Johnny Hughes
2016-Jan-21 15:29 UTC
[CentOS-virt] CentOS 6 Virt SIG Xen 4.6 packages available in centos-virt-xen-testing
This is a community SIG .. and xenproject.org does NOT release XSAs for 4.2. The goal of Xen4centOS was to use an upstream LTS kernel and update those as required to stay on an LTS. Also to do every second point release of xen (ie, 4.2, 4.4, 4.6). All so we are longer term than upstream, BUT we have supported code from upstream. So, the goal is to use supported code for the longest amount of time the upsreams support them. For xenproject.org .. they support the two newest releases. For kernel.org, they do a new kernel LTS about every 2 years. We don't have 5000 engineers to maintain community SIGs like they maintain the distro. We have to have supported code from upstream projects. On 01/21/2016 07:46 AM, Alvin Starr wrote:> Its my impression that as a general rule from RH once some software has > been released into a major release any further release of that software > does not change major version or fundamental features.. > > For C6 I would argue Xen 4.2 should stay packaged as xen and Xen 4.4 be > packaged as xen44 ... > I do not believe that Xen has been released for C7 yet so what ever > package version is released should be xen and others should be xen4x. > > It provides consistency for those who expect it and upgrading for those > who need it. > > Looking at a C7 with epel added. > I can see python, python2 and python3. > > On the other hand If your picking xen up from > http://someplace.org/riskey-development/xen.repo then your getting what > you ask for. > > > On 01/21/2016 08:09 AM, President wrote: >> RE: [CentOS-virt] CentOS 6 Virt SIG Xen 4.6 packages available in >> centos-virt-xen-testing >> >> ?My .02 is to stay the course. As a server admin, I want to be able >> to type things like: >> >> >> yum upgrade php >> >> not >> >> yum upgrade php55-epel-rpmforge-fancy-package >> >> >> Having to remember all the idiosyncrasies of a system is what causes >> some type of major failure in the future whenever (1) you forget >> something or (2) someone else has to pick up the box to adminster. >> >> >> >> -- >> >> ?Craig Thompson, President >> >> Caldwell Global Communications, Inc. >> >> +1 (423) 559-5465 >> >> caldwellglobal.com >> >> >> -----Original message----- >> *From:* George Dunlap <dunlapg at umich.edu> >> *Sent:* Thursday 21st January 2016 7:32 >> *To:* Discussion about the virtualization on CentOS >> <centos-virt at centos.org> >> *Subject:* Re: [CentOS-virt] CentOS 6 Virt SIG Xen 4.6 packages >> available in centos-virt-xen-testing >> >> On Thu, Jan 21, 2016 at 12:01 PM, Peter <peter at pajamian.dhs.org> wrote: >> > On 15/01/16 05:57, George Dunlap wrote: >> >> As mentioned yesterday, Xen 4.6 packages are now available for >> >> testing. These also include an update to libvirt 1.3.0, in line with >> >> what's available for CentOS 7. Please test, particularly the upgrade >> >> if you can, and report any problems here. >> > >> > Per conversation in IRC, Xen 4.6 no longer includes xend and therefore >> > no longer has the "xm" command. This is problematic for people who may >> > be using xm in various scripts on their host (such as home-brewed backup >> > scripts). >> > >> > I think it's a bad idea to break this functionality without warning by >> > allowing a simple "yum update" to remove it. You will take a lot of >> > people by surprise and cause such scripts to stop working, if people are >> > running yum cron the situation becomes even worse. >> >> Thanks, PJ, for your input. >> >> Just to be clear: >> >> 1. In the Xen 4.4 packages (first released October 2014), xend was >> disabled by default; so anyone using xend at the moment has already >> manually intervened to enable deprecated functionality >> >> 2. In 4.4, the first time xm was executed, it printed this warning: >> --- >> xend is deprecated and scheduled for removal. Please migrate to another >> toolstack ASAP. >> >> See http://wiki.xen.org/wiki/Choice_of_Toolstacks for