orcharhino 7.4 is here!
Tech Update Video
A short overview of the new features introduced in orcharhino 7.4
Highlights
New orcharhino clients
orcharhino 7.4 brings additional clients to the customers. Now it is possible to manage Oracle Linux 10 (x86_64, arm64) , Debian 13 (x86_64) and SLES 15 SP7 (x86_64, arm64, PPC). Debian 13 arm64 support will be added after orcharhino 7.4 release.
‚image mode host‘ registration
orcharhino now supports a new host class, the ‘image mode hosts’. You now can import OCI compliant images and register them for getting containers and traditional managed ‘package mode hosts’ integrated into a single tool. For more information: My Managed Hosts Runs
Image mode hosts in orcharhino management UI
Extended Content View Filter for Debian and Ubuntu
orcharhino 7.4 now provides filtering of package versions for Debian/Ubuntu, in addition to existing filtering capabilities on Content Views. These filters let you control which packages — and by inheritance, which Errata — are available in a Content View for hosts to install. This helps to prevent the availability of packages or specific versions of packages on a host that are unsuitable for use or not permitted by company policies. For more information: Managing content views
Filter deb packages by version/ContentView with filtered deb-content
Secure Boot support for vSphere & libvirt
orcharhino 7.4 helps to improve protection against malware on vSphere- and libvirt-based hosts. With Secure Boot enabled, these systems will only boot unaltered code, ensuring the environment is not tainted. For more information: Adding VMware details to a compute profile
Use “UEFI Secure Boot” to deploy secure boot enabled systems
Ansible Module support for Rolling Content Views
orcharhino 7.4 makes Rolling Content Views available to remote management. Control your orcharhino via Ansible and manage Rolling Content Views for deeper integration and easier content management.
Playbook excerpt to create a Rolling Content View with specified Lifecycle Environments
flatpak Support
orcharhino 7.4 extends the content type to OCI compliant flatpaks. For more information: Managing Flatpak repositories in orcharhino
Synchronized Flatpaks
Developing Story: Ansible development
The orcharhino team is pushing Ansible to new horizons. We are working on a deeper integration with Ansible, helping you to more easily manage Ansible roles and collections used with orcharhino. Examples are integrated Git repositories into orcharhino for Ansible Roles, integration of Ansible Execution Environments and more. Ansible roles lifecycle will help to mirror your system setup for not only staging packages but also roles. These changes will answer the increased demand for organizing Ansible roles and make Ansible fit your organizational requirements. Watch our video for more insights
Developing Story: Adding Compute Resources via openTOFU framework
The orcharhino team is working to make more Compute Resource providers like Nutanix available in a new and improved way. Using the openTOFU framework, an OpenSource fork of Terraform, it will become much easier to implement additional Compute Resources. Small connectors instead of complete new plugins will be needed for the implementation, giving more options faster! Watch our video for more insights
Deprecations
- Host Registration: ‘bootstrap.py‘ was deprecated and has been removed from orcharhino 7.4. For new installations, use the global host registration template: https://docs.orcharhino.com/or/docs/sources/guides/almalinux/managing_hosts/registering_hosts.html#Registering_Hosts_by_Using_Global_Registration_managing-hosts
For customers using an existing ‚bootstrap.py‘ script from releases prior to 7.4, it can still be used after an upgrade for the time being.
Changelog Features
- Content Management (Debian/Ubuntu): The content view filter for Debian has been enhanced to apply version filter next to the architecture filter.
- Content Management (Debian/Ubuntu): When using deb-package filters on a content view with Debian errata, the filtered content view version will only show the Debian errata, that can be fully solved (all necessary deb-packages must be in the content view version).
- Content Management (Oracle Linux 10): Add ULN channel IDs for Oracle Linux 10: https://docs.orcharhino.com/or/docs/sources/guides/oracle_linux/managing_content/importing_content.html#uln-repositories-for-oracle-linux-10
- Content Management: You can now assign multiple content view environments to hosts and activation keys: https://docs.orcharhino.com/or/docs/sources/guides/almalinux/managing_content/managing_content_view_environments.html and https://docs.orcharhino.com/or/docs/sources/guides/almalinux/managing_content/managing_activation_keys.html#multiple-activation-keys-and-content-view-environments To view the „content view environment“ of all hosts, you can use the new all hosts page.
- Core Components: orcharhino 7.4 is based on Foreman 3.14, Katello 4.16, and Pulp 3.63.
- Documentation: Reordered navigation on https://docs.orcharhino.com/or/docs/index.html
- FIPS compliance: Add installation instructions how to install orcharhino Server and orcharhino Proxy Servers on FIPS-enabled EL9 hosts: https://docs.orcharhino.com/or/docs/sources/installation_and_maintenance/installing_orcharhino_server.html#installing-orcharhino-server-on-a-fips-enabled-host
- Host Provisioning (Debian/Ubuntu): Added template section to install ntp timing service during host provisioning.
