Linux Future Committee

--- ## 2nd Linux Future Committee ### 2021-03-24 ##### Ben Morrice on behalf of IT-CM-LCS --- ### Linux Future Committee mandate *"Provide a structured working group with the focus of:* * *Reviewing scenarios* * *Understanding impact on current Linux usage* * *Providing input on future roadmaps* *for a Linux operating system that satisfies the needs of the CERN community"* --- ### Update on current Short-term Plan - Centos Stream 8 repositories are mirrored at linuxsoft (http://linuxsoft.cern.ch/cern/centos/{s8,s8-testing,s8-snapshots}) - Docker and OpenStack (TEST) images are available - Locmap is available for CS8 - Most puppet managed infrastructure is now aware of CS8 - Monitoring support is currently lacking --- ### Latest events - HEPiX Presentations - "Linux at CERN" - slides: https://indico.cern.ch/event/995485/contributions/4256466/attachments/2207964/3736640/hepix21-linuxatcern.pdf - recording: https://indico.cern.ch/event/995485/contributions/4256466/attachments/2207964/3743058/go - "RedHat Products and Programs" - recording: https://indico.cern.ch/event/995485/contributions/4256463/attachments/2211638/3743060/go --- ### Latest events - HEPiX BoF - "Birds of a Feather (BoF) session: Linux Discussion" - slides: https://indico.cern.ch/event/995485/sessions/386343/attachments/2209929/3739897/hepixLinuxBoFMarch16th2021.pdf - recording: https://videos.cern.ch/record/2756412 --- ### What we know today - Future Linux distributions will be RPM based - Efforts required for retraining and retooling are too high to move away from RPM - Future Linux distributions will need to support both x86_64 and aarch64 - Many (several thousand) SoC systems will soon come online with aarch64 - Multiple Linux distributions are probably inevitable to support all use cases - CentOS Stream will be used for SIGs, however the life cycle of Stream does not fit all use cases - CERN is working with Fermilab and other scientific sites to align with common roadmaps --- ### Legend ![](https://codimd.web.cern.ch/uploads/upload_47d0128cb78eff9707c6044497cdc248.png) --- ### Potential future ![](https://codimd.web.cern.ch/uploads/upload_716da4474f6a118f88f6b5c7f981ccb4.png) --- ### Potential upgrade paths ![](https://codimd.web.cern.ch/uploads/upload_d633d4fcec72066983df44f6a80f6f75.png) --- ### Consolidation of concerns gathered #### (so far) --- - CC7 EOL (30.06.2024) occurs during RUN3 - Security team will tolerate non-GPN hosts (TN) that run past EOL, owners assuming all responsibility - RUN3 could potentially be extended into 2025 (not yet confirmed) --- - CC7 EOL (30.06.2024) occurs during RUN3 - A solution needs to be found for GPN hosts that need to operate during RUN3 past CC7 EOL - Option #1: The "Next" Linux Operating system is used exclusively (if available) - Option #2: Experiments remain on CC7 for the full duration of Run3, however mitigate risk by deployment of reverse proxies running on newer linux distributions - Option #3: Request additional exemptions from IT Security - Option #4: Assess if CERN IT can rebuild errata from RedHat (EL7 ELS) and release internally. This option would require buy-in from management and extra human resources allocated to IT --- - RHEL7 EOL (30.06.2024) occurs during RUN3 - IT-DB will require Extended Life Cycle Support (ELS) for the machines hosting databases used by the accerator sector - As this incurs a cost, how many hosts will this be? - CentOS Stream 8 EOL (05.2024) occurs during RUN3 - Not an obvious choice due to similar EOL as CC7 (with the same concerns), however brings new software/kernel versions - Can be upgraded to "Enterprise Linux" 8 (EL8) in the future --- - Decision for 'Next' distribution needs to be made ASAP - CMS and ALICE requests this to be able to adequately plan for RUN3. CC7 is not an option to use for RUN3 at CMS - RedHat kernel is too old to support new hardware - BE-CEM-EDL report this - RedHat provided tools, libraries, compilers missing or old - BE-CEM-EDL report this --- - SoC OS preferred be the same as 'general' OS - To simplify management and security updates, some departments would prefer the operating system used for 'general usecases' to be the same as the operating system used on System-on-Chips - SoCs are aarch64 - Requested by ATLAS, CMS, Beams, Radio Protection - RPM based distribution is preferred - reduce cost of switching - Preferred by at least IT-ST, ATLAS --- - 1 year overlap between supported releases is required - Important for IT-ST, CMS - Impossible to migrate systems between 1 day and the next - Support for remote installation - BE prefers this for underground systems - Distribution should be able to run Oracle clients - Requested by ALICE DCS, CMS - Distribution should be able to run WinCC OA --- ### Are we missing any concerns ? --- ### What's next ? - Wait for RedHat to release details on the 'low cost' / 'no cost' academic licensing scheme - Determine if the above fits CERN and the wider HEP community use cases - If not feasible to use across all use cases, perhaps useful for Oracle/WinCC OA - Wait for the Rocky Linux community to release a viable product - First release -> March 31st - Will the momentum continue long term? - Can CERN along with Fermilab contribute and become a 'backup' in the event that the community disbands? --- ### Key takeaways - No decision has yet been made for the 'Next' distribution - Options will be - CentOS Stream 8/9 - RHEL 8/9 - RHEL 8/9 clone (Rocky, Alma, etc) - Groups that require a decision today in order to plan for RUN3, please refer to slide 10 (Potential upgrade paths) points 1 and 4 - Most likely moving to CS8 is your best option, as this allows for a trivial upgrade path to EL8 at a later date --- ---