RHEL image mode insights from Red Hat
Here in this blog, we will learn about RHEL image mode insights from Red Hat.
The image mode for Red Hat Enterprise Linux (RHEL) employs the same tools, expertise, and methodologies as those used in containerized applications, facilitating the creation, distribution, and operation of an operating system (OS) with greater efficiency. The guide titled “Image Mode for Red Hat Enterprise Linux: A Quick Start Guide” elucidates the principles underlying image mode and serves as an introduction to the essential concepts necessary for packaging operating systems into Open Container Initiative (OCI) container images.
Numerous concepts familiar to users of package mode will remain applicable; however, a significant distinction lies in the execution of package operations, such as DNF install and update, which occur during the image build process. Consequently, the remediation of common vulnerabilities and exposures (CVEs) is not performed directly on an active system through the execution of dnf update. Instead, the container build process generates a new image that incorporates the updates and subsequently pushes it to a container registry. The image mode system will then retrieve this image using bootc update, with the updates being applied following the next reboot. In this scenario, the operating system’s behavior is deliberately designed to reflect the functioning of containerized applications.
Red Hat Insights offers perspectives and resources to assist you in managing your operational image mode systems in conjunction with your package mode systems.
Establish a connection between your image mode RHEL systems.
To begin:
When utilizing Red Hat Satellite, select your preferred method for registration while ensuring that Insights registration is activated. For instance, if you opt for global registration, navigate to Hosts –> Register Host –> Advanced and confirm that the “Setup Insights” option is enabled. Subsequently, proceed to generate the registration command.
To establish a connection, whether directly or via a proxy, utilize the Remote Host Configuration (RHC) client. For instance, you may execute the command rhc connect -s <AK> -o <org id>.
- Learn additional information regarding the process of generating an activation key to connect to the Hybrid Cloud Console.
- Learn additional details regarding the setup of your connection through Remote Host Configuration.
You may also incorporate an activation key into your build configuration, which will enable your image mode system to utilize that key during its initial boot. An example of how to include an activation key in a container build is provided.
Examine the image mode of RHEL systems.
Once you have linked your initial image mode RHEL system to Insights, you can access it through the Hybrid Cloud Console to examine predictive analytics and system information that will assist you in managing this new infrastructure. To access your connected image mode RHEL system:
- Access the Insights section, then proceed to Inventory, followed by Systems.
- Choose the “System type” filter and select the “Image mode” option.
- Select the name of the system.
The inventory list within Red Hat Insights is specifically filtered to display only those RHEL systems operating in image mode. Each system name serves as a hyperlink, allowing users to access additional details about the respective system.
In the specifications for your image mode system, there is a section labeled “BOOTC” that provides information regarding the images associated with this system.
A compilation of bootc system information is presented on the system details page within Red Hat Insights. This includes details regarding the running image, stage image, available image, and rollback image.
Selecting the Advisor tab will display a list of recommendations offered by Insights to assist you in managing image mode systems. If you are accustomed to the recommendations for package mode systems, you may observe some alternative options for addressing issues specific to image mode systems. Insights will only provide playbook remediations for image mode systems that will remain effective after reboots. Other remediation methods will necessitate updating your application image, followed by updating your system to utilize the new image.
Addressing CVEs typically involves applying package updates provided through Red Hat product advisories. For RHEL systems operating in image mode, it is necessary to update and publish a new image to your repository, followed by updating your system to utilize this new image. Insights not only allow us to identify systems with unresolved CVEs but also indicate when newer images are available that have not yet been implemented on registered systems. This tool is invaluable for ensuring that systems are maintained with the most current image updates.
Examine the images and hashes implemented in image mode on RHEL systems.
As you implement and link additional image mode systems, it is probable that you will accumulate various images and their corresponding hashes utilized for the deployment of these systems. Insights offers a comprehensive catalog of these images and hashes, accessible by selecting the image view toggle from the inventory list. To access this list:
- Access Red Hat Insights, then proceed to Inventory and select Systems.
- Select the “Image view” toggle located in the upper right corner of the screen.
A compilation of the boot images utilized for the establishment of registered systems within Red Hat Insights, detailing the number of systems operating under each hash of the respective images.
Revise the image mode on your RHEL systems.
In RHEL systems operating in image mode, automatic updates are enabled by default. Under this configuration, the system routinely checks the registry and will update to a new image if one is found. Should you have disabled this feature on your system, or if you prefer not to wait for the next scheduled update, Insights provides the option to execute an on-demand bootc upgrade.
- Access the Insights section, then proceed to Automation Toolkit, followed by selecting Tasks.
- Please click on “Select systems.”
- Choose the image mode systems you wish to update, ensuring they are either connected to RHC or integrated with a Cloud Connector from Satellite.
- Please select “Run the task.”
A perspective on the procedure to commence a bootc update for an image mode RHEL system. This encompasses a detailed explanation of the task, a choice of target systems, and an option to execute the task.