May 31, 2023
CentOS Newsletter, May 2023
May 2023 Newsletter
- The next CentOS Connect will be colocated at Flock on August 2. Watch the website or social media for CFP and registration details.
- The CentOS project has started a podcast called Connections, where we talk to interesting people doing interesting things across the CentOS ecosystem. For our first episode, we talked to Fedora Community Architect Justin Flory about Red Hat Summit, Fedora, and Flock.
- Read the important notice about end dates for CentOS Stream 8 and CentOS Linux 7.
- The CentOS board has approved the new ISA SIG, which will explore enabling new processor features in CentOS builds. The team will focus on x86_64, but is open to contributors working on other architectures.
- The Cloud SIG has announced the availability of the RDO build for OpenStack 2023.1 Antelope for CentOS Stream and related systems.
- Fedora ELN x86_64 builds are switching to the x86_64-v3 baseline. This will be the baseline for CentOS Stream 10 next year.
- Adam Samalik announced that CentOS Stream 8 is now ahead of RHEL 8, following the same workflow as Stream 9. This was the intended workflow, but there was transition time on the engineering processes in the 8 timeframe.
SIG Reports
Each month, we publish a rotating selection of quarterly reports from our Special Interest Groups. This month includes reports from the Hyperscale, Kmods, and Cloud SIGs.
Hyperscale SIG
The Hyperscale SIG focuses on enabling CentOS Stream deployment on large-scale infrastructures and facilitating collaboration on packages and tooling.
Read the full Hyperscale SIG report.
- All of our conference talks are collected here. Here are the recent ones:
- Davide Cavalca presented the Hyperscale SIG update at CentOS Connect.
- Michel Salim presented One year on: Experiences using ebranch to bring over Fedora packages to EPEL at CentOS Connect and Upstream First: Meta’s Linux Userspace, meet Linux Distributions at SCaLE 20x.
- Alvaro Leiva Geisse and Anita Zhang hosted a systemd workshop at SCaLE 20x.
- The SIG gained 4 new members: Dalton Miner, Oleg Obleukhov, Vadim Fedorenko, and Alexander Bulimov.
- We hosted our second face to face Hypercale meetup at CentOS Connect/FOSDEM 2023. You can catch the notes here.
- We’ve enhanced our systemd Hyperscale documentation with additional instructions for release testing and SELinux policy updates.
- Our container build pipeline is fully automated, and container images are built on the CentOS OpenShift CI/CD infrastructure and published weekly on Quay.
- We have worked with CPE to enable the ability to use KIWI to build operating system images through CBS.
- All packages coming from Hyperscale will have a “CentOS Hyperscale SIG” vendor tag. This both makes provenance clear, and allows one to set allow_vendor_change=False in DNF to avoid SIG packages being replaced by stock CentOS packages with higher NEVRAs.
- An optimized version of zlib is in our “hyperscale-intel” repository. This version is identical to the one in CentOS Stream, but with two alternative hash implementations to provide fast and high-quality hash function on systems supporting SSE4.2 and AVX2 instructions.
- The latest kernel version in the Hyperscale SIG is kernel-5.14.0-76.hs2.hsx for CentOS Stream 8 and kernel-5.14.0-258.hs3.hsx.el9 for CentOS Stream 9.
- Package systemd has been updated to version 252.4.
- Package squashfs-tools has been updated to version 4.5.1.
- Package valgrind has been updated to version 3.20.0.
- Package grep has been updated to version 3.9.
- Package libslirp has been updated to version 4.4.0.
Kmods SIG
The Kmods SIG focuses on packaging and maintaining kernel modules for CentOS Stream and Enterprise Linux.
- No SIG members have been added since last report. We welcome anybody that’s interested and willing to do work within the scope of the SIG to join and contribute.
- A talk about the current status of the Kmods SIG and its used automation has been given at the CentOS Connect in Brussels, Belgium. A recording is available on YouTube.
- Fixed automation for Stream 8. This issue was caused by the recent modification of the Stream 8 workflow.
Cloud SIG
Packaging and maintaining different FOSS based Private cloud infrastructure applications that one can install and run natively on CentOS Stream.
General:
- A new RPM containing the CentOS Cloud SIG RPM GPG pubkey has been created: centos-release-cloud. This package is required by the also newly created centos-release-okd RPM, and going forward will also be required by the centos-release-openstack RPM that has so far contained the key.
RDO:
- CloudSIG has published the RDO Antelope release on Apr 18th based on upstream OpenStack Antelope. (https://lists.centos.org/pipermail/centos-devel/2023-April/142884.html)
- RDO is currently investigating the use of RPMs from the RDO CloudSiG repos to deploy them utilizing OpenStack-Ansible. The reason for this effort is to compensate for the retirement of the TripleO project as a deployment tool.
OKD:
- CloudSIG has built and published the cri-o and openshift-clients RPMs on CBS. Currently the builds aren’t automated, but they will be in the future using packit.dev.
- This is a big step towards producing CentOS Stream CoreOS (aka SCOS) with purely CentOS-sourced RPMs.
- Furthermore, new releases of OKD/SCOS were published, with the latest ones moving the stable release stream to version 4.13 and the .next release stream to version 4.14 (https://github.com/okd-project/okd-scos/releases)
Documentation:
- The documentation of Cloud SIG is now available at https://sigs.centos.org/cloud/
- The mkdocs based repository contains the source and is populated on https://pagure.io/centos-sig-cloud/documentation
May 25, 2023
CentOS Connect at Flock 2023
The CentOS team is excited to announce that we will be hosting a CentOS Connect event at Flock to Fedora on August 2, 2023. CentOS Connect is a series of mini-conferences that showcase the latest developments across the Enterprise Linux ecosystem. These events are usually colocated with other open source conferences to help reach a broad audience. Flock is Fedora's flagship annual conference, bringing together Fedora contributors and community members to share ideas.
Flock will take place August 2-4, 2023 in Cork, Ireland. CentOS Connect will be embedded in Flock as a dedicated track on August 2. Registration, CFP, and venue details will be available on the Flock website.
This will be Fedora's first return to an in-person Flock since 2019, and we're very excited to partner with them to make this amazing conference happen again. The developments in Fedora over the following year will set the stage for CentOS Stream 10, so this is an ideal time for us to come together and collaborate. We hope you're able to join us in Cork to enjoy these two amazing events together.
May 22, 2023
High Performance Zlib Compression
As a member of the Hyperscale SIG, Intel maintains a “hyperscale-intel” repository with optimized versions of packages, to help customers maximize their performance on Intel® architectures. As part of this work, we have released an optimized version of the Zlib package for both CentOS Stream 8 and CentOS Stream 9 yielding significant performance gains.
The optimized Zlib package is identical to the CentOS Stream Zlib package, but with two alternative implementations [1] to provide a fast and high-quality hash function on systems supporting SSE2 and AVX2 instructions. These result in dramatic ~11% and ~18% performance gains, respectively.
Performance Improvement Data
We evaluated the performance of our optimized versions in two distinct ways: 1) zpipe deflate, and 2)gnupg encryption. The results show tremendous improvement in all usages. For all tests, we averaged the results of 10 runs on both CentOS Stream 8 and CentOS Stream 9, and on Intel® platforms [2].
Zpipe Deflate
Since zpipe [3] directly uses Zlib's deflate() function, in this test we recompiled zpipe linking against the enhanced Zlib, then used it to compress a 750MB file.
zpipe < qt-everywhere-opensource-src-5.0.0.tar > /dev/null 2>&1
Compared to the standard version of Zlib, our optimized version yielded 4.3-5.2% and 16.1-16.2% speedups for the SSE and AVX2 implementations.
GnuPG Encrypt
Since GnuPG uses Zlib compression, we measured how long it takes to encrypt 128MB, 256MB, 512MB, and 1GB sized sample files using GnuPG.
dd if=/dev/random of=encryptfile bs=1M count=128/256/512/1024 echo 1234567890 | gpg -c --no-options --batch --yes --passphrase-fd 0 -o /dev/null encryptfile 2>&1
NOTE: We did not use the common Open Benchmarking GnuPG test [4] for this test, because it generates its input file from /dev/zero, making it an unrealistic representation of performance for most users. Our test scenario is identical to theirs, just with a realistic input file generated from /dev/random.
Compared to the standard version of Zlib, our optimized version yielded 11.5-13.2% and 16.0-18.1% speedups for the SSE and AVX2 implementations. The performance gains were fairly consistent across file sizes but did improve slightly at larger file sizes.
How To Use
These optimized Zlib packages are available now in the “hyperscale-intel” repository through the Hyperscale SIG. For more information on the Hyperscale SIG and how to use its repositories, please see its documentation [5].
The packages released in the “hyperscale-intel” repo have the more-performant Intel® Advanced Vector Extensions 2 (Intel® AVX2) implementations enabled, as they will yield the best results for most users. If you have a significantly older system without Intel AVX2 support, but still want to take advantage of the Intel® Streaming SIMD Extensions (Intel® SSE) enhancements, you can rebuild our package with the Intel SSE implementation enabled instead. This can be done by changing “--enable-avx2-slide” to “--enable-sse-slide” in the call to configure [6].
References
- https://git.centos.org/rpms/zlib/blob/c8s-sig-hyperscale-intel/f/SOURCES/zlib-1.2.11-x86_64-accelrated-slide-hash.patch
- Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available updates.
Intel® Xeon® Configuration: 1-node, 2x Intel(R) Xeon(R) Platinum 8360Y CPU @ 2.40GHz, 36 cores, HT On, Turbo On, Total Memory 256GB (4x64GB DDR4 3200 MT/s [3200 MT/s]), BIOS WLYDCRB1.SYS.0027.P82.2204080829, microcode 0xd000375, 2x Ethernet Controller X550, 1x I210 Gigabit Network Connection, 1x 894.3G INTEL SSDSC2KG96, CentOS Stream 8 (kernel 4.18.0-485.el8.x86_64) and CentOS Stream 9 (kernel 5.14.0-295.el9.x86_64), GnuPG 2.2.20 (C8S) and 2.3.3 (C9S) / Zlib 1.2.11, gcc 8.5.0 (C8S) and 11.3.1 (C9S), test by Intel on 02/22/2023. - https://github.com/madler/zlib/blob/v1.2.11/examples/zpipe.c
- https://openbenchmarking.org/test/pts/gnupg
- https://sigs.centos.org/hyperscale/
- https://git.centos.org/rpms/zlib/blob/c8s-sig-hyperscale-intel/f/SPECS/zlib.spec#_132
Notices & Disclaimers
Performance varies by use, configuration and other factors. Learn more on the Performance Index site.
Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available updates. See backup for configuration details. No product or component can be absolutely secure.
Your costs and results may vary.
Intel technologies may require enabled hardware, software or service activation.
© Intel Corporation. Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries. Other names and brands may be claimed as the property of others.
May 15, 2023
CentOS Board Meeting Recap, May 2023
The recording of the May CentOS Board meeting is now available.
The recording has timestamps so you can skip to the parts that interest you. Here are a few highlights of the meeting:
- The board discussed work left to be done around the ISA SIG (Issue 115) and the mission statement (Issue 85).
- We had a lengthy conversation about defining success and developing project goals.
- We discussed some issues around trademarks, including trademark use for mirrors (Issue 113 and Issue 114).
- We had brief updates on secureboot (Issue 67) and Azure images (Issue 3).
- Due to the cancellation of DevConf.US, we're working on moving CentOS Connect to Flock in August.
April 17, 2023
CentOS Board Meeting Recap, April 2023
The recording of the April CentOS Board meeting is now available.
The recording has timestamps so you can skip to the parts that interest you. Here are a few highlights of the meeting:
- The Board discussed the x86 SIG proposal with Florian Weimer. There's a general agreement that we want the SIG, but some differences on the scope of work, which affects the name.
