[CentOS-virt] Package lists for Cloud images

Wed Oct 3 23:17:55 UTC 2012
Nico Kadel-Garcia <nkadel at gmail.com>

On Wed, Oct 3, 2012 at 12:29 PM, Karanbir Singh <mail-lists at karan.org> wrote:
> hi Guys,
> As we get ready to start publishing Cloud Images ( or rather images
> consumable in various virt platforms, including public and private
> clouds ) - it would be great to have a baseline package manifest worked
> out.
> What / how many images should we build. At this time we were thinking of
> doing :
> - CentOS-5 32bit minimal
> - CentOS-6 32bit minimal
> - CentOS-5 64bit minimal
> - CentOS-6 64bit minimal
> - CentOS-5 64bit LAMP
> - CentOS-6 64bit LAMP

Funny you should ask!! I'm on an open source project that does
precisely this. It depends heavily on whether you're using standard
packages from CentOS itself, or whether you use Perl modules, Nagios,
NRPE, or other tools such as git or puppet that are not in the bae
upstream packages from the upstream vendor.

So a base LAMP install for me would absolutely contain epel-release,
installed by hook or by crook, and the rpmforge-release package with
/etc/yum.repos.d/rpmforge.repo disabled by default. It would also
include postfix, rather than sendmail, for ease of management, and
would include emacs and xorg-x11-xauth to allow X based Emacs
sessions, which are often more useful than pure screen sessions, and
I'd actually consider installing firefox in order to be able to run a
remote web browser and see what shows up on the server itself. That's
incredibly useful when people are doing.... odd things to firewalls
and you want to make sure it's actually displaying content.

"curl" as well as wget is very useful. So is "lynx", for text based
web checking, and the tools for whatever source control you feel
useful, especially including the 'rcs' package for local file
management. (That was invaluable today, as I was manipulating
/etc/sysconfig/network-scripts files for funky network setups.)

> What would be the minimal functional requirements people would expect
> from these images ? and what rpms should be installed ? Should root
> login be enabled or should we require people to go in via a 'centos'
> user. Should the image be self-updating, or should we have a post-login
> message that indicates outstanding updates ?

Root should be disabled, if feasible. I'm afraid that many sites don't
handle such passwords well. Local user management can be awkward. Ask
sometime about Kerberos authentication and local account management,
I've got a lot of recent experience with these and Centrify's AD based
account management.

The Nagios "check-updates" plugin is priceless for notifying a central
NOC of required updates: rather than self updating.

Post install scripting, or system management, to set the 'root' alias
is critical. Again, ask about that if curious: handling Postfix based
smarthost setups, but making sure cron jobs for 'root' go to the right
external email address, is a bit of an advenure.

> --
> Karanbir Singh
> +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
> ICQ: 2522219    | Yahoo IM: z00dax      | Gtalk: z00dax
> GnuPG Key : http://www.karan.org/publickey.asc
> _______________________________________________
> CentOS-virt mailing list
> CentOS-virt at centos.org
> http://lists.centos.org/mailman/listinfo/centos-virt