information on >> other alternatives, including xl which is designed to be a drop in >> replacement for xm (http://wiki.xen.org/wiki/XL). >> --- >> >> 3. ...and on every subsequent invocation, it printed this warning: >> "WARNING: xend/xm is deprecated" >> >> I think this constitutes "warning" that the functionality was going to >> break at some point. :-) >> >> Also, in most cases "s/xm/xl/g;" Just Works; most people have reported >> that changing from xm -> xl was pretty painless. So this isn't like >> upgrading from Python 2 to Python 3 (or QT 4 to 5, or...). >> >> > I think that due to this lack of backwards compatibility with Xen 4.4 >> > and earlier versions it would be a good idea to not force the upgrade on >> > people who are not wary of it. I propose that the new packages carry >> > the name "xen46" and they purposefully conflict with the old "xen" >> > packages. That will require people to take positive action to do the >> > upgrade and hence avoid breaking systems unintentionally. >> >> This would avoid breaking things for people still using xm, which >> certainly has some value. However it has some costs: >> >> * The packages between C6 and C7 will now be slightly different, >> increasing the maintenance burden. This is not only in the spec file, >> but also in all the associated scripting machinery for managing >> packages in the CBS and smoke-testing packages before pushing them >> publicly. >> >> * Instructions for installing Xen are now differend between C6 and C7, >> and slightly more complicated, as they have to explain about Xen 4.6 >> vs alternatives. >> >> * Users who have heeded the warning and switched to xl will have to >> make an extra effort to switch to Xen 4.6. If they don't follow >> centos-virt, they may not notice that there's a new package to upgrade >> to. >> >> I'm a developer, not a server admin, so I can't gauge how important >> this issue is. Before making such a change, I'd like to hear opinions >> from other people in the community about how important (or not) it is >> to avoid breaking xm, given the ample warning (>1 year) users have >> had. >> >> On the other hand, explicitly moving to a "xen${VER}" (both for C6 and >> C7) would make it simpler for people to step up and maintain older >> versions in parallel if anybody wanted to do so. >> >> Thanks again, Peter, for bringing this up. >> >> Peace, >> -George >> _______________________________________________ >> CentOS-virt mailing list >> CentOS-virt at centos.org >> https://lists.centos.org/mailman/listinfo/centos-virt >> >> >> >> _______________________________________________ >> CentOS-virt mailing list >> CentOS-virt at centos.org >> https://lists.centos.org/mailman/listinfo/centos-virt > > > -- > Alvin Starr || voice: (905)513-7688 > Netvel Inc. || Cell: (416)806-0133 > alvin at netvel.net || > > > > _______________________________________________ > CentOS-virt mailing list > CentOS-virt at centos.org > https://lists.centos.org/mailman/listinfo/centos-virt >-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20160121/45ececca/attachment-0002.sig>
Johnny Hughes
2016-Jan-21 15:39 UTC
[CentOS-virt] CentOS 6 Virt SIG Xen 4.6 packages available in centos-virt-xen-testing
On 01/21/2016 09:29 AM, Johnny Hughes wrote:> This is a community SIG .. and xenproject.org does NOT release XSAs for > 4.2. The goal of Xen4centOS was to use an upstream LTS kernel and > update those as required to stay on an LTS. Also to do every second > point release of xen (ie, 4.2, 4.4, 4.6). All so we are longer term > than upstream, BUT we have supported code from upstream. > > So, the goal is to use supported code for the longest amount of time the > upsreams support them. For xenproject.org .. they support the two > newest releases. For kernel.org, they do a new kernel LTS about every 2 > years. > > We don't have 5000 engineers to maintain community SIGs like they > maintain the distro. We have to have supported code from upstream projects. > >So what does this mean .. xenproject.org supports 4.6 and 4.5 right