Re: [CentOS] Sendmail is considered deprecated
On 01/04/17 10:40, Kenneth Porter wrote: > What makes Postfix superior in fighting spam? One major feature that comes to mind is postscreen: http://www.postfix.org/POSTSCREEN_README.html http://www.postfix.org/postscreen.8.html > How do I integrate MIMEDefang, SpamAssassin, and ClamAV with Postfix? There are many guides online that tell you how to do this. > Are there migration guides for moving one's Sendmail anti-spam and AV > configurations to Postfix? Let me google that for you: http://lmgtfy.com/?q=sendmail+to+postfix Peter ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail is considered deprecated
On 01/04/17 09:57, Xinhuan Zheng wrote: > Today I searched redhat official portal and learned that Sendmail is > considered deprecated. By default, CentOS 7 will use postfix as MTA. It is considered "deprecated" as you say, but that does not mean they no longer support it. You can use Sendmail in CentOS 7 just fine and it is relatively easy to switch (complexities of proper Sendmail configuration not withstanding). I think in this case they simply mean that Sendmail is not the default, but that does not mean it is not supported in any way. > I need good advise on what it means to us. We are CentOS customers. > We use that operating system for quite a few years. We rely on > Sendmail for years for us to relay large quantity of emails to our > customers for marketing purpose. Admittedly this sounds like SPAM, but not all mass marketing mail is SPAM and it can be done in a way which is not. I'll give you the benefit of the doubt for now. > We build our additional fallback > servers as well for fallback relays. We build our customized > configuration for Sendmail too. I really need help to figure out if > we can continue using Sendmail (even deprecated) for future long term > and what implication would be doing so. Thanks, I would say that Sendmail will likely continue to be supported at least through the lifespan of RHEL7, I cannot speak as to whether it will be supported in RHEL8 or not, but if you want to continue using Sendmail and you feel comfortable using it, then by all means use it. That said, I would encourage you to have a look at Postfix, you can do pretty much everything you do in Sendmail in Postfix and more and the configuration is easier to manage. Postscreen is one of the newer postfix features that you won't find in Sendmail and you may find that alone is worth the switch. Peter ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail is considered deprecated
On 03/31/2017 02:57 PM, Valeri Galtsev wrote: On Fri, March 31, 2017 4:46 pm, Alice Wonder wrote: On 03/31/2017 02:40 PM, Kenneth Porter wrote: On 3/31/2017 2:15 PM, Valeri Galtsev wrote: Well, it sounds like you are one of the companies with whose effort I have to fight constantly in my own effort to protect our users from spam... What makes Postfix superior in fighting spam? I actually made two independent statements: 1. That I use postfix forever (postfix was written by Wietse Venema with security in mind). 2. That the company the OP works for judging from my reading of OP's post makes money by facilitating the creation of spam (by their customers). By no means I meant to say posfix is superior to sendmail in fighting spam. Neither of them is designed for fighting spam, each of them is merely MTA. Postfix, however, having human readable configs with rather logical logics makes it easier (for me) to administer, therefore easier (for me again) to integrate with anti-spam components (amavisd, spamassassin, clamav - the last to scan for viruses - or rather virii I should say as that is plural of latin word ;-) Just my $0.02. Valeri That's pretty much why I started using postfix, I don't remember when but I believe it was with Red Hat 7 (pre Fedora days). It was much easier for me to configure postfix on a web application server and have it send encrypted to their MX then it was to configure sendmail. It was possible with sendmail but I wasted hours trying to get sendmail configured, first time with postfix was cake. Now I use it because of the support for opportunistic DANE (I run an updated version, built from CentOS src.rpm but with version bump) so that when the receiving MX has DNSSEC with a TLSA record on port 25, I know the message is either delivered to that MX encrypted or not at all. The attack that strips the STARTTLS causing plain text won't work when the receiving MX is configured with DANE. Right now comcast is the only major ISP in the united states that has MX servers configured with DANE, but several small ones do as well, and several in Europe are as well (especially .nl and .de mail servers) I don't know if sendmail has been updated to support DANE yet or not, but last time I looked, it did not. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail is considered deprecated
