LCFG Annual Review 2016

On Thursday 1st December 2016 instead of our normal monthly Deployers Meeting we will be holding our traditional Annual Review session. This will start at 2pm and we aim to be finished by 5pm. It will be held in room 1.07 of the George Square Library (note that this is NOT the usual room).

All users of LCFG are encouraged to attend this meeting to hear about what has been happening over the last year and what developments they can look forwards to in the next year. This is also an excellent opportunity to raise issues that are important to you, put forward ideas for future developments you would like to see and chat about all things LCFG!

As is traditional the meeting will be followed by a social event and we will go for dinner somewhere. Even if you cannot attend the meeting in the afternoon you are very welcome to join us for the social event in the evening.

If you have any topics you are particularly keen to have discussed then please edit this page and add them to the General Discussion section below with a brief summary.

Upstream Report

Compiler

Various new features have been added to the LCFG compiler this year.

  • Support for mIFNULL and mIFNULLQ mutators.
  • ACL template support which controls how the .htpasswd file is generated for each host. This is controlled using the server.acltemplate resource which defaults to apache_legacy.tt for SL6 servers and apache.tt otherwise. This also allows sites to create completely different local configs. Also tightened up the file system access permissions.
  • The ΒΆ (pilcrow) character is now replaced with a newline in resource values to make it easier to generate multi-line data for any component.

Component Changes

There has been a lot of work to add support for SL7 and, in particular, to improve how the components behave in the world of Systemd. Here are a few of the highlights:

apacheconf
Updated to support apache 2.4, also many improvements as proposed at the 2015 Annual Meeting. We now have some documentation: ApacheConf and ApacheConfModules.
autofs
Now co-operates with systemd
cosign
New support for apache 2.4
dns
New 'configureserver' type which co-operates with systemd.
fstab
Support for encrypted partitions
inifile
Now fully sub-classable (e.g. by sssd and sysconfig components)
lvm
SL7 support
multipath
SL7 support
mock
Improved support for Fedora and Centos chroots including the centos 7 i686 alternate arch.
ngeneric
New try_restart method which will restart a component which is already started but otherwise is a no-op. Ideal when one component needs to restart another.
rpmaccel (squid)
Overhauled to support SL7 and squid 3.3
sysconfig
Reworked to be an inifile sub-class

SL6

We are currently putting a lot of effort into upgrading all our machines to SL7. As the number of SL6 machines in Informatics dwindles so does the level of support we are able to provide for this platform. As of 24th November we have slightly over 300 machines still running on SL6, they are nearly all servers so although we are still doing weekly testing for desktop style profiles there is a chance that problems which only affect those machines may not be spotted. Depending on progress it's possible that we will drop support for SL6 as early as Easter 2017. Unless a major issue crops up with LCFG support for SL6 we are unlikely to be doing much in the way of further development work for this platform.

The platform was updated to SL6.8 in August. We do not intend to do any further minor updates for this platform.

SL7

This is our primary platform, in Informatics there are currently slightly over 900 machines running on SL7. Looking ahead, this will continue to be our desktop platform for the academic year 2017/2018. We have now ported the majority of our services to SL7 and we expect our servers to be running on this platform for quite a while.

There was a certain amount of upheaval related to a belated decision to switch to the "modern" network interface naming style, see ConsistentNamingSchemeByModel for full details.

The platform was updated to SL7.2 in the first half of 2017. RHEL7.3 was released in November and we expect SL7.3 within the next month or so. Hopefully this will fix support for Intel Skylake based systems (e.g. the HP EliteDesk 800 G2).

RHEL8

Looking at the dates for previous Redhat releases it looks likely that RHEL8 (at least the beta) will arrive in the first half of 2017.

RHEL 4 GA 2005-02-15
RHEL 5.0 2007-03-15
RHEL 6.0 2010-11-09
RHEL 7.0 Beta 2013-12-11
RHEL 7.0 GA 2014-06-09
RHEL 8.0 beta ?? Spring 2017 ??

We hope to begin investigating LCFG support for EL8 as soon as the beta is available, hopefully the scale of the changes between 7 and 8 will be an order of magnitude smaller than that between 6 and 7...

There is considerable uncertainty about the future of the Scientific Linux project. At the SL7 stage CERN dropped out of the project leaving only Fermilab, could we see them deciding to merge with Centos? Or become a Centos SIG? We will have to consider the possibility of being forced to switch to Centos. This could lead to some major changes in the way we manage our support for the platform. In particular, unlike SL the Centos project does NOT provide security support for earlier minor releases

Given the huge effort required to upgrade all of our servers we might focus on desktops for this release.

General Discussion

  • Future platform support
  • Support for the latest hardware, UEFI
  • What small improvements would you love to see?

-- Main.squinney - 2016-10-07

Edit | Attach | Print version | History: r10 | r7 < r6 < r5 < r4 | Backlinks | Raw View | More topic actions...
Topic revision: r5 - 2016-11-24 - squinney
 
  • Edit
  • Attach
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback