Managing operating systems is an indispensable part of their maintenance in any enterprise. This process can be made much easier and more efficient by using a tool for centralizing systems management, such as EuroMan. The company EuroLinux has just released its latest version. In this article we will take a look at its functionalities and compare the product with its predecessor.
EuroMan is an advanced platform for centralizing the management of EuroLinux, Red Hat® Enterprise Linux®, CentOS, Oracle® Linux, AlmaLinux and Rocky Linux operating systems. With its user-friendly graphical console, it allows easy and comprehensive administration and monitoring of the entire environment. The solution is functionally compatible with Red Hat® Satellite Server.
The traditional approach to administration, in which each system is managed separately, is very time-consuming and suboptimal. Infrastructure management through the use of EuroMan is efficient because it bases its operation on groups and rules, which greatly simplifies the work. EuroMan enables intuitive management regardless of the environment. It was created to work with physical, virtual and cloud environments.
EuroMan supports an administrator in configuring and updating systems. This ensures the continued efficiency and security of the IT environment. The ability to automate the majority of tasks allows for additional significant increases in efficiency, while reducing operating costs.
Another distinct advantage of EuroMan is its simple, easy-to-read interface, which reports on the condition of all connected operating systems. An administrator gets complete information about the status of the connected machines in one place. They know which of them require updates and may be vulnerable to possible attacks, so they can react quickly and adequately.
Major changes in the latest version of EuroMan
The new edition of the EuroMan software differs from the previous one in the following ways:
- architecture – the product has been completely rebuilt, with an emphasis on increasing its scalability and ease of use;
- user interface – has been updated, making it even more intuitive;
- automation – the solution includes a new REST API, enabling simpler automation of many activities. In addition, a new interface for tasks has been introduced, enabling easier tracking of their status;
- provisioning – the product includes a number of improvements to system provisioning, including a new interface, support for network-based installations and the ability to manage bare-metal systems.
The above points are only a small part of all the changes and improvements that have been introduced in the new version of EuroMan. To fully see the scale of the novelties, we encourage you to read the details of the changes available below.
In-depth list of changes
The following list contains the most important improvements and features added in the latest version of EuroMan.
Major changes in supported software
The new version of EuroMan supports the following software:
- Puma web server
- Ansible 2.8
- Puppet 5
- Pulp 3 (Python 3.8)
- OVirt / Red Hat Virtualization 4.0 and API
Registry and port changes
The registry on port 5000 is no longer used. The registry used on port 443 continues to apply for both EuroMan and Capsule.
The new version of EuroMan provides a number of general performance enhancements in the following regions:
- Reliability – streamlined content synchronization;
- Availability – faster backups. Reduces the amount of time EuroMan needs to be offline for backup;
- Serviceability – user interface provides much deeper insight into the status of a Capsule;
- Efficiency – automated Workflows. Enabling multiple actions against groups of systems, such as rebooting a system after a patch install;
- Security – synchronize and export content for instances without available internet connection;
- Simplifications – enhanced Discovery feature, Content Publication workflow.
New features – general
Content Synchronization Policies
Capsules now feature their own user selectable download policy for repositories: On Demand, Background, Immediate, and Inherit from Repository.
This release includes a tool for renaming a EuroMan or Capsule Server.
All EuroMan and Capsule Servers log to rsyslog
For consistency, all EuroMan Servers and Capsule Servers now log by default to rsyslog.
Ability to verify if required packages are installed as part of the pre-upgrade check
EuroMan can now verify if the euroman or euroman-capsule packages are present on the server during the pre-upgrade check.
New features – work performance
Ability to Import Existing Hosts
EuroMan features new scripts and automation to import existing infrastructure hosts that may reside on any systems management platform, including EuroMan. This bootstrap script automates the process of registering systems to EuroMan, dramatically reducing the number of steps required to get existing systems ready to be managed by EuroMan.
Ability to deploy SSH keys to hosts during registration
EuroMan can now deploy SSH keys to hosts automatically when registering hosts to EuroMan using the global registration template.
Ability to set or edit a system purpose on multiple hosts
EuroMan users can now set or edit a system purpose on multiple hosts using bulk action and remote execution.
EuroMan now has a reporting engine with reporting templates for:
- host status;
- registered Hosts;
- applicable Errata.
You can copy the templates and customize them to suit your needs, or create your own reports.
OpenSCAP Tailoring Files
This release adds the ability to upload and use tailoring files to customize existing OpenSCAP policies.
In the new version of EuroMan you can view all hosts that fail a specific OpenSCAP rule.
New features –ssecurity
SSH Key Provisioning Support
This release adds support for the deployment of public SSH keys as part of the provisioning process.
Personal Access Tokens
In this release, a new UI has been added so you can create PATs easily, expire them, or monitor their last use time. You can find the UI in your account settings under the Personal Access Tokens tab.
Ability to authenticate using SSO with Time-Based One-Time Password (TOTP)
EuroMan can now authenticate using SSO with Time-Based One-Time Password.
Warnings for yum transactions when upgrading
When updating or upgrading with euroman-maintain, you are now warned before a yum transaction runs, and can cancel the action to take appropriate steps, if required.