- CentOS Linux 7 and CentOS Stream 8 will both reach end of life in 2024. We're working on messaging to ensure everybody has time to migrate. (Issue 93)
- We discussed the next steps in allowing SIGs to sign test repositories. (Issue 92)
- We talked about our presence at Red Hat Summit, as well as plans for events throughout the year.
April 13, 2023
CPE Quarterly Update Q1 2023
This is a summary of the work done by the CPE Team. Each quarter CPE Team together with CentOS and Fedora community representatives chooses the initiatives that will be worked on, in this quarter. The CPE Team is then split into multiple smaller sub-teams that will work on chosen initiatives + day to day work that needs to be done. Some of the sub-teams are continuous efforts in the team and some are created only for the initiative project.
This update is made from infographics and detailed updates. If you want to just see what’s new, check the infographics. If you want more details continue reading.
Infra & Releng
About
Purpose of this sub-team is to take care of day to day business regarding CentOS and Fedora Infrastructure and Fedora release engineering work. It’s responsible for services running in Fedora and CentOS infrastructure and preparing things for the new Fedora release (mirrors, mass branching, new namespaces etc.). This sub-team is also investigating possible initiatives. This is done by ARC (The Advance Reconnaissance Crew), which is formed from the Infra & Releng sub-team members based on the initiative that is being investigated.
Issue trackers
Documentation
Closed tickets
- CentOS Infrastructure - 88
- Fedora Infrastructure - 154
- Fedora RelEng - 165
Tasks finished
- New version of MBS available on EPEL8
- mdapi revitalization
- User count scripts
- Automate processing of fedora-scm-requests
- Centralise and update Fedora infra and releng SOPs
ARC Investigations completed
CentOS Stream
About
This initiative is working on CentOS Stream/Emerging RHEL to make this new distribution a reality. The goal of this initiative is to maintain CentOS Stream and develop new features for it.
Status: Continuous
Issue trackers
Documentation
Application URLs
FMN Replacement
About
FMN is a project that allows people in our community to get notified when messages that interest them fire on the message-bus, making the message-bus more useful to people that are not directly developing or troubleshooting applications running in our infra.
The current solution has plenty of tech debt and this initiative will rewrite it from scratch addressing all the issues.
Status: In Progress
Issue trackers
Documentation
Application URLs
CPE UX Collaboration
About
CPE UX team is working on Graphic Design, User Experience and User Interface for Fedora.
Status: Continuous
Issue trackers
EPEL
About
Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Linux (OL).
EPEL packages are usually based on their Fedora counterparts and will never conflict with or replace packages in the base Enterprise Linux distributions. EPEL uses much of the same infrastructure as Fedora, including buildsystem, bugzilla instance, updates manager, mirror manager and more.
Status: Continuous
Issue trackers
Documentation
CPE Documentation
About
CPE has a dedicated sub-team working on the documentation in Fedora.
Status: Continuous
Issue trackers
Application URLs
Epilogue
If you get here, thank you for reading this. If you want to contact us, feel free to do it in #redhat-cpe channel on libera.chat or matrix.org.
April 11, 2023
End dates are coming for CentOS Stream 8 and CentOS Linux 7
End dates are coming for CentOS Stream 8 and CentOS Linux 7
We’ve got an important message for Developers, Administrators, and Users.
Time flies when you’re building RPMs…
...and install images... and containers... and cloud images... and so much more!
Time files when planning system migrations too - so start planning now!
But, before we get there, OS migration time is a wonderful opportunity to test out your disaster recovery plans! Often, without much extra work, you can treat an OS migration like a system loss and validate your documentation, provisioning, configuration, fail-over, and backup systems against something besides a set of test hosts. It is hard to test these in production, but you could test them in pre-production with this migration.
CentOS Stream 8 End of Builds: May 31, 2024
We expect this to correspond roughly to the release of RHEL 8.10. CentOS Stream 8 is where new features are developed for RHEL 8. With the release of RHEL 8.10, RHEL 8 will be considered largely feature complete.
When we announced CentOS Stream we noted that it was designed to serve "as the upstream (development) branch of Red Hat Enterprise Linux." With RHEL 8 transitioning to Maintenance phase, CentOS Stream 8 has fulfilled its purpose.
After May 31, 2024, CentOS Stream 8 will be archived and no further updates will be provided.
There are a few good options for planning your migrations.
Migration/Upgrade options:
- Migrate to CentOS Stream 9
- Convert to RHEL 8, there are no cost licenses for use under some conditions
- Convert to another operating system in the Enterprise Linux ecosystem. Several projects have derived new operating systems from the CentOS and RHEL sources
Don't forget to review the RHEL Lifecycle to help select the right option for your systems!
The packages will be archived on vault.centos.org after May 31, 2024.
CentOS Linux 7 End of Life: June 30, 2024
RHEL 7 reaches End of Maintance on June 30, 2024. After June 30, 2024, there will be no updates published for CentOS Linux 7.
If you want to stay within the RHEL ecosystem, you’ll need to decide if you want to move to a RHEL8 or a RHEL9 based distribution. You should carefully read each of these to help select the right platform for your systems:
The packages will be archived on vault.centos.org after June 30, 2024.
You can also convert to RHEL7 and purchase Extended Lifecycle Support if you are unable to migrate your system before June 30, 2024.
DO NOT FORGET TO MIGRATE YOUR CONTAINERS!
Always remember to update your containers regularly. Even though it is an image, it still has components that might contain (ha ha) security issues.
You may want to review the Red Hat Enterprise Linux Container Compatibility Matrix as you look at how best to perform these updates and establish a regular update strategy.
One of these days, someone out there will find a vulnerable container hooked up to an autoscaler. On that day, the cluster will scale up the vulnerable containers so the folks exploiting it get good performance! What’s worse, if this container is on a paid cloud service, not only is it compromised, but somebody will need to pay off the extra costs generated by cloud-native compromised containers at scale.
Remember: always set resource limits and autoscaler limits on your containers!
Remember: containers are Linux systems too, update them regularly!
April 04, 2023
CentOS Hyperscale SIG Quarterly Report for 2023Q1
CentOS Hyperscale SIG Quarterly Report for 2023Q1
This report covers work that happened between January 9th 2023 and April 3rd 2023. For previous work, see the 2022Q3 report.
Purpose
The Hyperscale SIG focuses on enabling CentOS Stream deployment on large-scale infrastructures and facilitating collaboration on packages and tooling.
Membership update
Since the last update, the SIG gained four new members (Dalton Miner, Oleg Obleukhov, Vadim Fedorenko and Alexander Bulimov).
We welcome anybody that’s interested and willing to do work within the scope of the SIG to join and contribute. See the membership section on the wiki for the current members list and how to join.
Releases and Packages
Unless otherwise specified, packages are available in our main repository, which can be enabled with dnf install centos-hyperscale-release
. Please report any issues with these packages on our package-bugs tracker.
Documentation
We have continued streamlining our user documentation website and keeping its content up to date.
As previously mentioned, we would very much welcome any feedback and contributions you might have for this documentation.
systemd
We’ve enhanced our Hyperscale systemd documentation with instructions on how to test the new builds with stock CentOS Stream. In particular, it now includes instructions on how to debug and update the SELinux policy.
We updated our backport of systemd to v252. Along the way, we further reduced the number of deviations from the Fedora rawhide spec of systemd. We also fixed the accompanying selinux module, and updated the release docs to describe the latest release changes.
Kernel
The latest version in the Hyperscale SIG is kernel-5.14.0-76.hs2.hsx
for CentOS Stream 8 and kernel-5.14.0-258.hs3.hsx.el9
for CentOS Stream 9. We are working on a rebase to the latest CentOS Stream 9 kernel and incorporate support for building it for CentOS Stream 8 too.
Container images
Our container build pipeline is fully automated, and container images are built on the CentOS OpenShift CI/CD infrastructure and published weekly on Quay.
We provide both CentOS Stream 8 and CentOS Stream 9 variants at quay.io/centoshyperscale/centos
.
Spin images
We have worked with CPE to enable the ability to use KIWI to build operating system images through CBS. This is now enabled in CBS for Hyperscale. During efforts to produce images through CBS, we discovered Koji doesn’t import environment groups. We have worked around this issue in our image descriptions while we wait for this to be fixed. Currently, we are blocked on an issue whereby Koji fails the build due to not knowing all the artifacts to archive.
The remaining task is to figure out how the release pipeline is supposed to work from CBS to the mirrors.
Package updates
We have completed the rebuild of the remaining packages that still had a “CentOS” vendor tag; from now on, all packages coming from Hyperscale will have a “CentOS Hyperscale SIG” vendor tag. This both makes provenance clear, and allows one to set allow_vendor_change=False
in DNF to avoid SIG packages being accidentally replaced by stock CentOS packages with higher NEVRAs (which can someone happen when the SIG package hasn’t caught up yet).
We have published new backports of squashfs-tools
4.5.1 and valgrind
3.20.0 for CentOS Stream 8 and CentOS Stream 9. Our existing grep
backport has also been updated to 3.9 on both platforms. Finally, we have released a backport of libslirp
4.4.0 for CentOS Stream 8.
The kpatch
build in Hyperscale has been updated to 0.9.8, integrating a number of upstream improvements and improved support for clang PGO optimizations.
On the development front, our CI pipeline to detect package updates in upstream CentOS that would supersede our versions and alert us has received a number of reliability improvements and bug fixes, and is now tracking CentOS Stream 9 as well in parallel with CentOS Stream 8.
Intel repository
We maintain a “hyperscale-intel” repository with optimized versions of packages. As part of this work, we have released an optimized version of the zlib package for both CentOS Stream 8 and CentOS Stream 9 yielding significant performance gains. The optimized zlib package is identical to the CentOS Stream zlib package, but with two alternative hash implementations to provide a fast and high-quality hash function on systems supporting SSE4.2 and AVX2 instructions.
DNF/RPM stack with CoW support
The Copy-on-Write stack was rebuilt on top of the latest packaging changes in upstream CentOS.
We’re still in the process of reworking the CoW patchset to address the latest upstream feedback; once the discussion has settled we will publish an updated version.
OpenShift migration
The SIG has migrated its projects and data over to the new cluster.
Health and Activity
The SIG continues to maintain a healthy development pace.
Meetings
The SIG holds regular bi-weekly meetings on Wednesdays at 16:00 UTC. Meetings are logged and the minutes for past meetings are available.
The SIG uses the #centos-hyperscale
IRC channel for ad-hoc communication and work coordination; this channel is also bridged on Matrix in the #centos-hyperscale:fedoraproject.org
room. For async discussions and announcements we generally use the centos-devel mailing list. The SIG also holds open monthly video conference sessions to promote collaboration and social interaction.
Conference talks
Ali Koroglu, Davide Cavalca, Daan De Meyer, Neal Gompa, Quentin Deslandes and Richard Phibel attended CentOS Connect and FOSDEM 2023 in Brussels. At Connect, Davide presented the usual update on SIG activities and Michel Salim (joining remotely) talked about ebranch.
Anita Zhang, Davide and Michel later attended SCaLE 20x in Pasadena in March. Together with Alvaro Leiva Geisse, Anita presented a workshop on systemd and its usage. Michel also presented a talk on how Meta collaborates with upstream projects in the Linux distributions space.
In May, a number of SIG members are planning to attend LSFMMBPF and OSS NA in Vancouver. We have also submitted talks for and are planning to attend DevConf.CZ in Brno in June, Flock in Cork and DevConf.US in Boston in August.
As a reminder, we have a page keeping track of our conference presentations with links to recordings and slides where available.
Face-to-face meetup
The day before Connect, we also hosted our second face-to-face Hyperscale SIG meetup. Davide, Daan, Neal, Quentin and Richard participated in person, joined by Alasdair Kergon, Amy Marrich, Jonathan Wright, Fabian Arrotin, Pablo Greco and Shaun McCance. While this was primarily meant as an in-person event, we also had Anita and Michel joining remotely over a conference bridge.
