What's new
IBM Edge Application Manager (IEAM) 4.5.10
| Updates | Description |
|---|---|
| Security vulnerabilities | Updated product dependencies to remediate security vulnerabilities. |
IBM Edge Application Manager (IEAM) 4.5.9
| Updates | Description |
|---|---|
| Security vulnerabilities | Updated product dependencies to remediate security vulnerabilities. |
IBM Edge Application Manager (IEAM) 4.5.8
| Updates | Description |
|---|---|
| Security vulnerabilities | Updated product dependencies to remediate security vulnerabilities. |
IBM Edge Application Manager (IEAM) 4.5.7
| Updates | Description |
|---|---|
| Security vulnerabilities | Updated product dependencies to remediate security vulnerabilities. |
| Storage class for edge cluster agents | You can now use a storage class that supports ReadWriteOnce access mode. You no longer need to use a storage class that supports ReadWriteMany access mode. For more information, see Configuring a storage class. |
IBM Edge Application Manager (IEAM) 4.5.6
| Updates | Description |
|---|---|
| Security vulnerabilities | Updated product dependencies to remediate security vulnerabilities. |
| Support for new agent operating systems | Support now includes Ubuntu 24.04 (noble), Red Hat Enterprise Linux® 9.4, Fedora 38, Fedora 39, and Fedora 40. For more information, see Supported architectures and operating systems. |
IBM Edge Application Manager (IEAM) 4.5.5
| Updates | Description |
|---|---|
| Security vulnerabilities | Updated product dependencies to remediate security vulnerabilities. |
IBM Edge Application Manager (IEAM) 4.5.4
| Updates | Description |
|---|---|
| Security vulnerabilities | Updated product dependencies to remediate security vulnerabilities. |
| FIDO Device Onboard (FDO) | Updated FDO to version 1.1.7. |
| Red Hat OpenShift cluster administration upgrade | Updated the documentation regarding special handling for IEAM databases when you upgrade Red Hat OpenShift worker nodes. For more information, see Upgrading Red Hat OpenShift Container Platform clusters. |
IBM Edge Application Manager (IEAM) 4.5.3
| Updates | Description |
|---|---|
| Security vulnerabilities | Updated product dependencies to remediate security vulnerabilities. |
IBM Edge Application Manager (IEAM) 4.5.2
| Updates | Description |
|---|---|
| Agent update enhancements | There are two paths to upgrade an agent. You can install a new agent by re-installing the agent with the release package or upgrade an existing agent with the Node management policy. If you choose to use node management path, you do not need to manually re-install every agent. Alternatively, agent upgrade is still supported by re-installing the agent with the release packages |
| IEAM agent on Linux on IBM Z and LinuxONE | Both the edge device agent and edge cluster agent are now supported on the s390x architecture. See Preparing an edge device |
| Node and public key | You cannot change a node route token or public key if the node already has a public key. If you try to use the hzn exchange node settoken [<flags>] command to change a node public key that already has a public key, access
is denied. Only nodes can self-change their public keys, and a node can only set or unset a key, but a node cannot exchange one public key for another public key. For more information, see Changing authentication. |
IBM Edge Application Manager (IEAM) 4.5.1
| Updates | Description |
|---|---|
| Security vulnerabilities | Updated product dependencies to remediate security vulnerabilities. |
| Deprecated Secure Device Onboarding (SDO) in favor of FIDO Device Onboarding (FDO). | FDO is recommended. |
| Clarified creation of your API key. | Added detail to steps 2 and 5 in the API key topic here. |
| Added new topic. | Edge development concepts were added here. |
IBM Edge Application Manager (IEAM) 4.5
| New Features | Description |
|---|---|
| Automatic agent upgrade | Provides automated agent upgrade through node management policies, by updating the agent software, the hub configuration (such as hub URLs), or the hub Transport Layer Security (TLS) certificate file. |
| Continuously Available Node Group (HA Groups) | Ability to form node HA groups to ensure that the service upgrade and the agent upgrade are rolled across all the members of a node group. This means that at least one copy of the service or agent is always running. |
| SDO | (Deprecated) |
| FDO | The FDO component, FIDO Device Onboard, is a device-onboarding scheme from the FIDO Alliance that enables technology that is created by Intel® to make it simple and secure to configure edge devices and associate them with an edge management
hub. This replaces the soon to be deprecated SDO. Multi-tenant FDO provides the ability to configure edge devices for all organizations in a multi-tenant IEAM installation. |
| New agent operating systems support | Support now includes RHEL 8.6, RHEL 8.7, RHEL 9.0, RHEL 9.1, Fedora 37, and Mac M1 and M2 systems. |
| New edge cluster support | Support now includes MicroShift and IBM Kubernetes Service (IKS). |
| Optimization of agreement cancellation | When node policy is changed, the agreement gets canceled only if the policy is not compatible with the deployment policy. |
| Bundle Docker image name change | The Bundle Docker image name has changed to reflect the current IEAM version number instead of the Anax version. |
| New operator support | The agent now supports operators that are built with Operator-SDK 1.x. Operators can now contain multiple custom resource definitions and multiple custom resources for any definition. |
| Localized character support | Latin 1, Chinese, Korean, and Japanese characters now supported in policy and constraint logic. |
IBM Edge Application Manager (IEAM) 4.4.1
| New Features | Description |
|---|---|
| Remediation of security vulnerabilities | A part of the remediation includes upgrading to Enterprise DB's PostgreSQL database solution for installations that use local cluster databases. |
IBM Edge Application Manager (IEAM) 4.4.0
| New Features | Description |
|---|---|
| Simplified licensing metrics | A simple 1:1 installation metric replaces the Resource Value Unit (RVU) table. For example, if you install one IEAM agent on any edge node (device or cluster) running a container engine (Docker or Podman) or Kubernetes, you must purchase a license to enable that agent. You can also purchase a 100,000 package that allows up to 100,000 edge agent installs. |
IBM Edge Application Manager (IEAM) 4.3.4
| New Features | Description |
|---|---|
| Updated air gap installation instructions | Instructions for installing your cluster in a noninternet connected environment. For more information, see Installing IEAM in an air-gapped environment. |
| Foundational Services Long Term Support Release (LTSR) | IEAM is now upgraded to the Long-Term Support Release of IBM Foundational Services. For more information, see What's new in the foundational services. |
IBM Edge Application Manager (IEAM) 4.3.3
| New Features | Description |
|---|---|
| Improved MMS chunking | Provides improved model management system (MMS) performance and recoverability when uploading and downloading large files over an unreliable network. For more information, see Model Management System. |
| Expanded support | Added support for more Ubuntu (22.04, 20.04, and 18.04), Red Hat OpenShift Container Platform (4.6, 4.8, 4.9, and 4.10), and Red Hat Enterprise Linux® (7.6, 7.9, 8.1, 8.2, 8.4, 8.5, 8.6, and 9.0) versions. Agent support for Red Hat Enterprise Linux® 8.6 and 9.0 with Podman v4 using the Netavark networking stack. |
| Updated air gap environment installation | Updated air gap installation instructions to focus on bastion host. For more information, see Installing IEAM in an air-gapped environment. |
| Upgrading the IEAM Management Hub | Added instructions for upgrading the IEAM Management Hub from 4.3.2 to 4.3.3. For more information, see Upgrades. |
| Updated IEAM database considerations | Two supported database configurations, remote and local, impact sizing considerations for the IEAM Management Hub. For more information, see Sizing and system requirements. |
| Added a Red Hat OpenShift Container Platform 4.6 restriction | IEAM 4.3.2 is supported on Red Hat OpenShift Container Platform OpenShift Container Platform 4.6 only, if you want to upgrade to a later version of Red Hat OpenShift Container Platform, you must first upgrade to IEAM 4.3.3; otherwise, IEAM will not work. For more information, see Release notes and Known issues and limitations. |
IBM Edge Application Manager (IEAM) 4.3.1 and 4.3.2
| New Features | Description |
|---|---|
| Log4j upgrade | IEAM 4.3.0 and 4.3.1 have two dependencies that are affected by the Log4j vulnerabilities described in CVE-2021-44228, CVE-2021-45046,
CVE-2021-45105, and CVE-2021-44832. SDO contains dependencies on several Java-based projects that contain vulnerable versions of Log4j. The SDO dependencies have been upgraded to Log4j 2.17.1, which remediates all of the previously mentioned CVEs. This new SDO image is included in the latest version of IEAM 4.3.2. In addition, IEAM depends on IBM Cloud Pak Foundational Services (IBM Common Services), which includes the IBM Events Operator that contains a vulnerable version of Log4j. By default, IEAM 4.5 does not install this Operator that contains the vulnerability and Log4j is not enabled. The latest version of IBM Cloud Pak Foundational Services has been released and all IEAM instances are patched automatically without user-intervention. Note: Do not install the IBM Events Operator manually because that can cause the cluster to become vulnerable to the previously mentioned CVEs. |
IBM Edge Application Manager (IEAM) 4.3
| New Features | Description |
|---|---|
| Secrets Manager | Secrets Manager provides secure storage for sensitive information like authentication credentials or encryption keys. IEAM securely delivers these secrets to edge nodes that require them. |
| Air Gap installation | Air Gap solution provides detailed instructions on how to install an air gap IEAM Management Hub. Included are links to Red Hat for instructions on building an air gap edge cluster. For more information, see Installing IEAM in an air-gapped environment. |
| Internal TLS | Optionally, enable TLS for all internal API calls within the IEAM Management Hub. |
| Red Hat OpenShift Container Platform support | IEAM Management Hub support for Red Hat OpenShift Container Platform version 4.6. Cluster agent supports Red Hat OpenShift Container Platform version 4.6, and 4.8. |
| Ubuntu and Red Hat Enterprise Linux® support | Agent support on Ubuntu 22.04, 20.04, and 18.04 and Red Hat Enterprise Linux® support on 7.6, 7.9, 8.1, 8.2, 8.3, 8.4, and 8.5. |
| Protect MMS model files | IEAM model management system (MMS) provides management and deployment of machine learning (ML) models to edge devices that use the same autonomous intent-based policy mechanism that is used to deploy application containers. MMS is enhanced
to digitally sign and verify every ML model that is uploaded to the MMS and deployed to edge nodes. This process helps ensure the integrity of ML models under MMS management. MMS publishing now supports uploading models in chunks, which improve reliability and supports larger MMS models. Agents also download models in chunks to reduce chances of timeouts. Note: These changes are now the default behavior. For more information, see Model Management System. |
Try and Buy license
The Try and Buy license lets organizations try IEAM for 60 days for no charge. After the trial period, organizations can convert (within 30 days) to a purchased license and apply a new key.
For more information about the IEAM free trial, see Get started.
IEAM requires customers to have or obtain Red Hat OpenShift and Red Hat Runtimes evaluation subscriptions. Follow the normal sizing and implementation steps as described elsewhere in this document.