Red Hat Expands Product Portfolio and Delivery Options
/ 3 min read
Quick take - Red Hat has announced significant expansions to its product portfolio, focusing on enhancing customer flexibility with the introduction of Red Hat Enterprise Linux CoreOS (RHCOS) as the foundational operating system for its OpenShift hybrid cloud application platform, while also improving security metadata and vulnerability management processes.
Fast Facts
- Red Hat has expanded its product portfolio to enhance customer flexibility, focusing on Red Hat Enterprise Linux CoreOS (RHCOS) as the foundational OS for OpenShift.
- RHCOS is a dedicated, container-optimized operating system exclusively supported with OpenShift, offering advanced features like controlled immutability and rpm-ostree upgrades.
- Traditional Red Hat Enterprise Linux (RHEL) can be used on OpenShift worker nodes, but users will miss out on RHCOS’s advanced capabilities.
- Red Hat has published RHCOS security metadata as of October 2024, aligning with its Secure Software Development Lifecycle practices, and providing vulnerability management for all RHCOS components.
- Security data is available in both human-readable and machine-readable formats, with updates tracked through the Red Hat Security Data Changelog.
Red Hat Expands Product Portfolio and Delivery Options
Red Hat has announced significant expansions to its product portfolio and delivery options aimed at enhancing customer flexibility in utilizing its offerings. Central to this initiative is Red Hat Enterprise Linux CoreOS (RHCOS), which serves as the foundational operating system for Red Hat OpenShift, a hybrid cloud application platform powered by Kubernetes.
RHCOS Overview
RHCOS is a dedicated, container-optimized operating system that is exclusively available and supported with OpenShift. It is the only supported operating system for OpenShift control plane or master machines. Traditional Red Hat Enterprise Linux (RHEL) can be deployed on OpenShift compute nodes, also known as worker machines. However, users opting for RHEL on these nodes will forfeit the advanced features provided by RHCOS. Notable features of RHCOS include controlled immutability and rpm-ostree upgrades, with updates facilitated through the Machine Config Operator.
RHCOS is constructed on RHEL RPM packages and incorporates additional OpenShift and Fast Datapath (FDP) RPM packages. It is sometimes referred to as CoreOS, which is an upstream community project that reached its end of life on May 26, 2020. CoreOS Container Linux has been succeeded by Fedora CoreOS, which serves as the community distribution underlying RHCOS.
Management and Updates
Management of RHCOS builds is conducted through OpenShift updates automation, with update recommendations provided by the OpenShift Update Service (OSUS). Users can verify the RHCOS version in relation to a specific OpenShift version by utilizing the OpenShift CLI (oc) tool. Starting with OpenShift version 4.12.0, RHCOS is distributed as a container image, but from OpenShift version 4.16.0, the container image is no longer included.
In addition to these developments, Red Hat has published RHCOS security metadata as of October 2024, aligning with its Secure Software Development Lifecycle (Secure SDLC) practices. The vulnerability management process encompasses all components of RHCOS, including RPM packages and the kernel. Improvements in security data cover vulnerabilities that directly affect RHCOS components, with plans to address indirect impacts in forthcoming updates.
Security Data Accessibility
RHCOS security data is accessible in both human-readable and machine-readable formats. The human-readable data is available on Red Hat’s CVE pages, providing details on the status of fixed vulnerabilities. The machine-readable security metadata can be found in official Red Hat CSAF and VEX files, offering comprehensive information about fixed vulnerabilities. Red Hat continues to enhance its security metadata, including vulnerability data and other security-related information, such as the software bill of materials (SBOM). Users can track updates related to Red Hat Security Data through the Red Hat Security Data Changelog. For any inquiries regarding security data, contact information for Red Hat Product Security is readily provided.
Original Source: Read the Full Article Here
