Contents
Status
Target systems are:
- Servers
- WGS
- Farm nodes
- Singularity Images
AFS client is optional.
Completed
- RHEL8 repo on picard, nr1
- layout for updates yet unknown
- CentOS 8.0 and 8-stream are being mirrored
BaseOS vs. AppStream repos
in addition, there are {BaseOS,AppStream}/x86_64/kickstart repos with the 0-day packages
because errata go into {BaseOS,AppStream}/x86_64/os
tftp_add_sl_release is adapted and kernels, initrds and pxe configs are provided for 8.0 and 8-stream
may want to switch from os to kickstart though?
Next Steps
- staged errata
- basic CentOS 8 Singularity image
- basic ks install
- basic sue support
- make yumsel cope with appstream...
- support switching streams (risky) or force reinstallation to switch?
- learn about switching profiles
Known issues
Open Questions
There's no /usr/bin/python, and it's not recommended to add one
see https://developers.redhat.com/blog/2018/11/14/python-in-rhel-8/
- can we weather the shit storm and avoid repeating mistakes like /usr/local/bin/perl ?
Finally remove ini before going public?
- it's a stub telling the user to use module(1) instead since EL7 anyway
Finally drop Alpine?
looks like it's still not completely dead: https://repo.or.cz/alpine.git
Make /etc/sudoers modular (/etc/sudoers.d/...)?
- open since EL7
- where /etc/sudoers.d is in rogue, uncoordinated use
orpahned topic
revisit the decision not to provide it on desktops?
- Ubuntu gave up on Unity anyway, and GNOME3 has become a lot less dreadful than it was in EL7.0
- we can provide Ubuntu runtimes through containers (Singularity, and podman even allows building images w/o root)
- limiting Ubuntu support to containers would save significant effort
yumsel configuration
Keep as on EL7?
file |
installed on |
comment |
default.ys |
all nodes |
|
interactive.ys |
all nodes with user access (farm nodes, wgs) |
please keep it clean from graphics applications that not needed on farm nodes - put these into graphical.ys |
development.ys |
(probably) all nodes with user access (farm nodes, wgs) |
might be merged with interactive.ys but let's keep the development stuff separately for now |
graphical.ys |
all nodes providing "real" user logins (wgs) |
|
desktop.ys |
desktops only (if they ever exist ...) |
desktops will install everything from interactive.ys, development.ys & graphical.ys, additionally |
SUE feature status
Feature |
finished? |
comment |
aaru |
|
|
afs_client |
|
|
arcx |
|
|
automount |
|
|
certbot |
|
|
cfengine |
|
|
cups |
|
|
cvmfs |
|
|
group |
|
|
hosts |
|
|
iptables |
|
|
kerberos |
|
|
kernel |
|
|
klogin |
|
|
linux |
|
|
monclient |
|
|
motd |
|
|
nagios |
|
|
name_srv |
|
|
netgroup |
|
|
network |
|
|
nsswitch |
|
|
pam |
|
|
passwd_prog |
|
|
passwd |
|
|
security |
|
|
ssh |
|
|
sudo |
|
Make /etc/sudoers less monolithic (/etc/sudoers.d)? Only install configuration needed on this host? |
syslog |
|
|
tcp_wrapper |
|
|
tidy_up |
|
|
vamos |
|
|
xntp |
|
|
zzz |
|
|