Red Hat Introduces Free RHEL for Open-Source Organizations

ZDNet brings an update about the future of Red Hat Enterprise Linux: When Red Hat, CentOS's Linux parent company, announced it was "shifting focus from CentOS Linux, the rebuild of Red Hat Enterprise Linux (RHEL), to CentOS Stream," CentOS users were not happy. Now, in an effort to mollify them and to keep its promise to open-source organizations, Red Hat is introducing a new, free RHEL for Open Source Infrastructure. If your non-profit organization, project, standard body, or foundation is "engaged with open source," you can get a free RHEL subscription via this program. Earlier this year, Red Hat introduced no-cost RHEL for small production workloads and for customer development teams...

Jason Brooks, a Red Hat Open Source Program Office Manager explained:

Supporting the open-source software ecosystem is a core objective for Red Hat... We know that we are part of a larger, interdependent ecosystem that we benefit from and which we do our best to foster and support. This support comes in many forms, but often includes helping open source software projects, foundations, and standards bodies access enterprise technologies for development and testing.

We frequently provide no-cost access to RHEL to these groups, but the process isn't as formalized, consistent, accessible, or transparent as we'd like it to be. With the announcement that we will be shifting our resources to CentOS Stream at the end of 2021, we want to make sure that those organizations engaged with open source have access to RHEL as they build and test the future of open-source software...

The GNOME Foundation's executive director Neil McGovern, said:

As a non-profit, we rely on donations to help us achieve our goal of a world where everyone is empowered by technology they can trust. RHEL subscriptions are an essential part of this. With full operating system management and security updates, we can concentrate on the services we provide to GNOME users and developers without having to worry about the underlying systems. Red Hat has generously provided these services to GNOME at zero cost for years, and we look forward to continuing our relationship for a long time to come.

GNOME is also the default desktop in RHEL Workstation.

High risk

[laffer1]

Take the hit and migrate to a free distro now. They can pull the plug at any time.

Re:High risk

[markdavis]

>"Take the hit and migrate to a free distro now. They can pull the plug at any time."

Or just wait a little bit longer. CentOS 8 is fully supported for now. By the time it is not (supposedly later this year), you will have instant migration choices (no reinstall- just load an RPM that transforms the system). Those choices appear to be RockyLinux or AlmaLinux. Rocky has no release yet. Alma had a successful beta, and now an RC, so a full release will hit soon. Which will be better? I have no idea, but there is time, and I am confident those two choices will be available by the time we need them. RedHat can't "pull the plug" on them.

RedHat has TOTALLY missed the boat and still doesn't understand. First they violated our trust by breaking their support promise on CentOS 8, at a time when many of us have invested a large amount of time installing and migrating to it. That trust is now gone. Earning that back might be impossible now. How do I know they won't change their terms yet again with "free" RHEL if they can so casually abandon CentOS?

And don't be fooled- CentOS "Stream" is *NOT* CentOS. They will be treating that platform as a never-ending alpha or beta test bed for possible updates to RHEL. You will probably have little to no knowledge as to which updates are tested, stable, or supportable. So your system will not be an enterprise-class installation, it will be some strange hybrid project that benefits only RHEL users.

They can offer so-called "free" licenses of RHEL to this or that, but that isn't want we want. I don't want to "license" my machines. I don't want to "register" with some big-brother. I don't want to "subscribe." I don't want some limitation as to how many machines can be used, what types of machines, or for what purpose. And I certainly don't want them to pull the rug from under me again. Yet, I like traditional CentOS and don't want to migrate to something entirely different.

I am not alone.

The petition was a nice idea, and yes, I signed it, but I think it is too late now:
https://www.change.org/p/cento... [change.org]

Re:

[fluffernutter]

Isn't Red Hat giving up to 16 licenses for free? You run a datacenter larger than that on an unsupported OS?

Re:

[markdavis]

>"Isn't Red Hat giving up to 16 licenses for free? You run a datacenter larger than that on an unsupported OS?"

You are still thinking like RedHat apparently is.

How do any of us know that it will remain 16, and not changed to 8? Or 4? Or none? Or limit number of CPU's? I don't *trust* them anymore because they broke their previous promises. And their apparent motivation in all this appears to be bad.

