Gordon Messmer
2021-Jan-05 22:51 UTC
[CentOS] CentOS Stream suitability as a production webserver
On 1/5/21 11:32 AM, Jamie Burchell wrote:> is the change a non-issue for my use-case?Probably.? For a lot of users, Stream is a drop-in replacement that's better than CentOS was, because it gets updates consistently and doesn't suffer from periods in which no updates are available, including security updates. If security was a priority for you, as it was for me, then CentOS wasn't really suitable for public-facing services, but CentOS Stream might be. If you're building software that you intend to deploy on RHEL, Stream might not be a suitable build root for you.? Compiling software in a Stream build root may result in a binary that has dependencies which aren't yet available in RHEL.? And if you're building kernel modules (like Phil @elrepo), then there is the issue that the kernel isn't subject to RHEL's ABI policy, but Red Hat developers have expressed interest in making the kernel interfaces more stable and using external kernel module builds as a test to flag interfaces that have changed.? So that situation may improve...
Jamie Burchell
2021-Jan-05 22:58 UTC
[CentOS] CentOS Stream suitability as a production webserver
> If security was a priority for you, as it was for me, then CentOS wasn'treally suitable for public-facing services You mean in terms of security patch release time presumably?> If you're building software that you intend to deploy on RHELWe're not building or compiling software. On Tue, 5 Jan 2021 at 22:51, Gordon Messmer <gordon.messmer at gmail.com> wrote:> On 1/5/21 11:32 AM, Jamie Burchell wrote: > > is the change a non-issue for my use-case? > > > Probably. For a lot of users, Stream is a drop-in replacement that's > better than CentOS was, because it gets updates consistently and doesn't > suffer from periods in which no updates are available, including > security updates. > > If security was a priority for you, as it was for me, then CentOS wasn't > really suitable for public-facing services, but CentOS Stream might be. > > If you're building software that you intend to deploy on RHEL, Stream > might not be a suitable build root for you. Compiling software in a > Stream build root may result in a binary that has dependencies which > aren't yet available in RHEL. And if you're building kernel modules > (like Phil @elrepo), then there is the issue that the kernel isn't > subject to RHEL's ABI policy, but Red Hat developers have expressed > interest in making the kernel interfaces more stable and using external > kernel module builds as a test to flag interfaces that have changed. So > that situation may improve... > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > lists.centos.org/mailman/listinfo/centos >
Jamie Burchell
2021-Jan-05 23:02 UTC
[CentOS] CentOS Stream suitability as a production webserver
> Probably. For a lot of users, Stream is a drop-in replacement that'sbetter than CentOS was We will need to (manually) migrate to Stream 9.x after 5 years instead of 10 though? On Tue, 5 Jan 2021 at 22:51, Gordon Messmer <gordon.messmer at gmail.com> wrote:> On 1/5/21 11:32 AM, Jamie Burchell wrote: > > is the change a non-issue for my use-case? > > > Probably. For a lot of users, Stream is a drop-in replacement that's > better than CentOS was, because it gets updates consistently and doesn't > suffer from periods in which no updates are available, including > security updates. > > If security was a priority for you, as it was for me, then CentOS wasn't > really suitable for public-facing services, but CentOS Stream might be. > > If you're building software that you intend to deploy on RHEL, Stream > might not be a suitable build root for you. Compiling software in a > Stream build root may result in a binary that has dependencies which > aren't yet available in RHEL. And if you're building kernel modules > (like Phil @elrepo), then there is the issue that the kernel isn't > subject to RHEL's ABI policy, but Red Hat developers have expressed > interest in making the kernel interfaces more stable and using external > kernel module builds as a test to flag interfaces that have changed. So > that situation may improve... > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > lists.centos.org/mailman/listinfo/centos >
Leon Fauster
2021-Jan-06 11:11 UTC
[CentOS] CentOS Stream suitability as a production webserver
Am 05.01.21 um 23:51 schrieb Gordon Messmer:> On 1/5/21 11:32 AM, Jamie Burchell wrote: >> is the change a non-issue for my use-case? > > > Probably.? For a lot of users, Stream is a drop-in replacement that's > better than CentOS was, because it gets updates consistently and doesn't > suffer from periods in which no updates are available, including > security updates.I often read this statement here that it "is better" because of not having "periods of missing updates" like in CentOS Linux. Is it maybe more worsed? Some one said that security updates will be ASAP in Stream because the rolling process is build on top of such fixes. But what about leaf packages? C8S: firefox-78.3.0-1.el8_2.x86_64.rpm C8: firefox-78.5.0-1.el8_3.x86_64.rpm RHEL8: firefox-78.6.0-1.el8_3.x86_64 The divergence exits because the C8->C8S migration process is not completed and we have still C8 as the base for the distrosync to C8S (and the compose process uses both repos). The time after EOL of C8 will show that priorities will be on development - as it was stated. I would expect that Stream will diverged in two directions ...> If security was a priority for you, as it was for me, then CentOS wasn't > really suitable for public-facing services, but CentOS Stream might be. > > If you're building software that you intend to deploy on RHEL, Stream > might not be a suitable build root for you.? Compiling software in a > Stream build root may result in a binary that has dependencies which > aren't yet available in RHEL.? And if you're building kernel modules > (like Phil @elrepo), then there is the issue that the kernel isn't > subject to RHEL's ABI policy, but Red Hat developers have expressed > interest in making the kernel interfaces more stable and using external > kernel module builds as a test to flag interfaces that have changed.? So > that situation may improve... > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > lists.centos.org/mailman/listinfo/centos