Plan your deployment

Red Hat Trusted Libraries 1.0

Plan your deployment by evaluating system requirements and selecting a suitable package manager.

Red Hat OpenShift Documentation Team

Abstract

Assess deployment requirements and choose an appropriate package management approach.

Preface

To ensure a successful installation, determine the necessary hardware resources and select the appropriate package manager for your Red Hat Trusted Libraries deployment.

Chapter 1. Plan sizing requirements for your deployment

Before you set up the indexing service, verify that your environment meets the required specifications. By ensuring compatibility, you prevent binary mismatches and execution errors while using Trusted Libraries.

Supported distributions
Use the following verified distributions to ensure that the core system libraries required by the index are present and functional:
Platform TypeOperating systemSupported versions

Linux Distribution

Red Hat Enterprise Linux (RHEL)

ubi8, ubi9, ubi10

Linux Distribution

Fedora

43

Runtime Environment

Hummingbird

Python 3.12

Technical specifications
To successfully use Red Hat Trusted Libraries, ensure your environment meets the following technical specifications:
SpecificationRequirement

System Architecture

x86_64

Linux Platform Standard

manylinux_2_28

Python Version

Python 3.12.x

Network requirements

To ensure successful authentication and package retrieval, verify that your network allows outbound traffic to the following domains over HTTPS (Port 443):

  • packages.redhat.com (Registry and package hosting)
  • sso.redhat.com (Authentication services)

1.1. Choose a package manager

Red Hat Trusted Libraries provides a curated ecosystem of Python packages designed to protect the software supply chain. To access these libraries, you must choose a package manager that supports authenticated registry connections. All packages in the index are currently built and optimized for Python 3.12.12.

Select the package manager that aligns with your operational requirements and existing infrastructure:

pip
  • The standard choice for native Python environments and traditional CI/CD pipelines.
  • Recommended for RHEL-based production deployments where additional binary dependencies are restricted.
  • Supports project, user, or system-level configuration through pip.conf or .netrc files.
uv
  • A high-performance, Rust-based tool designed for rapid installation and project management.
  • Recommended for developers requiring strict dependency locking via uv.lock and unified Python version management.
  • Optimized for project-level configuration through pyproject.toml and environment variables.
Important

To protect your service account credentials, ensure that any configuration file containing your token (such as pip.conf, .netrc, or .env) has restricted permissions. Run chmod 600 <filename> to ensure these files are readable only by the current user.

Legal Notice

Copyright © Red Hat.
Except as otherwise noted below, the text of and illustrations in this documentation are licensed by Red Hat under the Creative Commons Attribution–Share Alike 3.0 Unported license . If you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, the Red Hat logo, JBoss, Hibernate, and RHCE are trademarks or registered trademarks of Red Hat, LLC. or its subsidiaries in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
XFS is a trademark or registered trademark of Hewlett Packard Enterprise Development LP or its subsidiaries in the United States and other countries.
The OpenStack® Word Mark and OpenStack logo are trademarks or registered trademarks of the Linux Foundation, used under license.
All other trademarks are the property of their respective owners.