I always meant to get my head around Ansible (or Chef, or Puppet) for my
VPS based on recommendations on this very list. Sadly I have not yet got
round to it, and I suddenly find I have a need for something of this ilk
at work.
My use case is a single Linux instance, on-prem. (No fleet, no cloud, no
VMs or containers planned.) It's to provide internal services for an
office network: DHCP, DDNS, maybe NAS, maybe print accounting, maybe
firewall/router/IDS, maybe apt cache or other proxies.
I think what I want is infrastructure-as-code:
* Config files (/etc) under revision control with convenient automated
backup
* All superuser actions are fully logged and replayable (fire drill:
complete reimage from scratch)
* Nobody gets direct sudo access, but I can give out admin access via
the config management tool.
I've had root shells for about 25 years now but I'm new to thinking
deeply about IaC. I would be grateful for feedback:
- is what I think I want reasonable and achievable? (what are the gotchas?)
- am I on the right track by looking at Ansible/Chef/Puppet and do any
of them particularly suit my use case? Are the paid-for versions worth
paying for?
- is there a useful noobs guide?
Thanks
Ross
Hello,
As you may or may not be aware, CentOS 8's EOL is 31 December 2021,
i.e. just over 2 months from now. After that date, Red Hat expects
CentOS 8 users to switch to CentOS 8 Stream or to a Red Hat
Enterprise Linux product.
At the moment BitFolk supports the self-install of CentOS 8 and that
is going to be in-place upgradeable to CentOS 8 Stream. And that's
it. That is the current extent of your choices for RHEL-like.
If you're a current CentOS 8 user what do you think you're going to
want to be using after it goes EOL?
It seems likely that there will be demand for CentOS 8 Stream and
later Stream releases, so we'll continue supporting those as best
we can¹.
RHEL itself is now free for use on up to 16 production systems, as
long as you sign up with Red Hat for an Individual Developer
subscription:
https://www.redhat.com/en/blog/new-year-new-red-hat-enterprise-linux-progra…https://developers.redhat.com/rhel8
We don't currently support the install of that, but if people want
it then we would. You install it like CentOS and then have to put in
your subscription details once it's booted. The same change of
installer and kernel would be necessary since it sees unlikely that
Red Hat are going to back down from disabling everything except KVM.
That does mean that you may not be able to get Red Hat to provide
you with any support ("come back when it's booted using our
kernel").
As far as CentOS replacement projects go, Rocky Linux and
Alma Linux have come to my attention. They aren't currently
supported but could be. They don't intend to drift much from RHEL's
settings so they will also require alternate installers and kernels.
Oracle Linux's installer and kernel continues to support Xen, it is
free for use (charges for support) and otherwise aims to be
binary-compatible with RHEL, like CentOS did. I get a little bit
sick in my own mouth at the idea of working with Oracle, but if
there's paying customers who don't then we will enable that.
So what do you CentOS users want to do?
Cheers,
Andy
¹ Red Hat goes out of their way to disable other virtualisation
methods than their own product, KVM. This means that you can't
currently install or run CentOS/RHEL 8 or later under Xen using
their packaged installer or kernel. It is only possible using the
third party kernel-ml package. Red Hat are the only major Linux
vendor to take this stance and as such we can't promise to always
be able to go against their intentions.
https://strugglers.net/~andy/blog/2021/02/03/booting-the-centosrhel-install…
--
https://bitfolk.com/ -- No-nonsense VPS hosting
