devel

devel@lists.centos.org

5 participants
4641 discussions

Vagrant ignores checksums, instead of validating them
by Laurentiu Pancescu 11 Nov '17

11 Nov '17

Hi there, Emmanuel Kasper of the Debian Cloud Team contacted me about two days ago: they discovered that Vagrant simply ignores any --checksum parameter when adding the box. You can even provide "1234" instead of a valid SHA256 sum, and Vagrant will just add the downloaded box, without any warning or error whatsoever: vagrant box add --checksum-type sha256 --checksum 1234 --provider libvirt --box-version 1710.01 centos/7 ==> box: Loading metadata for box 'centos/7' box: URL: https://atlas.hashicorp.com/centos/7 ==> box: Adding box 'centos/7' (v1710.01) for provider: libvirt box: Downloading: https://vagrantcloud.com/centos/boxes/7/versions/1710.01/providers/libvirt.… ==> box: Successfully added box 'centos/7' (v1710.01) for 'libvirt'! echo $? 0 Our signatures are basically useless for most users: Vagrant will only check the signature if one is included in the metadata (which is not the one in the box we host, but generated by Vagrant Cloud, formerly known as Atlas - there's simply no way to get Hashicorp's servers to include the checksum, not even for the boxes they host themselves). The --checksum argument is honored if you add a raw box, but I doubt our users would be willing to do that, even if they knew about it: $ vagrant box add --checksum-type sha256 --checksum 1234 --name c7tmp https://cloud.centos.org/centos/7/vagrant/x86_64/images/CentOS-7-x86_64-Vag… ==> box: Box file was not detected as metadata. Adding it directly... ==> box: Adding box 'c7tmp' (v0) for provider: box: Downloading: https://cloud.centos.org/centos/7/vagrant/x86_64/images/CentOS-7-x86_64-Vag… box: Calculating and comparing box checksum... The checksum of the downloaded box did not match the expected value. Please verify that you have the proper URL setup and that you're downloading the proper file. Expected: 1234 Received: 9d1ddb812de88578326538d69fdd5f59ba68adf04862144300c42d0293f61d2f $ echo $? 1 Another possibility would be to also host the metadata ourselves, along with the raw boxes, on cloud.centos.org. Endymion can already generate the needed metadata, and I already verified that Vagrant works properly with it, even detecting newer versions of the boxes for updates. The problem of convincing our users to use a cloud.c.o URL instead of Atlas still remains. I guess I'll have to replace the section in our future release announcements about verifying the images downloaded from Atlas with some sort of warning. Any other ideas of what we could do? Vagrant's behavior is described in its documentation, so I assume it's by design. How about adding the missing Vagrant functionality as distro patches, if upstream doesn't want to? Regards, Laurențiu https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878759 https://github.com/lpancescu/endymion

2 3

Re: [CentOS-devel] Ceph Jewel 10.2.10 available for testing (now released)
by David Moreau Simard 08 Nov '17

08 Nov '17

Ceph Jewel 10.2.10 was tagged for release after several weeks of testing with no reported issues. It will make it's way to the stable repositories during the next synchronization. David Moreau Simard Senior Software Engineer | OpenStack RDO dmsimard = [irc, github, twitter] On Wed, Oct 18, 2017 at 5:50 PM, David Moreau Simard <dms(a)redhat.com> wrote: > Hi, > > Ceph Jewel 10.2.10 was released upstream on October 8th and is now > available for testing [1] from the Ceph storage SIG repositories. > > You can find the release notes for 10.2.10 here [2] and the spec > update here [3]. > > To test this new release of Ceph, you will need to enable the testing > repositories like so: > > yum -y install centos-release-ceph-jewel > yum-config-manager --enable centos-ceph-jewel-test > > We plan on releasing 10.2.10 soon if no issues are reported. > > Thanks ! > > [1]: http://cbs.centos.org/koji/buildinfo?buildID=20348 > [2]: http://ceph.com/releases/v10-2-10-jewel-released/ > [3]: https://github.com/CentOS-Storage-SIG/ceph/commit/ > 1b1e5d0b302b18fc79f397c88c22df85ab78f9ab > > David Moreau Simard > Senior Software Engineer | OpenStack RDO > > dmsimard = [irc, github, twitter] >

