|
 |
5aab14 |
# CentOS Operations guide
|
|
|
5aab14 |
|
|
|
5aab14 |
This section will list some of the operations that we have to automate to deploy/maintain/migrate/decommission services and/or infrastructure components used in the CentOS infra.
|
|
|
e04d19 |
|
|
|
e04d19 |
## Supported Operating Systems in CentOS Infra
|
|
|
e04d19 |
|
|
|
e04d19 |
### CentOS
|
|
|
e04d19 |
|
|
|
e04d19 |
It makes sense to use what we build and distribute and we've always relied on CentOS Linux for our own infrastructure. To deploy it we just use our own mirror.centos.org mirrors pool and internal mirrors.
|
|
|
e04d19 |
|
|
|
e04d19 |
Deployed and maintained versions (in ansible roles and repositories) :
|
|
|
e04d19 |
|
|
|
e04d19 |
* CentOS Linux 7
|
|
|
e04d19 |
* CentOS Stream 8
|
|
|
e04d19 |
|
|
|
e04d19 |
### Red Hat Enterprise Linux
|
|
|
e04d19 |
We also started to deploy RHEL in parallel for some services that will have to stay longer available (starting from CentOS Stream, expected life time is ~5y, versus 10y for RHEL).
|
|
|
e04d19 |
We point to an internal mirror for deployments and also use some TLS certs (subscription) to access Red Hat CDN to get updates (or point also to internal mirror)
|
|
|
e04d19 |
|
|
|
e04d19 |
Deployed and maintained versions (in ansible roles and repositories) :
|
|
|
e04d19 |
|
|
|
e04d19 |
* RHEL 8
|
|
|
f8a015 |
* RHEL 9
|
|
|
e04d19 |
|
|
|
e04d19 |
!!! note
|
|
|
f8a015 |
See internal ansible inventory `group_vars/all` doc/notes/snippet around the `rhel_*` variables about how to use this, not covered in public documentation for obvious reasons
|
|
|
f8a015 |
|
|
|
f8a015 |
#### Refreshing RHEL mirror content for new major.minor releases
|
|
|
f8a015 |
On the deployment mirrors that host installable trees for RHEL deployment (pxe based, through ansible) we need to manually refresh the content when there is a new major.minor release.
|
|
|
f8a015 |
One has just to connect on such mirrors and call (as root), the distributed script `/usr/libexec/centos/pull_rhel_iso`
|
|
|
f8a015 |
|
|
|
f8a015 |
That script needs some parameters so you'll need to connect to https://access.redhat.com with a valid user and then feed needed information to be able to download .iso for each arch/release :
|
|
|
f8a015 |
|
|
|
f8a015 |
```
|
|
|
f8a015 |
/usr/libexec/centos/pull_rhel_iso
|
|
|
f8a015 |
|
|
|
f8a015 |
This script will let you create installable tree for RHEL deployments
|
|
|
f8a015 |
You'll need first to login to access.redhat.com to retrieve temporary download links for iso images
|
|
|
f8a015 |
You need to call the script like this : /usr/libexec/centos/pull_rhel_iso -arguments
|
|
|
f8a015 |
|
|
|
f8a015 |
-i : full path to iso image (required, default:none, don't forget to quote it)
|
|
|
f8a015 |
-v : RHEL version (required , default:none, example "8.5")
|
|
|
f8a015 |
-a : RHEL architecture for .iso
|
|
|
f8a015 |
-c : iso checksum from access.redhat.com for .iso (required , default:none, )
|
|
|
f8a015 |
-h : display this help
|
|
|
f8a015 |
|
|
|
f8a015 |
```
|
|
|
f8a015 |
#### Keeping internal mirror up2date for RHEL
|
|
|
f8a015 |
In the centos infra, we can either use internal mirror (to speed up updates accross internal fleet) or just use the classical Red Hat CDN. It's all defined through ansible (see note before about group_vars/host_vars)
|
|
|
f8a015 |
The internal mirrors have distributed script/template that would fetch/reposync repositories for all used versions/releases/architectures
|
|
|
f8a015 |
|