January 17, 2020

User interviews, work room at FOSDEM Dojo

January 17, 2020 07:40 PM

On behalf of the Board, a group of us is working on an update to the CentOS Project goals that were originally laid out in 2014 and are online at centos.org/about. We’re hosting informal user and contributor interviews in a room throughout the day at the CentOS Dojo later this month in Brussels.

Please join us and share your open and honest experiences with CentOS the project, technologies, community, and so forth. We’d like to hear from you and, ultimately, see how your input can inform the goal-setting process and outcome. You are welcome to bring your questions about community, governance, project direction, other strategic thoughts, and so forth.

If you're interested in participating in this informal opinion-gathering, please come see Karsten or Rich at the Dojo, or at the CentOS table at FOSDEM.

/signed Karsten Wade on behalf of CentOS Board and other co-authors

January 16, 2020

Minutes for CentOS Board of Directors 2020-01-08 meeting

January 16, 2020 04:29 PM

Public minutes

On 2020-01-08 the CentOS Board of Directors held the first meeting of 2020, welcoming guest Rich Bowen, Community Architect for the CentOS Project.

The group talked through some background for each-other as part of the framework for updating the project goals. The Board is drafting a process that is for refreshing the project's goals openly and transparently. More details including a timeline should start rolling out in the middle of January to the centos-devel mailing list and announced on blog.centos.org.

The Board then heard from Jim Perrin as head of Community Platform Engineering (CPE) about the ongoing work around the EL 8 rebuild, SIG needs, and what the path forward might look like. He covered how the teams have been making realtime changes to build systems due to the differences in how CentOS Linux 8 and CentOS Stream need to be built. Regarding some open requests, discussions on the build root are coming soon, as the team raises their heads from work that has been underway. In general, Jim reported that tooling around the build systems are improving by force. He identified Aofie Maloney as a key contact to work with Rich Bowen on highlighting the ongoing work from CPE that affects various CentOS Project constituencies. We’re all hoping this communication helps raise visibility and focus questions about work to keep everyone better informed.

As a participant in the discussion, Rich Bowen agreed to write up a post for the community that covers the current situation of CentOS Linux 8 builds. This has been subsequently been posted:

https://blog.centos.org/2020/01/update-state-of-centos-linux-8-and-centos-stream/

In support of these efforts, the Board came to the following decisions, resolutions, and agreements:

  1. CentOS Project five-year goals refresh:
    1. AGREED: Available co-authors of the goals will be present to discuss the effort, conduct reviews, and create works during the CentOS Dojo before FOSDEM on 31 Jan 2020.
    2. ACTION: Karsten and Rich to arrange space of some kind at Dojo for open discussions around goals setting.
    3. ACTION: Karsten driving goals process document through current pre-draft phase.
  2. Project build systems discussion:
    1. ACTION: Rich to publish a statement/status for what is happening with CentOS Linux 8.
    2. ACTION: Rich to work with Aoife Moloney on what is being reported out of CPE for CentOS portion to highlight what is happening on an ongoing basis--a lot is happening, how do we highlight it?

Present at the meeting:

  1. Jim Perrin
  2. Karsten Wade (Secretary)
  3. Mike McLean
  4. Ralph Angenendt
  5. Tru Huynh [quorum]
  6. Karanbir Singh (Chair)
  7. Rich Bowen (guest)

January 14, 2020

Update: State of CentOS Linux 8, and CentOS Stream

January 14, 2020 09:01 PM

We wanted to update you on what is happening, largely out of sight to most of the community, on the CentOS Linux 8 front. We have appreciated the patience of the community, but we understand that your patience won’t last forever.

A lot of the work in rebuilding RHEL sources into CentOS Linux is handled by automation scripts. Due to the changes between RHEL 7 and RHEL 8, many of these scripts no longer work, and had to be fixed to reflect the new layout of the buildroot. This work has been largely completed, allowing us to pull the source from Red Hat without a lot of manual work. This, in turn, should make the process of rebuilding RHEL 8.2 go much more smoothly than RHEL 8.0 and 8.1 have done.

Once 8.1 has been released, work will begin on bringing this new codebase, along with CentOS Stream, in to CBS (https://wiki.centos.org/HowTos/CommunityBuildSystem) so that SIGs can build packages for CentOS Linux 8 and CentOS Stream.

We will discuss this, and give updates of progress, on the centos-devel mailing list over the coming weeks. Some of you have observed that the CentOS team tends to prioritize doing the work over talking about it. While that’s not all bad, it does tend to leave most of you in the dark as to what it is that is being worked on, and we’re committed to greater transparency going forward.

Once again, we appreciate your patience as we work through the growing pains of the 8 branch. We hope to share a more detailed (projected) timeline in the days to come, with the caveat that timelines always change as they are being worked.

January 07, 2020

CentOS PaaS SIG Quarterly Report

January 07, 2020 11:10 AM

Purpose

To build and distribute the Origin 3.x rpm packages to CentOS repository.

https://wiki.centos.org/SpecialInterestGroup/PaaS

Happy New Year and new endeavors

Happy New Year to all CentOS community!

As of 2020, the CentOS PaaS SIG wants to make a step towards a new endeavor to help and provide OKD 4.x as part of a wider community. However, for the time being we would like to announce that CentOS PaaS SIG charter will only be to mantain the existing Origin 3.x rpm packages published in the CentOS mirrors while we transition to the new OKD Working group (where all the development is taking place as we speak) which will ship the next version of OpenShift community.
As many of you already know, the OpenShift 4.x brought in a lot of innovation and changes in terms of the architecture, deployment and packaging compared with OpenShift 3.x and with that there been some changes with regards to the development relation between OCP/ OKD 4 which was very well covered in [1].
And last but not least, we would like to address the 1 mil $ question: Will there be an OKD 4.x based on CentOS as base OS ?

This topic was very much discussed in the OpenShift Working Group kick off meeting as well as the OpenShift dev mailer and the conclusion (captured in the roadmap [2] ) was:
The initial deliverable of OKD 4.x will be based on Fedora CoreOS as base OS since is the only distribution close to Red Hat CoreOS (rpm-ostree based system driven by Ignition) however should there be any community formed/ willing to develop/ create a CentOS rpm-ostree based system driven by Ignition, the OpenShift Working Group would welcome them (please join the meeting to discuss and maybe create a sub project as mentioned in the cahrter [4] )

Note, the CentOS PaaS SIG doesn't have the expertise in building / creating a new CentOS distribution nor the knowledge of any other initiative in the CentOS community.

We would like to send kudos to all our members who helped us with the SIG activities:

  • Daniel Comnea
  • Troy Dawson
  • Larry Brigman
  • Scott Dodson
  • Ari LiVigni
  • And many others...

To find out more information about the OKD Working Group, please visit [3] where you can find out the charter [4] as well as the approved roadmap for OKD 4.x [2]. Please do get involved [5] and if you find issues please open them in [6] (Bugzilla locations coming soon). You can also contact us on Slack in the #origin-users channel on openshiftcommons.slack.com and #openshift-dev on kubernetes.slack.com.

[1] https://github.com/openshift/okd/issues/26
[2] https://github.com/openshift/community/blob/master/ROADMAP.md
[3] https://github.com/openshift/community
[4] https://github.com/openshift/community/blob/master/CHARTER.md
[5] https://github.com/openshift/community#get-involved
[6] https://github.com/openshift/okd/issues

CentOS Community newsletter, January 2020 (#2001)

January 07, 2020 06:08 AM

Dear CentOS enthusiast,

For those of you who celebrate various things at this time of year, we wish you a wonderful time with family and friends.

IN THIS EDITION:

News

December, as usual, was very slow around here, with many people taking some time off around the end of the year. As such, I don't have much news to report this time.

Red Hat engineering continues to work towards on the tooling necessary to have an active CentOS Stream, and we hope to have an announcement about that this time next month.

Continuing the push for greater transparency and community participation, the Board of Directors has published the minutes from the December board meeting.

Releases and updates

Errata and Enhancements Advisories

We issued the following CEEA (CentOS Errata and Enhancements Advisories) during December:

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during December:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during December:

Other releases

The following releases also happened during December:

Events

December was very quiet, as it is in most years. If you represented CentOS at an event in December, please do let us know!

We have published a number of interviews from the Student Cluster Competition at the recent SuperComputing event in Denver:

University of Washington Student Supercomputing

North Carolina State Student Supercomputing

Shangjai Jiao Tong University Student Supercomputing

FOSDEM 2020, and Dojo

In just under a month, we will, as usual, have a table at the annual FOSDEM conference in Brussels, Belgium. This will be held on the first weekend in February, which is the 1st and 2nd of February, 2020. We'll be sharing the space with our friends from Fedora. Please drop by and see us.

And, on the day before FOSDEM starts, we'll be having our annual Dojo at the Marriott Grand Place. That's Friday, January 31st, 2020. The agenda is on the event listing page, and we would love to have you there.

We'll be having a lightning talks section this year, so if you have something you'd like to present about, but don't have enough for a full presentation, bring your notes and your ideas! Tell us about your favorite projects, your interesting discoveries, or your perplexing problem.

Attendance is free, but we would appreciate it if you register, so that we know how many people to plan for. We have limited space, so register soon before we are all full.

See you in Brussels!

Host a Dojo

If your University, company, or research organization, wants to host a CentOS Dojo, we would love to hear from you. You'll need a space where 100-200 people can attend technical talks, and someone who is able to work with us on logistics and talk acquisition. We'll help promote the event, and work with you to craft the schedule of talks. Drop us a note on the CentOS-Promo mailing list - https://lists.centos.org/mailman/listinfo/centos-promo - with your proposal.