now. (last 2 releases). When they release 4.7 then they will support 4.7 and 4.6 and drop support for 4.5 .. and we will keep 4.6 active. When they release 4.8, they support 4.8 and 4.7 and drop support for 4.6. At this point we will release 4.8 as an upgrade to 4.6. If we want to get XSA patches, that is what we have to do. And we certainly want to continue doing security patches. The alternative is we need dedicated engineers to figure out older things differ from the supported versions and how to backport code. As you move further from the supported version this becomes harder and harder. If there are people who want to do this .. and if we can be sure they will do it for the long term, then maybe and older long term support can be created .. however, it becomes harder to maintain as time goes on. Xen Project 4.4.0 was released on March 10, 2014 .. so that is basically 2 years on a major version. That also corresponds to the LTS kernel time frame. That is the best we can do and maintain supported upstream code. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20160121/5d5a893a/attachment-0002.sig>
George Dunlap
2016-Jan-21 15:52 UTC
[CentOS-virt] CentOS 6 Virt SIG Xen 4.6 packages available in centos-virt-xen-testing
On Thu, Jan 21, 2016 at 3:39 PM, Johnny Hughes <johnny at centos.org> wrote:> On 01/21/2016 09:29 AM, Johnny Hughes wrote: >> This is a community SIG .. and xenproject.org does NOT release XSAs for >> 4.2. The goal of Xen4centOS was to use an upstream LTS kernel and >> update those as required to stay on an LTS. Also to do every second >> point release of xen (ie, 4.2, 4.4, 4.6). All so we are longer term >> than upstream, BUT we have supported code from upstream. >> >> So, the goal is to use supported code for the longest amount of time the >> upsreams support them. For xenproject.org .. they support the two >> newest releases. For kernel.org, they do a new kernel LTS about every 2 >> years. >> >> We don't have 5000 engineers to maintain community SIGs like they >> maintain the distro. We have to have supported code from upstream projects. >> >> > > So what does this mean .. > > xenproject.org supports 4.6 and 4.5 right now. (last 2 releases).This isn't exactly right. Recent releases have 18 months of "support" (meaning, bug fixes are backported), and then another 18 months of "security backports", which means only XSAs are backported [1], regardless of when or how many releases have been made. It just happens that most releases recently have ended up taking about 9 months, which means at any given time you have 2 in 'active support'; but that's mostly a coincidence. :-) So 4.4 won't be getting any more point releases, but it should continue to get XSAs through March 2017. (This table [2] has it ending in March 2016, but I'm pretty sure that's a mistake.) -George [1] http://wiki.xenproject.org/wiki/Xen_Project_Maintenance_Releases [2] http://wiki.xenproject.org/wiki/Xen_Project_Release_Features
Alvin Starr
2016-Jan-21 16:17 UTC
[CentOS-virt] CentOS 6 Virt SIG Xen 4.6 packages available in centos-virt-xen-testing
My comment was targeted more at naming than support. I appreciate that there are vanishingly few resources to throw at support. I am glad to see any xen support for C7 and am thankful of all those who are putting in time to make things happen. I try to help out when I can but it is all too infrequently. On 01/21/2016 10:29 AM, Johnny Hughes wrote:> This is a community SIG .. and xenproject.org does NOT release XSAs for > 4.2. The goal of Xen4centOS was to use an upstream LTS kernel and > update those as required to stay on an LTS. Also to do every second > point release of xen (ie, 4.2, 4.4, 4.6). All so we are longer term > than upstream, BUT we have supported code from upstream. > > So, the goal is to use supported code for the longest amount of time the > upsreams support them. For xenproject.org .. they support the two > newest releases. For kernel.org, they do a new kernel LTS about every 2 > years. > > We don't have 5000 engineers to