Is your RHEL installation getting old? Here's what to do

Red Hat Enterprise Linux (RHEL) is the enterprise platform for mission-critical workloads and it allows companies across the globe to run their businesses in a secure, reliable and supported way. But running an outdated version of any operating system can expose your organization to security risks and prevent you from leveraging the latest features and performance improvements. We know it can sometimes be challenging and time-consuming to stay updated, so in this article I explain the RHEL lifecycle, the importance of staying current, and your options for upgrading.

Understanding the RHEL Lifecycle

Every version of RHEL has a lifecycle that defines the level of support it receives over time. We can easily summarize its lifecycle as divided into three main phases:

• Full support phase: During this phase, your RHEL system receives all security updates, bug fixes, and new features. This is the ideal phase for your production systems to be in.
• Maintenance support phase: In this phase, Red Hat provides critical and important security updates and urgent bug fixes. However, during maintenance support, no new features or hardware enablement are provided.
• Extended life phase (ELP): After the maintenance support phase, your RHEL version enters the extended life phase. During this time, you have access to a limited set of software maintenance services.

Special scenarios

RHEL is used in a diverse range of environments, asd sometimes there are specific scenarios that require special attention. For example, you may be involved with:

• Third-party software vendors certifying and supporting specific RHEL minor versions.
• Mission-critical environments that are tolerant to minimal configuration changes or subject to internal or audit certification.
• Software developed in-house, or specific hardware drivers that are compatible only with one particular major version that's now at the end of its support phase.
• Delays caused by an upgrade path that's becoming a full-time activity and needs to be properly planned, orchestrating several groups and departments across an organization.

Red Hat can help with these specific scenarios, providing ad-hoc offerings to tackle these blockers while planning for the upgrade.

Extended update support (EUS)

The extended update support (EUS) add-on is included in the premium subscription for RHEL and available as an add-on for standard RHEL subscriptions. It allows users to remain on a specific even minor release (such as 8.8, 9.2, and so on) for an additional 24 months.

Extended and enhanced update support

Starting with RHEL 9, an extended and enhanced update support add-on is available, offering an additional 24 months of support on top of the 24 months provided by EUS.

Extended lifecycle support (ELS) and the long life add-on

The other option, which applies to releases that are now at the end of the maintenance support phase of the lifecycle (RHEL 6 and RHEL 7) and is the extended lifecycle support (ELS) add-on. This add-on enables customers with the latest version of a specific RHEL major release (for example, RHEL 7.9 for RHEL 7) to continue receiving security fixes for critical and important CVEs. It also provides bug fixes for a set of selected packages included with the release, with the chance to extend further the life cycle with the long life add-on, now available only for RHEL 6.

RHEL Security Select Add-On

In some complex and mission-critical, highly regulated environments, for versions that are currently in EUS/ELS, Red Hat offers the RHEL Security Select Add-On, that offers ad-hoc patching for a defined number of CVEs, regardless of the classification that are usually not covered by the standard extended lifecycle support.

While these options can be very useful in specific situations, the ideal goal would be to be able to plan and execute an upgrade as soon as possible to a fully supported version. To find out the specific lifecycle dates for your RHEL version, you can refer to the official Red Hat Enterprise Linux life cycle page.

The importance of keeping your systems up to date

In a time where cyber threats are rising constantly, keeping your systems up to date can provide huge benefits. However, it's not only a matter of security. An updated system benefits from the latest and greatest features and capabilities that a new version brings with it.

Some of the core aspects to consider when adopting limited-support or out-of-support versions include:

• Security: As new vulnerabilities, bugfixes and patches are discovered, Red Hat versions in the full-support lifecycle phase benefit from just-in-time patching and support.
• Compliance: Many industries have strict compliance requirements that mandate the use of software that is not on limited support, in this case the upgrade is one of the mandatory steps to comply with these regulations.
• Compatibility: While patches and bugfixes are granted on limited-support phases, new drivers and compatibility with the new hardware from the market could be limited.
• Performance and new features: Newer versions of RHEL come with performance improvements, new features, and support for the latest hardware. Along with that, all the software provided as part of RHEL repositories generally gets major version bumps.

RHEL 10 has introduced many new features to strengthen your environment, including:

• Image mode for RHEL: An exciting feature that allows users to deploy and manage systems using container images as the source of installation, update and upgrade, even between major versions.
• RHEL Lightspeed: A command-line assistant that can help new or seasoned sysadmins with daily tasks, using generative AI with knowledge taken from articles, knowledge base, documentation, and directly from Red Hat.
• Post-quantum cryptography: Current encryption isn't guaranteed to last forever. With RHEL 10, we are the first vendor to introduce support for post-quantum capable digital signatures and key exchange algorithms.

Your upgrade options

Based on your current version and your plans, there are two choices you can adopt to start upgrading your server fleet.

LEAPP (in-place upgrade)

LEAPP is a tool that allows you to upgrade your RHEL systems in-place, without reinstalling the operating system. The LEAPP tool, during time, got a lot of improvements and performance boosts, and it is the optimal way to upgrade from a major version to another (for example, RHEL 7 to RHEL 8).

Because LEAPP can't be used to go to more than one major version ahead at the same time, it may not be the best option when you have large gaps between versions.

Redeploy (clean install)

With this option, you can install a fresh system with the target major version you want to run, and progressively migrate existing workloads and configurations to it.\

This is the perfect option where LEAPP could require too much effort (for example, going from RHEL 7 to RHEL 10).

Automation for updates and upgrades

No matter how you choose to update and upgrade, automation is an invaluable ally. Ansible validated content for LEAPP is now available to perform in-place upgrades at scale. Together with the power of Red Hat Ansible Automation Platform, this can decrease the required time to upgrade hundreds of servers.

On the other hand, redeploying could be a perfect way to review the baselines of your servers, detect and remediate drifts and clean up the servers from unused software, tools and problems that come along with years of running workloads. Even when redeploying, automation is the key to speeding up the process for the success of the upgrade project.

How Red Hat can help

We understand that upgrading your RHEL systems can be a complex and time-consuming process, and our professional services can help you with your upgrade project. Our team of experts at Red Hat Consulting can assist you with everything from planning and assessment to execution and post-upgrade support, to ensure a smooth and successful upgrade with minimal disruption to your business.

Keeping your systems up to date is crucial for the integrity of your business, and with RHEL this tedious process can be highly simplified with RHEL, with many options to tackle the challenges that an upgrade can bring.
RHEL's clear lifecycle makes planning easy and you can leverage years of experience and knowledge from our experts to get end-to-end support during the entire project.

If you are interested in learning more, don’t hesitate and contact us.