On 3/31/2017 2:46 PM, Alice Wonder wrote: I don't know about MIMEDefang but SpamAssassin and ClamAV are pretty straight forward. There are guides for both with Postfix all over the net. MIMEDefang I have not heard of, but unless it does something really funky I suspect it also is easy to set up with Postfix. From the MIMEDefang website: MIMEDefang is an e-mail filtering tool that works with the Sendmail "Milter" library. MIMEDefang lets you express your filtering policies in Perl rather than C, making it quick and easy to filter or manipulate your mail. It will detect a SpamAssassin and ClamAV installation and invoke it site-wide, rejecting virii and extreme spam before it gets to the delivery agent (eg. procmail), quarantining it for administrative review and sending a quarantine notification to the recipient. http://mimedefang.org/ Reading around, it looks like Postfix supports milters and people have gotten MD working with it. --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail is considered deprecated
On Fri, March 31, 2017 4:46 pm, Alice Wonder wrote: > On 03/31/2017 02:40 PM, Kenneth Porter wrote: >> On 3/31/2017 2:15 PM, Valeri Galtsev wrote: >>> Well, it sounds like you are one of the companies with whose effort I >>> have >>> to fight constantly in my own effort to protect our users from spam... >> >> What makes Postfix superior in fighting spam? I actually made two independent statements: 1. That I use postfix forever (postfix was written by Wietse Venema with security in mind). 2. That the company the OP works for judging from my reading of OP's post makes money by facilitating the creation of spam (by their customers). By no means I meant to say posfix is superior to sendmail in fighting spam. Neither of them is designed for fighting spam, each of them is merely MTA. Postfix, however, having human readable configs with rather logical logics makes it easier (for me) to administer, therefore easier (for me again) to integrate with anti-spam components (amavisd, spamassassin, clamav - the last to scan for viruses - or rather virii I should say as that is plural of latin word ;-) Just my $0.02. Valeri >> >> How do I integrate MIMEDefang, SpamAssassin, and ClamAV with Postfix? >> Are there migration guides for moving one's Sendmail anti-spam and AV >> configurations to Postfix? >> >> >> --- >> This email has been checked for viruses by Avast antivirus software. >> https://www.avast.com/antivirus >> >> ___ >> CentOS mailing list >> CentOS@centos.org >> https://lists.centos.org/mailman/listinfo/centos > > I don't know about MIMEDefang but SpamAssassin and ClamAV are pretty > straight forward. There are guides for both with Postfix all over the net. > > MIMEDefang I have not heard of, but unless it does something really > funky I suspect it also is easy to set up with Postfix. > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail is considered deprecated
On 03/31/2017 02:40 PM, Kenneth Porter wrote: On 3/31/2017 2:15 PM, Valeri Galtsev wrote: Well, it sounds like you are one of the companies with whose effort I have to fight constantly in my own effort to protect our users from spam... What makes Postfix superior in fighting spam? How do I integrate MIMEDefang, SpamAssassin, and ClamAV with Postfix? Are there migration guides for moving one's Sendmail anti-spam and AV configurations to Postfix? --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos I don't know about MIMEDefang but SpamAssassin and ClamAV are pretty straight forward. There are guides for both with Postfix all over the net. MIMEDefang I have not heard of, but unless it does something really funky I suspect it also is easy to set up with Postfix. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail is considered deprecated
On 3/31/2017 2:15 PM, Valeri Galtsev wrote: Well, it sounds like you are one of the companies with whose effort I have to fight constantly in my own effort to protect our users from spam... What makes Postfix superior in fighting spam? How do I integrate MIMEDefang, SpamAssassin, and ClamAV with Postfix? Are there migration guides for moving one's Sendmail anti-spam and AV configurations to Postfix? --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail is considered deprecated
On 03/31/2017 01:57 PM, Xinhuan Zheng wrote: Hello, Today I searched redhat official portal and learned that Sendmail is considered deprecated. By default, CentOS 7 will use postfix as MTA. I need good advise on what it means to us. We are CentOS customers. We use that operating system for quite a few years. We rely on Sendmail for years for us to relay large quantity of emails to our customers for marketing purpose. We build our additional fallback servers as well for fallback relays. We build our customized configuration for Sendmail too. I really need help to figure out if we can continue using Sendmail (even deprecated) for future long term and what implication would be doing so. Thanks, - xinhuan ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos You can still install sendmail, but postfix is the default, a decision I personally support as I have found it to be a lot easier to administer than sendmail with a much better security track record. Historically, you would use system-switch-mail to select your preferred MTA to switch from the default. I don't know if that is still the method, since the default now is what I prefer. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail is considered deprecated