SIG Reports

The SIGs - special interest groups - are where most of the interesting stuff in CentOS happens. They are communities packaging and testing layered projects on top of CentOS, and ensuring that they work reliably.

The PaaS SIG has provided their report as a separate blog post, and the Virtualization and Software Collections SIG reports are provided below.

Virtualization SIG

Purpose

Packaging and maintaining different FOSS based virtualization
applications that one can install and run natively on CentOS.

https://wiki.centos.org/SpecialInterestGroup/Virtualization

Membership Update

We are always looking for new members.

omachace__ joining Virt SIG for oVirt project volunteering for providing
ansible-runner related and mod_wsgi into Virt SIG

Welcoming Miguel Barroso mbarroso to Virt SIG for oVirt

Releases and Packages

oVirt

* upstream released oVirt 4.3.7
* Working on getting oVirt CentOS Stream packages, particularly oVirt 4.4

https://blogs.ovirt.org/2019/09/top-7-things-to-look-forward-to-at-ovirt-conference/
https://blogs.ovirt.org/2019/09/ovirt-and-centos-stream/

Xen

* Xen 4.12.1 available on CentOS 7
* Regular updates to 4.8, 4.10, 4.12 for security updates
* Upstream Xen 4.13 nearing release

Health and Activity

The Virtualization SIG remains fairly healthy. All the projects within
the SIG are updating regularly on biweekly meetings.

oVirt had a conference in Rome on 4 Oct.

oVirt also now has a new driver installer for Windows. If you have a VM
with the old drivers, it is recommended to uninstall them before
installing new ones.

The Xen Developer Summit was held 9-11 July in Chicago.

After an online discussion / survey, it was decided that the "primary
supported" version of Xen would always be the most recent version of
Xen-1. The current "primary" version is 4.8; once Xen 4.13 comes out
upstream (probably next week) we'll move this to 4.12.1. After that,
when 4.14 comes out, we'll update to the latest version of 4.13, and so on.

Issues for the Board

Both Xen and oVirt waiting for CentOS 8 support in the CBS. oVirt using
copr as a work-around for now.

Software Collections SIG

Purpose

The Software Collections SIG will provide an upstream development area for various software collections and related tools. Developers can build on and extend existing SCLs, so they don't need to re-invent the wheel or take responsibility for packaging unnecessary dependencies.

Details at https://wiki.centos.org/SpecialInterestGroup/SCLo

Releases:

  • The upstream release of RHSCL 3.4 was rebuilt and made available in the testing repositories since public beta. This release include collections of Nginx 1.16, NodeJS 12, PHP 7.3 and PostgreSQL 12.
    Maven 3.6 was also included upstream, but due to rebuilding and packaging difficulties, it is not available as of this report.

The successfully rebuilt collections are in process of being tested and released, and should be available on public mirrors shortly after this report is published.

Contributing

As with any open source project, there's a lot more than just code. If you want to get involved, but you're not a programmer or packager, there's still a ton of places where you can plug in.

  • Design - Graphic and design elements for the product itself, the website, materials for events, and so on, are always a great need. This is true of any open source community, where the focus on code can tend to neglect other aspects.
  • Events - While CentOS has an official presence at a few events during the year, we want a wider reach. If you're planning to attend an event, and want to represent CentOS in some way, get in touch with us on the centos-promo mailing list to see how we can support you.
  • Promotion - The Promo SIG does a lot in addition to just events. This includes this newsletter, our social media presence, blog posts, and various other things. We need your help to expand this effort.
  • Documentation - Any open source project is only as good as its documentation. If people can't use it, it doesn't matter. If you're a writer, you are in great demand.

If any of these things are of interest to you, please come talk to us on the centos-devel mailing list, the centos-promo mailing list, or any of the various social media channels.

We look forward to hearing from you, and helping you figure out where you can fit in.

Agenda for CentOS Board of Directors 2020-01-08 meeting

January 07, 2020 02:29 AM

Public agenda

On Wednesday 08 January 2020, the CentOS Board of Directors will hold its first meeting of the decade and 2020 calendar year. Below is the agenda for that meeting that can be shared with the community and wider public.

  1. Adopt minutes from 2019-12-18
  2. Build pipeline changes
    1. Update from Jim/KB
  3. Project goals refresh
    1. Working session with the draft process doc
    2. Planning to announce and begin process in coming weeks
  4. Rolling (last from 2019-12-18, new items to the rolling agenda highlighted as [NEW]):
    1. [NEW] Reporting on and better understanding the build process for CentOS Linux 8 and the update lag / point release challenges
    2. [NEW] Trademark Guidelines review:
      1. What works & what does not.
      2. What do we want to get fixed; who wants to work on that.
    3. [NEW] Looking at new Board membership and structure (ongoing)
      1. On hold while goals discussion is held, which includes a review and update of governance. We’ll figure out what model we want from that and how this idea might fit.
    4. Any other topics aka What other things do you want on our key initiatives list?
    5. New branding work underway
      1. Website update work: https://github.com/areguera/centos-style-websites
      2. Framework proposed into logo discussion: https://git.centos.org/centos/Artwork/issue/1#comment-62 
    6. Stepping-up our meeting norms (ongoing)
    7. Transparency initiatives (ongoing)

January 03, 2020

Minutes for CentOS Board of Directors 2019-12-18 meeting

January 03, 2020 07:34 PM

Public minutes

On 2019-12-18 the CentOS Board of Directors held the final meeting of the 2019 calendar year.

The meeting was focused primarily on how the Board can lead the project further into being a contributor-centric open source project while continuing to deliver value to our community of users. Of particular interest is growing participation in CentOS Streams in addition to ongoing efforts around CentOS SIGs.

As a centralizing effort, the Board agreed to revisiting the goals document created five years ago, and to undergo an effort to refresh those goals in the light of the project’s evolution. The Board will be inviting various stakeholders into these discussions as we undergo a public revision of the goals at the start of 2020.

In support of these efforts, the Board came to the following decisions, resolutions, and agreements:

  1. Image creation, signing, and distribution:
    1. AGREED: Board agrees there is a significant technical debt in the content flow. To address this the Board authorizes Community Platform Engineering (CPE) to commit engineering toward addressing this in early CY 2020.
    2. ACTION: Jim to work with Fabian/CPE to begin working on a signing and release solution for SIGs, work starting in Jan 2020.
    3. ACTION: Prioritize transparency and reporting to foster a better understanding of the build process for CentOS Linux 8, with an emphasis on the update lag/point release challenges
  2. Project strategic goals:
    1. AGREED: Undergo a revision of the project goals, to include a range of topics from technical to social/cultural. Do this work transparently, reaching out to specific community members and stakeholders such as RHEL Engineering.
  3. Consent agenda items:
    1. AGREED: Secretary role revitalized -- not formally in the governance yet, role is delegated meeting organization and management duties from the Chair to include calling for meetings, managing the private and public agenda for meetings, and handling the creation and release of private and public minutes. Karsten Wade has volunteered to take this role until approximately June 2020.
      1. ACTION: Early in 2020 Karsten & KB to draft governance updates to reflect the Secretary role.
    2. AGREED: Board confirms support for planning a shift to sharing auth backends with the Fedora Project.

December 13, 2019

Agenda for CentOS Board of Directors 2019-12-18 meeting

December 13, 2019 06:29 PM

Public agenda

On Wednesday 18 December 2019, the CentOS Board of Directors will hold it's last meeting of the 2019 calendar year. Below is the agenda for that meeting that can be shared with the community and wider public.

  1. Looking at if Community Platform Engineering (CPE) can begin to build and release CentOS Linux 8 and CentOS Stream into various public clouds.
  2. Review of signing and release solutions for SIGs in the new year.
  3. Rolling (last from 2019-11-13):
    1. Any other topics aka “What other things do you want on our key initiatives list for 2020?”
    2. New branding work underway
      1. Website update work: https://github.com/areguera/centos-style-websites
      2. Framework proposed into logo discussion: https://git.centos.org/centos/Artwork/issue/1#comment-62 
    3. Looking at new Board membership and structure (ongoing)
    4. Stepping-up our meeting norms (ongoing)
    5. Transparency initiatives (ongoing)

Public agenda consent items

  1. Secretary role revitalized -- not formally in the governance yet, role is delegated meeting organization duties from the Chair to include calling for meetings, managing the private and public agenda for meetings, and handling the creation and release of private and public minutes. Karsten has volunteered to take this role until approximately June 2020.
  2. Board intending to confirm support for planning a shift to sharing auth backends with the Fedora Project.

December 12, 2019

Shangjai Jiao Tong University Student Supercomputing

December 12, 2019 09:37 PM

At the recent SuperComputing event in Denver, I spoke with several of the teams at the Student Cluster Competition. One of them was the team from the Shanghai Jiao Tong University. You can listen to the full interview on YouTube at https://youtu.be/HpJRyF5S_4U

Rich: I'm with the team from Shanghai Jiao Tong University. They have just finished participating in the Student Cluster Competition. I wonder if you can tell me about your experience.

Shangai Jiao Tong: We think the competition was quite challenging for us. We're a first-time participant in the SC competition. We think we learned a lot about the competition, as well as other teams - we made a lot of friends. It was a pretty good experience.

R: How do you feel you did?

SJT: We think we did fine within our capabilities. Maybe not state of the art but pretty good, for us.

R: If somebody from another university was interested in participating, what advice would you give them?

SJT: Read the rules carefully before you participate, because we missed some of the points, and that cost us something. But, it's still fine. Just have fun.

R: I was wondering why you chose CentOS for your base operating
system.

SJT: Well, because it's well tested, stable, and performance is good. Mainly because it's well tested. Because we all use that in our test clusters back home.