Ability to enforce playbook verification
EuroMan now has the ability to enforce playbook verification. If someone tries to execute a forged playbook with a wrong or missing signature, the playbook execution will fail. This protection is now enabled by default.
Install EuroMan on a FIPS-enabled EuroLinux 7 Host
You can now install EuroMan Server and Capsule Server on a FIPS-enabled EuroLinux 7 host. With this feature, EuroMan inherits the FIPS level of EuroLinux. Note: You must perform a new installation of EuroMan on a FIPS-enabled EuroLinux 7 host. You cannot enable FIPS on an existing host with EuroMan installed.
New features –ssettings
Email Setting Configuration
EuroMan introduces user configurable email settings by the API and the Administer settings of the web user interface. Settings include Sendmail/SMTP settings, authentication settings, and how emails are sent by EuroMan.
You can now set up a load-balanced Capsule pool to provide resilience against planned and unplanned outages.
Ability to configure Pulp timeouts
EuroMan now has the ability to define how long it will hold a connection to a URL during synchronization of content before timing out. If users experience timeout errors while syncing content they can increase this value in the settings to match the availability of remote resources. Setting the value too high can prevent EuroMan from automatically detecting when a remote resource is not releasing the connection. If this occurs the synchronization can take a considerable time.
Puppet integration optional and disabled by default
The integration of Puppet servers and EuroMan that allows you to manage hosts using Puppet inside EuroMan is now optional.
New features – commands/Hammer
Tokenized Authentication for Hammer
This release adds the ability to initiate a token-based authenticated session with EuroMan and avoid storing credentials in plain text. You are only prompted once for credentials at the beginning of a session when running Hammer commands.
LDAP User Organization and Location Assignment
This release adds to Hammer the ability to change the default location or organisation of a user, using the name of the location or organization in addition to the ID.
Export Content Views
You can now export a Content View from one EuroMan and import that Content View into another EuroMan using the Hammer CLI tool. You can use the Hammer CLI to export, import, publish, and create Content View versions. This also simplifies the process for disconnected EuroMan.
euroman-maintain alias added
The euroman-maintain alias has been added for the foreman-maintain command.
Support of new versions of RHEL-like operating systems
New version of EuroMan supports newest versions of RHEL-like systems (EuroLinux, Red Hat® Enterprise Linux®, CentOS, Oracle® Linux, AlmaLinux and Rocky Linux), including 8 and 9.
This release adds support for PXE booting of UEFI systems.
Command Line Interface
A new CLI now supports content export and import, which is often used to support air-gapped disconnected EuroMan environments.
Infoblox IPAM Support
EuroMan now provides support for Infoblox IPAM. You can use Infoblox applications to manage DNS and DHCP.
MongoDB Storage Engine
EuroMan supports the new MongoDB WiredTiger storage engine. For more information about the WiredTiger storage engine, see WiredTiger Storage Engine in MongoDB Manual. EuroMan uses WiredTiger as a MongoDB storage engine by default.
Support for External Databases
You can now use a remote database that runs on a separate server to EuroMan Server. You can either migrate an existing internal database to a server or create a database on another server. This helps improve performance in larger deployments.
Support for Private Docker Registries
You can now synchronize images from your custom repositories that you create in private registries on Docker Hub.
Support for Ansible in EuroMan:
- EuroMan supports importing RHEL-like System Roles, which were introduced in EuroLinux 7.4;
- EuroMan does not support any other roles or playbooks unless you also have a valid Ansible Engine subscription;
- you can import custom Ansible roles from external locations such as Ansible Galaxy. However, these additional roles and playbooks are not supported through your EuroMan;
- Ansible playbooks that you create, from a support perspective, are considered part of a scripting framework;
- Ansible variables are now supported on a similar level as smart class parameters for Puppet;
- EuroMan supports the Ansible variable order of precedence for overriding variables;
- in EuroMan you can set Ansible Runner as the default method for running Ansible jobs, instead of calling ansible-playbook directly. Ansible Runner is the recommended way to run Ansible jobs;
- EuroMan now supports deploying OpenSCAP with Ansible and reporting on hosts without using Puppet.
EuroMan in cloud
Support for cloud-init
EuroMan includes the foreman-userdata plug-in that provides support for deployments using cloud-init.
Provisioning on AWS GovCloud
You can use Amazon Web Services GovCloud regions in host provisioning.
Support for provisioning on Google Compute Engine
EuroMan supports Google Compute Engine (GCE) as a provisioning platform, including the following features:
- creating a GCE compute resource;
- image-based provisioning using that compute resource;
- sending updates from a EuroMan Server on-premise using a VPN;
- decommissioning GCE virtual machines.
Support for the CLI and API will be added in a later release of EuroMan.
Ability to support Azure GovCloud
Support has been added for client management using Azure GovCloud for isolated environments.
The latest version of EuroMan not only provides the highest quality for managing and administering multiple systems simultaneously. Thanks to its intuitive usage, it is also a time-saving tool and in the long run its use simply pays off.