⇤ ← Revision 1 as of 2019-06-12 17:45:56
3057
Comment:
|
← Revision 2 as of 2019-10-15 15:17:30 ⇥
3499
|
Deletions are marked like this. | Additions are marked like this. |
Line 16: | Line 16: |
* CentOS 8.0 and 8-stream are being mirrored * `BaseOS` vs. `AppStream` repos * in addition, there are `{BaseOS,AppStream}/x86_64/kickstart` repos with the 0-day packages * because errata go into `{BaseOS,AppStream}/x86_64/os` :-( * `tftp_add_sl_release` is adapted and kernels, initrds and pxe configs are provided for 8.0 and 8-stream * may want to switch from `os` to `kickstart` though? |
|
Line 19: | Line 25: |
* basic Singularity image | * staged errata * basic CentOS 8 Singularity image |
Line 29: | Line 36: |
* |
Contents
Status
Target systems are:
- Servers
- WGS
- Farm nodes
- Singularity Images
AFS client is optional.
Completed
- RHEL8 repo on picard, nr1
- layout for updates yet unknown
- CentOS 8.0 and 8-stream are being mirrored
BaseOS vs. AppStream repos
in addition, there are {BaseOS,AppStream}/x86_64/kickstart repos with the 0-day packages
because errata go into {BaseOS,AppStream}/x86_64/os
tftp_add_sl_release is adapted and kernels, initrds and pxe configs are provided for 8.0 and 8-stream
may want to switch from os to kickstart though?
Next Steps
- staged errata
- basic CentOS 8 Singularity image
- basic ks install
- basic sue support
- make yumsel cope with appstream...
- support switching streams (risky) or force reinstallation to switch?
- learn about switching profiles
Known issues
Open Questions
There's no /usr/bin/python, and it's not recommended to add one
see https://developers.redhat.com/blog/2018/11/14/python-in-rhel-8/
- can we weather the shit storm and avoid repeating mistakes like /usr/local/bin/perl ?
Finally remove ini before going public?
- it's a stub telling the user to use module(1) instead since EL7 anyway
Finally drop Alpine?
looks like it's still not completely dead: https://repo.or.cz/alpine.git
Make /etc/sudoers modular (/etc/sudoers.d/...)?
- open since EL7
- where /etc/sudoers.d is in rogue, uncoordinated use
orpahned topic
revisit the decision not to provide it on desktops?
- Ubuntu gave up on Unity anyway, and GNOME3 has become a lot less dreadful than it was in EL7.0
- we can provide Ubuntu runtimes through containers (Singularity, and podman even allows building images w/o root)
- limiting Ubuntu support to containers would save significant effort
yumsel configuration
Keep as on EL7?
file |
installed on |
comment |
default.ys |
all nodes |
|
interactive.ys |
all nodes with user access (farm nodes, wgs) |
please keep it clean from graphics applications that not needed on farm nodes - put these into graphical.ys |
development.ys |
(probably) all nodes with user access (farm nodes, wgs) |
might be merged with interactive.ys but let's keep the development stuff separately for now |
graphical.ys |
all nodes providing "real" user logins (wgs) |
|
desktop.ys |
desktops only (if they ever exist ...) |
desktops will install everything from interactive.ys, development.ys & graphical.ys, additionally |
SUE feature status
Feature |
finished? |
comment |
aaru |
|
|
afs_client |
|
|
arcx |
|
|
automount |
|
|
certbot |
|
|
cfengine |
|
|
cups |
|
|
cvmfs |
|
|
group |
|
|
hosts |
|
|
iptables |
|
|
kerberos |
|
|
kernel |
|
|
klogin |
|
|
linux |
|
|
monclient |
|
|
motd |
|
|
nagios |
|
|
name_srv |
|
|
netgroup |
|
|
network |
|
|
nsswitch |
|
|
pam |
|
|
passwd_prog |
|
|
passwd |
|
|
security |
|
|
ssh |
|
|
sudo |
|
Make /etc/sudoers less monolithic (/etc/sudoers.d)? Only install configuration needed on this host? |
syslog |
|
|
tcp_wrapper |
|
|
tidy_up |
|
|
vamos |
|
|
xntp |
|
|
zzz |
|
|