Discussion of Fedora Server use-cases
Jim Perrin
jperrin at centos.org
Tue Oct 29 01:30:00 UTC 2013
On 10/28/2013 05:55 PM, Michael R. Davis wrote:
>>> - /etc/fstab.d/ capability
>> Could you provide an example of why this might be useful? Do you
>> programmatically change mount points enough for this?
>
> I have applications that need mounts points. I need to deploy to every server. I'd like to do this in RPM easily not in chef or puppet or augtool.
>
There's a compelling case for this, but I don't think you've made it.
>>> - Moving /etc/yum.repos.d/*.repo files from fedora-release to an
>>> independent package that can optionally not be installed in the
>>> kickstart. THIS IS A BIG SECURITY PET PEEVE OF MINE.
>> Could you elaborate a bit on this one as well please?
>
> My IT guys will do a yum update before they remove the default repo files an we'll get Internet installed RPMs on our systems. Which is a no-no for us. We are required to only use the local repo which may be behind the latest on the net but that's what's been tested with the apps.
>
This is a local case, and just makes the case for proper config
management via the tools you seem to want to use. I don't see how this
provides a benefit to other users.
>>> We really need to fix the Oracle instant client mess.
>> I've not found oracle overly willing to help in most aspects. In most
>> cases they've been condescending and arrogant.
>
> We still need to do the best we can to make it easy.
>
> These are the RPMs that we have build. I think most are home grown but there is no need for every company to repeat this mess.
>
> apr-util-oracle
> oracle-instantclient11.2-httpd
> oracle-instantclient11.2-wrapper
> oracle-instantclient11.2-bashrc
> oracle-instantclient11.2-ldconfig
As you pointed out, there is a licensing issue here that needs to be
addressed.
>>> Bottom line I think Fedora should provide the running building block or
>>> even full running applications like TurnKey Linux with a nice default
>>> configuration. e.g. I need a running webserver "yum install httpd-on".
>>> I need a running database "yum install postgresql-server-on".
>
>> Would there be an equivalent -off for folks who wish to manually tinker
>> prior to enabling?
>
> yum erase httpd-on; turns it off it's just a wrapper package...
>
> but yum install httpd; service httpd start; would still work.
>
>> I'm not convinced that yum should be in the business of
>> enabling/disabling services like this.
>
> "yum" would not be. The spec "post" would actually "do" it.
I don't agree with this approach. This is clearly within the domain of
config management tools and would break the traditional approach for no
perceptible gain. With this approach, a user could have your httpd-on
package installed, and 'chkconfig httpd off'. This would create
confusion and a support issue. I would prefer to leave this in the
capable hands of puppet/ansible/cfengine/chef/bcfg2/salt etc.
> I think if we raise the bar we can start building mansions and the end application only need to build a room. If we raise the bar far enough there's no stopping us.
wat?
--
Jim Perrin
The CentOS Project | http://www.centos.org
twitter: @BitIntegrity | GPG Key: FA09AD77
More information about the server
mailing list