State Of CentOS 8

Home » CentOS » State Of CentOS 8
CentOS 17 Comments

Hi,

I have been a happy user of CentOS 7 in the past. I am now considering switching to CentOS 8.

However, since end of Oct. 2019, I have not received any updates on my CentOS 8 test installations. Since then, RHEL 8 has published several critical security updates.

Obviously, this make the use of CentOS 8 in production dangerous.

I guess the missing updates have to to with RHEL version 8.1, which is not yet available for CentOS.

Basically, I would like to ask how the CentOS team sees the state of CentOS 8. Is the current version only intended for testing/evaluation?
When does the CentOS team consider CentOS ready for production use? Is there any public documentation on this matter?

Thank you, best wishes and happy holidays,

Michael

17 thoughts on - State Of CentOS 8

  • This misses the point of where are the intermediate updates to 8.0 ? or can we only get point releases with no updates in between?

  • 8.0 has to be updated to 8.1 to get any future updates. apparently 8.1
    came out in early November before CentOS was able to get the update pipeline moving, so incremental updates will resume after 8.1 is released, which should be pretty soon now based on the schedule on that 8.x page above.

  • And thanks for all hard work from us, users!

    Valeri

    ++++++++++++++++++++++++++++++++++++++++
    Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247
    ++++++++++++++++++++++++++++++++++++++++

  • Le 23/12/2019 à 02:07, Leon Fauster via CentOS a écrit :

    While we’re all aware that there will always be a gap between RHEL and CentOS, I guess what motivated the author’s post initially (who by the way is an acclaimed Linux author and I can only speak very highly of his competence) is the fact that a two-month lag for important security updates is more than just a gap.

    It seems like it boils down to: have these been ported to the Continuous Release repository?

    Cheers,

    Niki


    Microlinux – Solutions informatiques durables
    7, place de l’église – 30730 Montpezat Site : https://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32
    Mob. : 06 51 80 12 12

  • No. 8-stream is where packages will (eventually) be available to test software that’ll be part of the next point release of RHEL. So, for example, before RHEL 8.1 was released, 8-stream had kernel packages with a version-release close to what was eventually released in RHEL 8.1, and eventually into CentOS 8.1.xxxx.


    Jonathan Billings

  • Le 23/12/2019 à 23:01, Jonathan Billings a écrit :

    In short and to sum it up, CentOS 8 in its current state has some unpatched vulnerabilities. They have been adressed in RHEL since October, but not in CentOS.

    It’s fair to say this raises a few eyebrows among concerned CentOS users.

    Cheers,

    Niki


    Microlinux – Solutions informatiques durables
    7, place de l’église – 30730 Montpezat Site : https://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32
    Mob. : 06 51 80 12 12

  • I don’t know whether the below steps are permitted. but, you can install RHEL 8.1 Developer Edition on a VM. Download the SRPM for your package. Then rebuild on the CentOS machine and install the RPM. This is just for the important fixes like security.

    thanks


    Thomas Stephen Lee

  • Le 24/12/2019 à 08:03, Thomas Stephen Lee a écrit :

    That’s missing the point.

    While it’s perfectly understandable that there’s always a certain lag between upstream RHEL and CentOS, seven weeks without security updates is a serious showstopper for production use.

    There’s a difference between “use upstream Red Hat if you badly need those critical updates” and “don’t use CentOS on your production servers”.

    Cheers & merry Christmas from blocked Paris on strike

    :o)

    Niki


    Microlinux – Solutions informatiques durables
    7, place de l’église – 30730 Montpezat Site : https://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32
    Mob. : 06 51 80 12 12

  • on the other hand, 99% of those security updates are things that probably don’t affect most CentOS deployments.

  • Il 24-12-2019 11:30 John Pierce ha scritto:

    It does not only affect security, but also *functional* updates.

    For an example of a quite important, but not fixed bug in current CentOS
    8: https://bugzilla.redhat.com/show_bug.cgi?id80481
    Long story short: currently, CentOS 8 is not usable as webmail server with classical httpd+prefork+mod_php (due to httpd crashing loop).

    Looking forward for CentOS 8.1!
    Thanks.

  • Am 24.12.19 um 11:30 schrieb John Pierce:

    BTW, also RH has a gap to the individual upstream projects. So, define the requirements and make a choice …

  • Am 24.12.19 um 16:06 schrieb Gionatan Danti:

    The default and for performance and less mem resources reasons is mpm_event handler and php via fpm … did you tried?