I am not advocating that large data centers NOT use RHEL, or that they DO use AlmaLinux or RockyLinux.

Re:

[fluffernutter]

You used a free OS and you got bit by it. I'm not sure how you could know any free OS would be around forever. At least if you have Redhat servers you know you can get support if you need it and it will be around for the long haul.

Re:

[laffer1]

You don't actually know that. Right now IBM's strategy is to become RedHat to save it's cloud initiative after consulting alone failed. They used to push OS/2, Lotus and DB2. Lotus got sold. DB2 is dying. IBM morphs every decade or so into something new. RedHat will die, it's just when.

At best it will be Lotus Notes or OS/2, and live on with a small company somewhere after the fall.

By destroying trust, IBM has weakened the RedHat brand.

Re:

[93 Escort Wagon]

And don’t forget that, for a supported RHEL-compatible Linux, there are still options other than Red Hat. AlmaLinux’s parent is CloudLinux, which has been supporting data center customers for over a decade.

There’s also Oracle, although yeah Oracle.

Re:

[bofkentucky]

Yes, we paid up for ~300 RHEL6 servers for 8 years, put in zero support tickets. We're not on the fringes of what we do, we don't have a massive army of sysadmins, just some competent puppeteers. As we moved out to a hybrid cloud strategy, the rhel licenses just didn't make sense so AL2 for workloads that made it to AWS and Centos on-prem. Never once in the last 5 years have we felt like we've missed out on anything except a couple of sales and marketing lunches.

Re:High risk

[Distan]

We run four datacenters with thousands of systems on CentOS.

There is zero chance that RHEL is going to get a toehold in these datacenters. My peers at other companies are feeling betrayed, even those who were running mixed RHEL/CentOS. Red Hat (IBM) does not comprehend the amount of ill will they have created torwards themselves.

Re:

[Joey Vegetables]

It is your choice, but, IMO, if you are running thousands of systems on any free OS, you should strongly consider giving something back. If you aren't already.

I'm not saying to go out and buy thousands of Red Hat licenses. Anyone in your situation most likely will end up running Alma or Rocky. But why not kick back a little bit to those devs, in appreciation of their efforts, and also to make sure it remains profitable to them to keep up their hard work?

FOSS withers and dies if the people who do the work

Re:

[MSG]

CentOS "Stream" is *NOT* CentOS. They will be treating that platform as a never-ending alpha or beta

No, Rawhide is the development and testing (alpha and beta) channel. Fedora is the stable channel. CentOS Stream is the stable LTS. RHEL is the stable LTS with semantic versioning of the release as a whole, and extended support for point releases.

Re:

[markdavis]

>"No, Rawhide is the development and testing (alpha and beta) channel. Fedora is the stable channel. CentOS Stream is the stable LTS. RHEL is the stable LTS with semantic versioning of the release as a whole, and extended support for point releases."

That is not what I read from multiple sources. For example, this is from Wikipedia:

"CentOS Stream is a rolling release Linux distribution midstream between the upstream development in Fedora and the downstream development for RHEL."

That clearly indicates muc

Re:

[MSG]

CentOS Stream is a rolling release

That's not accurate, or maybe misleading. Red Hat did use those terms to describe CentOS Stream early on, but the common definition of "rolling release" is a distribution with no distribution release versions at all. CentOS Stream will have major releases, it just won't have point releases. Red Hat has amended their description to "a release with rolling updates" to decrease confusion, though I'm of the opinion that they should just avoid the word "rolling" entirely, since it implies something they defin

Re:

[markdavis]

>[...]

Thanks for the additional info

>"CentOS maintainers and Red Hat engineers repeatedly assure the centos and centos-devel list that packages are still passing all of Red Hat's QA, and that they're simply published when they're ready rather than RHEL's policy of waiting for large drops every six to eight months."

Well, color me skeptical. What they are doing before, and even now, is not necessarily what they are going to do later. They certainly proved that when they released CentOS 8 with "10 year

Re:

[MSG]

there is no rational reason to replace CentOS with CentOS Stream

But there is: CentOS has massive holes in the calendar during which it doesn't get updates. Stream doesn't.

