 

    # flatpak remote-add rhel https://flatpaks.redhat.io/rhel.flatpakrepo

  3. Provide the credentials for your RHEL account: 

    # podman login registry.redhat.io

    By default, Podman saves the credentials only until the user logs out.

  4. Optional: Save your credentials permanently: 

    $ cp $XDG_RUNTIME_DIR/containers/auth.json \
     $HOME/.config/flatpak/oci-auth.json

  5. Install the Flatpak container image: 

    $ flatpak install rhel container-id

(JIRA:RHELPLAN-30958, BZ#1920689, BZ#1921179, BZ#1921802, BZ#1916412, BZ#1921812, BZ#1920604)

Rust Toolset rebased to version 1.47.0

Rust Toolset has been updated to version 1.47.0. Notable changes include:

  • The compile-time evaluated functions const fn have been improved and can now use control flow features, for example if, while, and match.
  • The new #[track_caller] annotation can now be put on functions. Panics from annotated functions report the caller as the source.
  • The Rust Standard Library now generically implements traits for arrays of any length. Previously, many of the trait implementations for arrays were only filled for lengths between 0 and 32.

For detailed instructions regarding usage, see Using Rust Toolset.

(BZ#1883839)

The Logging System Role now supports property-based filter on its outputs

With this update, property-based filters have been added to the files output, the forwards output, and the remote_files output of the Logging System Role. The feature is provided by underlying the rsyslog sub-role, and is configurable via the Logging RHEL System Role. As a result, users can benefit from the ability of filtering log messages by the properties, such as hostname, tag, and the message itself is useful to manage logs.

(BZ#1889492)

The Logging RHEL System Role now supports rsyslog behavior

With this enhancement, rsyslog receives the message from Red Hat Virtualization and forwards the message to the elasticsearch.

(BZ#1889893)

The ubi8/pause container image is now available

Podman now uses the ubi8/pause instead of the k8s.gcr.io/pause container image to hold the network namespace information of the pod.

(BZ#1690785)

Podman rebased to version 2.1

The Podman utility has been updated to version 2.1. Notable enhancements include:

  • Changes:

    • Updated Podman to 2.2.1 (from 2.0.5), Buildah to 1.19 (from 1.15.1), Skopeo to 1.2.1 (from 1.1.1), Udica to 0.2.3 (from 0.2.2), and CRIU to 3.15 (0.3.4)
    • Docker-compatible volume API endpoints (Create, Inspect, List, Remove, Prune) are now available
    • Added an API endpoint for generating systemd unit files for containers
    • The podman play kube command now features support for setting CPU and Memory limits for containers
    • The podman play kube command now supports persistent volumes claims using Podman named volumes
    • The podman play kube command now supports Kubernetes configmaps via the --configmap option
    • Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. For more information see Container image short names in Podman.
    • The new podman image command has been added. This allows for an image to be mounted, read-only, to inspect its contents without creating a container from it.
    • The podman save and podman load commands can now create and load archives containing multiple images.
    • Podman will now retry pulling an image at most 3 times if a pull fails due to network errors.

  • Bug Fixes:

    • Fixed a bug where running systemd in a container on a cgroups v1 system would fail.

The Buildah tool has been updated to version 1.19. Notable enhancements include:

  • Changes:

    • The buildah inspect command supports inspecting manifests
    • The buildah push command supports pushing manifests lists and digests
    • Added support for --manifest flags
    • The --arch and --os and --variant options has beed added to select architecture and OS
    • Allow users to specify stdin into containers
    • Allow FROM to be overridden with --from option
    • Added --ignorefile flag to use alternate .dockerignore flags
    • short-names aliasing
    • Added --policy option to buildah pull command
    • Fix buildah mount command to display container names not IDs
    • Improved buildah completions
    • Use --timestamp rather then --omit-timestamp flag
    • Use pipes for copying
    • Added --omit-timestamp flag to buildah bud command
    • Add VFS additional image store to container
    • Allow "readonly" as alias to "ro" in mount options
    • buildah, bud: support --jobs=N option for parallel execution

The Skopeo tool has been updated to version 1.2.1. Notable enhancements include:

  • Changes:

    • Add multi-arch builds for upstream and stable skopeo image via Travis
    • Added support for digests in sync
    • Added --all sync flag to emulate copy --all
    • Added --format option to skopeo inspect command

The Udica tool has been updated to version 0.2.3. Notable enhancements include:

  • Changes:

    • Enable container port, not the host port
    • Add --version option

The CRIU tool has been updated to version 3.15. Notable enhancements include:

  • Changes:

    • Initial cgroup2 support
    • Legalized swrk API and add the ability for inheriting fds via it
    • External bind mounts and tasks-to-cgroups bindings
    • ibcriu.so (RPC wrapper) and plugins

(JIRA:RHELPLAN-55998)