Like the previous one, this event gave us an opportunity to socialize face to face, leading to plenty of great conversation and significant progress on several work items. The meetup wasn’t recorded, but there are notes of the discussion if you’re interested.
We will likely organize another in-person SIG meetup around one or more conference in the coming months, stay tuned for an announcement in the near future.
Live streams
The SIG periodically does work live on Twitch from its official Twitch channel. Interested parties who want to watch and interact with us as we do work should follow us on Twitch to get notified for when we stream.
Planned work
The SIG tracks pending work as issues on our Pagure repository. Notable projects currently in flight include:
- using CBS to build our spin images
- shipping an updated QEMU package in EPEL
- integrate btrfs transactional updates as an optional feature
Issues for the Board
We have no issues to bring to the board’s attention at this time.
March 15, 2023
CentOS Newsletter, March 2023
March 2023 Newsletter
- Brian Stinson announced that CentOS Stream 8 is transitioning to being ahead of RHEL8. This aligns CentOS Stream 8 with the CentOS Stream 9 workflow.
- Troy Dawson announced that EPEL 8 Modules are now retired.
- There was a web+docs meetup in Brussels. Shaun McCance posted a recap to centos-promo. Part of this work may involve decommissioning services running on older servers. Fabain Arrotin posted a series of emails requesting comments for forums, bugs, and wiki.
- Florian Weimer proposed an x86 SIG to explore builds that make use of recent x86-64 CPU features.
SIG Reports
Each month, we publish a rotating selection of quarterly reports from our Special Interest Groups. This month includes reports from the Virtualization and Alternative Images SIGs.
Alternative Images SIG
Read the full Alternative Images SIG report on the CentOS blog.
Virtualization SIG
oVirt updates:
Virtualization stack on PPC64LE for CentOS Stream:
- Kowshik Jois (bskjois) joined the SIG for helping on PPC64LE support for CentOS Stream 9 Virtualization
March 09, 2023
CentOS Board Meeting Recap, March 2023
The recording of the March CentOS Board meeting is now available.
The recording has timestamps so you can skip to the parts that interest you. Here are a few highlights of the meeting:
- Christian Glombek presented about CentOS Stream CoreOS & OKD Streams. This is a condensed version of the talk he gave at CentOS Connect. We unfortunately don't have a recording of that talk because of technical issues, so this is your chance to see it.
- We discussed the x86 SIG proposal. This conversation is ongoing.
- Issue 92: We discussed signing testing repositories
- We gave a recap of the work to migrate content off the wiki. See the post on centos-promo.
- Issue 93: We talked about the announcement around the EOL/EOB for CentOS Stream 8 and CentOS Linux 7 in 2024. Pat has written a post, and Shaun is working on how to display notices.
- We talked about events. We would like to find a home event for a North America West CentOS Connect to join our European event at FOSDEM and our US East event at DevConf.US. We also talked about how to do virtual events, and giving them their own identity distinct from the in-person CentOS Connect.
- We talked about doing a survey around CentOS awareness and sentiment.
March 03, 2023
Quarterly Report 2023Q1 – CentOS Alternative Images SIG
Quarterly Report 2023Q1 - CentOS Alternative Images SIG
This report covers what happened in our SIG between December 1, 2022 and February 28, 2023.
Purpose
Membership
No new members have been added this quarter. Membership can be requested by filing an issue on the SIG tracker or by asking during one of the regular IRC meetings.
Images
No non-scratch images have been created this quarter.
Health and Activity
We have finally gotten tags and targets on the CentOS Build System (CBS). This allows us to build images. There is still no way to get those images to mirrors and other places. So for the time being, all of our builds are scratch or test images.
Image Building Services
ImageBuilder
After investigation it was discovered that ImageBuilder would not work on CBS. After discussion the SIG decided to take ImageBuilder off our list of potential build services. One of the main reasons we wanted ImageBuilder was due to it's ability to create rpm-ostree images. We will look into creating those using kiwi.
Kiwi / LiveCD
We have been able to create test live images using Kiwi. Although the live images boot, the installer does install correctly yet.
Investigation has shown that kiwi should be able to make rpm-ostree images, but it will take some work. Currently, nobody has taken up the challenge to get it to work.
Issues for the Board
We have no issues to bring to the boards attention at this time.
February 27, 2023
CentOS Community Newsletter, February 2023
February 2023 Newsletter
CentOS Connect at FOSDEM
CentOS hosted its annual CentOS Connect at FOSDEM 2023. CentOS Connect is a series of mini-conferences where people from across the Enterprise Linux ecosystem can connect at learn. CentOS Connect at FOSDEM is the largest of these events.
This was our first return to being in person at FOSDEM, and we were very happy with the turnout and overall experience. We also ran the event virtually. We’re committed to running hybrid events, and we’ll continue to improve on the virtual experience. If you attended, either in person or virtually, check your email for a post-event survey. It only takes a few minutes, and it really helps us create better events for you in the future.
If you couldn’t make it, the videos are available to watch on YouTube.
Other FOSDEM Happenings
- CentOS had a booth at FOSDEM, right next to the Fedora booth. Our hats, mugs, and shirts were all gone by the end of the first day.
- We were in the distributions devroom. Adam Samalik presented about CentOS Stream.
- The CentOS Hyperscale SIG held a meetup the Thursday before CentOS Connect.
- We held a web+docs meetup the Monday after FOSDEM.
New Social Media
We started official CentOS pages on Facebook and LinkedIn. And in case you missed it, we’re also on Mastodon.
KDE EPEL Updates
Troy Dawson proposed changes to KDE packaging in EPEL. First, KDE Plasma Desktop in EPEL 8 will now stay at the current release, receiving only major security fixes, and possibly bug fixes when possible. Second, in EPEL 9 and beyond, there will be updates every six months, instead of once a year, corresponding with each minor RHEL release.
SIG Reports
Each month, we publish a rotating selection of quarterly reports from our Special Interest Groups. This month includes reports from the Cloud, NFV, Storage, and Promo SIGs.
Cloud SIG
Purpose
Packaging and maintaining different FOSS based Private cloud infrastructure applications that one can install and run natively on CentOS Stream.
Future activities
The SIG will work on building and delivering the RPMs consumed by OKD on SCOS.
Releases
There were no releases during this quarter. See below the most recent releases for each community:
Documentation
The documentation of Cloud SIG is in the process of migration from the old CentOS wiki to the new sigs.centos.org site. A new mkdocs based repository has been created and populated in https://pagure.io/centos-sig-cloud/documentation.
NFV SIG
Purpose
The CentOS Network Functions Virtualization SIG provides a CentOS-based stack that will serve as a platform for the deployment and testing of virtual network functions (VNFs) and NFV component packages on CentOS platform.
Currently, the main goal is to provide RPM packages of OpenvSwitch and Open Virtual Network software for CentOS Stream that can be used by other projects as oVirt, OpenStack or OpenShift.
Releases
New builds of openvswitch 2.15, 2.16 and 2.17 and ovn 2022 has been built and published in NFV OpenvSwitch repository.
Architecture
OpenShift community has shown interest in openvswitch for s390x architecture.
Currently, CBS doesn’t provide support to build s390x packages. As a workaround, builds of openvswitch for s390x have been created from latest NFV SIG srpms in Fedora COPR builder.
I wonder if there are any plan to enable this architecture in CBS and if other SIGs have received a similar request.
Documentation
The documentation for NFV SIG is in the process of migration from the old CentOS wiki to the new sigs.centos.org) site. A new mkdocs based repository has been created and populated in https://pagure.io/nfv-sig/.
Storage SIG
- Glusterfs no updates to glusterfs
- Ceph Quincy (17) no updates to ceph-17.
- Ceph Pacific (16) updated to ceph-16.2.11. packages are available for Stream 9, Stream 8, and CentOS 8.
- NFS-ganesha 4 and libntirpc 4 updated to 4.3. packages are available for Stream 9, Stream 8, and CentOS 7. NFS-ganesha 5 and libntirpc 5 are coming soon.
- Apache Arrow no update to libarrow.
- Apache ORC no update to liborc.
- Samba 4.17, updated to latest version 4.17.5 on Stream 9 and Stream 8.
- Samba 4.16, updated to latest version 4.16.8 on Stream 9 and Stream 8.
- Samba 4.15, in CVE fixes only mode.
Promo SIG
- Hosted CentOS Connect at FOSDEM.
- Hosted a booth at FOSDEM.
- Ran a web+docs meetups the day after FOSDEM. The team discussed the future of the wiki, consolidating various documentation resources, and general updates to our web sites.
- Hosted a booth at OLF Conference.
January 18, 2023
CentOS Board Meeting Recap, January 2023
The recording of the January CentOS Board meeting is now available.
The recording has timestamps so you can skip to the parts that interest you. Here are a few highlights of the meeting:
- We had our annual leadership check-in. Amy Marrich will continue as chair, Pat Riehecky as co-chair, and Thomas Oulevey as secretary.
- We have an open question about mirrors using the word "CentOS" in domain names. We have asked Red Hat legal.
- We discussed all the things happening around FOSDEM and CentOS Connect.
- CentOS Connect is February 3. Register for free if you plan to attend.
- CentOS and RDO will share a booth at FOSDEM. Fedora will also have a booth. We could use help with staffing.
- We are participating in the Distributions Devroom at FOSDEM on Sunday, February 5.
- We will have a web+docs working day on Monday, February 6, the day after FOSDEM. Leave a comment on the planning page if you'd like to join.
- The Hyperscale SIG will hold a meetup on Thursday, February 2. Register if you'd like to join.
- We are hosting a contributors dinner with Fedora. Details will be posted to mailing lists.
- We also have a booth at SCaLE, and we welcome help with staffing.
- Issue 88: We discussed improving the onboarding docs. This will be on the agenda for the web+docs day.
- Issue 85: The new vision statement is final. Where to publicize it will be on the agenda for the web+docs day.
January 13, 2023
CentOS Community Newsletter, January 2023
January 2023 Newsletter
CentOS Connect
CentOS Connect has been announced as a FOSDEM Fringe event. This free event takes place in Brussels on February 3, 2023, the day before FOSDEM. If you’re attending FOSDEM, join us at CentOS Connect to learn about CentOS and connect with the people who work on it.
CentOS Hyperscale SIG Meeting
The CentOS Hyperscale SIG will be holding an in-person meetup on February 2nd, 2023 at the DoubleTree Brussels City Center Hotel. This is the same venue hosting CentOS Connect on February 3rd, and only a short walk from where FOSDEM will be held over the weekend. The meetup is open to everybody interested – you don’t have to be a member of the SIG to attend, and we’d welcome participation from anyone interested in this space.
The event will be held from 9am to 5pm in the Birch room at the DoubleTree hotel. While this is an in-person event, we will do our best to setup a conference bridge so that remote participants can attend and interact as well.
Please register at https://www.eventbrite.com/e/centos-hyperscale-sig-meetup-connectfosdem-2023-tickets-505677965407 to help with the event planning.
CentOS Web+Docs Working Day
CentOS will be hosting a web+docs working day on Monday, February 6th, 2023 at the DoubleTree Brussels City Center Hotel. It will be held in the Birch room from 9am to 5pm. Everybody is welcome to attend and help us work on a content plan for our web sites and documentation. We can set up a video call for remote participation if there is interest.
Please see the web+docs day planning page if you’re interested. If you plan to attend in-person, let us know on the planning page.
SIG Reports
Each month, we publish a rotating selection of quarterly reports from our Special Interest Groups. This month includes reports from the Automotive, Hyperscale, Kmods, Alternate Images, and Virtualization SIGs.
Automotive
The Automotive SIG has published their report on the blog.
Hyperscale
The Hyperscale SIG has published their report on the blog.
Kmods
This report covers work that happened since last report. The previous report can be found here.
Purpose
Packaging and maintaining kernel modules for CentOS Stream and Enterprise Linux.
Membership Update
No SIG members have been added since last report. We welcome anybody that’s interested and willing to do work within the scope of the SIG to join and contribute.
Support for CentOS Stream 9 / EL9
The Kmods SIG provides packages for CentOS Stream 9 and EL9.
Support for CentOS Stream 8 / EL8
The Kmods SIG continues to provide packages for CentOS Stream 8 and EL8.
New Packages
See Kmods SIG’s documentation for lists of available packages. This documentation also provides further information, e.g. how to enable the Kmods SIG’s repositories.
Note that the kernel modules provided by the Kmods SIG are currently not signed with a private key. Hence it is required to disable Secure Boot to be able to use any of these kernel modules.
Please report any issues with these packages in the corresponding project on gitlab.com/CentOS/kmods or here in case the issue is not related to a particular package.
Recent Activities
There have been no notable recent activities. With all of the infrastructure (except the functionality to sign kernel modules) and automation set up, the decline in recent activities is expected.
Conference talks
A talk about the current status of the Kmods SIG and its used automation is scheduled for the CentOS Connect on February 3rd 2022 in Brussels, Belgium.
Health and Activity
The Kmods SIG maintains a healthy development pace.
Communication
Regular meetings are scheduled monthly, in the first week, on Monday at 1600 UTC in #centos-meeting. Everyone is welcome to join!
You can also get in touch with SIG members at any time in #centos-kmods.
Open Issues
- Signing kernel modules: This requires collaboration and further discussion with Infra SIG. Especially about how to securely store a SIG specific key that can be used in CBS, but is not accessible by any unauthorized person.
- Release packages for EL: The SIG would like to provide release packages to allow users running RHEL, or one of its clones, to easily access packages provided by the SIG. The current state can be tracked here and is discussed on the centos-devel mailing list (Link to archive).
Issues for the Board
We have no issues to bring to the board’s attention at this time.
Alternative Images
Purpose
To build and provide alternate iso images for CentOS Stream.
Membership Update
No new SIG members have been added this quarter.
Images
No images have been created this quarter.
Health and Activity
The Alternative Images SIG is fairly healthy. We are still setting everything up and finding out what everyone wants.
- We have finalized the meeting date and time, which is currently weekly.
- We have setup the wiki, CentOS Documentation, and pagure git repos
- https://wiki.centos.org/SpecialInterestGroup/AltImages
- https://sigs.centos.org/altimages/
- https://pagure.io/centos-sig-alt-images/sig
- We have established that we want to use the following image buildering services in cbs
- Livecd
- Kiwi
- Image Builder
- We have tickets open with CentOS Infrastructure for the setup of those services and are working with them in getting them setup.
- We are working on getting configurations setup in anticipation of those services coming online.
Issues for the Board
We have no issues to bring to the board’s attention at this time.
Virtualization
- On the oVirt side, CentOS Virt SIG now ships also oVirt Engine for CentOS Stream 9. Upstream released version 4.5.3 which is the one currently built within the SIG.
- Upstream community has been updated about Red Hat involvement in the project. This also applies to the Red Hat involvement for oVirt within the CentOS Virt SIG.
January 12, 2023
Quarterly Report – CentOS Automotive SIG
Membership update
- AutoSD, a streaming distribution of CentOS designed for in-vehicle automotive use cases.
- An Automotive SIG RPM repository that allows the community to expand the content of AutoSD or experiment with some of its parts.
- Sample images, built using OSBuild, which provide examples of how to assemble production images based on AutoSD, customized for some hardware, including container images, based on CoreOS/ostree technologies.
Health report and general activity narrative
https://wiki.centos.org/SpecialInterestGroup/Automotive/Meetings
January 10, 2023
CentOS Board Meeting Recap, December 2022
The recording of the December CentOS Board meeting is finally available after some holiday delays.
The recording has timestamps so you can skip to the parts that interest you. Here are a few highlights of the meeting:
- Issue 85: The Board likes the vision statement written by Pat Riehecky. It will be sent to the centos-devel mailing list and adopted if there are no objections.
- CentOS Connect is February 3 in Brussels, the day before FOSDEM. Amy Marrich reminded people to submit talk proposals, but as of this blog post, the accepted talks and full schedule have already been announced.
- Issue 90: There was a discussion about account names for SIG to publish images on Quay. Discussion is ongoing on the issue. The Hyperscale SIG has adopted an account naming strategy for various services, which we may use as a recommendation for other SIGs.
The next board meeting is Janurary 11 at 21:00 UTC, which is already tomorrow as of the publishing of this blog post. You can find details on the centos-devel mailing list.
January 09, 2023
CentOS Hyperscale SIG Quarterly Report for 2022Q4
CentOS Hyperscale SIG Quarterly Report for 2022Q4
This report covers work that happened between October 1st 2022 and January 8th 2023. For previous work, see the 2022Q3 report.
Purpose
The Hyperscale SIG focuses on enabling CentOS Stream deployment on large-scale infrastructures and facilitating collaboration on packages and tooling.
Membership update
Since the last update, the SIG gained one new member (Jun Wang).
We welcome anybody that’s interested and willing to do work within the scope of the SIG to join and contribute. See the membership section on the wiki for the current members list and how to join.
Releases and Packages
Unless otherwise specified, packages are available in our main repository, which can be enabled with dnf install centos-hyperscale-release
. Please report any issues with these packages on our package-bugs tracker.
Documentation
We have continued streamlining our user documentation website and keeping its content up to date.
As previously mentioned, we would very much welcome any feedback and contributions you might have for this documentation.
systemd
The latest version in the Hyperscale SIG is systemd 251.4 for both CentOS Stream 8 and CentOS Stream 9. We are still working on updating the SELinux policy for the Hyperscale build and would not recommend updating to systemd 251.4 if you need to enable SELinux.
We’re currently working on releasing systemd 252.4.
Kernel
The latest version in the Hyperscale SIG is 5.14.0-76.hs1.hsx for both CentOS Stream 8 and CentOS Stream 9. We are working on a rebase to the latest CentOS Stream 9 kernel and incorporate support for building it for CentOS Stream 8 too.
Container images
Our container build pipeline is fully automated, and container images are built on the CentOS OpenShift CI/CD infrastructure and published weekly on Quay.
We provide both CentOS Stream 8 and CentOS Stream 9 variants at quay.io/centoshyperscale/centos
.
Spin images
We have worked with CPE to enable the ability to use KIWI to build operating system images through CBS. This is now enabled in CBS for Hyperscale. During efforts to produce images through CBS, we discovered Koji doesn’t import environment groups. We’re working on working around this issue in our image descriptions while we wait for this to be fixed.
The remaining task is to figure out how the release pipeline is supposed to work from CBS to the mirrors.
Package updates
We have published new backports of zsh
5.9, fish
3.5.1, iperf3
3.11 and dmidecode
3.4 for CentOS Stream 8 and CentOS Stream 9 based on the packaging in Fedora. Our existing fio
backport has been updated to 3.32, and on CentOS Stream 8 we have also updated dwarves
to 1.24, bringing it in line with the version present in CentOS Stream 9 upstream.
The kpatch
build in Hyperscale has been updated to 0.9.7, integrating a number of upstream improvements and improved support for clang PGO optimizations.
We also now provide a backport of linuxptp
based off a recent git snapshot. This build also includes a number of patches developed at Meta for hardware support that are in the process of being upstreamed.
In the experimental repo, we now provide a backport of snapper
0.10 based on the Fedora packaging.
On the development front, our CI pipeline to detect package updates in upstream CentOS that would supersede our versions and alert us has received a number of reliability improvements and bug fixes, and is now tracking CentOS Stream 9 as well in parallel with CentOS Stream 8.
DNF/RPM stack with CoW support
The Copy-on-Write stack was rebuilt on top of the latest packaging changes in upstream CentOS, and we added support for disabling select RPMs from using RPM CoW. The compatiblity issue we had reported with some external packages has been root caused and reported, and we have implemented a workaround on our end to prevent conversion issues with non-compliant signature headers.
We’re in the process of reworking the CoW patchset to address the latest upstream feedback; once the discussion has settled we will publish an updated version.
Health and Activity
The SIG continues to maintain a healthy development pace.
Meetings
The SIG holds regular bi-weekly meetings on Wednesdays at 16:00 UTC. Meetings are logged and the minutes for past meetings are available.
The SIG uses the #centos-hyperscale
IRC channel for ad-hoc communication and work coordination; this channel is also bridged on Matrix in the #centos-hyperscale:fedoraproject.org
room. For async discussions and announcements we generally use the centos-devel mailing list. The SIG also holds open monthly video conference sessions to promote collaboration and social interaction.
The SIG will hold an in-person meetup in Brussels, Belgium on February 2nd, the day before CentOS Connect at FOSDEM. A number of SIG members will be present in person, and we will have a conference bridge setup for remote participants as well. Everyone is welcome to attend, see the event page for details and to RSVP.
Conference talks
Davide Cavalca will be presenting an update on the SIG activities at CentOS Connect at FOSDEM in February 2023. Several SIG members plan to attend Connect and FOSDEM in person. We also plan to have a presence at SCALE 20x in March 2023.
As a reminder, we have a page keeping track of our conference presentations with links to recordings and slides where available.
Live streams
The SIG periodically does work live on Twitch from its official Twitch channel. Interested parties who want to watch and interact with us as we do work should follow us on Twitch to get notified for when we stream.
Planned work
The SIG tracks pending work as issues on our Pagure repository. Notable projects currently in flight include:
- migrate to the new OpenShift instance
- using CBS to build our spin images
- shipping an updated QEMU package in EPEL
- integrate btrfs transactional updates as an optional feature
Issues for the Board
We have no issues to bring to the board’s attention at this time.
November 23, 2022
CentOS Community Newsletter, November 2022
November 2022 Newsletter
Project News
CentOS Connect has been announced as a FOSDEM Fringe event. This free event takes place in Brussels on February 3, 2023, the day before FOSDEM. If you’re attending FOSDEM, join us at CentOS Connect to learn about CentOS and connect with the people who work on it.
Alternate Images SIG
The Alternate Images SIG has officially been launched to provide additional operating system images, such as live media and alternate installations. Their meetings happen weekly on Thursdays at 1900 UTC in the #centos-meeting IRC channel.
OKD Streams
The OKD project has announced OKD Streams, stable OKD builds on the newly introduced CentOS Stream CoreOS. OKD is the community distribution of Kubernetes that powers Red Hat OpenShift.
SIG Reports
Each month, we publish a rotating selection of quarterly reports from our Special Interest Groups. This month includes reports from the Cloud, Promo, and Storage SIGs.
Cloud
Purpose
Packaging and maintaining different FOSS based Private cloud infrastructure applications that one can install and run natively on CentOS.
https://wiki.centos.org/SpecialInterestGroup/Cloud
Membership update
Continue to aid OKD and SCOS in onboarding into the community. OKD maintainer Christian Glombek will fill the vacant CloudSIG co-chair position.
Releases in the most recent quarter (or most recent release, if none in that quarter)
CloudSIG has published the RDO Zed release based on upstream OpenStack Zed. (https://lists.centos.org/pipermail/centos-devel/2022-November/120679.html)
The OKD Working Group has published the first OKD/SCOS (OKD on CentOS Stream CoreOS) MVP release in collaboration with the CloudSIG. (https://cloud.redhat.com/blog/okd-streams-building-the-next-generation-of-okd-together)
Health and activity
The Cloud SIG remains fairly healthy. And is still looking for other projects to join to expand it’s audience.
Promo
In August, we put on a Dojo at DevConf.US. This was our first return to in-person events. We also allowed virtual participation. The event went well overall, and has potential for future growth. Read the full event report.
We have been working on planning CentOS Connect at FOSDEM. CentOS Connect is a rebranding of CentOS Dojos. In the past, our FOSDEM Dojos have been our largest by far. We are planning for 100 people for a single-day event. This is smaller and shorter than pre-pandemic events.
Finally, a group from China has formally joined the Promo SIG to work on regional and localized outreach and promotion. We’re excited about the work they’re already doing, and we hope this paves the way for more regional promotion activities down the line.
Storage
Package updates since the last report:
- Glusterfs 10 updated to glusterfs-10.3, packages are available for Stream 9 and Stream 8.
- Glusterfs 9, updated to glusterfs-9.6, packages are available for Stream 9, Stream 8, and CentOS 7.
- Ceph Quincy (17) updated to ceph-17.2.5, packages are available for Stream 9 and Stream 8.
- Ceph Pacific (16) no update, however ceph-16.2.11 is likely coming soon.
- Ceph Octopus (15), updated to ceph-15.2.17, packages are available for Stream 9, Stream 8, and CentOS 8. This is the final update to ceph-15, which has reached EOL upstream.
- NFS-ganesha 4 and libntirpc 4, no updates, however nfs-ganesha-4.1 and libntirpc-4.1 updates are coming shortly.
- Apache Arrow updated to libarrow-9.0.0 in Stream 9, No update to Stream 8.
- Apache ORC no update to liborc.
November 11, 2022
November Board Meeting Recap
November Board Meeting Recap
The CentOS Board held its monthly meeting on Wednesday. The recording and minutes of that meeting are now available.
Here are a few highlights of the meeting:
- There is ongoing work on a vision statement spearheaded by Pat. We hope to present the final version in January.
- There are a number of open issues around trademark and logo use. We are looking at Fedora's efforts to revamp their logo use rules.
- There was a long discussion about recent requests for integration testing that the community can contribute to.
- There has been progress on trusting SIGs for secureboot.
- We intend to host CentOS Connect at FOSDEM on February 3. This is the Friday before FOSDEM. The full announcement is blocking on contract processes. Please plan to arrive a day early to join us.
- There will be a Distributions Devroom at FOSDEM. The CFP will be announced soon. Plan to spend your Sunday with us.
- We're looking into a web+docs hackfest after FOSDEM. If you're interest, let us know on the centos-devel mailing list.
We host a board office hours the week after each month's board meeting. For details on this month's office hours, check the centos-devel mailing list.
October 28, 2022
CentOS Community Newsletter, October 2022
October 2022 Newsletter
Project News
Modularity in EPEL 8
The EPEL team is retiring package modularity in EPEL 8. Modules were introduced in RHEL 8, but have since been phased out. They were never supported in EPEL 9.
Keylime Changes
The Keylime team has announced th new versions of keylime
and keylime-agent-rust
will include major changes in their configuration files. These changes are intended to ease future upgrades and to make the TLS setup more consistent.
SIG Reports
Each month, we publish a rotating selection of quarterly reports from our Special Interest Groups. This month includes reports from the Automotive, Hyperscale, and Kmods SIGs.
Automotive SIG
The AutomotivE SIG has posted their quarterly report on the mailing list.
Hyperscale SIG
The Hyperscale SIG has posted their quarterly report on the CentOS blog.
Kmods SIG
This report covers work that happened since last report. The previous report can be found here.
Purpose
Packaging and maintaining kernel modules for CentOS Stream and Enterprise Linux.
Membership Update
No SIG members have been added since last report. We welcome anybody that’s interested and willing to do work within the scope of the SIG to join and contribute.
Support for CentOS Stream 9 / EL9
The Kmods SIG provides packages for CentOS Stream 9 and EL9.
Support for CentOS Stream 8 / EL8
The Kmods SIG continues to provide packages for CentOS Stream 8 and EL8.
New Packages
See Kmods SIG’s documentation for lists of available packages. This documentation also provides further information, e.g. how to enable the Kmods SIG’s repositories.
Note that the kernel modules provided by the Kmods SIG are currently not signed with a private key. Hence it is required to disable Secure Boot to be able to use any of these kernel modules.
Please report any issues with these packages in the corresponding project on gitlab.com/CentOS/kmods or here in case the issue is not related to a particular package.
Recent Activities
The Kmods SIG has moved all of its resources to gitlab.com/CentOS/kmods. This includes all tooling to automatically detect required kernel module rebuilds due to kABI changes. We rely on GitLab CI for these kind of tasks.
Thanks to work done by the CentOS Infrastructure team there is now automatically created a Driver Disk for any kernel module released by the Kmods, or any other, SIG.
Health and Activity
The Kmods SIG maintains a healthy development pace.
Communication
Regular meetings are scheduled monthly, in the first week, on Monday at 1600 UTC in #centos-meeting. Everyone is welcome to join!
You can also get in touch with SIG members at any time in #centos-kmods.
Open Issues
-
Signing kernel modules: This requires collaboration and further discussion with Infra SIG. Especially about how to securely store a SIG specific key that can be used in CBS, but is not accessible by any unauthorized person.
-
Release packages for EL: The SIG would like to provide release packages to allow users running RHEL, or one of its clones, to easily access packages provided by the SIG. The current state can be tracked here.
Issues for the Board
We have no new issues to bring to the board’s attention at this time.
October 26, 2022
CPE Quarterly Update Q3 2022
This is a summary of the work done on initiatives by the CPE Team. Each quarter CPE Team together with CentOS and Fedora community representatives chooses initiatives that will be worked on in this quarter. The CPE Team is then split into multiple smaller sub-teams that will work on chosen initiatives + day to day work that needs to be done.
This update is made from infographics and detailed updates. If you want to just see what’s new, check the infographics. If you want more details, continue reading.
Infra & Releng
About
The purpose of this sub-team is to take care of day-to-day business regarding CentOS and Fedora Infrastructure and Fedora release engineering work. It’s responsible for services running in Fedora and CentOS infrastructure and preparing things for the new Fedora release (mirrors, mass branching, new namespaces, etc.). This sub-team is also investigating possible initiatives. This is done by ARC (The Advance Reconnaissance Crew), which is formed from the Infra & Releng sub-team members based on the initiative that is being investigated.
Issue trackers
Documentation
Members of sub-team
- Mark O’Brien (Team Lead) (mobrien)
- Kevin Fenzi (nirik)
- Fabian Arrotin (arrfab)
- Pedro Moura (pshmoura)
- Tomáš Hrčka (humaton)
- Anton Medvedev (amedvede)
- Michal Konečný (zlopez)
- Akashdeep Dhar (t0xic0der)
- Vipul Siddharth (siddhartvipul)
Closed tickets
- CentOS Infrastructure - 112
- Fedora Infrastructure - 150
- Fedora RelEng - 185
Mini-initiatives finished
Other tasks finished
- Mass update/reboots
- Mass rebuild for F37
ARC Investigations completed
CentOS Stream
About
This initiative is working on CentOS Stream/Emerging RHEL to make this new distribution a reality. The goal of this initiative is to maintain CentOS Stream and develop new features for it.
Status: In Progress
Issue trackers
Documentation
Application URLs
Members of sub-team
- Brian Stinson (Team Lead) (bstinson)
- Adam Samalik (asamalik)
- James Antill (jantill)
- Johnny Hughes
- David Fan (dfan)
- Stephen Gallagher (sgallagher)
- Troy Dawson (tdawson)
- Adam Saleh (asaleh)
FMN Replacement
About
FMN (FedMsg Notifications) is a project that allows people in our community to get notified when messages that interest them fire on the message bus, making the message bus more useful to people that are not directly developing or troubleshooting applications running in our infra.
The current solution has plenty of tech debt and this initiative will rewrite it from scratch addressing all the issues.
Status: In Progress
Issue trackers
Documentation
Application URLs
Members of sub-team
- Aurelien Bompard (Team Lead) (abompard)
- Ryan Lerch (rlerch)
- Nils Philippsen (nils)
- James Richardson (jrichardson)
CPE UX Collaboration
About
CPE UX team is working on Graphic Design, User Experience, and User Interface for Fedora.
Status: In Progress
Issue trackers
Members of sub-team
- Jess Chitas
- Emma Kidney
- Gbenga Oti
EPEL
About
Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group that creates, maintains, and manages a high-quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS, and Scientific Linux (SL), Oracle Linux (OL).
EPEL packages are usually based on their Fedora counterparts and will never conflict with or replace packages in the base Enterprise Linux distributions. EPEL uses much of the same infrastructure as Fedora, including a build system, Bugzilla instance, updates manager, mirror manager, and more.
Status: In Progress
Issue trackers
Documentation
Members of sub-team
- Carl George (Team Lead) (carlwgeorge)
- Diego Herrera
CPE Documentation
About
CPE has a dedicated sub-team working on the documentation in Fedora.
Status: In Progress
Issue trackers
Application URLs
Members of sub-team
- Petr Bokoc (pbokoc)
Epilogue
If you get here, thank you for reading this. If you want to contact us, feel free to do it in the #redhat-cpe channel on libera.chat or matrix.org.
October 03, 2022
CentOS Hyperscale SIG Quarterly Report for 2022Q3
CentOS Hyperscale SIG Quarterly Report for 2022Q3
This report covers work that happened between July 5th and September 30th. For previous work, see the 2022Q2 report.
Purpose
The Hyperscale SIG focuses on enabling CentOS Stream deployment on large-scale infrastructures and facilitating collaboration on packages and tooling.
Membership update
Since the last update, the SIG gained two new members (Quentin Deslandes and Richard Phibel).
We welcome anybody that’s interested and willing to do work within the scope of the SIG to join and contribute. See the membership section on the wiki for the current members list and how to join.
Releases and Packages
Unless otherwise specified, packages are available in our main repository, which can be enabled with dnf install centos-hyperscale-release
. Please report any issues with these packages on our package-bugs tracker.
Documentation
We have continued fleshing out our user documentation website, and recently completed a major restructuring that will hopefully make content easier to find and consume. Recent additions also include expanded and revamped documentation for SIG contributions around packaging and kernel, a rewrite of our branches policy and a new section on communications, with details around our channels where the SIG can be reached and our live streams.
As previously mentioned, we would very much welcome any feedback and contributions you might have for this documentation.
systemd
The latest version in the Hyperscale SIG is systemd 251.4 for both CentOS Stream 8 and CentOS Stream 9. While the “hs+fb” version has been tagged and rolled out within Meta, we are still working on resolving issues with SELinux policies in the “hs” version before tagging and releasing it. In the meantime, the “hs” version is available on CBS for testing.
If you’re interested in learning more about how we roll out systemd in the Hyperscale SIG, we did a talk about it at the CentOS Dojo this past August. You can find out more about this and our other systemd-related conference activities this quarter in the conference recap linked below.
Kernel
We have published a new build of the el8 kernel, which includes a bugfix for the perf package, which had previously been uninstallable.
Container images
Our container build pipeline is now fully automated, and container images are built on the CentOS Open Shift CI/CD infrastructure and published weekly on Quay.
Spin images
Neal has been working on image build descriptions for the Hyperscale Workstation, Cloud, and Vagrant images for CentOS Stream 9 using KIWI. In order to support that work, we worked with the CentOS infrastructure to get support for using KIWI for building images deployed to CBS and we’re now testing it. This is now live, though currently we cannot build release images through it due to issues with CBS assuming everything going out being RPM content.
Package updates
We’ve published updated backports of wireshark
(for CentOS Stream 8) and fio
(for both CentOS Stream 8 and 9), based on the existing Fedora packaging. We’ve also updated the ethtool
backport for CentOS Stream 9 to 5.16.
As part of the ongoing work to package QEMU in EPEL, we’ve started working on a Hyperscale backport to make it easier to iterate on this work. As a prerequisite, we’ve published updated backports of meson
, edk2
and SLOF
in the Experimental repository. We’ve also requested to add edk2
and SLOF
to CRB and upstreamed a couple of build fixes to the Fedora QEMU packaging.
DNF/RPM stack with CoW support
The Copy-on-Write stack was rebuilt on top of the latest upstream changes. We’ve also identified an incompatibility between CoW and some external packages from Microsoft that slightly deviate from the RPM specifications. As a result, we have improved our tooling robustness, and are engaging with Microsoft to get their packages fixed.
Health and Activity
The SIG continues to maintain a healthy development pace.
Meetings
The SIG holds regular bi-weekly meetings on Wednesdays at 16:00 UTC. Meetings are logged and the minutes for past meetings are available.
The SIG uses the #centos-hyperscale
IRC channel for ad-hoc communication and work coordination; this channel is also bridged on Matrix in the #centos-hyperscale:fedoraproject.org
room. For async discussions and announcements we generally use the centos-devel mailing list. The SIG also holds open monthly video conference sessions to promote collaboration and social interaction.
Conference talks
We’ve published a recap of our conference activities from the past few months on the CentOS Blog. As a reminder, we also have a page keeping track of our conference presentations with links to recordings and slides where available.
A number of SIG members are tentatively planning to attend FOSDEM in February 2023.
Live streams
The SIG periodically does work live on Twitch from its official Twitch channel. Interested parties who want to watch and interact with us as we do work should follow us on Twitch to get notified for when we stream.
Planned work
The SIG tracks pending work as issues on our Pagure repository. Notable projects currently in flight include:
- using CBS to build our spin images
- shipping an updated QEMU package in EPEL
- integrate btrfs transactional updates as an optional feature
Issues for the Board
We have no issues to bring to the board’s attention at this time.
September 29, 2022
CentOS Hyperscale SIG conference recap
In the past couple of months members of the CentOS Hyperscale SIG attended several conferences where they were able to share the work the SIG is doing and meet up in person, in some cases for the first time.
We have a page tracking conference presentations around Hyperscale-related topics. You can find references there to all talks mentioned below, including video recordings where available.
Conferences aren’t just about presentations though. The “hallway track” provides a great opportunity for serendipidous connection, and the various social events are often a great venue for folks to mingle and get to know each other in an informal setting.
If you’d like to meet us in person at a future event please reach out. We also generally cover conferences we plan to attend in our quarterly reports.
SCaLE 19x
Anita Zhang, Davide Cavalca, and Neal Gompa attended SCaLE 19x in Los Angeles at the end of July.
Anita presented two systemd-related talks: The Curious Case of Memory Growth which walks through debugging a regression in the Journal and – together with Alvaro Leiva Geisse – Journey into the heart of systemd, providing a practical introduction to systemd and its abilities.
Davide presented Building the future with CentOS Stream, covering the evolution of CentOS throughout the years and Meta’s learned experience engaging with the community.
Conferences videos for SCaLE have not been published yet, but recordings of the livestream feeds are available on YouTube, and linked from our tracking page as well.
CentOS Dojo and DevConf.US 2022
In August, Anita, Davide, David Duncan, Jack Aboutboul, Neal, and Quentin Deslandes attended DevConf.US 2022 and the co-located CentOS Dojo event.
Joined remotely by Daan De Meyer, Anita talked at Dojo about managing and automating systemd releases within the Hyperscale SIG in Adventures with systemd in Hyperscale. At the same event, Davide presented another Hyperscale SIG update covering the latest developments.
Also at Dojo, Neal talked about Making custom CentOS images with KIWI, which featured a live demo and a repository of example KIWI image build data files. Later in the week, Neal expanded on the subject of image building at his Golden Images for Scaling Up with the Best of Them talk during DevConf.US.
Shaun McChance also posted a report of this event on behalf of the Promo SIG.
Hyperscale face-to-face meetup
The day before Dojo, we also hosted the first face-to-face Hyperscale SIG meetup. Anita, Davide, David, Neal, and Quentin participated in person, joined by Shaun, who had helped organize the event. While this was primarily meant as an in-person event, we had a conference bridge setup to allow remote folks to join, which allowed people to follow the conversation and drop in and out as their scheduled allowed. Among others, Daan and Manu Bretelle participated in the event remotely this way.
We had a lot of great conversation at the meetup, covering specific work items, general brainstorming for future work and potential process improvements. Everybody agreed that the event was really useful and we will definitely try to organize more of these in the future.
The meetup wasn’t recorded, but there are notes of the discussion, and the various work items that were brought up will soon be reflected in tickets on our SIG tracker.
Linux Plumbers Conference 2022
Anita, Davide, Daan, Manu, and Quentin attended Linux Plumbers Conference 2022 in Dublin in September. This was a hybrid event, also allowing Michel Salim and Neal to attend remotely.
Anita organized the Service Management and systemd micro-conference, featuring day-long presentations and discussions around systemd. Daan presented there his latest work on Journal optimization in Slimming down the journal.
The conference also featured several Birds-of-a-Feather sessions to facilitate topic-specific discussion. Among others, SIG members participated in the systemd BoF and the Btrfs BoF.
Conferences videos for LPC have not been published yet, but recordings of the livestream feeds are available on YouTube, and linked from our tracking page as well.
September 22, 2022
CentOS Community Newsletter, September 2022
September 2022 Newsletter
Project News
Tru Stepping Down
Tru Huynh has decided to step down from the Board of Directors. We thank him for his many years of hard work on the Board and across the entire CentOS project.
Jefro Stepping Up
The CentOS Board has appointed Jeffrey “Jefro” Osier-Mixon to fill the vacancy. Jefro has been instrumental in developing the Automotive SIG.
Dojo @ DevConf
CentOS hosted a Dojo in Boston at DevConf.US. This free mini-conference featured nine talks on a variety of subjects from the Enterprise Linux ecosystem. We also live streamed and took questions from remote participants, which is something we plan to continue for future in-person events. The recordings are available on YouTube.
SIG Reports
Each month, we publish a rotating selection of quarterly reports from our Special Interest Groups. This month includes reports from the Artwork and Virtualization SIGs.
Artwork SIG
Purpose
The CentOS Artwork SIG exists to produce the CentOS Project visual identity. See https://wiki.centos.org/SpecialInterestGroup/Artwork
Membership Update
There is not membership changes. We are always looking for new members.
Releases
CentOS Brand v2
The CentOS Brand v2 is the new visual identity of the CentOS Project. We encorage you to use it abundantly. It was recently approved, and is where we will be transitioning to.
The source files related to CentOS Brand v2 are publicly available at centos-brand repository, which purpose is to:
- Consolidate devlopment of CentOS Brand design, usage, and presentation.
- Consolidate automation jobs for rendering the CentOS Brand consistently (e.g., through GitLab pipelines, that you could include on your own projects).
The CentOS Brand is released under the terms of Creative Commons Attribution-ShareAlike 4.0 International Public License, and usage limited by CentOS Trademark Guidelines.
The previous brand, CentOS Brand v1, is still ative and will stand so under the term “CentOS Classic” instead of just “CentOS”.
Healthy and Activity
Health
We are here; doing what we can, when we can.
Recent activities related to website redesign
The design of CentOS websites happens at jekyll-theme-centos repository, a gem-based theme for Jekyll. When a design change enters the theme, it can be reviewed immediatly to make corrections. The theme is available as open source under the terms of the MIT License. This section describes changes we are introducing into jekyll-theme-centos. Keep in mind these changes are not final.
Toolkit
We are moving jekyll-theme-centos development from Bootstrap 4 to Bootstrap 5. The number of custom CSS classes added on top of Bootstrap’s default ones is being reduced to make transition from one version to another easier in the future. As consequence, the HTML is also being rewritten to support Bootstrap-only classes and retire all those which aren’t. Though, there may be few exceptions still.
Typography
Montserrat and Overpass continue being the two typographies used in the website.
CentOS Brand Scalability
Presenting the CentOS Brand consistenly in different visual manifestations is high priority for the Artwork SIG. We are changing the file format from PNG to SVG to address rastered image quality degradation when the CentOS Brand is presented on very high resolution monitors. The SVG support seems to be pretty good in modern browsers.
Legibility on headers and footers
We are retiring the artistic motif background from website header and footers in favor of a plain color instead. The plain color at the moment is the same color used in CentOS Brand, to establish the visual connection with it. Footers and navbars backgrounds use a darker color to provide enough contrast with headers.
Before | After |
---|---|
![]() |
![]() |
The artistic motif is still relevant to reinforce the visual connection between different visual manifestations. So, it is still present in the home page, using CentOS Distribution screenshots.
CentOS Distribution
We are adding a carousel of screenshots related to CentOS Distributions. This has two purposes. One, connecting the CentOS Brand with the artistic motif used by default in the CentOS Stream distribution. Second, showing the world what CentOS Stream looks like with images, not just text.
News, events and blog posts
We are replacing a home page title, from “Around CentOS” to “Blog posts”. The position of these sections is being aligned horizontally instead of vertically.
CentOS Sponsors
The sponsors presentation occurs one-image-at-a-time, every few seconds. We are exploring a two rolling rows of 6 images each at the end of the home page, where the sponsors logo is randomly loaded from the entire list of active sponsors. In this layout, 12 sponsors will be always visible at once, in a reasonable amount of space, attractively. Hopefully, another set of 12 sponsors will be visible, the next time the home page is reladed, and so on.
The images used in the screenshot are marely for testing purpose, they don’t represent real sponsors in any way. Once the gem-based theme is installed, the sponsor images stored in the theme are ignored and the images stored in assets/img/sponsors/
directory are used instead.
The “becoming a sponsor” link is more visible now.
Before | After |
---|---|
![]() |
![]() |
We are retireing the sponsor section from the website footers in favor of the sponsor section in the website home page. Sites like mailling lists that need a sponsor image on footer, will continue using it.
Issues for the Board
None.
Virtualization SIG
In the last quarter upstream had a few releases with binaries now mostly shipped via CentOS Virt SIG:
We are now building kata-containers for c9s as well, with the latest release (2.5.0) already available.
September 06, 2022
How updates work in CentOS
This document is an attempt to explain the relationship between Fedora Linux, CentOS Stream and RHEL, with a specific focus around how package updates flow between them.
From Fedora to CentOS Stream
Fedora is where day-to-day development and innovation happens. Fedora Linux releases every 6 months and each release is maintained for about 13 months. Major changes should be (and almost always are) deployed in Fedora first, following the Change process. Fedora packages sources are maintained in dist-git and built in Fedora Koji.
At the beginning of the development cycle of a new CentOS major release (meaning, 9
, 10
, etc.), Fedora is branched into the new distribution. Historically, this is done from the current stable Fedora release at the branching time (e.g. Fedora 34 for CentOS Stream 9). After the distribution is branched, the development cycle for the new CentOS Stream release begins.
Nowadays, Fedora ELN helps prepare for the branching process by continuously rebuilding Rawhide (the development version of Fedora). This provides a view into what a new CentOS Stream could look like if it were branched from Fedora today, and ensures that the spec file logic stays compatible with the future set of EL macros and build flags at any given point in time.
From CentOS Stream to RHEL
CentOS Stream package sources are maintained in GitLab, and that is where most of the distribution development work happens after branching. Packages are built on the CentOS Stream Koji and are delivered as part of regularly-produced distribution composes. Composes for Stream are generated 2-3 times a week, and they usually include updates that have been released during that time window, but there is no actual SLA around updates flowing into Stream.
RHEL point releases are essentially, but not actually, a snapshot in time of a given Stream compose, with actual development work happening on the Stream side and showing up there first. In general, a given package will go through QA, then land into Stream, then down the road be incorporated into the next RHEL minor release. In this sense, Stream acts as a continuously-delivered preview of the next RHEL minor release. Aleksandra Fedorova also talks about this process in detail in her OpenInfra Summit talk.
Once a given RHEL release is out, the corresponding sources are delivered on git.centos.org, where they can be consumed by RHEL rebuild projects such as Alma Linux and Rocky Linux.
Deep dive: critical security erratas
As explained above, the general assumption is that packages will land in CentOS Stream first. There is one exception to this, which is embargoes security fixes and security erratas rated critical or important. These are developed by Red Hat and held until the embargo expires. They are then released to RHEL first, and then flow into Stream.
There’s two practical scenarios at hand here.
RHEL and CentOS Stream have a package with the same NVR
When an errata comes out for RHEL, the package is updated there. In this case, you will see the same NVR that came out for RHEL come out for Stream as well.
The polkit CVE from last December is a good example of this: both RHEL 8 and CentOS Stream 8 were at polkit-0.115-11.el8_4.1 before the CVE, and polkit-0.115-13.el8_5.1 fixes the CVE in both.
CentOS Stream has a package with a greater NVR than RHEL
In this scenario, CentOS Stream is ahead of RHEL for a given package. When an errata comes out for RHEL the package is updated there, but its version remains behind the Stream one. In this case, assuming the update still applies to the CentOS Stream version, a new update will be made for Stream, either by backporting the changes onto the latest Stream package version or by rebasing the package.
Another CVE, this time in libxml2, provides a good example of this. RHEL was at libxml2-2.9.7-9.el8 before the CVE, and issued a fixed package as libxml2-2.9.7-9.el8_4.2. Within Stream, the fix was instead included in libxml2-2.9.7-11.el8.
Deep dive: CentOS Stream 8
CentOS Stream 8 was the first version of CentOS where the Stream development process was introduced, and has some significant differences. Notably:
- CentOS Stream 8 package sources are hosted on git.centos.org (under the
c8s
branch) instead of GitLab - because of technical limitations, the contribution process for CentOS Stream 8 is different; the standard PR workflow isn’t supported, and the best way to contribute patches is by attaching them to a Bugzilla ticket against the relevant component
- CentOS Stream 8 packages are build on the Koji mbox instance
There is ongoing work to migrate CentOS Stream 8 onto the current development process and tooling, and the hope is to eventually minimize and hopefully eliminate these differences.
August 26, 2022
CentOS Community Newsletter, August 2022
August 2022 Newsletter
Project News
Dojo at DevConf
CentOS hosted a Dojo at DevConf.US in Boston. This was our first return to hosting in-person events, and we tried to include remote participants with a YouTube live stream. Thanks to everybody who joined us in Boston or online. We appreciate feedback on how we can improve hybrid events. The recordings will be published soon.
SIG Reports
Each month, we publish a rotating selection of quarterly reports from our Special Interest Groups. This month includes reports from the Cloud and Storage SIGs.
Cloud SIG
Purpose
Packaging and maintaining different FOSS based Private cloud infrastructure applications that one can install and run natively on CentOS.
https://wiki.centos.org/SpecialInterestGroup/Cloud
Membership update
The OKD (OpenShift community edition) team contacted the Cloud SIG in order to know whether they could join our effort. Their contributors are looking for the best way to provide OKD along with SCOS (CentOS Stream CoreOS) images. As OKD and SCOS onboard into the community, it was suggested one of the contributors fill the vacant CloudSIG co-chair position.
Releases in the most recent quarter
RDO
Yoga is still the latest release. RDO community is about to package the next release named “Zed” in a couple of weeks, which will be supported on CentOS Stream 9 only. As a reminder Yoga is used as a transitive Openstack release with CentOS Stream 8 and 9 support, in order to be able to migrate the OS from one to another.
Health and activity
The Cloud SIG remains fairly healthy. However, it is still, for the most part, a monoculture containing only OpenStack.
Storage SIG
Package updates since the last report:
- Glusterfs 10 updated to glusterfs-10.2, packages are available for Stream 9 and Stream 8.
- Glusterfs 9, no update to glusterfs-9.
- Ceph Quincy (17) updated to ceph-17.2.2, packages are available for Stream 9, Stream 8, and RHEL8.
- Ceph Pacific (16) updated to ceph-16.2.10, packages are available for Stream 9, Stream 8, and RHEL8.
- Ceph Octopus (15), no update to ceph-15.
- NFS-ganesha 4 and libntirpc 4, no updates.
- Apache Arrow updated to libarrow-8.0.1, packages are available for Stream 9, Stream 8.
- Apache ORC updated to liborc-1.7.5, packages are available for Stream 9, Stream 8.
Note: Dependencies for Ceph Quincy (17) and earlier that are not in CoreOS, CBR/PowerTools, or AppStream are provided by the Storage SIG. Starting with Ceph Reef (18) those dependencies will be provided by EPEL instead. This includes Apache Arrow (libarrow), Apache ORC (liborc), and a rather lengthy list of other packages. This will simplify building dependencies by only requiring that they be built in one place. Many developers and end users also tend to prefer EPEL, and enable EPEL by default, and this will reduce or outright eliminate conflicts between packages in EPEL and packages in the Storage SIG. And no, Ceph itself will not be in EPEL; it will remain solely in the Storage SIG.
Following are the updates for Samba:
- Samba 4.16, updated to latest version 4.16.3 on Stream 9 and Stream 8.
- Samba 4.15, updated till the latest version 4.15.8 on Stream 9 and Stream 8. RHEL8 builds are also available.
- Samba 4.14, in CVE fixes only mode.
Issues reported:
- In the light of user report for a crash during Samba daemon start up efforts are underway to ensure that system installed versions of dependent libraries like libtalloc, litdb, libtevent and libldb does not interfere with corresponding copies internally within builds.
CentOS Automotive SIG: First Year in Review
In August 2021, the CentOS Automotive SIG launched and held its first meeting with 36 participants. We had no infrastructure, no solid architectural plans, and no documentation - just a very motivated group that very quickly grew beyond Red Hat and into the automotive community.
Things have certainly changed since then! Technical lead Pierre-Yves Chibon has provided a list of the many accomplishments over the past year:
- We worked to define what the Automotive SIG is producing and we landed on three artifacts:
- AutoSD, a CentOS-Stream based linux distribution which is the public, in-development version of the Red Hat In-Vehicle Operating System (similar to CentOS Stream for RHEL).
- An Automotive SIG RPM repository that allows the community to expand the content of AutoSD or experiment with some of its parts.
- Sample images, built using OSBuild, which provide examples of how to assemble production images based on AutoSD, customized for some hardware, including container images, based on CoreOS/ostree technologies.
- We created a repository on gitlab, with the infrastructure to enable CI/CD for a basic distribution.
- We worked with the CentOS Infrastructure team to enable the use of gitlab namespaces for SIGs under the main “CentOS” namespace on gitlab.com. Documentation available
- We worked with the CentOS Infrastructure team to enable flat dist-git layout, allowing easy backporting of work done in Fedora but also a consistent developer experience for people working on Fedora, CentOS-stream and in the Automotive SIG.
- Similarly, we've worked with the CentOS Infrastructure team to allow the lookaside cache used by SIGs to support the same structure as the lookaside cache used in Fedora and in CentOS Stream. All of this work is now available to all CentOS SIGs (as opt-in) and is fully documented.
- We picked the Raspberry Pi 4 as our first demo hardware to support as it is (well, as it was…). We have included support for this hardware in the kernel-automotive package available both in the Automotive SIG RPM repository as well as in AutoSD itself.
- We are building a set of nightly images for different use-cases.
- For every merge-request opened against the repository hosting the definition of our sample images, we have CI running,validating that the changes we make do not break the building of our images
- Finally, we worked on documenting a large number of use cases, such as:
While we are proud of this work so far, it is just the beginning as we develop our relationships with other communities, including SOAFEE and Eclipse SDV, and further refine AutoSD. We hope to see you at a future meeting, or on our mailing list and Matrix chat.
July 18, 2022
CentOS Community Newsletter, July 2022
July 2022 Newsletter
Project News
Summer Dojo Videos
We held an online Dojo on June 17. Videos of the talks are now available.
DevConf Dojo
CentOS is hosting an in-person Dojo at DevConf.US. Dojos are free mini-conferences with sessions on a range of topics in the Enterprise Linux ecosystem. This Dojo takes place on August 17 at Boston University. Registration is free but strongly recommended. We also have a room block at the nearby Residence Inn. See the event page for details.
The call for presentations is open thru July 22. We’d love to hear what you’re doing with CentOS.
Hyperscale SIG Meetup
The CentOS Hyperscale SIG will be holding an in-person meetup on August 16th, 2022 at Boston University. This is the same venue hosting CentOS Dojo on August 17th and DevConf.us on August 18th-20th. The meetup is open to everybody interested – you don’t have to be a member of the SIG to attend, and we’d welcome participation from anyone interested in this space.
The event will be held from 9am to 5pm in the GSU conference room 310 at Boston University. While this is an in-person event, we will do our best to setup a conference bridge so that remote participants can attend and interact as well.
Please register at https://www.eventbrite.com/e/centos-hyperscale-sig-meetup-dojodevconfus-2022-tickets-384259589777 to help with the event planning.
CentOS CI
CentOS CI is going hardwareless. The CentOS CI team will be retiring hardware as it reaches end of life. They will take this opportunity to modernize infrastructure and move to a hybrid cloud environment.
Read the announcment and watch the video of the Dojo session on CentOS CI.
Alternate Images SIG Proposal
Troy Dawson has proposed an Alternate Images Special Interest Group. This SIG would produce ISO images that aren’t produced by the core CentOS Stream, including live images and alternate install images. Discussion is ongoing.
SIG Reports
Each month, we publish a rotating selection of quarterly reports from our Special Interest Groups. This month includes reports from the Software Collections, Hyperscale, Kmods, and Automotive SIGs.
Software Collections SIG
Purpose
Provide an upstream development area for various software collections and related tools.
Provide RedHat authored and released collection packages for CentOS.
Membership
No membership changes.
New members are always welcome, and they would help to alleviate the issues outlined below.
Releases and packages
No major releases in the last quarter.
The RedHat packages are being rebuilt and released semi-regularly.
Health and activity
The group is mostly passive, focusing on the rebuild and maintenance of existing packages.
It has a single active member (jstanek), and this shows in various places:
- The https://softwarecollections.org website is being kept online, but the content is out of date; technical issues with current hosting prevents log-in and updating the content.
- Changes in the CentOS infrastructure resulted in broken CI; rebuilt packages are no longer being tested automatically. Fixing this is planned, but no ETA.
In short, the amount of work needed grows faster than jstanek is able to keep up.
Additional members would be very welcome.
Hyperscale SIG
The Hyperscale SIG has posted their quarterly report on the CentOS blog.
Kmods SIG
This report covers work that happened since last report. The previous report can be found here.
Purpose
Packaging and maintaining kernel modules for CentOS Stream and Enterprise Linux.
Membership Update
No SIG members have been added since last report. We welcome anybody that’s interested and willing to do work within the scope of the SIG to join and contribute.
Support for CentOS Stream 9 / EL9
The Kmods SIG provides packages for CentOS Stream 9 and will for EL9 once available in CBS.
Support for CentOS Stream 8 / EL8
The Kmods SIG continues to provide packages for CentOS Stream 8 and EL8.
New Packages
See Kmods SIG’s documentation for lists of available packages. This documentation also provides further information, e.g. how to enable the Kmods SIG’s repositories.
Note that the kernel modules provided by the Kmods SIG are currently not signed with a private key. Hence it is required to disable Secure Boot to be able to use any of these kernel modules.
Please report any issues with these packages in the corresponding project on gitlab.com/CentOS/kmods or here in case the issue is not related to a particular package.