I'm sure that CentOS users convinced themselves that the update hole isn't a problem, but it is. It is inevitable that the update hole would lead to CentOS users being actively attacked during a period when updates weren't available, and that would damage CentOS's reputation, and Red Hat's by extension.

CentOS has never been suitable for production use in public-facing roles. It just hasn't. Ignorin

Re:

[markdavis]

>"It is inevitable that the update hole would lead to CentOS users being actively attacked during a period when updates weren't available, and that would damage CentOS's reputation, and Red Hat's by extension."

But updates for CentOS are not much slower than RHEL. So if CentOS is not suitable, neither is RHEL. Red Hat pushes out critical updates quickly, they shouldn't be much slower than even Stream.... unless they are using Stream for testing, which I think they will.

Re:

[MSG]

But updates for CentOS are not much slower than RHEL

As I keep saying: Yes, they are. There are two month-long periods every year during which CentOS doesn't get any updates because the developers are rebuilding the big set that came with the point release.

During the other ten months, updates are pretty quick, but CentOS doesn't start work on point releases until they're final and published. That leads to lengthy delays of all updates, including security updates.

Stream won't have that problem.

Re:

[Joey Vegetables]

That is kind of the point of an LTS release. It doesn't get updates, which could potentially break production systems, except on a predictable schedule, and/or as necessary for dire security reasons. Red Hat no longer makes an LTS release other than RHEL itself. Fedora doesn't count as it doesn't even try to be, and CentOS Stream no longer does either. Hence the urgent need for a replacement for what CentOS used to be.

CentOS did get security updates. Still does AFAIK. But who knows for how much longer

Re:

[MSG]

That is kind of the point of an LTS release. It doesn't get updates, which could potentially break production systems, except on a predictable schedule,

LTS is not as narrowly defined as you describe it. CentOS Stream fits all of the defining features of an LTS distribution, as described by:

https://en.wikipedia.org/wiki/... [wikipedia.org]

CentOS Stream is just as much an LTS release as RHEL. The only difference is that Stream will get packages when they are have passed testing and are ready, while RHEL will hold some packages up for point releases.

Holding packages for point releases isn't a defining feature of an LTS release, it's a defining feature of a system with sema

Re:

[paugq]

RedHat can't "pull the plug" on them.

Of course Red Hat can pull the plug on Rocky and Alma. All Red Hat needs to do is stop releasing source RPM packages.

Re:

[markdavis]

>"Of course Red Hat can pull the plug on Rocky and Alma. All Red Hat needs to do is stop releasing source RPM packages."

They kinda tried that before with CentOS before they "acquired" it in 2014 and it didn't fly back then (throwing in delays and red-tape). Why would it fly now? They are REQUIRED to issue the source code, per the GPL. Since they are repackaging the source, I believe they are required to release publicly, it in the same form they distribute it.

I suppose they could try to artificially d

Re:

[paugq]

They are REQUIRED to issue the source code, per the GPL

They are required to issue the source code but are they required to issue the RPM .spec files?

Or can Red Hat still make the upstream source available but not the spec files? That would be enough to kill all the Red Hat clones. Not knowing the compilation flags makes it almost impossible to create 1:1 binary-compatible RHEL clone, which is the raison d'etre of CentOS, Alma Linux, Rocky Linux, Springdale Linux and many others.

Re:

[markdavis]

>"They are required to issue the source code but are they required to issue the RPM .spec files?"

I can't answer that. My gut says "yes", they need to supply the information they used to produce the binaries they distribute. But I am not a lawyer, and I don't know if this has been specifically addressed before.

Re:

[Joey Vegetables]

I've soured greatly on RHEL because of this.

They were never obligated to agree to support CentOS, at all, ever; however, once they did commit to doing so, they should have honored that commitment.

There's a huge demand for what CentOS used to be, which is why we have Alma and Rocky Linux and probably a few more in the not too distant future.

But I do think that those who can and wish to support these efforts, financially or otherwise, should consider doing so. Paying it back, and/or paying it forward, just s

Re:

[bill_mcgonigle]

> Take the hit and migrate to a free distro now. They can pull the plug at any time.

