Red Hat has delivered an updated version of its Satellite management tool, adding support to handle the recently released Red Hat Enterprise Linux (RHEL) 8, some container management enhancements, as well as a bunch of security tweaks.
Satellite is Red Hat’s platform for deploying and managing a variety of its software products across on-premise and cloud infrastructure. It is the chief way for customers to manage the lifecycle of their infrastructure and keep it patched and compliant with the necessary security configuration.
With Satellite 6.5, users gain the ability to provision and patch the latest RHEL 8, which launched this month, alongside the existing RHEL 7 and RHEL 6 versions of Red Hat’s operating system.
This includes bringing in support for some new features that were added in RHEL 8, such as Application Streams and System Roles.
Application Streams (AppStreams), makes it easier for an organisation to maintain more than one version of an application, so that a server might be provisioned with either PostgreSQL 10 or PostgreSQL 9.6 depending on requirement. AppStreams provides this without the need to configure additional repositories or worry about RPM dependency conflicts, according to Red Hat.
System Roles enables Satellite 6.5 to apply Ansible Playbooks to configure hosts it manages, with roles for setting SELinux security policy, setting the system time, and deploying the Red Hat Insights client, which collects system data for analysis, for example.
Satellite can also now be deployed onto a handful of cloud platforms without a support exception, providing the customer has the necessary Cloud Access rights to migrate subscriptions to the cloud. The cloud providers supporting this include AWS, Azure, Google, Alibaba, and of course IBM, which is set to close its deal to acquire Red Hat in the second half of 2019.
With the growing popularity of containers for deploying code, Satellite 6.5 now includes enhancements for managing container images. These include a new authenticated registry, container repository discovery, the ability to create local image repositories from search results, and customised image naming, according to Red Hat.
New security features added to Satellite 6.5 include the ability to deploy Satellite Server or a secondary Satellite Capsule onto a FIPS-enabled RHEL 7 host. Previously, Satellite could not operate from a server with FIPS mode enabled, under which hosts can use only FIPS-validated cryptographic algorithms.
Satellite 6.5 now has the ability to list all hosts that fail specific OpenSCAP security rules, making it easier for administrators to check systems for potential security or policy issues. This version also adds a distinct Satellite Admin role for updating Satellite itself, separate from the roles used to administer Satellite-managed hosts.