Recent Activities
The Kmods SIG is currently moving all of its resources to gitlab.com/CentOS/kmods. Moving to gitlab.com allows us to use the GitLab CI for the automated detection of required kernel module rebuilds due to kABI changes, i.e., it is now all public and everybody can see what’s going on. We also changed the structure of some of the kernel module repositories. Where appropriate we have dedicated source-git and dist-git repositories where the dist-git is auto-generated from the source-git and manual changes are only meant to be applied to the source-git repository. These changes were implemented to make it as easy as possible for everyone to contribute improvements or bug fixes.
Health and Activity
The Kmods SIG maintains a healthy development pace.
Communication
Regular meetings are scheduled monthly, in the first week, on Monday at 1600 UTC in #centos-meeting. Everyone is welcome to join!
You can also get in touch with SIG members at any time in #centos-kmods.
Open Issues
- Signing kernel modules: This requires collaboration and further discussion with Infra SIG. Especially about how to securely store a SIG specific key that can be used in CBS, but is not accessible by any unauthorized person.
- Driver Disks: The SIG would like to provide Driver Disks required to install CentOS Stream on unsupported hardware. The current state can be tracked here.
Issues for the Board
The Kmods SIG asks for clarification concerning the possibility of SIGs creating content for RHEL 8 and 9. Open questions include support for release packages, see extras-common tag, and for how long SIGs can expect to be able to build for RHEL, e.g., up till end of “Full Support” or “Maintenance Support” of the RHEL life cycle.
Automotive SIG
Membership update
This SIG does not have a formal membership process. The mailing list currently has 94 subscribers representing at least 30 organizations, though not all subscribers use corporate emails and some are participating as individuals.
Releases in the most recent quarter (or most recent release, if none in that quarter)
The SIG provides a new distribution: Automotive Stream Distribution (AutoSD), a CentOS Stream derivative designed specifically around the needs of an automotive OS, and transparently the upstream project for Red Hat’s eventual in-vehicle OS product. AutoSD has been downloaded and used by several organizations who have commented or asked for help, so we know it is getting some traction though of course we don’t have exact metrics on usage.
Health report and general activity narrative.
The SIG has had two public meetings per month, one formal and one informal “office hours”, each with 25-40 attendees, with visible participation from 7-10 separate organizations. This SIG is intended to be a community effort with contributions and shared benefits from all participants. All formal meetings are recorded and posted on this page:
https://wiki.centos.org/SpecialInterestGroup/Automotive/Meetings
Several Red Hat employees made the initial contributions to the project as well as the infrastructure required to build and test it. We now occupy a gitlab repository building software regularly using CI, with build instructions provided on the documentation page at https://sigs.centos.org/automotive/. Sample images are present and downloadable along with customization and build instructions.
This is a high-level summary of current activity:
- All work has migrating to a CentOS namespace within GitLab in order to cement our intention as a community project: https://gitlab.com/centos/automotive
- CI/CD infrastructure is in place
- Firmware size has been reduced
- Encryption is available via LUKS
- a Linux chroot is being worked on for Android devices
- manifests now enable EFI runtime services
- Lookaside cache structure
- Downloadable images are available: https://autosd.sig.centos.org/
- Documentation has been greatly expanded with both community and corporate contributions: https://sigs.centos.org/automotive/
- Documentation now includes detailed contribution guidelines: https://sigs.centos.org/automotive/contributing/contributing-to-auto-sig-repo/
- Ongoing discussions within the meetings have centered around supported hardware and expectations for documentation
- A new meetings page contains recordings of all meetings: https://wiki.centos.org/SpecialInterestGroup/Automotive/Meetings
- Synchronous communications have moved from IRC to Matrix thanks to some help from Fedora: https://app.element.io/#/room/#centos-automotive-sig:fedoraproject.org
Issues for the board to address, if any
None, keep up the excellent work
July 07, 2022
CentOS Hyperscale SIG Quarterly Report for 2022Q2
This report covers work that happened between April 5th and July 4th. For previous work, see the 2022Q1 report.
Purpose
The Hyperscale SIG focuses on enabling CentOS Stream deployment on large-scale infrastructures and facilitating collaboration on packages and tooling.
Membership update
Since the last update, the SIG members have remained the same.
Justin Vreeland has decided to step down as co-chair of the SIG, and Neal Gompa has been elected to fill the vacancy. We thank Justin for all of his work in establishing the SIG and getting it up to speed and welcome Neal in his new role as co-chair. Neal will be serving alongside Davide Cavalca, who remains in the other co-chair seat.
We welcome anybody that’s interested and willing to do work within the scope of the SIG to join and contribute. See the membership section on the wiki for the current members list and how to join.
Releases and Packages
Unless otherwise specified, packages are available in our main repository, which can be enabled with dnf install centos-hyperscale-release
. Please report any issues with these packages on our package-bugs tracker.
Documentation
We have continued fleshing out our user documentation website. Recent additions include details about our containers image build process and our ELN Extras workflow. We’ve also expanded our documentation around the systemd release process to cover the use of the CI/CD infrastructure. Finally, we have started formally documenting the SIG governance processes.
As previously mentioned, we would very much welcome any feedback and contributions you might have for this documentation.
systemd
The latest released version in the Hyperscale SIG is systemd 250.3, for both CentOS Stream 8 and CentOS Stream 9. We are in the process of deploying systemd 251.2.
We also updated the systemd daily CI to work with the new release process that was introduced along with the update to 250.3. The script was rewritten in Python and updated to run CI against both Centos Stream 8 and Centos Stream 9. On top of that, we added documentation on how to update the corresponding containers running in Openshift with any new changes made to the scripts.
Finally, we updated the release documentation in preparation for the release of 251.2.
Kernel
The brtfs-progs
package was updated to 5.16.2 on both CentOS Stream 8 and CentOS Stream 9. Additionally, we have started distributing the compsize
utility (based on its Fedora packaging) in the SIG experimental repository.
We have also updated the kpatch
package to include some additional bugfixes backported from upstream.
Container images
We have started working on automating the container build pipeline by leveraging the Open Shift CI/CD infrastructure. The in-progress work is currently up for review.
Package updates
We have published updated backports of the TPM stack for CentOS Stream 8, notably tpm2-tss
and tpm2-tools
, based on the existing Fedora packaging. Also for CentOS Stream 8, we have published a patched version of cloud-init
with support for newer EC2 metadata versions. We have also contributed upstream fixes for this for CentOS Stream 8 and CentOS Stream 9.
On the development front, we have spun up a CI pipeline to detect package updates in upstream CentOS that would supersede our versions and alert us, so that we can publish updates in a timely basis. This pipeline leverages the MQTT broker where git.centos.org event notifications are published. While this was written for Hyperscale, we hope it could be useful for other SIGs as well.
DNF/RPM stack with CoW support
The Copy-on-Write stack was rebuilt on top of the latest upstream changes.
Health and Activity
The SIG continues to maintain a healthy development pace.
Meetings
The SIG holds regular bi-weekly meetings on Wednesdays at 16:00 UTC. Meetings are logged and the minutes for past meetings are available.
The SIG uses the #centos-hyperscale
IRC channel for ad-hoc communication and work coordination; this channel is also bridged on Matrix in the #centos-hyperscale:fedoraproject.org
room. For async discussions and announcements we generally use the centos-devel mailing list. The SIG also holds open monthly video conference sessions to promote collaboration and social interaction.
Conference talks
Last quarter, Davide Cavalca presented an update on SIG activities at CentOS Dojo, Summer 2022 (slides, video).
A number of SIG members plan to attend CentOS Dojo, DevConf.US 2022 and DevConf.US 2022 in Boston next month. Davide Cavalca has submitted another update on SIG activities there, and Neal Gompa has submitted a talk to introduce image building. We also plan to hold a Hyperscale meetup alongside these events, likely on August 16th. Details will be shared as soon as the venue is finalized.
A SIG-adjacent talk around CentOS Stream will be presented at SCALE 19x later this month.
Live streams
The SIG periodically does work live on Twitch from its official Twitch channel. Interested parties who want to watch and interact with us as we do work should follow us on Twitch to get notified for when we stream.
Planned work
The SIG tracks pending work as issues on our Pagure repository. Notable projects currently in flight include:
- using CBS to build our spin images
- shipping an updated QEMU package in EPEL
- integrate btrfs transactional updates as an optional feature
- publish spin images for CentOS Stream 9
Issues for the Board
We have no issues to bring to the board’s attention at this time.
June 14, 2022
CentOS Community Newsletter, June 2022
June 2022 Newsletter
Project News
Online Summer Dojo
CentOS is hosting an online Dojo this Friday, June 17, from 14:00 to 20:00 UTC. CentOS Dojos are free miniconferences with talks on a variety of topics from CentOS and the wider Enterprise Linux ecosystem. This Dojo features seven talks, along with an informal chat with the CentOS Board of Directors.
Registration is free but required. Register today.
DevConf Dojo
In addition to our online Summer Dojo, we are hosting an in-person Dojo at DevConf.US on August 17, the day before the main DevConf talks. The call for presentations is now open.
SIG Reports
Artwork SIG
Purpose
The CentOS Artwork SIG exists to produce the CentOS Project visual identity. See https://wiki.centos.org/SpecialInterestGroup/Artwork
Membership Update
There is not membership changes. We are always looking for new members.
Releases
None.
Healthy and Activity
Health
We are here; doing what we can, when we can.
Recent activities related to CentOS Symbol redesign
The contrast issues related to CentOS Symbol redesign has been addressed with the following composition:
This design uses only two colors, the CentOS Purple (#a14F8C
) and the CentOS White (#ffffff
). The outer square is being considered an integral part of the symbol itself and must not be removed from it, to provide acceptable recognition on top of both dark and light backgrounds. From all the four CentOS colors available, the purple one seems to provide the best background neutrality.
Soureces related to this design are available at https://gitlab.com/areguera/centos-brand/-/tree/v2-centos-artwork-sig-issue-5 and you are welcome to contribute.
Tests related to size:
16x16 | 22x22 | 24x24 | 32x32 | 36x36 | 48x48 | 96x96 | |
---|---|---|---|---|---|---|---|
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
Tests related to contrast and overall presentation in default theme:
Tests related to contrast and overall presentation in dark mode theme:
Recent actitivities related to CentOS word transition from Denmark to Montserrat typography
Issue 71: The images necessary to implement the transition from Denmark to Montserrat typography are already in the centos-logos repository, the upstream location used to build the centos-logo package. Please, see the content provided in release 90.7. Presently, the centos-package is built based on source release 90.4.
The Artwork SIG cannot make changes in the centos-logo spec. We only can update the upstream repository with the images you need, and tag the changes with a new version, so for a Red Hat developer to do the source version swift.
Recent actitivities related to website visual corrections
It has been reported an issues related lists.centos.org visual presentation. See https://github.com/CentOS/ansible-role-mailman/issues/15.
A redesign simplification is being considered to “flatten” the web site presentation using CentOS colors only.
Issues for the Board
None.
Virtualization SIG
For oVirt:
- Membership update: new members from oVirt project joined the SIG: Sharon Gratch, Eitan Raviv, Harel Braha, Lev Veyde, Yedidyah Bar David, Ori Liel (please add yourself if I missed you as joined in the last quarter)
- Releases and Packages: oVirt 4.5.0 has been released upstream using CentOS Virtualization SIG for shipping binaries except for a few packages which couldn’t build within the CentOS Community Build Service.
- Health and Activity: oVirt is pretty active.
- Issues for the Board: CentOS Stream is lacking important and critical security updates compared to already released RHEL content. An effort on making CentOS Stream more secure would be welcome (example: as of June 1st the latest kernel in CentOS Stream 8 is kernel-4.18.0-383.el8 which was built on 2022-04-20, it’s laking CVE fixes delivered over the last 40 days in RHEL 8.6)
Powered by Planet!
Last updated: June 10, 2023 11:30 PM