We're running a large cluster, and are leery of upgrading them all to 5.5, but would like to find the latest security patches.
Is there a repo for this? I can't seem to find a 5.4 specific update repo with anything since last March. Is 5.4 EOL'd?
Thanks, -- Mitch
On 01/26/11 5:35 PM, Mitch Patenaude wrote:
We're running a large cluster, and are leery of upgrading them all to 5.5, but would like to find the latest security patches.
Is there a repo for this? I can't seem to find a 5.4 specific update repo with anything since last March. Is 5.4 EOL'd?
5.6+latest *IS* the latest security updates for 5.anything.
Can you tell us more about you cluster? Nodes? Purpose? I managed a small 90 node cluster for seismic work.
Gene
Sent from my iPhone
On Jan 26, 2011, at 7:39 PM, John R Pierce pierce@hogranch.com wrote:
On 01/26/11 5:35 PM, Mitch Patenaude wrote:
We're running a large cluster, and are leery of upgrading them all to 5.5, but would like to find the latest security patches.
Is there a repo for this? I can't seem to find a 5.4 specific update repo with anything since last March. Is 5.4 EOL'd?
5.6+latest *IS* the latest security updates for 5.anything.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wed, Jan 26, 2011 at 5:42 PM, Gene brandtg@bellsouth.net wrote:
Can you tell us more about you cluster? Nodes? Purpose? I managed a small 90 node cluster for seismic work.
300+ nodes total, 200 in a hadoop cluster used for mapreduce, the rest in a variety of headless datacenter roles (web, mail, database, backup, etc.). They are somewhat sensitive to version updates, so I was hoping to find a way to find the security updates (patch level) without having to change versions. Upgrading to 5.6 would likely involve upgrading several core packages (mysql, ruby, python, bind, even glibc and the kernel). Is this a pipe dream?
Thanks, -- Mitch
Our application vendors dictated version an patches. The system did what it was designed. That was its purpose in life.
Sent from my iPhone
On Jan 26, 2011, at 7:51 PM, Mitch Patenaude mitch@rapleaf.com wrote:
On Wed, Jan 26, 2011 at 5:42 PM, Gene brandtg@bellsouth.net wrote: Can you tell us more about you cluster? Nodes? Purpose? I managed a small 90 node cluster for seismic work.
300+ nodes total, 200 in a hadoop cluster used for mapreduce, the rest in a variety of headless datacenter roles (web, mail, database, backup, etc.). They are somewhat sensitive to version updates, so I was hoping to find a way to find the security updates (patch level) without having to change versions. Upgrading to 5.6 would likely involve upgrading several core packages (mysql, ruby, python, bind, even glibc and the kernel). Is this a pipe dream?
Thanks, -- Mitch
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wed, 26 Jan 2011 17:51:51 -0800 Mitch Patenaude mitch@rapleaf.com wrote:
without having to change versions. Upgrading to 5.6 would likely involve upgrading several core packages (mysql, ruby, python, bind, even glibc and the kernel). Is this a pipe dream?
Shouldn't be. I never think of point releases as separate versions and always upgrade (after installing on a test box to see everything still works as expected :) ).
CentOS/upstream provider ensure that software in point releases are the same major versions.
The point releases *are* the security updates.
Sometimes upgraded packages are made available, as in the case of php, but the new version has a different package name. ie; the php package is 5.1, but the updated release's package name was php53 (or php52) and I think was only available through the Extras repo.
On 01/26/11 5:51 PM, Mitch Patenaude wrote:
On Wed, Jan 26, 2011 at 5:42 PM, Gene <brandtg@bellsouth.net mailto:brandtg@bellsouth.net> wrote:
Can you tell us more about you cluster? Nodes? Purpose? I managed a small 90 node cluster for seismic work.300+ nodes total, 200 in a hadoop cluster used for mapreduce, the rest in a variety of headless datacenter roles (web, mail, database, backup, etc.). They are somewhat sensitive to version updates, so I was hoping to find a way to find the security updates (patch level) without having to change versions. Upgrading to 5.6 would likely involve upgrading several core packages (mysql, ruby, python, bind, even glibc and the kernel). Is this a pipe dream?
assuming the mysql, ruby, python, bind you are running are all the stock RHEL5/CentOS5 ones, the updates maintain the same x.y version as whatever was released with 5.0, the upstream vendor backports security fixes. the kernel is still 2.6.18, glibc is still 2.5, etc etc.
5.6 is not a new version, its just a snapshot of updates at that point in time. the version is 5.
On Jan 26, 2011, at 8:08 PM, John R Pierce wrote:
On 01/26/11 5:51 PM, Mitch Patenaude wrote:
On Wed, Jan 26, 2011 at 5:42 PM, Gene <brandtg@bellsouth.net mailto:brandtg@bellsouth.net> wrote:
Can you tell us more about you cluster? Nodes? Purpose? I managed a small 90 node cluster for seismic work.
300+ nodes total, 200 in a hadoop cluster used for mapreduce, the rest in a variety of headless datacenter roles (web, mail, database, backup, etc.). They are somewhat sensitive to version updates, so I was hoping to find a way to find the security updates (patch level) without having to change versions. Upgrading to 5.6 would likely involve upgrading several core packages (mysql, ruby, python, bind, even glibc and the kernel). Is this a pipe dream?
assuming the mysql, ruby, python, bind you are running are all the stock RHEL5/CentOS5 ones, the updates maintain the same x.y version as whatever was released with 5.0, the upstream vendor backports security fixes. the kernel is still 2.6.18, glibc is still 2.5, etc etc.
5.6 is not a new version, its just a snapshot of updates at that point in time. the version is 5.
But still test, sometimes something can break. In point releases in the past, some things have broke like, recently, an ethernet card wouldn't work after the update. Gave weird errors. Replaced it with a newer revision of the card, and it worked fine. But generally things work fine.
As per the Redhat Virtualisation Expo yesterday... API/ABI compatibility is maintained within the point releases. If your stuff is certified on 5.4 it will run on 5.5/5.6.
In addition there are compatibility libraries to get anything running on 5.X on 6.0... and when you move to 6.0 then anything running on 6.0 will run on 6.X.
James
On Thu, Jan 27, 2011 at 7:16 AM, James Hogarth james.hogarth@gmail.com wrote:
As per the Redhat Virtualisation Expo yesterday... API/ABI compatibility is maintained within the point releases. If your stuff is certified on 5.4 it will run on 5.5/5.6.
In addition there are compatibility libraries to get anything running on 5.X on 6.0... and when you move to 6.0 then anything running on 6.0 will run on 6.X.
This... is theory. In practice, major architectural changes will break things and need to be tested. For example, the anaconda environment for RHEL 6 does not contain the "dirname" command. The environment for RHEL 5 did. I anticipate that CentOS 6 will also lack it. Who would know that without testing their kickstart scripts? And don't get me started on the NetworkManager related changes in /etc/sysconfig/network-scripts: the new "NM_CONTROLLED" option can cause enormous confusion.
This... is theory. In practice, major architectural changes will break things and need to be tested. For example, the anaconda environment for RHEL 6 does not contain the "dirname" command. The environment for RHEL 5 did. I anticipate that CentOS 6 will also lack it. Who would know that without testing their kickstart scripts? And don't get me started on the NetworkManager related changes in /etc/sysconfig/network-scripts: the new "NM_CONTROLLED" option can cause enormous confusion.
I was referring to certified applications with regards to compatibility rather than kickstarting boxes and then you'll want to test out to see if you need any of the compatibility libaries....
With fresh package lists and so on of course you'll want to test out kickstarts...
On any server I'd recommend disabling the networkmanager service and enabling the old network one...
In fact on a server no point even installing the networkmanager packages...
However that is pretty much OT from the original question and point of this thread which is that from 5.4 to 5.6 (and onwards) there will be no API/ABI breakages staying with the official channels.
James
On 1/26/2011 8:35 PM, Mitch Patenaude wrote:
We're running a large cluster, and are leery of upgrading them all to 5.5, but would like to find the latest security patches.
Is there a repo for this? I can't seem to find a 5.4 specific update repo with anything since last March. Is 5.4 EOL'd?
Thanks, -- Mitch
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
if its a cluster can you take one node offline..update to 5.6 and see if it bombs or not?
-
Gene -
James Hogarth -
John R Pierce -
Kevin Krieser -
Mitch Patenaude -
Nico Kadel-Garcia -
Spiro Harvey -
William Warren