1 0

CentOS PaaS SIG meeting (2017-11-08) (remember time change)
by Troy Dawson 08 Nov '17

08 Nov '17

Hello, It's time for our weekly PaaS SIG sync-up meeting Please remember that in U.S. daylight savings happened, and this meeting is keyed to UTC. So this meeting is now one hour later that it was last week. Time: 1700 UTC - Wedensdays (date -d "1700 UTC") Date: Today Wedensday, 08 November 2017 Where: IRC- Freenode - #centos-devel Agenda: - OpenShift Current Status -- rpms -- Automated rpm building and Automated testing -- Multi-arch -- Documentation -- Images and Image building -- minishift -- kompose / kedge - Open Floor Minutes from last meeting: https://www.centos.org/minutes/2017/November/centos-devel.2017-11-01-17.01.…

1 1

liburcu-bp and liburcu-cds version conflicts
by Alexander Wigen 02 Nov '17

02 Nov '17

Hi there, I'm hitting a conflict when using Ceph and oVirt 4.2beta. The upcoming oVirt 4.2 release is pulling in ~liburcu-cds.so.6 where Ceph is requiring liburcu-cds.so.1. And the same for liburcu-bp. Here is the output from yum update: http://pastebin.centos.org/411116/ Cheers, Alex

2 1

next OpenShift
by Brigman, Larry 01 Nov '17

01 Nov '17

When can I expect a test build of origin 3.7.0 rpm package? Over the weekend I grabbed the tarball 3.7.0-rc.0 and used it to update one of my systems. In 3.6, it was having problems using Vsphere as a cloud provider. 3.7 fix the issues I was having.

4 6

CentOS PaaS SIG meeting (2017-11-01)
by Troy Dawson 01 Nov '17

01 Nov '17

Hello, It's time for our weekly PaaS SIG sync-up meeting Time: 1700 UTC - Wedensdays (date -d "1700 UTC") Date: Today Wedensday, 01 November 2017 Where: IRC- Freenode - #centos-devel Agenda: - OpenShift Current Status -- rpms -- Building origin 3.7 rc0 -- Automated rpm building and Automated testing -- Multi-arch -- Documentation -- Images and Image building -- minishift (marcindulak and lalatenduM) -- kompose (cdrage (candate) pradeepto (india) and tkral (brno)) - Open Floor Minutes from last meeting: https://www.centos.org/minutes/2017/October/centos-devel.2017-10-25-17.00.l…

1 0

New SCLs with Developer Toolset 7, MariaDB 10.2, PostgreSQL 9.6, MongoDB 3.4 available for testing
by Honza Horak 31 Oct '17

31 Oct '17

I'm happy to announce, that there are new Software Collections available for testing (sig-sclo). There are the following packages available in centos-sclo-rh-testing for CentOS 6 and CentOS 7: devtoolset-7 rh-mariadb102 rh-postgresql96 rh-mongodb34 For installing them, run: $ sudo yum install centos-release-scl-rh $ sudo yum-config-manager --enable centos-sclo-rh-testing $ sudo yum install <scl> Learn more about these packages and how to use them at: https://www.softwarecollections.org/en/scls/rhscl/devtoolset-7/ https://www.softwarecollections.org/en/scls/rhscl/rh-mariadb102/ https://www.softwarecollections.org/en/scls/rhscl/rh-postgresql96/ https://www.softwarecollections.org/en/scls/rhscl/rh-mongodb34/ The three new databases also deliver packages called <scl>-syspaths, that put wrappers into standard paths, so users don't need to bother with the alternative path. More info available at: https://developers.redhat.com/blog/2017/10/18/use-software-collections-with… All these collections are CentOS-based rebuilds built by SCLo SIG community, and the packages have been available in Red Hat Software Collections 3.0 for RHEL: https://access.redhat.com/documentation/en-us/red_hat_software_collections/… So, for RHEL-based builds, follow the steps in the documentation above. Cheers, Honza