- Host Provisioning (SLES): Provisioning SUSE Linux Enterprise Server hosts: New custom provisioning example snippet for SLES to customize the provisioning workflow without editing locked templates: Custom provisioning snippet example for SUSE Linux Enterprise Server: https://docs.orcharhino.com/or/docs/sources/guides/suse_linux_enterprise_server/provisioning_hosts/configuring_provisioning_resources.html#custom-provisioning-snippet-example-for-sles
- Host Provisioning: New guide: Integrating provisioning infrastructure services which helps to integrate existing DHCP, DNS, and TFTP services with
- orcharhino: https://docs.orcharhino.com/or/docs/sources/guides/integrating_provisioning_infrastructure_services.html
- Host Provisioning: Support FIPS-enabled host provisioning for AlmaLinux, Oracle Linux, Red Hat Enterprise Linux, and Rocky
- Linux: https://docs.orcharhino.com/or/docs/sources/guides/red_hat_enterprise_linux/provisioning_hosts/fips_compliant_hosts.html
- Host Registration: Users can invalidate their own registration tokens while those with the ‚edit_users‘ permission can revoke all users‘ tokens at once.
- Host Registration: ‘bootstrap.py‘ was deprecated and has been removed from orcharhino 7.4. For new installations, use the global host registration template: https://docs.orcharhino.com/or/docs/sources/guides/almalinux/managing_hosts/registering_hosts.html#Registering_Hosts_by_Using_Global_Registration_managing-hosts
For customers using an existing ‚bootstrap.py‘ script from releases prior to 7.4, it can still be used after an upgrade for the time being. - Management UI: The orcharhino UI now shows a subscription key warning if needed for all users who have access to the dashboard.
- New All Hosts Page (Tech Preview): Show link to last report.
orcharhino Appliance: Do not modify SSL certificates if you use a HTTPS proxy during OVA installation: https://docs.orcharhino.com/or/docs/sources/installation_and_maintenance/installing_orcharhino_server.html#Appliance_Installation_Steps - orcharhino Clients (Debian 13): Support to register and provision hosts running Debian 13 „Trixie“. You can follow the docs to synchronize default OS repositories: https://docs.orcharhino.com/or/docs/sources/guides/debian/managing_content/importing_content.html#adding-upstream-repositories-for-Debian-13_content-management and https://docs.orcharhino.com/or/docs/sources/guides/debian/managing_content/importing_content.html#GPG_Keys_for_Debian
- orcharhino Maintenance: Documentation on how to keep your orcharhino up to date: https://docs.orcharhino.com/or/docs/sources/installation_and_maintenance/updating_orcharhino.html
orcharhino Maintenance: You can now view the orcharhino subscription information on the command line by using the „print_or_subscription“ application. - orcharhino Offline ISO Images: For easier validation the ISO images now contain the ATIX GPG public key and a script to prepare the Yum content. See README.md on the ISO images.
orcharhino Proxy: External Puppet server now need the new request_forwarder plugin on your orcharhino Proxies to upload config reports and facts to - orcharhino: https://docs.orcharhino.com/or/docs/sources/configuration_management/puppet.html#using-external-puppet-servers
- Provisioning Hosts: Add instructions on how to install the bootdisk plugin to provision boot disk-based hosts: https://docs.orcharhino.com/or/docs/sources/guides/debian/provisioning_hosts/pxe.html#enabling-bootdisk-plugin
- Resource Quota (Tech Preview): A resource quota column is now available on the ‚All Hosts‘ page.
- Resource Quota (Tech Preview): The plugin now contains a clean-up routine that removes related data from the database.
Changelog Bugfixes
- Content Management (Debian/Ubuntu): Incremental update of content views failed if the repositories were created and synced first in orcharhino < 7.0.
- Content Management: DNF plugin warnings were shown for SUSE hosts when running subscription-manager.
- Host Registration (SLES): Fixed registration of SLES 15.X hosts if registration process is configured to use GPG keys.
- HTTP Proxy: Testing connection for an existing HTTP Proxy in orcharhino management UI returned a false positive error.
- Management UI: Provide a valid example in tooltip about specifying matchers.
- orcharhino Clients (Debian): Cleanup original OS repositories after subscription-manager registration before running apt-get update to prevent repo conflicts.
- orcharhino Maintenance: orcharhino-maintain showed commands which are not used currently.
- Proxmox: Virtual machines with disk size ’nil‘ could not be displayed in the ‚Virtual Machines‘ tab of the compute resource.
- Remote Execution: Only host ids, no host names, were displayed in the ‚Search Query‘ column.
Known Issues
openSCAP(Debian 13): gpg must be installed on the contenthost via ‚apt-get install -y gpg‘.