R: Thank you so much for your time, and good luck.

North Carolina State Student Supercomputing

December 12, 2019 08:58 PM

At the recent SuperComputing event in Denver, I spoke with several of the teams at the Student Cluster Competition. I've already posted one of those interviews. I also had the chance to speak with the team from North Carolina State University, which was especially nice as they had sent a representative to the recent CentOS Dojo in Boston.

In this brief interview, which you can listen to in full on YouTube - https://youtu.be/-ziyUdEt_-M - we talked about their experience at the event, and what they would recommend other teams do to prepare.

Rich: I'm with a few of the members of the team from NCState. I was hoping you could tell me a little about your experience here.

NCState: It was absolutely fantastic. It's amazing to have all this hands-on experience with the cluster, and being in this competition, and while we were able to work with the cluster and practice at our University, here we had a very collaborative experience with a lot of other universities, and we appreciate that. It was exhausting, though.

R: Can you tell me about the mystery application?

Each year, there is a "mystery application" which is not announced until the team arrives onsite - whereas, the other applications they are able to prepare and practice with for months ahead of time.

NC: It was based off of the code they used to find an equation to go to Mars. And so they made a "dumbed down" version for us. That was a not too difficult application. But it was GPU based, which is really nice because a lot of the applications ended up not being GPU-based, and we had a very GPU-heavy system. But we got that up and running pretty quickly.

R: I was wondering if you could tell me why you chose CentOS as your base operating system.

NC: It's open source, which is important to us. And it was pretty stable. We wanted stability, instead of running into a lot of errors because of using too cutting edge. And because we didn't have to deal with any licensing. We just grabbed it and put it on the system. And I had a bit of experience because I put it on a personal computer at home to play around with it as well.

R: If someone from another university were interested in doing something like this, what advice would you give them?

NC: Start early. Definitely start early. Make contact with vendors and get hardware as soon as possible so you can start practicing. We were really new to this, and we've learned a lot, but there's still a lot to go. You have to budget a lot of time for this as students. Especially because you're taking a lot of other classes. It takes a lot of time to learn this. We came into this taking a few programming courses and knowing basic Linux command line skills, and now suddenly we're thrown into this with a lot going on. So, start early. Practice hard.

R: Thank you for your time and good luck when the results come out.

December 11, 2019

University of Washington Student Supercomputing

December 11, 2019 02:12 PM

At the recent Supercomputing conference in Denver, I spoke with the University of Washington Boundless DAWG student supercomputing team.

(You can listen to the full interview at https://youtu.be/MxzH7k57VHs)

Rich: I'm here with the team from the University of Washington at the Student Cluster Competition, at SC19. I was wondering if you could tell me about your experience. Was this a positive experience overall?

Univ Washington: Yeah, it was a super positive experience. We got to travel. We got to meet all kinds of new people - industry professionals - and we got to go out of our comfort zone. None of us had any HPC experience at all except for Andrei, who's our senior - our leader on the team, our spiritual leader. So we learned a lot in this experience. And we struggled. But we came through it as a team. And we expect that to show in the results.

R: What were some of the struggles?

UW: Well, we came without a rack. And we learned that we could be disqualified if we did not have our cluster in the rack by Monday at 9:30. So our spiritual leader, Andrei, had to find a rack on Craig's List, or Facebook Marketplace, and then drive to Boulder to get the rack for $100. But everything turned out to be alright, and we have our rack, and we're not disqualified, yet. So far.

R: That's amazing.

R: For those of you who didn't have any HPC experience going into this, what convinced you to join a venture like this?

UW: First of all, supercomputers are pretty awesome. So I wanted to learn a lot more about it. Also this seems like a pretty cool competition experience. There's not that many competitions that take place for most of a week. And also there's not that many competitions that allow underclassmen to be involved in supercomputing, let alone on the world stage.

R: Who were your primary sponsors for this?

UW: The primary sponsor was AWS. And we had secondary sponsors Melanox, Intel, Invidia, who provided Tesla V100s. And Melanox provided Infiniband to connect our nodes together. Intel and AWS teamed up to give us money to cover the rest of the hardware.

R: Why did you choose CentOS for your base operating system?

UW: I think one of the primary reasons we ended up going with CentOS is, looking at last year, virtually every team used CentOS in the competition. We knew right away that there was a reason for that, and part of that reason was very likely due to stability, compatibility, and after figuring out what some of the applications were, we also found out that some of the applications were only guaranteed to work with CentOS. So apparently they tested on only CentOS. Might as well not make it harder on ourselves by trying to use something different.

R: Thank you all for your time. Good luck when the results come out.

December 03, 2019

CentOS Community newsletter, December 2019 (#1912)

December 03, 2019 06:46 PM

Dear CentOS enthusiast,

For those of you who celebrate various things at this time of year, we wish you a wonderful time with family and friends.

IN THIS EDITION:

News

On 2019-11-13 the CentOS Board of Directors held their first meeting following the release of CentOS Linux 8 and announcement of CentOS Stream. As part of that meeting, the Board committed to greater transparency with the CentOS community, and you can read the minutes from the meeting on the CentOS blog.

In CentOS Stream news, Red Hat engineering is working on the procedures and tools for CentOS Stream tickets and patches to flow into the next release of RHEL. We expect to have details after the dojo in Brussels, in late January, which we can then pass on to you.

Releases and updates

This month has seen a moderate number of updates/releases:

Errata and Enhancements Advisories

We issued the following CEEA (CentOS Errata and Enhancements Advisories) during November:

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during November:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during November:

Events

SC19

A few weeks ago we were at SuperComputing in Denver. CentOS is a big part of the SuperComputing ecosystem, with many universities and research organizations using CentOS on their supercomputing infrastructure.

As usual, we spent a lot of time with the student teams in the Student Cluster Competition, where 12 out of the 16 teams were running CentOS. Look for interviews from this event on the CentOS blog in the coming weeks.

FOSDEM 2020, and Dojo

Early next year, we will, as usual, have a table at the annual FOSDEM conference in Brussels, Belgium. This will be held on the first weekend in February, which is the 1st and 2nd of February, 2020. We'll be sharing the space with our friends from Fedora. Please drop by and see us.

And, on the day before FOSDEM starts, we'll be having our annual Dojo at the Marriott Grand Place. That's Friday, January 31st, 2020. The agenda is on the event listing page, and we would love to have you there.

We'll be having a lightning talks section this year, so if you have something you'd like to present about, but don't have enough for a full presentation, bring your notes and your ideas! Tell us about your favorite projects, your interesting discoveries, or your perplexing problem.

Attendance is free, but we would appreciate it if you register, so that we know how many people to plan for.

See you in Brussels!

SIG Reports

The SIGs - special interest groups - are where most of the interesting stuff in CentOS happens. They are communities packaging and testing layered projects on top of CentOS, and ensuring that they work reliably.

SIGs report quarterly on what they've been working on.

CentOS Opstools SIG quarterly report

Purpose

The SIG will provide tools for operators, system administrators, devops and developers doing infrastructure engineering on content based on CentOS Linux.

Membership update

We are welcoming interested parties or persons to contribute. Over the past quarter, we neither saw increase nor decrease.

Health and Activity

We are waiting patiently for cbs to become updated to be able to build packages based on CentOS 8. That becomes more and more a blocker for us. E.g Opstools packages have been replaced by other sources for OpenStack Kolla, since e.g collectd builds based on CentOS 8 are unavailable. Once artifacts produced by the Messaging SIG become available, we'll gladly consume them rather than rebuilding them from other sources like Fedora koji.

Issues for the board

none right now.

Contributing

As with any open source project, there's a lot more than just code. If you want to get involved, but you're not a programmer or packager, there's still a ton of places where you can plug in.

  • Design - Graphic and design elements for the product itself, the website, materials for events, and so on, are always a great need. This is true of any open source community, where the focus on code can tend to neglect other aspects.
  • Events - While CentOS has an official presence at a few events during the year, we want a wider reach. If you're planning to attend an event, and want to represent CentOS in some way, get in touch with us on the centos-promo mailing list to see how we can support you.
  • Promotion - The Promo SIG does a lot in addition to just events. This includes this newsletter, our social media presence, blog posts, and various other things. We need your help to expand this effort.
  • Documentation - Any open source project is only as good as its documentation. If people can't use it, it doesn't matter. If you're a writer, you are in great demand.

If any of these things are of interest to you, please come talk to us on the centos-devel mailing list, the centos-promo mailing list, or any of the various social media channels.

We look forward to hearing from you, and helping you figure out where you can fit in.

November 27, 2019

Minutes for CentOS Board of Directors 2019-11-13 meeting

November 27, 2019 02:45 AM

Public minutes

On 2019-11-13 the CentOS Board of Directors held their first meeting following the release of CentOS Linux 8 and announcement of CentOS Stream.

As covered in this meeting, the CentOS Board are taking on an initiative to increase transparency of the working of the Board. This set of minutes for the community and wider public is the first instance of new, more transparent processes in action.