maintain community SIGs like they > maintain the distro. We have to have supported code from upstream projects. > > On 01/21/2016 07:46 AM, Alvin Starr wrote: >> Its my impression that as a general rule from RH once some software has >> been released into a major release any further release of that software >> does not change major version or fundamental features.. >> >> For C6 I would argue Xen 4.2 should stay packaged as xen and Xen 4.4 be >> packaged as xen44 ... >> I do not believe that Xen has been released for C7 yet so what ever >> package version is released should be xen and others should be xen4x. >> >> It provides consistency for those who expect it and upgrading for those >> who need it. >> >> Looking at a C7 with epel added. >> I can see python, python2 and python3. >> >> On the other hand If your picking xen up from >> http://someplace.org/riskey-development/xen.repo then your getting what >> you ask for. >> >> >> On 01/21/2016 08:09 AM, President wrote: >>> RE: [CentOS-virt] CentOS 6 Virt SIG Xen 4.6 packages available in >>> centos-virt-xen-testing >>> >>> ?My .02 is to stay the course. As a server admin, I want to be able >>> to type things like: >>> >>> >>> yum upgrade php >>> >>> not >>> >>> yum upgrade php55-epel-rpmforge-fancy-package >>> >>> >>> Having to remember all the idiosyncrasies of a system is what causes >>> some type of major failure in the future whenever (1) you forget >>> something or (2) someone else has to pick up the box to adminster. >>> >>> >>> >>> -- >>> >>> ?Craig Thompson, President >>> >>> Caldwell Global Communications, Inc. >>> >>> +1 (423) 559-5465 >>> >>> caldwellglobal.com >>> >>> >>> -----Original message----- >>> *From:* George Dunlap <dunlapg at umich.edu> >>> *Sent:* Thursday 21st January 2016 7:32 >>> *To:* Discussion about the virtualization on CentOS >>> <centos-virt at centos.org> >>> *Subject:* Re: [CentOS-virt] CentOS 6 Virt SIG Xen 4.6 packages >>> available in centos-virt-xen-testing >>> >>> On Thu, Jan 21, 2016 at 12:01 PM, Peter <peter at pajamian.dhs.org> wrote: >>> > On 15/01/16 05:57, George Dunlap wrote: >>> >> As mentioned yesterday, Xen 4.6 packages are now available for >>> >> testing. These also include an update to libvirt 1.3.0, in line with >>> >> what's available for CentOS 7. Please test, particularly the upgrade >>> >> if you can, and report any problems here. >>> > >>> > Per conversation in IRC, Xen 4.6 no longer includes xend and therefore >>> > no longer has the "xm" command. This is problematic for people who may >>> > be using xm in various scripts on their host (such as home-brewed backup >>> > scripts). >>> > >>> > I think it's a bad idea to break this functionality without warning by >>> > allowing a simple "yum update" to remove it. You will take a lot of >>> > people by surprise and cause such scripts to stop working, if people are >>> > running yum cron the situation becomes even worse. >>> >>> Thanks, PJ, for your input. >>> >>> Just to be clear: >>> >>> 1. In the Xen 4.4 packages (first released October 2014), xend was >>> disabled by default; so anyone using xend at the moment has already >>> manually intervened to enable deprecated functionality >>> >>> 2. In 4.4, the first time xm was executed, it printed this warning: >>> --- >>> xend is deprecated and scheduled for removal. Please migrate to another >>> toolstack ASAP. >>> >>> See http://wiki.xen.org/wiki/Choice_of_Toolstacks for information on >>> other alternatives, including xl which is designed to be a drop in >>> replacement for xm (http://wiki.xen.org/wiki/XL). >>> --- >>> >>> 3. ...and on every subsequent invocation, it printed this warning: >>> "WARNING: xend/xm is deprecated" >>> >>> I think this constitutes "warning" that the functionality was going to >>> break at some point. :-) >>> >>> Also, in most cases "s/xm/xl/g;" Just Works; most people have reported >>> that changing from xm -> xl was pretty painless. So this isn't like >>> upgrading from Python 2 to Python 3 (or QT 4 to 5, or...). >>> >>> > I think that due to this lack of backwards compatibility with Xen 4.4 >>> > and earlier versions it would be a good idea to not force the upgrade on >>> > people who are not wary of it. I propose that the new packages carry >>> > the name "xen46" and they purposefully conflict with the old "xen" >>> > packages. That will require people to take positive action to do the >>> > upgrade and hence avoid breaking systems unintentionally. >>> >>> This would avoid breaking things for people still using xm, which >>> certainly has some value. However it has some costs: >>> >>> * The packages between C6 and C7 will now be slightly different, >>> increasing the maintenance burden. This is not only in the spec file, >>> but also in all the associated scripting machinery for managing >>> packages in the CBS and smoke-testing packages before pushing them >>> publicly. >>> >>> * Instructions for installing Xen are now differend between C6 and C7, >>> and slightly more complicated, as they have to explain about Xen 4.6 >>> vs alternatives. >>> >>> * Users who have heeded the warning and switched to xl will have to >>> make an extra effort to switch to Xen 4.6. If they don't follow >>> centos-virt, they may not notice that there's a new package to upgrade >>> to. >>> >>> I'm a developer, not a server admin, so I can't gauge how important >>> this issue is. Before making such a change, I'd like to hear opinions >>> from other people in the community about how important (or not) it is >>> to avoid breaking xm, given the ample warning (>1 year) users have >>> had. >>> >>> On the other hand, explicitly moving to a "xen${VER}" (both for C6 and >>> C7) would make it simpler for people to step up and maintain older >>> versions in parallel if anybody wanted to do so. >>> >>> Thanks again, Peter, for bringing this up. >>> >>> Peace, >>> -George >>> _______________________________________________ >>> CentOS-virt mailing list >>> CentOS-virt at centos.org >>> https://lists.centos.org/mailman/listinfo/centos-virt >>> >>> >>> >>> _______________________________________________ >>> CentOS-virt mailing list >>> CentOS-virt at centos.org >>> https://lists.centos.org/mailman/listinfo/centos-virt >> >> -- >> Alvin Starr || voice: (905)513-7688 >> Netvel Inc. || Cell: (416)806-0133 >> alvin at netvel.net || >> >> >> >> _______________________________________________ >> CentOS-virt mailing list >> CentOS-virt at centos.org >> https://lists.centos.org/mailman/listinfo/centos-virt >> > > > > _______________________________________________ > CentOS-virt mailing list > CentOS-virt at centos.org > https://lists.centos.org/mailman/listinfo/centos-virt-- Alvin Starr || voice: (905)513-7688 Netvel Inc. || Cell: (416)806-0133 alvin at netvel.net || -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20160121/f9571490/attachment-0002.html>
George Dunlap
2016-Jan-21 16:23 UTC
[CentOS-virt] CentOS 6 Virt SIG Xen 4.6 packages available in centos-virt-xen-testing
On Thu, Jan 21, 2016 at 4:17 PM, Alvin Starr <alvin at netvel.net> wrote:> My comment was targeted more at naming than support. > > I appreciate that there are vanishingly few resources to throw at support. > > I am glad to see any xen support for C7 and am thankful of all those who are > putting in time to make things happen. > I try to help out when I can but it is all too infrequently.Yes, that's the way I understood you. :-) It's an interesting model to consider; as I said earlier, making that the standard (either always having "xen44", "xen46", "xen48", or starting with "xen" and then major upgrades getting renames as you suggest) has certain advantages if we ever go the manpower to maintain two different versions. -George
Possibly Parallel Threads
- CentOS 6 Virt SIG Xen 4.6 packages available in centos-virt-xen-testing
- CentOS 6 Virt SIG Xen 4.6 packages available in centos-virt-xen-testing
- CentOS 6 Virt SIG Xen 4.6 packages available in centos-virt-xen-testing
- CESA-2014:X008 Moderate: Xen4CentOS xen Security Update
- CESA-2014:X010 Moderate xen Xen4CentOS Security Update