On Fri, March 31, 2017 3:57 pm, Xinhuan Zheng wrote: > Hello, > > Today I searched redhat official portal and learned that Sendmail is > considered deprecated. By default, CentOS 7 will use postfix as MTA. That was an excellent decision I welcomed the day RedHat made it. Beginning with my firat RedHat (it was somewhere around RedHat 5 IIRC) I always have been replacing venerable sendmail with postfix. > I > need good advise on what it means to us. We are CentOS customers. We use > that operating system for quite a few years. We rely on Sendmail for years > for us to relay large quantity of emails to our customers for marketing > purpose. Well, it sounds like you are one of the companies with whose effort I have to fight constantly in my own effort to protect our users from spam... Valeri > We build our additional fallback servers as well for fallback > relays. We build our customized configuration for Sendmail too. I really > need help to figure out if we can continue using Sendmail (even > deprecated) for future long term and what implication would be doing so. > Thanks, > > - xinhuan > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Sendmail is considered deprecated
Hello, Today I searched redhat official portal and learned that Sendmail is considered deprecated. By default, CentOS 7 will use postfix as MTA. I need good advise on what it means to us. We are CentOS customers. We use that operating system for quite a few years. We rely on Sendmail for years for us to relay large quantity of emails to our customers for marketing purpose. We build our additional fallback servers as well for fallback relays. We build our customized configuration for Sendmail too. I really need help to figure out if we can continue using Sendmail (even deprecated) for future long term and what implication would be doing so. Thanks, - xinhuan ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] Network isolation for KVM guests
On Fri, Mar 31, 2017 at 05:06:53PM +0200, Sven Kieske wrote: > On 31/03/17 15:55, C. L. Martinez wrote: > > I need to attach two physical interfaces to a guest and these phy > > interfaces have IP and routes assigned and I need to get them off the main > > routing table. > > I do not understand this. > > You can attach a physical (or virtual, doesn't matter), interface to any > given vm, without assigning routes or IPs to these interfaces directly. No, I can't because this host doesn't support PCI passthrough. One of these interfaces is a wireless nic. > > Just do the network configuration inside the vm, and the routing, well > on your router? You will just need the route for the vm networks on your > host, but what is your attack scenario to keep this separated from other > routes on this host? you need at least CAP_NET_ADMIN to fiddle with those. How? If the same host routes Internet traffic in the main routing table I expose host's services to Internet. > > -- > Mit freundlichen Grüßen / Regards > > Sven Kieske > > Systemadministrator > Mittwald CM Service GmbH & Co. KG > Königsberger Straße 6 > 32339 Espelkamp > T: +495772 293100 > F: +495772 29 > https://www.mittwald.de > Geschäftsführer: Robert Meyer > St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen > Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen > > ___ > CentOS-virt mailing list > CentOS-virt@centos.org > https://lists.centos.org/mailman/listinfo/centos-virt -- Greetings, C. L. Martinez ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] 2.6.0-28.el7_3.6.1 e1000 problem
Adding Paolo and Miroslav. Il 30/Mar/2017 08:57, "Dmitry Melekhov"ha scritto: > 30.03.2017 10:52, Dmitry Melekhov пишет: > >> Hello! >> >> We tried to move Windows 2003 VM with e1000 driver from Centos 7 which >> runs qemu-kvm-0.12.1.2-2.491.el6_8.7.x86_64 >> to Centos 7 with qemu-kvm-ev-2.6.0-28.el7_3.6.1.x86_64 and we got >> problems- >> tcp sessions, namely smb connections, randomly drops. >> >> We didn't test previous qemu-rhev with this VM, so we don't know how it >> works in them. >> >> Could you tell me is this known problem? Any workaround except switching >> to virtio? >> >> Thank you! >> >> Sorry, previous host system was Centos 6 with default qemu... > > > ___ > CentOS-virt mailing list > CentOS-virt@centos.org > https://lists.centos.org/mailman/listinfo/centos-virt > ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Network isolation for KVM guests