Topics covered in the meeting and via email are discussed below, and remain open on the Board’s rolling agenda for future conversation and actions:

  1. Board membership:
    1. The Board has been considering for some time adjusting the membership of the Board, in particular by adding new Directors. Discussions with potential new Directors will begin.
    2. All Directors discussed the need for future leadership of the CentOS Project to continue being able to straddle the project’s traditional footing on one side, and help drive a vision for the future on the other side.
  2. Transparency initiatives:
    1. All agree that the biggest need for transparency in the Project is at the Board level.
      1. Other groups e.g. SIGs are generally following good transparency practices
      2. Board Directors have been asked directly about this topic and the issue of the Board not releasing minutes from meetings.
      3. The Board’s infrequent meetings have not been configured to easily generate public topics, since most technical and day-to-day leadership happens in the SIGs especially the Core SIG and QA SIG.
    2. Next step -- improving Board meeting norms:
      1. AGREED: Publish (for next and future meetings) that there will be a meeting, and what the public portion of the agenda is, in advance of the meeting.
      2. AGREED: Publish a set of public minutes within 72 hours of the conclusion of a Board meeting
      3. AGREED: There will be a rolling element to the agenda so that items are not dropped between meetings but rather eventually addressed/resolved.
      4. ACTION: Karsten to write and publish this set of public meeting minutes
  3. New branding work underway - Karsten briefed the Board on the community efforts to consider the CentOS brand, logo, and overall branding in light of the addition of CentOS Stream.
    1. https://git.centos.org/centos/Artwork/issue/1
    2. https://lists.centos.org/pipermail/centos-devel/2019-November/018098.html
    3. AGREED: Board more actively drive approving/rejecting design ideas.
    4. AGREED: There will be a reasonable time for discussion around the potential brand changes, and the Board will ensure the discussion concludes in a timely manner.

November 21, 2019

CentOS Atomic Host 7.1910 Available for Download

November 21, 2019 10:30 PM

The CentOS Atomic SIG has released an updated version of CentOS Atomic Host (7.1910), an operating system designed to run Linux containers, built from standard CentOS 7 RPMs, and tracking the component versions included in Red Hat Enterprise Linux Atomic Host.

CentOS Atomic Host includes these core component versions:

  • atomic-1.22.1-29.gitb507039.el7.x86_64
  • rpm-ostree-client-2018.5-2.atomic.el7.x86_64
  • ostree-2019.1-2.el7.x86_64
  • cloud-init-18.5-3.el7.centos.x86_64
  • docker-1.13.1-103.git7f2769b.el7.centos.x86_64
  • kernel-3.10.0-1062.4.3.el7.x86_64
  • podman-1.4.4-4.el7.centos.x86_64
  • flannel-0.7.1-4.el7.x86_64
  • etcd-3.3.11-2.el7.centos.x86_64

Download CentOS Atomic Host

CentOS Atomic Host is available as a VirtualBox or libvirt-formatted Vagrant box, or as an installable ISO, or qcow2 image. For links to media, see the CentOS wiki.

Upgrading

If you’re running a previous version of CentOS Atomic Host, you can upgrade to the current image by running the following command:

# atomic host upgrade

Release Cycle

The CentOS Atomic Host image follows the upstream Red Hat Enterprise Linux Atomic Host cadence. After sources are released, they’re rebuilt and included in new images. After the images are tested by the SIG and deemed ready, we announce them.

Getting Involved

CentOS Atomic Host is produced by the CentOS Atomic SIG, based on upstream work from Project Atomic. If you’d like to work on testing images, help with packaging, documentation – join us!

You’ll often find us in #atomic and/or #centos-devel if you have questions. You can also join the atomic-devel mailing list if you’d like to discuss the direction of Project Atomic, its components, or have other questions.

Getting Help

If you run into any problems with the images or components, feel free to ask on the centos-devel mailing list.

Have questions about using Atomic? See the atomic mailing list or find us in the #atomic channel on Freenode.

November 04, 2019

CentOS Community newsletter, November 2019 (#1911)

November 04, 2019 07:33 PM

Dear CentOS enthusiast,

CentOS is more than just code. If you want to contribute in other non-code ways - documentation, design, promotion, events - we want to hear from you. See the "Contributing" section below for more details.

IN THIS EDITION:

News

This month the infrastructure team has been working hard on getting Centos 8 and CentOS Stream into the CBS (Community Build System). On the 29th, Thomas announced that this work had been completed and detailed what still needs to be done. If you're interested in building packages against either of these targets, you're encouraged to read that mailing list thread thoroughly, and ask any questions you may have there.

Earlier in the month, a meeting was held in Boston including representatives from various parts of Red Hat, discussing what needed to be done internally to facilitate the cooperation between the Red Hat Enterprise Linux (RHEL) Engineering and QE teams, and the CentOS community. There too, plenty remains to be done, but we're making progress towards making this a true upstream of RHEL. We appreciate your patience as we make the many changes that are needed to make this a success.

If you're considering using CentOS Stream, either in production, or as a development platform, we'd love to hear from you. We particularly want to hear what we can do better to help you succeed, so that we can make this platform something that serves everyone's needs.

Releases and updates

This month has seen a moderate number of updates/releases:

Errata and Enhancements Advisories

We issued the following CEEA (CentOS Errata and Enhancements Advisories) during October:

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during October:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during October:

Events

October was a quiet month for events, but we do have a couple of upcoming events that we want to be sure are on your calendar:

SuperComputing 19, Denver

As you may know, SuperComputing is overwhelmingly powered by CentOS. We'll be at SuperComputing19 in Denver in just a few weeks, hanging out at the Red Hat booth to discuss your SuperComputing and HPC needs.

FOSDEM and the CentOS Dojo

FOSDEM is one of the largest, and oldest, open source gatherings in the world. CentOS has had a presence there for many years, and we plan to be there again in 2020. FOSDEM is, as usual, the first weekend in February (Feb 1-2 2020) in Brussels Belgium.

CentOS expects to have a table in the main exhibitor area (we'll find out for sure in a couple weeks), and, from a content perspective, we encourage you to keep an eye on the distributions devroom, where content relating to CentOS, and other Linux distributions, will be presented.

Also, like every year, we plan to hold our CentOS Dojo on the Friday before FOSDEM - January 31st - at the Marriott Grand Place. Details are on the CentOS wiki. The call for presentations is now open. We want to hear what you're working on which may be of interest to the CentOS community. Have a look at last year's schedule for an idea of what kinds of talks we've run in the past.

The call for presentation closes on November 18th, so that we have time to build the schedule and promote the event a little more widely. So don't wait!

Contributing

As with any open source project, there's a lot more than just code. If you want to get involved, but you're not a programmer or packager, there's still a ton of places where you can plug in.

  • Design - Graphic and design elements for the product itself, the website, materials for events, and so on, are always a great need. This is true of any open source community, where the focus on code can tend to neglect other aspects.
  • Events - While CentOS has an official presence at a few events during the year, we want a wider reach. If you're planning to attend an event, and want to represent CentOS in some way, get in touch with us on the centos-promo mailing list to see how we can support you.
  • Promotion - The Promo SIG does a lot in addition to just events. This includes this newsletter, our social media presence, blog posts, and various other things. We need your help to expand this effort.
  • Documentation - Any open source project is only as good as its documentation. If people can't use it, it doesn't matter. If you're a writer, you are in great demand.

If any of these things are of interest to you, please come talk to us on the centos-devel mailing list, the centos-promo mailing list, or any of the various social media channels.

We look forward to hearing from you, and helping you figure out where you can fit in.

October 28, 2019

Fixing heat/fan issue on Thinkpad t490s running CentOS 8/Stream

October 28, 2019 11:00 PM

It's usually always a good thing to receive a newer laptop, as usually that means shiny new hardware, better performances and also better battery life. I was really pleased with previous Lenovo Thinkpad t460s and so the normal choice was its successor, also because default model following company standard, and so the t490s

When I received the laptop, I was a little bit surprized (had no real time to review/analyze in advance) by some choices :

  • No SD card reader anymore (useful when having to "dd" some image for armhfp tests)
  • Old docking style is gone and you have to connect through usb-c/thunderbolt
  • Embedded gigabit ethernet in the t490s (Intel Corporation Ethernet Connection (6) I219-LM (rev 30)) isn't used at all when docked, but going through usb-net device

Installing CentOS Stream (so running kernel 4.18.0-147.6.el8.x86_64 when writing this post) was a breeze, after I turned on SecureBoot (useful also because you can also use fwupd to get LVFS firmware updates automagically as I did for my t460s)

But quickly I realized a huge difference between my previous t460s and the new t490s : heat/temperature and so fan usage. To a point where it was really impossible to just even use our official video-conferencing solution : fan going crazy, laptop unresponsive (load average climbing to ~16), and video/sound completely "off-sync".

Dmesg was also full of such warnings :

[248849.131909] CPU1: Core temperature/speed normal
[248894.211874] CPU1: Package temperature above threshold, cpu clock throttled (total events = 1221232)
[248894.211897] CPU5: Package temperature above threshold, cpu clock throttled (total events = 1221232)
[248894.211902] CPU3: Package temperature above threshold, cpu clock throttled (total events = 1221233)
[248894.211903] CPU0: Package temperature above threshold, cpu clock throttled (total events = 1221233)
[248894.211903] CPU6: Package temperature above threshold, cpu clock throttled (total events = 1221233)
[248894.211904] CPU4: Package temperature above threshold, cpu clock throttled (total events = 1221233)
[248894.211905] CPU2: Package temperature above threshold, cpu clock throttled (total events = 1221233)
[248894.211905] CPU7: Package temperature above threshold, cpu clock throttled (total events = 1221233)
[248894.212895] CPU1: Package temperature/speed normal
[248894.212895] CPU5: Package temperature/speed normal
[248894.212908] CPU4: Package temperature/speed normal

After some quick research, I found some links about known issues on some (recent) Lenovo thinkpads and some possible solutions explaining the issue[s]:

Nice, or not so (still waiting for Lenovo to fix this through FW update for the t490s - when writing this blog post). I quickly tried to rebuild a community proposed fix and rpm is available in my Copr repository.

But, as stated on said github repo, it doesn't work with SecureBoot, so I temporary disabled it to test said fix, but it wasn't magical either, so I decided to re-eanble SecureBoot and be back in "normal" mode.

