Yeah, that can be made to work, but it is a whole bunch of extra "stuff" to have to maintain, and a change in process.
We just associate the live repo directly to the systems with SUSE, openSUSE, and OEL/CentOS prior to 8.x. Syncs happen overnight, and in the morning, new patches show up ready to be applied to relevant systems. We don't do any formal validation of patches/baseline for patches. I go to patches/relevant patches/security, and apply the ones that don't require a reboot and/or break something without manual intervention. It has worked for years this way. Requiring something special to work around newer versions of CentOS/OEL is just extra steps. It doesn't affect us that much, since we don't have that many of them, but I want the same functionality with those as we have with SUSE and CentOS/OEL 7 (associate the managed system with the live repo, and push patches from the web ui). I believe that is the same thing Simon was also wanting.
--
Allen Beddingfield
Systems Engineer
Office of Information Technology
The University of Alabama
Office 205-348-2251
allen@ua.edu
________________________________________
From: Michael Calmer
When you refer to the "Content Lifecycle Management Process", I assume you mean cloning repos from a particular day, making changes, and associating those with the managed server, instead of the live once that is being synced? That is a whole other process that has to be implemented, just to work around this. Luckily, we only have a small handful of non SUSE or openSUSE systems to deal with this problem on, but having to clone and maintain repos for them is not really feasible. I can't imagine it being an option for someone with hundreds of CentOS 8 systems, who isn't doing this with current systems.
-- Allen Beddingfield Systems Engineer Office of Information Technology The University of Alabama Office 205-348-2251 allen@ua.edu
________________________________________ From: cbbayburt
Sent: Thursday, June 10, 2021 8:35 AM To: users@lists.uyuni-project.org Subject: [EXTERNAL] Re: Centos 8 module updates - how are people dealing with this? Hi Simon,
On 2021-06-09 14:49, Simon Avery wrote:
Hello,
The recent Centos 8.4 release appears to have triggered more issues for us, and made me review how we manage our Centos 8 clients. We plan to move to Rocky soon but the same issue will persist there.
Currently: Uyuni syncs Centos repos. My workaround so far has been to run "dnf -y update" on a schedule to each client instead of patching from within Uyuni as we do with Centos7. This pulls packages from the Uyuni mirror and has largely worked okay, but not any longer - lots of module related issues on all C8 clients since I updated the repos to 8.4. I'm not clear exactly why this has triggered this problem re-appearing, but it has. My understanding of this is that Uyuni doesn't update the module metadata when it populates its repositories, so the clients can't see this and fail.
We as Uyuni team recommend consuming AppStream repositories through the Content Lifecycle Management process so that you can benefit from all the features that SUMA UI provides. However, I understand that the method you described above can be preferred for smaller environments as it is more agile and direct. For that reason, we'd like to keep this as a valid option for those who prefer this approach. Basically, I'd like to see this working in the upcoming updates of any modular repository as well. So, please feel free to open an issue on GitHub, describing the actual problem you're having in detail, and we can work towards fixing it.
I've read about the Uyuni method of using the Content Lifecycle and have trialled this. This does work, but we don' t particularly want to be manually doing this for each Centos update or patch cycle. We're not big enough to warrant a corporate approval cycle for Centos, so updates are directly applied to our servers. (This has resulted in relatively few issues)
The only other method I can think of is to change the clients to having local .repo files and pull updates directly from the Centos mirror. This obviously negates some of the benefits Uyuni brings to package management, but would work reliably.
So I'm wondering - how are the other Centos/Alma/Oracle/Rocky 8 users of Uyuni applying updates, and how have you overcome the module problems?
Simon Avery Linux Systems Administrator
Cheers, Can -- -- Can Bulut Bayburt
Software Developer, SUSE Manager, R&D SUSE Software Solutions Germany GmbH Maxfeldstr. 5 90409 Nuremberg Germany
-- Regards Michael Calmer -------------------------------------------------------------------------- Michael Calmer SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, D-90409 Nuernberg T: +49 (0) 911 74053 0 F: +49 (0) 911 74053575 - e-mail: Michael.Calmer@suse.com -------------------------------------------------------------------------- SUSE Software Solutions Germany GmbH, GF: Felix Imendörffer (HRB 36809, AG Nürnberg)