On 31/03/17 15:55, C. L. Martinez wrote: > I need to attach two physical interfaces to a guest and these phy interfaces > have IP and routes assigned and I need to get them off the main routing table. I do not understand this. You can attach a physical (or virtual, doesn't matter), interface to any given vm, without assigning routes or IPs to these interfaces directly. Just do the network configuration inside the vm, and the routing, well on your router? You will just need the route for the vm networks on your host, but what is your attack scenario to keep this separated from other routes on this host? you need at least CAP_NET_ADMIN to fiddle with those. -- Mit freundlichen Grüßen / Regards Sven Kieske Systemadministrator Mittwald CM Service GmbH & Co. KG Königsberger Straße 6 32339 Espelkamp T: +495772 293100 F: +495772 29 https://www.mittwald.de Geschäftsführer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen signature.asc Description: OpenPGP digital signature ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Network isolation for KVM guests
On Fri, Mar 31, 2017 at 06:14:22AM -0400, Dima (Dan) Yasny wrote: > On Fri, Mar 31, 2017 at 5:56 AM, C. L. Martinez> wrote: > > > On Thu, Mar 30, 2017 at 06:15:28PM +0100, Nux! wrote: > > > Use libvirt with mac/ip spoofing enabled. > > > > > > https://libvirt.org/formatnwfilter.html > > > > > > https://libvirt.org/firewall.html > > > > > > -- > > > Sent from the Delta quadrant using Borg technology! > > > > > Thanks Nux and Kristian but I don't see if these solutions will be really > > efective in my environment. Let me to explain. In this host I three > > physical interfaces: eth0, eth1 and wlan0. > > > > eth0 is connected to my internal network. eth1 is connected to a public > > router and wlan0 is connected to another public router. wlan0 and eth1 are > > bonded to provide failover Internet connections. CPU doesn't supports pci > > passthrough (pci passthrough would solve my problems). > > > > If assigning a NIC directly to a VM would solve the problem, you could try > using macvtap instead of PCI passthrough > > Oops .. bad luck (according to https://access.redhat.com/solutions/1978833): Does bridge/macvtap interfaces work on wireless interfaces in RHEL? SOLUTION VERIFIED - Updated October 2 2015 at 6:23 PM - English Environment Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Issue If a bridge/macvtap interface is created using a wireless adapter, it fails to communicate. However, the wired physical ethernet card works without an issue Resolution Communication over an interface that's bridged with a wireless interface(Wi-Fi) won't work because most Access Points (APs) won't accept frames that have a source address that is not authenticated with the AP. The same holds true with APs that allow open authentication(without password) Bridging can done only with physical ethernet controllers -- Greetings, C. L. Martinez ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Network isolation for KVM guests
On Fri, Mar 31, 2017 at 5:56 AM, C. L. Martinezwrote: > On Thu, Mar 30, 2017 at 06:15:28PM +0100, Nux! wrote: > > Use libvirt with mac/ip spoofing enabled. > > > > https://libvirt.org/formatnwfilter.html > > > > https://libvirt.org/firewall.html > > > > -- > > Sent from the Delta quadrant using Borg technology! > > > Thanks Nux and Kristian but I don't see if these solutions will be really > efective in my environment. Let me to explain. In this host I three > physical interfaces: eth0, eth1 and wlan0. > > eth0 is connected to my internal network. eth1 is connected to a public > router and wlan0 is connected to another public router. wlan0 and eth1 are > bonded to provide failover Internet connections. CPU doesn't supports pci > passthrough (pci passthrough would solve my problems). > If assigning a NIC directly to a VM would solve the problem, you could try using macvtap instead of PCI passthrough > > I need to deploy a fw vm to control traffic between internal and external > interfaces. In BSD systems you can seggregate all ip address and route > tables from principal routing table. It is the same effect that I would > like to implement in this host. > > And I don't see how to implement using CentOS (or another linux distro). > > -- > Greetings, > C. L. Martinez > ___ > CentOS-virt mailing list > CentOS-virt@centos.org > https://lists.centos.org/mailman/listinfo/centos-virt > ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Network isolation for KVM guests
Hi, I don't see why this should not work with the given solutions. But I'm relatively new to KVM / libvirt. Alternative: Personally I use Shorewall (Shoreline FW) and bridge setups (also works with a bonding interface). This way you can create zones, interfaces, addresses, forwarding-rules etc and give per VM permission to let's say only use a certain IP, only access certain parts of the network, talk to a certain limited list of IPs etc. I can not imagine you can't create what you want with Shorewall. It looks complicated, but actually is very intuitive if you give it some time and effort. Please feel free to provide a better description of what you want to accomplish. Maybe I misunderstand what you want to achieve. -- Met vriendelijke groet, Richard