Then I found another interesting forum thread about t480 and fan/heat issue, so I decided to have a look.

Indeed : 'Thunderbolt BIOS Assist Mode' was disabled too in my case (wondering why it came with that disabled, while it was coming with RHEL8 installed, and pre-loaded) : let's enable it and see how that goes :

T490s settings

OMG ! instead of having a terminal open with "watch sensors" running, I wanted to have a quick look directly from gnome, so just installed the gnome-shell-extension-system-monitor-applet (available now in epel8-testing) and so far so good :

When running normal workload, while connected to Dock and two external displays), it runs like this :

temperature

And yesterday I was happy (ultimate test) to be in a video conf-call for more than one hour, with no video/sound issue and temperature just climbed a little bit, but nothing unusual when using such video call :

temperature

Hope it helps, also not if you run Linux on a t490s but any recent Lenovo Thinkpad (or even Yoga it seems) model. Now still waiting on Lenovo to release firmware for the throttling issue but at least the laptop is currently usable :)

October 08, 2019

CentOS Community newsletter, October 2019 (#1910)

October 08, 2019 03:40 PM

Dear CentOS enthusiast,

If you'd like to help out with the process of putting together the newsletter, please see the Contributing section at the end. We're always looking for help!

IN THIS EDITION:

Releases and updates

The big news in September was the release of CentOS Linux 8, along with CentOS Stream. CentOS Linux 8 is exactly what you expected - a rebuild of Red Hat Enterprise Linux (RHEL) 8 - but CentOS Stream is a new aspect of the CentOS Project that needs a little more explanation.

CentOS Stream is a rolling preview of what will be in the next minor release of RHEL. CentOS Stream will be updated regularly (the exact cadence is still a work in progress) and will give you the opportunity to verify your code and workloads against what’s coming next.

The motivation for doing this is to provide a platform where people can develop against CentOS Stream, and, by doing so, be ready for market the day that the next minor version of RHEL ships. CentOS Stream will be developer beta level code (not alpha) containing features ready for validation to include in the next minor release of RHEL. Red Hat wants CentOS Stream to be a great experience for developers to target the next minor release of RHEL (released every 6 months). Code that is delivered to CentOS Stream is what Red Hat engineers intend to go into the next minor release of RHEL and will have gone through CI.

If you’re interested in building a project on Stream, we encourage you to look into the SIGs - https://wiki.centos.org/SpecialInterestGroup - which are a place to package and test on CentOS, using the Community Build System (CBS) and the CentOS CI. Bring your ideas to the centos-devel mailing list, and we’ll help you figure out the way forward.

Finally, note that this is still a work in progress. We hope to have regular updates to CentOS Stream within the next few months, but tooling for that does not exist yet, and so there will be a lot of manual processes at first. We appreciate your patience while we get things up and running.

We are working on a feedback mechanism that is going to evolve over time. CentOS Stream must have the ability to get feedback and suggestions to be successful. We will announce details as things solidify.

You can download CentOS Stream, as well as CentOS Linux, at https://www.centos.org/download/ and you can read more details on the centos-devel mailing list, at https://lists.centos.org/pipermail/centos-devel/2019-October/017922.html

Errata and Enhancements Advisories

We issued the following CEEA (CentOS Errata and Enhancements Advisories) during September:

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during September:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during September:

Other releases

The following releases also happened during September:

Events

In September, we had a presence at the Webpros Summit (formerly the cPanel conference) in Atlanta, Georgia. The cPanel community are long-term supporters of CentOS, so this is always a fun event. It was also a great place for some early conversations about CentOS Stream as a place to develop and test products.

While there, Johnny Hughes gave an excellent presentation about the CentOS Linux 8 release, what's in it, and why it was a longer process than usual.

As usual, there's a number of events coming up where you can find members of the CentOS community.

October 28–30, in Portland, we'll be at LISA19, the\premier conference for operations professionals, where we share real-world knowledge about designing, building, securing, and maintaining the critical systems of our interconnected world. Come see us at the Red Hat booth with your CentOS questions and stories.

Then, in November, we'll be in Denver at SC19 - the international conference for high performance computing, networking, storage and analysis. Once again, come see us at the Red Hat booth. As usual, or main interest there is the always-awesome Student Cluster Competition, where tomorrow's HPC experts compete to build a supercomputer with off-the-shelf hardware and open source software ... and most of them choose CentOS. Supercomputing is #PoweredByCentOS!

Finally, I want to keep reminding you that we'll be doing another Dojo at FOSDEM, on January 31st 2020. Details will be coming soon to the CentOS Wiki. Think about what you might want to present about, and be sure to join us in Brussels!

Contributing to CentOS Pulse

We are always on the look-out for people who are interested in helping to:

  • Tell us what you're working on
  • Provide a report from the SIG on which you participate
  • Tell us about an event that you attended where there was CentOS content
  • Write an article on an interesting person or topic
  • Tell us about a news article that covered the use of CentOS in an interesting way
  • Suggest an topic that you'd like to see someone else write an article on

Please see the page with further information about contributing. You can also contact the Promotion SIG, or just email Rich directly (rbowen@centosproject.org) with ideas or articles that you'd like to see in the next newsletter.

 

 

September 24, 2019

CentOS 8 and CentOS Stream released

September 24, 2019 08:11 PM

We are excited to announce the release of CentOS 8, and of the new RHEL upstream, CentOS Streams. Details can be found on the CentOS-Announce mailing list.

September 17, 2019

Release for CentOS Linux 7 (1908) on the x86_64 Architecture

September 17, 2019 02:55 PM

We are pleased to announce the general availability of CentOS Linux 7 (1908) for the x86_64 architecture. Effectively immediately, this is the current release for CentOS Linux 7 and is tagged as 1908, derived from Red Hat Enterprise Linux 7.7 Source Code.

Full details are on the centos-devel mailing list.

September 02, 2019

CentOS Community Newsletter, September 2019 (#1909)

September 02, 2019 12:51 PM

Dear CentOS enthusiast,

If you'd like to help out with the process of putting together the newsletter, please see the Contributing section at the end. We're always looking for help!

IN THIS EDITION:

Releases and updates

August was unusually slow in terms of updates and errata - primarily because everyone has been focused on the CentOS 8 build.

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during August:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during August:

Events

August was another busy month for CentOS events.

At the beginning of the month, CentOS had a presence at DevConf.IN, the annual developer event in India. Vipul Siddharth represented us there, and wrote up a summary of that event.

The following week, we had a table at Flock, the annual Fedora conference, in Budapest, and Vipul also wrote a great writeup of that event on his blog.

On the 14th, we held our second annual CentOS Dojo at DevConf.US, featuring talks about Keylime, Terraform, Buildah, and other topics. We had roughly 35 people in attendance. The videos of the presentations are now available on the CentOS YouTube channel .

Then, we were at the Red Hat booth at the Open Source Summit in San Diego, August 21-23. We were able to meet many people who use CentOS in a variety of industries, and find out about their interests and concerns. If you dropped by, thanks. It's always a pleasure to talk with you at events.

Next month, we'll be at the cPanel event in Atlanta, September 23rd - 25th at the Atlanta Marriott Marquis. Our own Johnny Hughes will be talking about what's up with CentOS 8, and we'll have a booth where you can drop by for your CentOS swag needs. As you probably know, CentOS is the backbone of the web hosting industry, and the cPanel event is where they gather to discuss their trade. I hope to see you there!

And, looking forward just a little further, remember that FOSDEM is coming in just a few months, and we'll be there. We will, once again, be running a Dojo at FOSDEM. You can see details from this year's event in the CentOS wiki, and the 2020 event should look similar. Watch Twitter, the mailing lists, or whatever is your preferred channel, for updates soon.

SIG (Special Interest Group) Report

SIGs - Special Interest Groups - are where people work on the stuff that runs on top of CentOS.

The following are the SIG reports for this month.

CentOS Virtualization SIG Quarterly Report

Purpose

Packaging and maintaining different FOSS based virtualization applications that one can install and run natively on CentOS.

https://wiki.centos.org/SpecialInterestGroup/Virtualization

Membership Update

We are always looking for new members.

No changes in members this month.

Releases and Packages

oVirt 4.3 has been released and Virt SIG repositories are publicly available. oVirt 4.4 development is in progress upstream now

Health and Activity

The Virtualization SIG remains fairly healthy. All the projects within the SIG are updating regularly on biweekly meetings.

oVirt is planning a conference in Rome in  October 2019

Issues for the Board

oVirt pushed a patch for having a CentOS appliance including oVirt Guest Agent in https://github.com/CentOS/sig-cloud-instance-build/pull/127, it's under consideration for CentOS 7.7 inclusion.

oVirt would have been happy to consume CentOS 8 alpha / beta / development builds to be ready to ship packages for CentOS 8 on its GA. Would be nice to get early access to the rpms within the SIGs.

 

Opstools quarterly report, 01 June - Aug 31 2019

Purpose

Opstools provides tools for operators.

https://wiki.centos.org/SpecialInterestGroup/OpsTools

Membership update

No members left or were added to the SIG in the last quarter.

Health and activity

We are phasing out fluentd and sensu; patches have been proposed to OpenStack. Their respective replacements are rsyslog (included in RHEL) and collectd-sensubility. The latter is a plugin to collectd; it will create events in collectd which can be acted on as on other collectd events.

Once we'll have CentOS 8, we'd be rebuilding all our packages for RHEL8; opstools packages used to be consumed by OpenStack Kolla, but since there are no CentOS 8 builds, this relation has been dropped for now.

We intend to get the integration back, once there are builds based on CentOS 8.

Collectd has been updated to 5.9.0 and 5.9.1 upstream. We did not include these releases for now,
as they contain some severe bugs.

Issues for the board

none at the moment.

Contributing to CentOS Pulse

We are always on the look-out for people who are interested in helping to:

  • Tell us what you're working on
  • Provide a report from the SIG on which you participate
  • Tell us about an event that you attended where there was CentOS content
  • Write an article on an interesting person or topic
  • Tell us about a news article that covered the use of CentOS in an interesting way
  • Suggest an topic that you'd like to see someone else write an article on

Please see the page with further information about contributing. You can also contact the Promotion SIG, or just email Rich directly (rbowen@centosproject.org) with ideas or articles that you'd like to see in the next newsletter.

 

 

August 07, 2019

CentOS Community Newsletter, August 2019 (#1908)

August 07, 2019 07:02 PM

Dear CentOS enthusiast,

It's been another busy month, but better a few days late than never!

If you'd like to help out with the process of putting together the newsletter, please see the Contributing section at the end. We're always looking for help!

Releases and updates

We had a very large number of updates/enhancements in July:

Errata and Enhancements Advisories

We issued the following CEEA (CentOS Errata and Enhancements Advisories) during July:

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during July:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during July:

Events

Last week we were at DevConf.in in Bangalore. If you dropped by, thanks!

Next week - August 14th - we'll be gathering at Boston University, in Boston, Massachusetts, for the second annual CentOS Dojo at DevConf.US. There's still space to register, if you wish to attend. In addition to the regular sessions, there will be an opportunity to give lightning talks about what you're working on, as requested by last year's attendees. More details are available on the event wiki page.

And the week after that - August 21-23 - we will be at the Open Source Summit in San Diego. Drop by to see us at the Red Hat booth!

If you are presenting anything about CentOS, at any event anywhere in the world, please do let us know, so that we can promote your presence there, and your talk.

If you'd like to run a CentOS Dojo, or other community event, we may be able to help. Get in touch via the centos-devel mailing list, or via our Twitter account @CentOSProject.

Contributing to CentOS Pulse

We are always on the look-out for people who are interested in helping to:

  • Tell us what you're working on
  • Provide a report from the SIG on which you participate
  • Tell us about an event that you attended where there was CentOS content
  • Write an article on an interesting person or topic
  • Tell us about a news article that covered the use of CentOS in an interesting way
  • Suggest an topic that you'd like to see someone else write an article on

Please see the page with further information about contributing. You can also contact the Promotion SIG, or just email Rich directly (rbowen@centosproject.org) with ideas or articles that you'd like to see in the next newsletter.

 

August 06, 2019

CentOS Dojo at DevConf.US – August 14th, 2019 in Boston

August 06, 2019 04:11 PM

The CentOS Project is pleased to be hosting a one-day Dojo, in conjunction with the upcoming DevConfUS conference, on August 14, 2019.

The one-day event, located on the campus of Boston University in the George Sherman Union Building, will feature talks on:

  • Running CentOS and Terraform on AWS
  • Supercomputing at NC State University
  • An Introduction to Keylime
  • Using Applications Streams
  • Lightning talks about what you’re working on

The event is free, but attendees should register for the event so planners can get an idea of attendance. 

In the evening we’ll be gathering at a local watering hole for less formal discussions, accompanied by food and great local beers - location to be announced on the day of the event!

CentOS will continue its presence at DevConfUS with a booth and various talks, so even if you miss the Dojo, there’s still plenty of time to meet with folks working on CentOS. We look forward to seeing you soon!

July 10, 2019

CentOS Atomic Host 7.1906 Available for Download

July 10, 2019 10:37 PM

The CentOS Atomic SIG has released an updated version of CentOS Atomic Host (7.1906), an operating system designed to run Linux containers, built from standard CentOS 7 RPMs, and tracking the component versions included in Red Hat Enterprise Linux Atomic Host.

CentOS Atomic Host includes these core component versions:

  • atomic-1.22.1-26.gitb507039.el7.centos.x86_64
  • rpm-ostree-client-2018.5-2.atomic.el7.x86_64
  • ostree-2018.5-1.el7.x86_64
  • cloud-init-18.2-1.el7.centos.2.x86_64
  • docker-1.13.1-96.gitb2f74b2.el7.centos.x86_64
  • kernel-3.10.0-957.21.3.el7.x86_64
  • podman-1.3.2-1.git14fdcd0.el7.centos.x86_64
  • flannel-0.7.1-4.el7.x86_64
  • etcd-3.3.11-2.el7.centos.x86_64

Download CentOS Atomic Host

CentOS Atomic Host is available as a VirtualBox or libvirt-formatted Vagrant box, or as an installable ISO, or qcow2 image. For links to media, see the CentOS wiki.

Upgrading

If you’re running a previous version of CentOS Atomic Host, you can upgrade to the current image by running the following command:

# atomic host upgrade

Release Cycle

The CentOS Atomic Host image follows the upstream Red Hat Enterprise Linux Atomic Host cadence. After sources are released, they’re rebuilt and included in new images. After the images are tested by the SIG and deemed ready, we announce them.

Getting Involved

CentOS Atomic Host is produced by the CentOS Atomic SIG, based on upstream work from Project Atomic. If you’d like to work on testing images, help with packaging, documentation – join us!

You’ll often find us in #atomic and/or #centos-devel if you have questions. You can also join the atomic-devel mailing list if you’d like to discuss the direction of Project Atomic, its components, or have other questions.

Getting Help

If you run into any problems with the images or components, feel free to ask on the centos-devel mailing list.

Have questions about using Atomic? See the atomic mailing list or find us in the #atomic channel on Freenode.

July 09, 2019

IBM, Red Hat, and CentOS

July 09, 2019 02:50 PM

CentOS community,

Today marks a new day in the 26-year history of Red Hat. IBM has finalized its acquisition of Red Hat which will operate as a distinct unit within IBM moving forward.

What does this mean for Red Hat’s contributions to the CentOS project?

In short, nothing.

Red Hat always has and will continue to be a champion for open source and projects like CentOS. IBM is committed to Red Hat’s independence and role in open source software communities so that we can continue this work without interruption or changes.

Our mission, governance, and objectives remain the same. We will continue to execute the existing project roadmap. Red Hat associates will continue to contribute to the upstream in the same ways they have been. And, as always, we will continue to help upstream projects be successful and contribute to welcoming new members and maintaining the project.

We will do this together, with the community, as we always have.

If you have questions or would like to learn more about today’s news, I encourage you to review the list of materials below. Red Hat CTO Chris Wright will host an online Q&A session in the coming days where you can ask questions you may have about what the acquisition means for Red Hat and our involvement in open source communities. Details will be announced on the Red Hat blog

More info:

Press release

Chris Wright blog - Red Hat and IBM: Accelerating the adoption of open source

FAQ on Red Hat Community Blog

July 07, 2019

Updated CentOS Vagrant Images Available (v1905.01)

July 07, 2019 06:19 AM

We are pleased to announce new official Vagrant images of CentOS Linux 6.10 and CentOS Linux 7.6.1810 for x86_64. All included packages have been updated to May 30th, 2019.

Known Issues

  1. The VirtualBox Guest Additions are not preinstalled; if you need them for shared folders, please install the vagrant-vbguest plugin and add the following line to your Vagrantfile:
    config.vm.synced_folder ".", "/vagrant", type: "virtualbox"

    We recommend using NFS instead of VirtualBox shared folders if possible; you can also use the vagrant-sshfs plugin, which, unlike NFS, works on all operating systems.

  2. Since the Guest Additions are missing, our images are preconfigured to use rsync for synced folders. Windows users can either use SMB for synced folders, or disable the sync directory by adding the line
    config.vm.synced_folder ".", "/vagrant", disabled: true

    to their Vagrantfile, to prevent errors on "vagrant up".

  3. Installing open-vm-tools is not enough for enabling shared folders with Vagrant’s VMware provider. Please follow the detailed instructions in https://github.com/mvermaes/centos-vmware-tools
  4. Some people reported "could not resolve host" errors when running the centos/7 image for VirtualBox on Windows hosts. We don't have access to any Windows computer, but some people reported that adding the following line to the Vagrantfile fixed the problem:
    vb.customize ["modifyvm", :id, "--natdnshostresolver1", "off"]

Recommended Setup on the Host

Our automatic testing is running on a CentOS Linux 7 host, using Vagrant 1.9.4 with vagrant-libvirt and VirtualBox 5.1.20 (without the Guest Additions) as providers. We strongly recommend using the libvirt provider when stability is required.

Downloads

The official images can be downloaded from Vagrant Cloud. We provide images for HyperV, libvirt-kvm, VirtualBox and VMware.

If you never used our images before:

vagrant box add centos/6 # for CentOS Linux 6, or...
vagrant box add centos/7 # for CentOS Linux 7

Existing users can upgrade their images:

vagrant box update --box centos/6
vagrant box update --box centos/7

Verifying the integrity of the images

The SHA256 checksums of the images are signed with the CentOS 7 Official Signing Key. First, download and verify the checksum file:

$ curl http://cloud.centos.org/centos/7/vagrant/x86_64/images/sha256sum.txt.asc -o sha256sum.txt.asc
$ gpg --verify sha256sum.txt.asc

Once you are sure that the checksums are properly signed by the CentOS Project, you have to include them in your Vagrantfile (Vagrant unfortunately ignores the checksum provided from the command line). Here's the relevant snippet from my own Vagrantfile, using v1803.01 and VirtualBox:

Vagrant.configure(2) do |config|
  config.vm.box = "centos/7"

  config.vm.provider :virtualbox do |virtualbox, override|
    virtualbox.memory = 1024
    override.vm.box_download_checksum_type = "sha256"
    override.vm.box_download_checksum = "b24c912b136d2aa9b7b94fc2689b2001c8d04280cf25983123e45b6a52693fb3"
    override.vm.box_url = "https://cloud.centos.org/centos/7/vagrant/x86_64/images/CentOS-7-x86_64-Vagrant-1803_01.VirtualBox.box"
  end
end

Feedback

If you encounter any unexpected issues with the Vagrant images, feel free to ask on the centos-devel mailing list, or in #centos on Freenode IRC.

