Difference: AnnualReview2019 (2 vs. 3)

Revision 32019-12-03 - squinney

Line: 1 to 1
 

LCFG Annual Review 2019

On Friday 6th December 2018 instead of our normal monthly Deployers Meeting we will be holding our traditional Annual Review session. This will start at 2pm and we aim to be finished by 5pm. This year it will be held in room 7.14 of the Appleton Tower. Refreshments will be provided including some seasonal treats.

Line: 16 to 16
 

Profile Security

Changed:
<
<
  • LCFG server : file permissions tweaked on resources which are copied via rsync
>
>
  • LCFG server - file permissions tweaked on resources which are copied via rsync
  • LCFG client - rdxprof now controlled via systemd, component rewritten into Perl
 
  • Improved support for fetching profiles using https
  • GSSAPI authentication support for client profile fetching
Line: 26 to 27
 
Header improvements
Any resources which relate to file paths in the lcfg headers have been updated to use macros or references to sysinfo resources so that they are platform-independent.
LCFG client
can now read and write a YAML packages list.
Directory layout
Altered to be closer to FHS guidelines
Changed:
<
<
apt component and apteryx
New support for the apt package manager.
>
>
apt component and apteryx
New support for the apt package manager.
Package repository management
reprepro and dput
 
pkgforge
Working on support for building packages using pbuilder
Components
Current status - UbuntuComponents
Changed:
<
<

Component Changes

>
>
Still need:

  • installer
  • network component replacement
  • fstab component replacement

Major Changes

 

ngeneric

Changed:
<
<
  • Rewrite of locking code
  • ng_umask resource
  • ng_tmpldir resource
  • ng_service resource
>
>
  • Rewrite of locking code - Less likely to leave stale lock files when an error occurs
  • NEW ng_umask resource - Can be used to improve default security of files generated by components. Currently optional, could we set a very secure default in the future?
  • NEW ng_tmpldir resource - No longer need to give full paths to templates if they are stored in the standard locations.
  • NEW ng_service resource - Can be used to specify the systemd service name (e.g. ssh v sshd depending on platform).

Build Tools

  • NEW Support for the GIT version control system - thanks to Kenny MacDonald and Justin Kasin.
 

updaterpms

Changed:
<
<
  • https support
>
>
  • NEW https support - thanks to Kenny MacDonald
 

pxeserver / pxeclient

Line: 49 to 61
 

x509

Changed:
<
<
  • NEW: Let's Encrypt support
>
>
  • Let's Encrypt support improvements
 

hardware

Changed:
<
<
  • NEW: Configures systemd to load kernel modules at boot time
>
>
  • NEW Configures systemd to load kernel modules at boot time
 

kernel

Changed:
<
<
  • NEW: Configures which kernel modules should be included in the initramfs
>
>
  • NEW Configures which kernel modules should be included in the initramfs
 

fstab

Changed:
<
<
  • FIXED: Resolved issue where the installer had be to run twice for the partitioning to work correctly
>
>
  • UPDATED Resolved issue where the installer had to be run twice for the partitioning to work correctly

apacheconf

  • UPDATED Warn rather than Error for issues related to inactive vhosts/modules
 

Platforms

EL7

  • Platform was upgraded to SL7.6
Changed:
<
<
  • We expect the next update to be SL7.8, we will aim to roll this out at the start of June but will, hopefully, make it available sometime in early Spring.

Future Developments

>
>
  • We expect the next update to be SL7.8. We will aim to roll this out to Informatics machines at the start of June 2020 but will, hopefully, make it available for all LCFG users sometime in early Spring.
 

General Discussion

 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback