[CentOS-devel] Repository structures for SIG and variants in the future

Wed Jan 15 11:19:53 UTC 2014
Ljubomir Ljubojevic <centos at plnet.rs>

On 01/15/2014 08:28 AM, Ned Slider wrote:
> On 13/01/14 19:05, Jim Perrin wrote:
>> As part of opening up the possibilities for SIGs and Variants within the
>> CentOS ecosystem, we need to give some thought to how repositories
>> should be structured so that different can cooperate with each other.
>> What we have discussed in the past, and what I'd like to propose to the
>> -devel community, is that we adopt a page similar to the KDE framework.
>> The way I envision this working is as follows:
>>    - Tier 1 repositories: Adds packages only. These repos may not update
>> or replace anything in the core distribution. (Example: EPEL)
>>    - Tier 2 repositories: These repositories may provide provide packages
>> that update or otherwise enhance packages in the base distribution, but
>> otherwise maintain compatibility.  (Example IUS
>>    - Tier 3 repositories: These repositories contain packages that
>> conflict with software inside the core distribution. This would be
>> Xen4CentOS for example, which replaces the kernel, and adds in xen
>> functionality.
>> Each tier may choose to rely on dependencies from repositories in the
>> tier  above it, but not the other way around. For example, the tier 3
>> Xen4 repository could choose to rely on packages from a tier1 like EPEL,
>> or a tier2 like IUS. However a tier1 or tier2 could not rely on a tier3.
>> A good real-world example of this would be rpmfusion's dependence on the
>> EPEL repository.
>> The other aspect of this that needs to be discussed is package
>> duplication. For example, several of the proposed SIGs have some overlap
>> in their packages. Would the preference here be that each SIG/Variant
>> maintain their own version of the package, or should there be a common
>> package set established? Both methods fit into the model described
>> above, and both have pros/cons associated.
>> What does the community think about this?
> I'm in favour of any process that makes the use of 3rd party
> repositories more compatible.
> Some things to think about:
> How would one handle repositories that fall into multiple categories
> above. For example, Repoforge main repo channel would be tier 1 (.rf
> packages) whereas packages from their extras channel (.rfx) would be
> tier 2. Likewise, elrepo has a main tier 1 channel, a tier 2 extras
> channel and a kernel channel which might be tier 3.
> How would one handle conflicts and incompatibilities between multiple
> tier 1 repositories (e.g, Repoforge and EPEL)?
> Of course these aren't new issues and one can easily write a very long list.
> As much as I hate the idea of killing off independent 3rd party
> competition, I'm minded to think the only sane way to handle this is to
> have one centralised Enterprise Linux repository, quite possibly
> segregated into 3 tiers as you outline above. As exemplified by the
> current situation, it's never going to be completely practical having
> multiple builds of Package A built against different versions of
> Packages X, Y and Z all floating around in different 3rd party community
> repositories.
> Whether anyone (or any group) is able to demonstrate the leadership
> necessary to bring everyone together under one umbrella and resolve all
> the issues is another question.

First thing to do is to get all interested 3rd party repository 
maintainers and see if agreement can be made.

Things have changed now that CentOS will have additional 
Variants/repositories. Many repositories were created by individuals 
that needed some packages but didn't have access to (unified) building 
environment. But with git.centos.org many 3rd party repositories 
maintainers will be happy to move majority of packages "upstream" 
(CentOS project or EPEL), where they will have the same environment to 
maintain packages the are interested in. Especially having in mind 
package version consistency and better building infrastructure + more 
people working together.

Only problem I see will be non-opensource packages, like addition codecs 
for gstreamer. Those will have problems keeping up with "upstream" 
(CentOS/RHEL) repositories, unless source packages carry all of it and 
non-opensource parts are just disabled during build, so that others can 
use same src.rpm to build missing packages.

Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant