[CentOS-devel] Repository structures for SIG and variants in the future

Wed Jan 15 11:01:14 UTC 2014
Johnny Hughes <johnny at centos.org>

On 01/15/2014 01:28 AM, Ned Slider wrote:
> On 13/01/14 19:05, Jim Perrin wrote:
>> As part of opening up the possibilities for SIGs and Variants within the
>> CentOS ecosystem, we need to give some thought to how repositories
>> should be structured so that different can cooperate with each other.
>> What we have discussed in the past, and what I'd like to propose to the
>> -devel community, is that we adopt a page similar to the KDE framework.
>> The way I envision this working is as follows:
>>   - Tier 1 repositories: Adds packages only. These repos may not update
>> or replace anything in the core distribution. (Example: EPEL)
>>   - Tier 2 repositories: These repositories may provide provide packages
>> that update or otherwise enhance packages in the base distribution, but
>> otherwise maintain compatibility.  (Example IUS
>>   - Tier 3 repositories: These repositories contain packages that
>> conflict with software inside the core distribution. This would be
>> Xen4CentOS for example, which replaces the kernel, and adds in xen
>> functionality.
>> Each tier may choose to rely on dependencies from repositories in the
>> tier  above it, but not the other way around. For example, the tier 3
>> Xen4 repository could choose to rely on packages from a tier1 like EPEL,
>> or a tier2 like IUS. However a tier1 or tier2 could not rely on a tier3.
>> A good real-world example of this would be rpmfusion's dependence on the
>> EPEL repository.
>> The other aspect of this that needs to be discussed is package
>> duplication. For example, several of the proposed SIGs have some overlap
>> in their packages. Would the preference here be that each SIG/Variant
>> maintain their own version of the package, or should there be a common
>> package set established? Both methods fit into the model described
>> above, and both have pros/cons associated.
>> What does the community think about this?
> I'm in favour of any process that makes the use of 3rd party 
> repositories more compatible.
> Some things to think about:
> How would one handle repositories that fall into multiple categories 
> above. For example, Repoforge main repo channel would be tier 1 (.rf 
> packages) whereas packages from their extras channel (.rfx) would be 
> tier 2. Likewise, elrepo has a main tier 1 channel, a tier 2 extras 
> channel and a kernel channel which might be tier 3.
> How would one handle conflicts and incompatibilities between multiple 
> tier 1 repositories (e.g, Repoforge and EPEL)?
> Of course these aren't new issues and one can easily write a very long list.
> As much as I hate the idea of killing off independent 3rd party 
> competition, I'm minded to think the only sane way to handle this is to 
> have one centralised Enterprise Linux repository, quite possibly 
> segregated into 3 tiers as you outline above. As exemplified by the 
> current situation, it's never going to be completely practical having 
> multiple builds of Package A built against different versions of 
> Packages X, Y and Z all floating around in different 3rd party community 
> repositories.
> Whether anyone (or any group) is able to demonstrate the leadership 
> necessary to bring everyone together under one umbrella and resolve all 
> the issues is another question.
> Just my personal opinion(s).

We are only talking about CentOS Special Interest Groups and CentOS
Variants, not all 3rd Party repositories.  And we can't host anything
that is encumbered (IP restrictions like MP3, not a license that allows
for distribution, etc).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20140115/7529b0b0/attachment-0005.sig>