Ackowledgements

I would like to warmly thank Brian Stinson, Fabian Arrotin and Thomas Oulevey for their work on the build infrastructure, as well as Patrick Lang from Microsoft for testing and feedback on the Hyper-V images. I would also like to thank the CentOS Project Lead, Karanbir Singh, without whose years of continuous support we wouldn't have had the Vagrant images in their present form.

I would also like to thank the following people (in alphabetical order):

  • Graham Mainwaring, for helping with tests and validations;
  • Michael Vermaes, for testing our official images, as well as for writing the detailed guide to using them with VMware Fusion Pro and VMware Workstation Pro;
  • Kirill Kalachev, for reporting and debugging the host name errors with VirtualBox on Windows hosts.

July 03, 2019

CentOS Community Newsletter, July 2019 (#1907)

July 03, 2019 07:08 PM

Dear CentOS enthusiast,

Yes, I'm running a little behind schedule with this month's newsletter. That's because I just got back from the Open Source Summit in Shanghai, where I met a number of CentOS enthusiasts. More about that a little later.

April 28, 2019

Renew/Extend Puppet CA/puppetmasterd certs

April 28, 2019 10:00 PM

Puppet CA/puppetmasterd cert renewal

While we're still converting our puppet controlled infra to Ansible, we still have some nodes "controlled" by puppet, as converting some roles isn't something that can be done in just one or two days. Add to that other items in your backlog that all have priority set to #1 and then time is flying, until you realize this for your existing legacy puppet environment (assuming false FQDN here, but you'll get the idea):

Warning: Certificate 'Puppet CA: puppetmasterd.domain.com' will expire on 2019-05-06T12:12:56UTC
Warning: Certificate 'puppetmasterd.domain.com' will expire on 2019-05-06T12:12:56UTC

So, as long as your PKI setup for puppet is still valid, you can act in advance, resign/extend CA and puppetmasterd and distribute newer CA certs to agents, and go forward with other items in your backlog, while still converting from puppet to Ansible (at least for us)

Puppetmasterd/CA

Before anything else, (in case you don't backup this, but you should), let's take a backup on the Puppet CA (in our case, it's a Foreman driven puppetmasterd, so foreman host is where all this will happen, YMMV)

tar cvzf /root/puppet-ssl-backup.tar.gz /var/lib/puppet/ssl/

CA itself

We first need to regenerate the CSR for the CA cert, and sign it again Ideally we confirm that the ca_key.pem and the existing ca_crt.pem "matches" through modulus (should be equals)

cd /var/lib/puppet/ssl/ca
( openssl rsa -noout -modulus -in ca_key.pem  2> /dev/null | openssl md5 ; openssl x509 -noout -modulus -in ca_crt.pem  2> /dev/null | openssl md5 ) 

(stdin)= cbc4d35f58b28ad7c4dca17bd4408403
(stdin)= cbc4d35f58b28ad7c4dca17bd4408403

As it's the case, we can now Regenerate from that private key and existing crt a CSR

openssl x509 -x509toreq -in ca_crt.pem -signkey ca_key.pem -out ca_csr.pem
Getting request Private Key
Generating certificate request

Now that we have the CSR for CA, we need to sign it again, but we have to add extensions

cat > extension.cnf << EOF
[CA_extensions]
basicConstraints = critical,CA:TRUE
nsComment = "Puppet Ruby/OpenSSL Internal Certificate"
keyUsage = critical,keyCertSign,cRLSign
subjectKeyIdentifier = hash
EOF

And now archive old CA crt and sign (new) extended one

cp ca_crt.pem ca_crt.pem.old
openssl x509 -req -days 3650 -in ca_csr.pem -signkey ca_key.pem -out ca_crt.pem -extfile extension.cnf -extensions CA_extensions
Signature ok
subject=/CN=Puppet CA: puppetmasterd.domain.com
Getting Private key

openssl x509 -in ca_crt.pem -noout -text|grep -A 3 Validity
 Validity
            Not Before: Apr 29 08:25:49 2019 GMT
            Not After : Apr 26 08:25:49 2029 GMT

Puppetmasterd server

We have also to regen the CSR from the existing cert (assuming our fqdn for our cert is correctly also the currently set hostname)

cd /var/lib/puppet/ssl
openssl x509 -x509toreq -in certs/$(hostname).pem -signkey private_keys/$(hostname).pem -out certificate_requests/$(hostname)_csr.pem
Getting request Private Key
Generating certificate request

Now that we have CSR, we can sign with new CA

cp certs/$(hostname).pem certs/$(hostname).pem.old #Backing up
openssl x509 -req -days 3650 -in certificate_requests/$(hostname)_csr.pem -CA ca/ca_crt.pem \
  -CAkey ca/ca_key.pem -CAserial ca/serial -out certs/$(hostname).pem
Signature ok  

Validating that puppetmasted key and new certs are matching (so crt and private keys are ok)

( openssl rsa -noout -modulus -in private_keys/$(hostname).pem  2> /dev/null | openssl md5 ; openssl x509 -noout -modulus -in certs/$(hostname).pem 2> /dev/null | openssl md5 )

(stdin)= 0ab385eb2c6e9e65a4ed929a2dd0dbe5
(stdin)= 0ab385eb2c6e9e65a4ed929a2dd0dbe5

It seems all good, so let's restart puppetmasterd/httpd (foremand launches puppetmasterd for us)

systemctl restart puppet

Puppet agents

From this point, puppet agents will not complain about the puppetmasterd cert, but still about the fact that CA itself will expire soon :

Warning: Certificate 'Puppet CA: puppetmasterd.domain.com' will expire on 2019-05-06T12:12:56GMT

But as we have now the new ca_crt.pem at the puppetmasterd/foreman side, we can just distribute it on clients (through puppet or ansible or whatever) and then it will continue to work

cd /var/lib/puppet/ssl/certs
mv ca.pem ca.pem.old

And now distribute the new ca_crt.pem as ca.pem here

puppet snippet for this (in our puppet::agent class)

 file { '/var/lib/puppet/ssl/certs/ca.pem': 
   source => 'puppet:///puppet/ca_crt.pem', 
   owner => 'puppet', 
   group => 'puppet', 
   require => Package['puppet'],
 }

Next time you'll "puppet agent -t" or that puppet will contact puppetmasterd, it will apply the new cert on and on next call, no warning, issue anymore

Info: Computing checksum on file /var/lib/puppet/ssl/certs/ca.pem
Info: /Stage[main]/Puppet::Agent/File[/var/lib/puppet/ssl/certs/ca.pem]: Filebucketed /var/lib/puppet/ssl/certs/ca.pem to puppet with sum c63b1cc5a39489f5da7d272f00ec09fa
Notice: /Stage[main]/Puppet::Agent/File[/var/lib/puppet/ssl/certs/ca.pem]/content: content changed '{md5}c63b1cc5a39489f5da7d272f00ec09fa' to '{md5}e3d2e55edbe1ad45570eef3c9ade051f'

Hope it helps

December 06, 2018

Using go-toolset on CentOS Linux 7/x86_64

December 06, 2018 01:30 PM

With golang now gone from the CentOS Linux 7 distro ( deprecated upstream ), the best way to get golang for your system is to get it from the SCL.

Firstly, enable scl itself :

yum install centos-release-scl

Then install the go-toolset-7 scl ( this brings in version 1.10.2 at the moment )

yum install go-toolset-7

In order to use it, interactively you can run the scl enable command, which would also involve spawning a new shell. Note that the /bin/bash can be replaced with the commmand or shell you want to work in :

$ scl enable go-toolset-7 /bin/bash
$ go version
go version go1.10.2 linux/amd64
$ which go
/opt/rh/go-toolset-7/root/usr/bin/go

If you want, like I do, want to just make this the default go for all our shells, add something like this to your .bashrc

source scl_source enable go-toolset-7

MAny thanks to the CentOS SCL SIG for shipping this go-toolset collection.

November 06, 2018

Implementing Zabbix custom LLD rules with Ansible

November 06, 2018 11:00 PM

While I have to admit that I'm using Zabbix since the 1.8.x era, I also have to admit that I'm not an expert, and that one can learn new things every day. I recently had to implement a new template for a custom service, that is multi-instances aware, and so can be started multiple times with various configurations, and so with its own set of settings, like tcp port on which to listen, etc .. , but also the number of instances running as it can be different from one node to the next one.

I was thinking about the best way to implement this through Zabbix, and my initial idea was to just have one template per possible instance type, that would though use macros defined at the host level, to know which port to check, etc .. so in fact backporting into zabbix what configuration management (Ansible in our case) already has to know to deploy such app instance.

But parallel to that, I always liked the fact that Zabbix itself has some internal tools to auto-discover items and so triggers for those : That's called Low-level Discovery (LLD in short).

By default, if you use (or have modified) some zabbix templates, you can see those in actions for the mounted filesystems or even the present network interfaces in your linux OS. That's the "magic" : you added a new mount point or a new interface ? Zabbix discovers it automatically and start monitoring it, and also graph values for those.