Landsman http://rimote.nl T: +31 (0)50 - 763 04 07 (ma-vr 9:00 tot 18:00) 24/7 bij storingen: +31 (0)6 - 4388 7949 @RimoteSaS (Twitter Serviceberichten/security updates) On 03/31/2017 11:56 AM, C. L. Martinez wrote: On Thu, Mar 30, 2017 at 06:15:28PM +0100, Nux! wrote: Use libvirt with mac/ip spoofing enabled. https://libvirt.org/formatnwfilter.html https://libvirt.org/firewall.html -- Sent from the Delta quadrant using Borg technology! Thanks Nux and Kristian but I don't see if these solutions will be really efective in my environment. Let me to explain. In this host I three physical interfaces: eth0, eth1 and wlan0. eth0 is connected to my internal network. eth1 is connected to a public router and wlan0 is connected to another public router. wlan0 and eth1 are bonded to provide failover Internet connections. CPU doesn't supports pci passthrough (pci passthrough would solve my problems). I need to deploy a fw vm to control traffic between internal and external interfaces. In BSD systems you can seggregate all ip address and route tables from principal routing table. It is the same effect that I would like to implement in this host. And I don't see how to implement using CentOS (or another linux distro). ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Network isolation for KVM guests
On Thu, Mar 30, 2017 at 06:15:28PM +0100, Nux! wrote: > Use libvirt with mac/ip spoofing enabled. > > https://libvirt.org/formatnwfilter.html > > https://libvirt.org/firewall.html > > -- > Sent from the Delta quadrant using Borg technology! > Thanks Nux and Kristian but I don't see if these solutions will be really efective in my environment. Let me to explain. In this host I three physical interfaces: eth0, eth1 and wlan0. eth0 is connected to my internal network. eth1 is connected to a public router and wlan0 is connected to another public router. wlan0 and eth1 are bonded to provide failover Internet connections. CPU doesn't supports pci passthrough (pci passthrough would solve my problems). I need to deploy a fw vm to control traffic between internal and external interfaces. In BSD systems you can seggregate all ip address and route tables from principal routing table. It is the same effect that I would like to implement in this host. And I don't see how to implement using CentOS (or another linux distro). -- Greetings, C. L. Martinez ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Best practices for docker setup on Centos 7?
On 31 March 2017 at 07:11, Rafał Radeckiwrote: > Hi All. > > I am currently running docker 1.13 on Centos 7 boxes with devicemapper > storage plugin. > I would like to know what are your experiences in regard to: > - storage plugins > - kernel versions > - stability > > I consider upgrade to docker 17.03.1 and would like to choose most stable > combination of kernel/storage plugin. > If you really want the most stable setup which is well tested with the Red Hat environment I'd suggest to stop using upstream and use the docker in the extras repo, which is the same as the docker in the RHEL extras repo and is patched to work optimally with Red Hat and is tested by them. If you have plenty of block storage I'd use devicemapper with a thin pool LVM setup. We've recently switched to overlay2 as our graph driver, although that is in a CI and nor prod environment ... you may want to carry out some comparisons. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
On 30 March 2017 at 19:47, Mark Milhollanwrote: > On Wed, 29 Mar 2017, Robert Moskowitz wrote: >>On 03/29/2017 07:38 AM, Leon Fauster wrote: > >>>We have good results with http://www.shorewall.net/ an iptables >>>"abstraction". >>>Despite its not a GUI, the streamlined configuration helps to be effective. >> > >From what I can determine, it is still iptables. Not firewalld. > > That's what Leon said, shorewall is an iptables abstraction, and > iptables is a command that manipulates netfilter. > > FirewallD is similar in that it abstracts and simplifies using netfilter > without using the iptables command. Which has a GUI that can be used > remotely but it is not web based as requested. Fedora's CoPilot > probably has a module for it, but I don't know that it can be used with > a CentOS based server. Webmin likely has a module for it by now. > > Minor correction here ... firewalld is an iptables abstraction like shorewall and it doesn't link into netfilter directly. You can see that here: https://github.com/t-woerner/firewalld/blob/master/src/firewall/core/ipXtables.py ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Best practices for docker setup on Centos 7?
Hi All. I am currently running docker 1.13 on Centos 7 boxes with devicemapper storage plugin. I would like to know what are your experiences in regard to: - storage plugins - kernel versions - stability I consider upgrade to docker 17.03.1 and would like to choose most stable combination of kernel/storage plugin. Thanks for all info! BR, Rafal. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos