Re: Who Uses Scientific Linux, and How/Why?
Brett Viren wrote on 2/25/20 8:15 AM: "Peter Willis" writes: Perhaps, if it’s not too much trouble, people on the list might give a short blurb about how they use it and why. Not quite a short blurb, but not too long either. I am retired now (nearly 4 years) after nearly 50 years in the IT biz - 44 of those at UIUC and 20 of those as an IT Admin for our local HEP group, and I can tell you that there are two people who made my life immeasurably better. So I just want to toot their horn. Troy Dawson and Connie Sieh of FermiLab. Here's a great interview with Troy that will answer a lot of questions as well as elucidate why we went with SL. (I suspect the following will get transmogrified by Fermi's Proof Point URL secret encoder ring) https://urldefense.proofpoint.com/v2/url?u=http-3A__old.montanalinux.org_interview-2Dtroy-2Ddawson-2Dscientific-2Dlinux-2Djune2011.html&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=p76IJCxmwsNBSv-yK1gjd90aDixiH0QGmAOt17f6Gf0&s=_1X0fjomFwROuoTUSK43cCqxlIRTvLj6oFiyBnixFAE&e= Alas, much to my initial dismay, Troy announced in 2011 he was going to work for RedHat, but Pat Riehecky jumped in to those big shoes (Thanks Pat!). I would be remiss if I didn't also mention Urs Beyerle and his work on the SL Live CDs/DVDs. And, of course, the (then) smallish but amazingly helpful SL user community on this list. After infuriatingly frustrating and hapless encounters with RHEL support on even the simplest of issues, being able to have one-on-one interactions with Troy, Connie, and Urs (and other users on the list) was like stepping out of a cold dark cave onto a warm sun drenched beach. [not hyperbole] Our journey (in case you're interested and still reading) went something like: Late 90's and early 2000's - SunOS (expensive hardware, expensive maintenance contracts, expensive licensing). Start playing with this new toy Redhat 2.0. (spare desktop hardware, almost free software, no licensing). Then Redhat 3, then 4 - now seeing that we can replicate all services from SunOS to RH. No longer a toy. Then RH 5 and 6, 7. 8, 9 and End-of-Life. LHC was ramping up and about to spew petabytes of ATLAS experiment data. Time to start building racks of storage farms and compute clusters. Switch to RHEL. But with that came confusing and frustrating licensing plus the aforementioned support snafus. Then an epiphany - one of our engineers was collaborating with another institution on loading linux onto embedded processors as part of the Dark Energy Survey telescope and came to me for linux advice. They were using a free linux installation from CERN called Scientific Linux (SLC). "Really!" He said FermiLab had a similar version (SLF) but that they chose SLC for whatever reason. He said it's the same as RHEL. "Really!" (again) I found FermiLab's website for SLF and the rest, they say, is history! We started with RHEL3, moved to SL4, then SL5 (my favorite) and wound up at SL6. SL7 was out and the HEP community was transitioning to it when I retired so I didn't have to deal with it. :-) Anyways, now back to retirement. - Larry -- P. Larry Nelson (217-693-7418) | IT Administrator Emeritus 810 Ventura Rd.| High Energy Physics Group Champaign, IL 61820 | Physics Dept., Univ. of Ill. MailTo: lnel...@illinois.edu | https://urldefense.proofpoint.com/v2/url?u=http-3A__hep.physics.illinois.edu_home_lnelson_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=p76IJCxmwsNBSv-yK1gjd90aDixiH0QGmAOt17f6Gf0&s=62eHV163Nb89LsMLRPjQOEzjYv_oEs-6HtKt99PM2jA&e= -- "Information without accountability is just noise." - P.L. Nelson
Re: Who Uses Scientific Linux, and How/Why?
Hi Konstantin, Konstantin Olchanski writes: > This happened right after the first quad-PentiumPro machines became > available, with Dell dual-PentiumII/III to follow soon after. Yes and it's why www.phy.bnl.gov is running on a system that still caries the (internal) hostname "phyppro1"! > I am not sure what happened with Debian at that point. We certainly knew > about it, one of Debian founders worked with us. We also knew about Slackware. I guess this was maybe Perens? He came to the "Open Source / Open Science" workshop held at BNL in 1999. https://www.bnl.gov/bnlweb/pubaf/pr/1999/bnlpr090899.html I attended that as a grad student and joined the lab shortly after. Cheers, -Brett. signature.asc Description: PGP signature
Re: Who Uses Scientific Linux, and How/Why?
On Tue, Feb 25, 2020 at 09:15:35AM -0500, Brett Viren wrote: > > You might ask "why is there a HEP monoculture based on Red Hat?". That > would be an interesting story if someone knows the details. ... > > I suspect the actions of a small number of early movers led to RH's > dominance in HEP. I can point a finger at a few from FNAL and BNL. > That's right. I was at BNL at the time, it was right in front of my eyes. The first guy installed RH linux. it worked. end of story. This happened right after the first quad-PentiumPro machines became available, with Dell dual-PentiumII/III to follow soon after. These USD$2k desktop boxes had performance better than USD$250k SGI "mainframes", they had 100Mbit ethernet (SGI did not), they plugged into 110V wall power (SGI required 3 phase AC). so. end of SGI. SGI IRIX out, Linux in. > > Debian and RH started at the same time (1993) so my guess is these early > movers just happened to be more exposed to RH and less to Debian. The > network effect then did its thing. > I am not sure what happened with Debian at that point. We certainly knew about it, one of Debian founders worked with us. We also knew about Slackware. It is hard to remember that far back, but I would say that Red Hat was probably the better distribution at the time, having a business funded with startup money behind it. Small things like the sadly missed tools "redhat-config-users", "redhat-config-network", interactive installers, etc must have all added up somehow. > > The second, maybe coupled, dynamic is that (I suspect) there was a > seduction by the corporate backing of RH of HEP lab management. Or, > maybe a "comfort" is a less loaded term. > At BNL, "management" only got involved in this by the time RHIC and LHC experiments started looking at their computing needs. By that time everybody already was running Red Hat Linux. > > I think it natural that management types would cozy up to arguments > like: "RH is corporate, just like Sun, but cheaper" compared to Debian's > scary form of *gasp* self-organization. > I think that's right. Certainly Red Hat sales and corporate people had a presence (and Debian, lacking both, did not). Incoming hardware from IBM & co all had "OS: Red Hat Linux" written in the specs (not "Debian"), etc. > > Of course, and maybe only in hindsight, we know Debian's organization is > more robust an entity than RH's ended up being. Ironically, Debian also > contains far far more science-related packages than the distribution > with "science" in its name. > Yes, intersting how that turned out. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Who Uses Scientific Linux, and How/Why?
> > > https://urldefense.proofpoint.com/v2/url?u=https-3A__nam01.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Furldefense.proofpoint.com-252Fv2-252Furl-253Fu-253Dhttp-2D3A-5F-5Fwww.cs.concordia.ca-5F-2D7Emokhov-2526d-253DDwIFaQ-2526c-253DgRgGjJ3BkIsb5y6s49QqsA-2526r-253Dgd8BzeSQcySVxr0gDWSEbN-2DP-2DpgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A-2526m-253DReXrKueW8ZKy6ZeDrhbuU0jFxocBkwAtzvgZ8Lw2ARo-2526s-253Dbe7he2wCrlv4hIwX-5Fh0scVYIki4Qb7seECAg7OOc-2DMY-2526e-26amp-3Bdata-3D02-257C01-257Crdt12-2540PSU.EDU-257C9fb96135f1114e1bf6b108d7b938cfd4-257C7cf48d453ddb4389a9c1c115526eb52e-257C0-257C0-257C637181525973769014-26amp-3Bsdata-3DefZ-252FN-252FksB4JxCeCgsEBmSkFNIfgbSPGAiP70rfaAVes-253D-26amp-3Breserved-3D0-3D&d=DwIF-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=8TdfyJ1u8MnWKcS6ydkH1brzzoEzq1IZRhMef5YNV1I&s=hPRLpwZu7HwRGmm7_TBUfJv0w0CSwjuGooVPdc6YHzI&e= > > https://urldefense.proofpoint.com/v2/url?u=https-3A__nam01.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Furldefense.proofpoint.com-252Fv2-252Furl-253Fu-253Dhttp-2D3A-5F-5Fcciff.ca-2526d-253DDwIFaQ-2526c-253DgRgGjJ3BkIsb5y6s49QqsA-2526r-253Dgd8BzeSQcySVxr0gDWSEbN-2DP-2DpgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A-2526m-253DReXrKueW8ZKy6ZeDrhbuU0jFxocBkwAtzvgZ8Lw2ARo-2526s-253Dr1CyWyPBkhOKlYHXLLBrBRzhyvOXZfdHagfuQ1DQWDk-2526e-26amp-3Bdata-3D02-257C01-257Crdt12-2540PSU.EDU-257C9fb96135f1114e1bf6b108d7b938cfd4-257C7cf48d453ddb4389a9c1c115526eb52e-257C0-257C0-257C637181525973769014-26amp-3Bsdata-3DvOC8W1XdAWbpKhU0ZWNK02OGyw1V4hUoT5gbdi0MMYM-253D-26amp-3Breserved-3D0-3D&d=DwIF-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=8TdfyJ1u8MnWKcS6ydkH1brzzoEzq1IZRhMef5YNV1I&s=AjMm_VAXOf28cikomJtmfuTunn_KhxlwZvjcCllMptM&e= > | > https://urldefense.proofpoint.com/v2/url?u=https-3A__nam01.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Furldefense.proofpoint.com-252Fv2-252Furl-253Fu-253Dhttp-2D3A-5F-5Fmdreams-2D2Dstage.com-2526d-253DDwIFaQ-2526c-253DgRgGjJ3BkIsb5y6s49QqsA-2526r-253Dgd8BzeSQcySVxr0gDWSEbN-2DP-2DpgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A-2526m-253DReXrKueW8ZKy6ZeDrhbuU0jFxocBkwAtzvgZ8Lw2ARo-2526s-253DGqE1OMX9RmXnxHlwLxQhCFqwgZdIh5nqA-2DPoNF1J30c-2526e-26amp-3Bdata-3D02-257C01-257Crdt12-2540PSU.EDU-257C9fb96135f1114e1bf6b108d7b938cfd4-257C7cf48d453ddb4389a9c1c115526eb52e-257C0-257C0-257C637181525973769014-26amp-3Bsdata-3Df7eYknsB-252Bt8OjVK3xMccqjRNCHHl4IXLwdLiS1e9vHM-253D-26amp-3Breserved-3D0-3D&d=DwIF-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=8TdfyJ1u8MnWKcS6ydkH1brzzoEzq1IZRhMef5YNV1I&s=94QdigvDN02IKw-od5I0IuFZZBYYFEI9pNQ5u8zTrrk&e= > > https://urldefense.proofpoint.com/v2/url?u=https-3A__nam01.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Furldefense.proofpoint.com-252Fv2-252Furl-253Fu-253Dhttp-2D3A-5F-5Fmarf.sf.net-2526d-253DDwIFaQ-2526c-253DgRgGjJ3BkIsb5y6s49QqsA-2526r-253Dgd8BzeSQcySVxr0gDWSEbN-2DP-2DpgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A-2526m-253DReXrKueW8ZKy6ZeDrhbuU0jFxocBkwAtzvgZ8Lw2ARo-2526s-253DAChVu3ppzcRMQhwedztVKVDCZpdn7eviggK3B8gom7Y-2526e-26amp-3Bdata-3D02-257C01-257Crdt12-2540PSU.EDU-257C9fb96135f1114e1bf6b108d7b938cfd4-257C7cf48d453ddb4389a9c1c115526eb52e-257C0-257C0-257C637181525973769014-26amp-3Bsdata-3DUjmIivP7v0xFqNejXm3OxtfLoslgQEQ7WBC561PcMxk-253D-26amp-3Breserved-3D0-3D&d=DwIF-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=8TdfyJ1u8MnWKcS6ydkH1brzzoEzq1IZRhMef5YNV1I&s=sZHCCLPdmrR44aL3uGjrjP-OFI4A3K3ueeogGyC62cs&e= > | > https://urldefense.proofpoint.com/v2/url?u=https-3A__nam01.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Furldefense.proofpoint.com-252Fv2-252Furl-253Fu-253Dhttp-2D3A-5F-5Fsf.net-5Fprojects-5Fmarf-2526d-253DDwIFaQ-2526c-253DgRgGjJ3BkIsb5y6s49QqsA-2526r-253Dgd8BzeSQcySVxr0gDWSEbN-2DP-2DpgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A-2526m-253DReXrKueW8ZKy6ZeDrhbuU0jFxocBkwAtzvgZ8Lw2ARo-2526s-253DlBCv7stSS6iCundVO4eoQ9BsgR8UV294lSmdDozJ8Q8-2526e-26amp-3Bdata-3D02-257C01-257Crdt12-2540PSU.EDU-257C9fb96135f1114e1bf6b108d7b938cfd4-257C7cf48d453ddb4389a9c1c115526eb52e-257C0-257C0-257C637181525973779008-26amp-3Bsdata-3Dr6As6zcECCxvWBJiNTBWBhB3jN-252FQ49cHPCI4u3O9R-252B8-253D-26amp-3Breserved-3D0-3D&d=DwIF-g&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=8TdfyJ1u8MnWKcS6ydkH1brzzoEzq1IZRhMef5YNV1I&s=fApZLkTeoBIxng-TxbjbW3zWef2iI1k3bMi-afkiJG0&e= > I'm curious how many levels deep the Proof Point URL Defense will recontinue to re-encode its own encoded URLs. I thought t was silly when that was added to the list infra, and this makes it even more so. URLs in messages quoted backt to the list is hardly an edge case.
Re: Who Uses Scientific Linux, and How/Why?
"Peter Willis" writes: > Perhaps, if it’s not too much trouble, people on the list might give a short > blurb about > how they use it and why. SL (and soon changing to Centos) provides a monoculture in HEP computing so there is no choice for me but to consider it. I use Debian-based distributions where I have a choice. To satisfy both of my constraints, I restrict my personal use of SL to environments provided by Linux containers. This way, I can assure my software works for the monoculture while allowing me to stay in my preferred environment for the majority of my activities. Warning: wool gathering: You might ask "why is there a HEP monoculture based on Red Hat?". That would be an interesting story if someone knows the details. My guess is that it is due to one or two (or both) dynamics: I suspect the actions of a small number of early movers led to RH's dominance in HEP. I can point a finger at a few from FNAL and BNL. Debian and RH started at the same time (1993) so my guess is these early movers just happened to be more exposed to RH and less to Debian. The network effect then did its thing. The second, maybe coupled, dynamic is that (I suspect) there was a seduction by the corporate backing of RH of HEP lab management. Or, maybe a "comfort" is a less loaded term. Sure, the BSDs were a pre-existing counter narrative, but what I saw dominating in mid 90s HEP was SGI's Irix, DEC's Pure64, Sun's SunOS/Solaris. In that environment, I think it natural that management types would cozy up to arguments like: "RH is corporate, just like Sun, but cheaper" compared to Debian's scary form of *gasp* self-organization. Of course, and maybe only in hindsight, we know Debian's organization is more robust an entity than RH's ended up being. Ironically, Debian also contains far far more science-related packages than the distribution with "science" in its name. Anyways, now back to work. -Brett. signature.asc Description: PGP signature
Re: Who Uses Scientific Linux, and How/Why?
Bonjour, This was posted to SLU in 2012 but didn't get any actual answers. It's reposted in case anyone can firmly say (or no) that the situation has changed or is the same. *Is* it true that CentOS still have a period when they do *not* release security updates for earlier OS dot releases, thus leaving those earlier dot releases vulnerable? (Security is one reason we stuck with SL with Super-Gratitude to them!) My security colleagues said: My reading of the thread surrounding that quote is that CentOS *do* release security patches between "dot" releases, but that they stop in the period between Red Hat releasing an update and the time that they have pushed that update out themselves. Thus, 5.3 has been released by both Red Hat and CentOS and is receiving updates, but when 5.4 comes out from Red Hat, all their security updates will not necessarily work on 5.3 so CentOS stops releasing them. As soon as CentOS gets 5.4 out of the door, the updates will start again (and they will have rolled the missing ones into their 5.4 release). It is significant though (i.e. potentially a couple of months without security fixes when a new CentOS point release is being prepared), and something I wasn't aware of. At the very least, CentOS admins need to be aware of this until and unless the policy changes. Original post: PS I haven't verified the links are still valid! (sorry) In 2009 I was surprised to learn from this useful+informative SL-User's list, that CentOS does not always release security updates in a timely manner: http://listserv.fnal.gov/scripts/wa.exe?A2=ind0908&L=scientific-linux-users&D=0&T=0&P=4484 "It has come to light that the maintainers don't/can't release interim security updates while they are rebuilding a new dot release from upstream" http://listserv.fnal.gov/scripts/wa.exe?A2=ind0908&L=SCIENTIFIC-LINUX-USERS&P=R7106&I=-3 "For example, once Redhat releases a point release, an attacker knows that any subsequent errata can be used against a CentOS box at least until the CentOS project releases the corresponding point release. It is quite literally a sitting duck." http://listserv.fnal.gov/scripts/wa.exe?A2=ind0908&L=scientific-linux-users&D=0&T=0&P=4999 "(About CentOS & why user is switching from CentOS to SL:) So there is a potential delay of weeks and months before security updates are passed on whilst a distribution is being rebuilt, as they currently don't start rebuilding the dependencies of an errata updated package, unless it is part of the release. I am quite happy to wait a few days for a security updates, but I do take issue to an unknown exposure where security updates are delayed for an unspecified length of time." Question: that was in 2009. Does anyone know, is the above still true of CentOS? (Apols - I don't wish to join CentOS list just to find that out & am unable to find out via some searching) (We are debating building some new servers as SL vs CentOS, & timely security updates are relevant to us) Many thanks for pointers/enlightenment.
