Send CentOS-announce mailing list submissions to centos-announce@centos.org

To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request@centos.org

You can reach the person managing the list at centos-announce-owner@centos.org

When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..."

Today's Topics:

1. [Infra] : Planned outage : git.centos.org (Fabian Arrotin)

----------------------------------------------------------------------

Message: 1 Date: Wed, 8 Jun 2022 07:24:38 +0200 From: Fabian Arrotin arrfab@centos.org To: "The CentOS developers mailing list." centos-devel@centos.org, centos-announce@centos.org, CentOS mailing list centos@centos.org Subject: [CentOS-announce] [Infra] : Planned outage : git.centos.org Message-ID: 2e632140-7589-f0bb-97aa-33ac2d74e2be@centos.org Content-Type: text/plain; charset="utf-8"; Format="flowed"

Due to a scheduled pagure upgrade, we'll have to move the existing Pagure instance (aka https://git.centos.org) to a new node.

Migration is scheduled for """"Monday June 13rd, 7:00 am UTC time"""". You can convert to local time with $(date -d '2022-06-13 07:00 UTC')

The expected "downtime" is estimated to ~60 minutes , time needed to : - backup/restore last DB dump - import and convert DB schema for newer pagure version - last data (sources in lookaside cache and git repositories) sync - verify service and switch public IP to new host.

Important note wrt that migration is that we're moving from pagure 5.8 running on CentOS 7 to pagure 5.13 on RHEL 8. It means it's a new host and so sshd host keys will change (we didn't want to import older host keys to comply with newer algo) The new fingerprint will be displayed at usual place (https://git.centos.org/ssh_info) but it only matters for SIGs users pushing to specific projects/branches over ssh. For people pulling through https, nothing changes.

Here are in advance the new fingerprints :

rsa=3072 SHA256:qeSehpwh3X7HI0D/jF7N4qZcergdr9tUCdaZ2EIdiLc (RSA) rsa_md5=3072 MD5:a9:a1:ba:83:96:71:28:ca:86:19:c0:5d:4f:48:9f:63 (RSA) ecdsa=256 SHA256:vIRsg5g/t/7ucYP4NKTkcPJdE7CWbFQVInscthHKihU (ECDSA) ecdsa_md5=256 MD5:8f:40:35:4f:b9:43:60:d9:09:c0:5f:80:52:69:c8:8d (ECDSA)

Also worth knowing that we also present a signed cert for sshd host keys, so if you already trust our CA (https://github.com/CentOS/ansible-role-sshd/blob/master/defaults/main.yml#L3...) in your ~/.ssh/known_hosts file, you'll not even have to accept new key

Thanks for your understanding and patience.

on behalf of the Infra team,