[CentOS-devel] Infra : changes to buildlogs.centos.org

Fri Mar 25 16:39:31 UTC 2016
Fabian Arrotin <arrfab at centos.org>

Hi,

Just to let you know in advance that we'll add some modifications to the
buildlogs.centos.org nodes.
We got a proposal from a CDN infrastructure company (CDN77.com) willing
to be a sponsor for the CentOS Project, and so we'd like to use that
service for the testing/dev artifacts (so rpm packages, iso images,
qcow2 images, etc) so that users can get it faster than when served from
our actual buildlogs.centos.org nodes.

What does that mean for you ? Next tuesday, we'll implement RewriteRule
to redirect requests to those CDN backend nodes (themselves
fetching/caching directly from us)
The change is scheduled to be implemented on Tuesday March 29th, 8:00 am
UTC time
You can convert to local time with $(date -d '2016-3-29 8:00 UTC')

What will be the impact ?
Starting from that day, httpd will redirect you to another location for
the following type of files : .rpm, .iso .qcow2{.gz,.xz}, .img{.xz}
We tested that yum follows correctly the redirection, so people
consuming packages from those repositories (so testing repo for the SIGs
building pkgs through cbs.centos.org) will not see any impacts, except
maybe an increase in available bandwidth/speed delivery (so the goal we
wanted to reach)

What about people downloading such images ?
- browser (Firefox, Chome, others) : works directly
- wget : it follows the redirection by default, so no impact
- curl : if you use curl without the --location option, it will *not*
follow the redirection so you'll not be able to download the needed file
as before. Verify so your download scripts using curl to implement the
correct options.
- other method : not tested

What about the integrity of the downloaded files ?
- for rpm packages, you'll still get the repodata files from our nodes,
meaning that only the packages will be downloaded from the cdn, and so
metadata for the .rpm packages will have to match what's declared at the
repodata level, ensuring integrity checks.
- for the other images (.iso, .qcow2, etc) you'll be able to
fetch/compare the .sha256 file for each file (or the sha256sum.txt file)
from us, giving you the ability to verify also the integrity of the
downloaded files.

If you encounter an issue, feel free to reach us in #centos-devel.

-- 
Fabian Arrotin
The CentOS Project | http://www.centos.org
gpg key: 56BEC54E | twitter: @arrfab

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20160325/3dc4043f/attachment-0007.sig>