[CentOS-devel] Balancing the needs around the RHEL platform

Tue Dec 29 07:33:34 UTC 2020
Simon Matter <simon.matter at invoca.ch>

> On 2020/12/29 8:32, Lamar Owen wrote:
>> Will Stream cut it for me?  One issue that keeps getting glossed over is
>> that
>> many drivers that are already in-kernel, not 3rd party, but disabled by
>> Red Hat,
>> still have users who need them.
>
> Yes, that's a problem for me. I mentioned it at
> https://lists.centos.org/pipermail/centos-devel/2020-December/075631.html
> .
> I have an LSM module named TOMOYO which is in-kernel since Linux 2.6.30 .
> Since Fedora cannot afford enabling LSM modules other than SELinux
> ( https://bugzilla.redhat.com/show_bug.cgi?id=542986 ), unlike other Linux
> distributions, TOMOYO is enabled in CentOS Plus kernels, which is
> difficult for
> RHEL users because CentOS Plus kernels are completely unsupported by RH.
>
>>                                  ELrepo and others have provided support
>> at the
>> "point release" milestones for these "unsupported" drivers; it really
>> looks like
>> Stream will break this hard.
>
> Any chance that RH moves from "RH is responsible for supporting all code
> RH is
> shipping" to "RH ships as much code as possible (basically any GPL code),
> but
> RH supports only some portion of shipped code" ?
>
>>
>> For instance, I need megaraid_sas for my servers; that's not a 3rd party
>> binary
>> driver, but is already in-kernel; it is intentionally not built by Red
>> Hat.
>> ELrepo rebuilds this AND most importantly provides a working driver disk
>> for
>> installs; I just don't see Red Hat providing these drivers, even in a
>> SIG, for
>> hardware they have already decided is "unsupported "; but I always
>> reserve the
>> right to be wrong.
>
> Who are the intended audience of RHEL/CentOS Linux/CentOS Stream ?
>
> While some people mention absence of security fixes in CentOS Linux upon
> RHEL minor release,
> it is common that RHEL servers with uptime of over 1 year (i.e. no kernel
> updates).
> There are servers using kernels as of e.g. RHEL 7.3 or so. That is, while
> RHEL is
> providing security fixes quickly, not all users are applying security
> fixes so quickly.
>
> Since I'm a Linux kernel developer, I don't know about trends of
> userspace.
> But let me try to think about characteristics of several distributions.
>
> Gentoo is targeting for providing newest possible versions. But since
> Gentoo is a
> distribution which asks users to "compile", Gentoo is difficult for
> administrators
> who are not developers.
>
> Ubuntu is targeting for easy to use, with reasonably newest versions.
> Since the design
> of Ubuntu is fundamentally different (e.g. setting root password is not
> mandatory,
> multiple Linux Security Modules are available compared to SELinux-only),
> CentOS Stream
> won't be able to behave like Ubuntu due to constraint between Fedora and
> RHEL.
>
> Default gcc provided in CentOS 7 became too old to compile Linux kernels.
> Many projects which follow the trend want latest version of compilers.
> Wouldn't developers who want latest versions already using Fedora/Ubuntu ?
>
> After all, isn't RHEL/CentOS a distribution for providing reasonably
> oldest versions,
> with plenty of documents and knowledge prepared for circumspect users?
>
> The idea of moving CentOS Linux to CentOS Stream might be just a
> "The grass is always greener on the other side of fence." thing...

For me the characteristics of RedHat EL/CentOS have always been:
* It's stable, and stable for 10 years minus the first ~1-2.
* It's old and outdated, nothing to make developers happy.
* It provides a quite limited package set with high stability and quality.
A lot of interesting stuff (things like Tomcat) have to be installed from
elsewhere without stability and high quality or easy management.
* It has a lot of competitors but the long support is unique.
* As an admin, if you have a lot developers around you, you ALWAYS have to
defend the usage of RHEL/CentOS because ALMOST EVERY developer would like
to use something else.

Now for CentOS, reduce the long support to 5 years and slightly reduce on
the overall stability. What do you get? How do you sell it to your
customers/users who wanted something else anyway? How do you defend your
decision for RHEL/CentOS? Difficult times for all of us in this situation!

Simon