1 0

New SCLs with NodeJS 8, Python 3.6, PHP 7.1, Maven 3.5, nginx 1.12 available for testing
by Honza Horak 31 Oct '17

31 Oct '17

I'm happy to announce, that there are new Software Collections available for testing (sig-sclo). There are the following packages available in centos-sclo-rh-testing for CentOS 7: rh-nodejs8 rh-python36 rh-php71 rh-maven35 rh-nginx112 For installing them, run: $ sudo yum install centos-release-scl-rh $ sudo yum-config-manager --enable centos-sclo-rh-testing $ sudo yum install <scl> Learn more about these packages and how to use them at: https://www.softwarecollections.org/en/scls/rhscl/rh-nodejs8/ https://www.softwarecollections.org/en/scls/rhscl/rh-python36/ https://www.softwarecollections.org/en/scls/rhscl/rh-php71/ https://www.softwarecollections.org/en/scls/rhscl/rh-maven35/ https://www.softwarecollections.org/en/scls/rhscl/rh-nginx112/ All these collections are CentOS-based rebuilds built by SCLo SIG community, and the packages have been available in Red Hat Software Collections 3.0 for RHEL: https://access.redhat.com/documentation/en-us/red_hat_software_collections/… So, for RHEL-based builds, follow the steps in the documentation above. Cheers, Honza

1 0

Updated SCLs with PostgreSQL 9.4 and 9.5, MySQL 5.6 and 5.7, MongoDB 3.2 available for testing
by Honza Horak 31 Oct '17

31 Oct '17

I'm happy to announce, that there are new Software Collections packages available for testing (sig-sclo) on CentOS 6 and CentOS 7. There are the following packages updates available in centos-sclo-rh-testing: rh-postgresql94 rh-postgresql95 rh-mongodb32 rh-mysql56 rh-mysql57 For installing them, run: $ sudo yum install centos-release-scl-rh $ sudo yum-config-manager --enable centos-sclo-rh-testing $ sudo yum install <scl> Learn more about these packages and how to use them at: https://www.softwarecollections.org/en/scls/rhscl/rh-postgresql94/ https://www.softwarecollections.org/en/scls/rhscl/rh-postgresql95/ https://www.softwarecollections.org/en/scls/rhscl/rh-mongodb32/ https://www.softwarecollections.org/en/scls/rhscl/rh-mysql56/ https://www.softwarecollections.org/en/scls/rhscl/rh-mysql57/ All these collections are CentOS-based, rebuilds of packages available in Red Hat Software Collections 2.4 or previous release, built by SCLo SIG community: https://access.redhat.com/documentation/en-us/red_hat_software_collections/… For RHEL-based builds, follow the steps in the documentation above. Cheers, Honza

1 0

Updated SCLs with NodeJS 4 and 6, Ruby 2.4, Apache httpd 2.4, and devtoolset-6 available for testing
by Honza Horak 31 Oct '17

31 Oct '17

I'm happy to announce, that there are new Software Collections packages available for testing (sig-sclo) on CentOS 6 and 7. There are the following packages updates available in centos-sclo-rh-testing: devtoolset-6 httpd24 rh-nodejs4 rh-nodejs6 rh-ruby24 For installing them, run the following on CentOS 6 or CentOS 7: $ sudo yum install centos-release-scl-rh $ sudo yum-config-manager --enable centos-sclo-rh-testing $ sudo yum install <scl> Learn more about these packages and how to use them at: https://www.softwarecollections.org/en/scls/rhscl/devtoolset-6/ https://www.softwarecollections.org/en/scls/rhscl/httpd24/ https://www.softwarecollections.org/en/scls/rhscl/rh-nodejs4/ https://www.softwarecollections.org/en/scls/rhscl/rh-nodejs6/ https://www.softwarecollections.org/en/scls/rhscl/rh-ruby24/ All these collections are CentOS-based, rebuilds of packages available in Red Hat Software Collections 2.4 or previous release, built by SCLo SIG community: https://access.redhat.com/documentation/en-us/red_hat_software_collections/… For RHEL-based builds, follow the steps in the documentation above. Cheers, Honza

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

devel