So back to our monitoring problem and the need for multiple templates : what if we could use LLD too and so have Zabbix automatically checking our deployed instances (multiple ones) automatically ? The good is that we can : one can create custom LLD rules and so it would work OOTB when only one template would be added for those nodes.

If you read the link above for custom LLD rule, you'll see some examples about a script being called at the agent level, from the zabbix server, at periodic interval, to "discover" those custom discovery checks. The interesting part to notice is that it's a json that is returned to zabbix server , pointing to a new key, that is declared at the template level.

So it (usually) goes like this :

  • create a template
  • create a new discovery rule, give it a name and a key (and also eventually add Filters)
  • deploy a new UserParameter at the agent level reporting to that key the json string it needs to declare to zabbix server
  • Zabbix server receives/parses that json and based on the checks/variables declared in that json, it will create , based on those returned macros, some Item Prototypes, Trigger prototypes and so on ...

Magic! ... except that in my specific case, for some reasons I never allowed the zabbix user to really launch commands, due to limited rights and also the Selinux context in which it's running (for interested people, it's running in the zabbix_agent_t context)

I suddenly didn't want to change that base rule for our deployments, but the good news is that you don't have to use UserParameter for LLD ! . It's true that if you look at the existing Discovery Rules for "Network interface discovery", you'll see the key net.if.discovery, that is used for everything after, but the Type is "Zabbix agent". We can use something else in that list, like we already do for a "normal" check

I'm already (ab)using the Trapper item type for a lot of hardware checks : reason is simple : as zabbix user is limited (and I don't want to grant more rights for it), I have some scripts checking for hardware raid controllers (if any), etc, and reporting back to zabbix through zabbix_sender.

Let's use the same logic for the json string to be returned to Zabbix server for LLD. (as yes, Trapper is in the list for the discovery rule Type.

It's even easier for us, as we'll control that through Ansible : It's what is already used to deploy/configure our RepoSpanner instances so we have all the logic there.

Let's first start by creating the new template for repospanner, and create a discovery rule (detecting each instances and settings) :

zabbix-discovery-type.png

You can then apply that template to host[s] and wait ... but first we need to report back from agent to server which instances are deployed/running. So let's see how to implement that through ansible.

To keep it short, in Ansible we have the following (default values, not the correct ones) variables (from roles/repospanner/default.yml):

...
repospanner_instances:
  - name: default
    admin_cli: False
    admin_ca_cert:
    admin_cert:
    admin_key:
    rpc_port: 8443
    rpc_allow_from:
      - 127.0.0.1
    http_port: 8444
    http_allow_from:
      - 127.0.0.1
    tls_ca_cert: ca.crt
    tls_cert: nodea.regiona.crt
    tls_key: nodea.regiona.key
    my_cn: localhost.localdomain
    master_node : nodea.regiona.domain.com # to know how to join a cluster for other nodes
    init_node: True # To be declared only on the first node
...

That simple example has only one instance, but you can easily see how to have multiple ones, etc So here is the logic : let's have ansible, when configuring the node, create the file that will be used zabbix_sender (triggered by ansible itself) to send the json to zabbix server. zabbix_sender can use a file that is separated (man page) like this :

  • hostname (or '-' to use name configured in zabbix_agentd.conf)
  • key
  • value

Those three fields have to be separated by one space only, and important : you can't have extra empty line (but something can you easily see when playing with this the first time)

How does our file (roles/repospanner/templates/zabbix-repospanner-lld.j2) look like ? :

- repospanner.lld.instances { "data": [ {% for instance in repospanner_instances -%} { "{{ '{#INSTANCE}' }}": "{{ instance.name }}", "{{ '{#RPCPORT}' }}": "{{ instance.rpc_port }}", "{{ '{#HTTPPORT}' }}": "{{ instance.http_port }}" } {%- if not loop.last -%},{% endif %} {% endfor %} ] }

If you have already used jinja2 templates for Ansible, it's quite easy to understand. But I have to admit that I had troubles with the {#INSTANCE} one : that one isn't an ansible variable, but rather a fixed name for the macro that we'll send to zabbix (and so reused as macro everywhere). But ansible, when trying to translate the jinja2 template, was complaining about missing "comment' : Indeed {# ... #} is a comment in jinja2. So the best way (thanks to people in #ansible for that trick) is to include it in {{ }} brackets but then escape it so that it would be rendered as {#INSTANCE} (nice to know if you have to do that too ....)

The rest is trival : excerpt from monitoring.yml (included in that repospanner role) :

- name: Distributing zabbix repospanner check file
  template:
    src: "{{ item }}.j2"
    dest: "/usr/lib/zabbix/{{ item }}"
    mode: 0755
  with_items:
    - zabbix-repospanner-check
    - zabbix-repospanner-lld
  register: zabbix_templates   
  tags:
    - templates

- name: Launching LLD to announce to zabbix
  shell: /bin/zabbix_sender -c /etc/zabbix/zabbix_agentd.conf -i /usr/lib/zabbix/zabbix-repospanner-lld
  when: zabbix_templates is changed

And this is how is rendered on one of my test node :

- repospanner.lld.instances { "data": [ { "{#INSTANCE}": "namespace_rpms", "{#RPCPORT}": "8443", "{#HTTPPORT}": "8444" }, { "{#INSTANCE}": "namespace_centos", "{#RPCPORT}": "8445", "{#HTTPPORT}": "8446" }  ] }

As ansible auto-announces/push that back to zabbix, zabbix server can automatically start creating (through LLD, based on the item prototypes) some checks and triggers/graphs and so start monitoring each newly instance. You want to add a third one ? (we have two in our case) : ansible pushes the config, would modify the .j2 template and would notify zabbix server. etc, etc ...

The rest is just "normal" operation for zabbix : you can create items/trigger prototypes and just use those special Macros coming from LLD :

zabbix-item-prototypes.png

It was worth spending some time in the LLD doc and in #zabbix to discuss LLD, but once you see the added value, and that you can automatically configure it through Ansible, one can see how powerful it can be.

September 23, 2018

Updated mirrorlist code in the CentOS Infra

September 23, 2018 10:00 PM

Recently I had to update the existing code running behind mirrorlist.centos.org (the service that returns you a list of validated mirrors for yum, see the /etc/yum.repos.d/CentOS*.repo file) as it was still using the Maxmind GeoIP Legacy country database. As you can probably know, Maxmind announced that they're discontinuing the Legacy DB, so that was one reason to update the code. Switching to GeoLite2 , with python2-geoip2 package was really easy to do and so was done already and pushed last month.

But that's when I discussed with Anssi (if you don't know him, he's maintaining the CentOS external mirrors DB up2date, including through the centos-mirror list ) that we thought about not only doing that change there, but in the whole chain (so on our "mirror crawler" node, and also for the isoredirect.centos.org service), and random chat like these are good because suddenly we don't only want to "fix" one thing, but also take time on enhancing it and so adding more new features.

The previous code was already supporting both IPv4 and IPv6, but it was consuming different data sources (as external mirrors were validated differently for ipv4 vs ipv6 connnectivity). So the first thing was to rewrite/combine the new code on the "mirror crawler" process for dual-stack tests, and also reflect that change o nthe frontend (aka mirrorlist.centos.org) nodes.

While we were working on this, Anssi proposed to also not adapt the isoredirect.centos.org code, but convert it in the same python format as the mirrorlist.centos.org, which he did.

Last big change also that was added is the following : only some repositories/architectures were checked/validated in the past but not all the other ones (so nothing from the SIGs and nothing from AltArch, so no mirrorlist support for i386/armhfp/aarch64/ppc64/ppc64le).

While it wasn't a real problem in the past when we launched the SIGs concept, and that we added after that the other architectures (AltArch), we suddenly started suffering from some side-effects :

  • More and more users "using" RPM content from mirror.centos.org (mainly through SIGs - which is a good indicator that those are successful, which is a good "problem to solve")
  • We are currently losing some nodes in that mirror.centos.org network (it's still entirely based on free dedicated servers donated to the project)

To address first point, offloading more content to the 600+ external mirrors we have right now would be really good, as those nodes have better connectivity than we do, and with more presence around the globe too, so slowly pointing SIGs and AltArch to those external mirrors will help.

The other good point is that , as we switched to the GeoLite2 City DB, it gives us more granularity and also for example, instead of "just" returning you a list of 10 validated mirrors for USA (if your request was identified as coming from that country of course), you now get a list of validated mirrors in your state/region instead. That means that then for such big countries having a lot of mirrors, we also better distribute the load amongst all of those, which is a big win for everybody - users and mirrors admins - )

For people interested in the code, you'll see that we just run several instances of the python code, behind Apache running with mod_proxy_balancer. That means that if we just need to increase the number of "instances", it's easy to do but so far it's running great with 5 running instances per node (and we have 4 nodes behind mirrorlist.centos.org). Worth noting that on average, each of those nodes gets 36+ millions requests per week for the mirrorlist service (so 144+ millions in total per week)

So in (very) short summary :

  • mirrorlist.centos.org code now supports SIGs/AltArch repositories (we'll sync with SIGs to update their .repo file to use mirrorlist= instead of baseurl= soon)
  • we have better accuracy for large countries, so we redirect you to a 'closer' validated mirror

One reminder btw : you know that you can verify which nodes are returned to you with some simple requests :

# to force ipv4
curl 'http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates' -4
# to force ipv6
curl 'http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates' -6

Last thing I wanted to mention was a potential way to fix point #2 from the list : when I checked in our "donated nodes" inventory, we still are running CentOS on nodes from ~2003 (yes, you read that correctly), so if you want to help/sponsor the CentOS Project, feel free to reach out !


Powered by Planet!
Last updated: January 18, 2020 05:30 AM