I did Redhat* from 1994-2017. First closing off mission-critical bug reports to non-employees, then refusing to take patch fixes from the community (for stuff their employees broke), then acquiring CentOS, and finally throwing Xen users to the curb when Meltdown hit the scene - jumped ship to Debian 9, then 10, now poking at 11. When IBM bought them I put the pedal to the metal.

After the transition, almost everything is

Re:

[mmcgrath]

Uhh, literally any distro can pull the plug at any time. I think what you want is a contract...

Re:

[Joey Vegetables]

What about a source-based distribution like Gentoo?

They could let the ebuild tree rot, or even disappear altogether, but even then, nothing could legally stop you from pulling it from some mirror somewhere, building what's there, and making whatever mods over time that you'd need in order to support your use cases and make sure the ebuilds you care about continue to work.

There are tradeoffs for certain. You'd need more than an average sysadmin's understanding of how to maintain the ebuilds, which includes

Re:

[Gavagai80]

To avoid the risk of having to migrate later, your solution is to migrate now? Thereby turning a plausible but unlikely problem into a certain problem?

What you're paying for with RHEL is support. There's no distro that offers that level of support for free, except the RHEL deal this article is about.

Re:

[StormReaver]

To avoid the risk of having to migrate later, your solution is to migrate now?

That is a perfectly logical proposition, one my company undertook a long time ago. We underwent a controlled transition from RHEL to Debian while the timeline was under our control, rather than having to risk a highly probable time-constrained transition later. It was painfully obvious at RHEL 5 that Red Hat was headed in this direction, and we didn't want to have to deal with what RH-based companies are having to deal with now. The longer you wait, the harder the transition becomes.

Re:

[Joey Vegetables]

YMMV, but I usually advocate for this sort of change sooner rather than later, if it is substantially certain to have to happen either way.

That way you get more time to plan, prepare, test, do dry runs in (hopefully) production-like environments, and so forth.

There are situations where that might not be appropriate, but usually, in my experience, it is, and I've endured far more grief, as have the organizations I've worked for, when we postponed necessary changes until the last possible moment, rather than

Re:

[SickFreak]

RHEL is the windows of Linux. It's gross and untrustworthy from a business standpoint.

Re:

[rajkiran_g]

Indeed. They have already broken a promise. Now they are making another in appeasement. As the saying goes, "Fool me once..."

wrong groups

[iggymanz]

It was we hobbyists in the late 90s who got Red Hat into the corporate world. You've forgotten and forsaken us, Red Hat, and so we're running other distros at home AND have been proactively getting our employers onto other distros where possible (e.g. to run Tomcat ,normal web stacks, SMTP, postgresql and mysql, etc. ) Your new initiative doesn't say anything about the private hobbyist/home user.

Just think of the billions you've lost because of that.

Re:

[Junta]

Technically they feel they have you covered with 'free RHEL for fewer than 16 systems.

For me I don't want to go down the rhn path even it were free, and worry about them changing the deal down the road. Since there's Debian, Ubuntu, and will be Alma and/or Rocky linux that won't be so onerous about registration and tracking 'free' entitlement.

Re: wrong groups

[e3m4n]

Ive never really been a fan of the dpkg world and development. For me its always been rpm based tools and development. I used CentOS for over a decade, but it looks like Im jumping ship to Oracle Linux. They make it really easy to switch by just updating your repos. I work with VoIP phone systems so a long-term release cycle makes more sense than anything else. Shifting from Uploader to Systemd was highly disruptive. If it was a 6 mos cycle something like that happened on, it would be a nightmare for compan

Re:

[iggymanz]

Except Oracle is the company that one day decided if you were using Java in certain ways you needed to start buying licenses, and they put compliance auditors on their customers' sites. They may one day say if you ever hit their repos again, you need to be paying money.

Re:

[Joey Vegetables]

Agreed. I won't touch Oracle unless it comes down to either that or not being able to feed my family. It more closely resembles an extortion racket, than a software company.

Re:

[Joey Vegetables]

I'm not yet convinced that snaps, AppImages, Flatpaks, etc. will solve this problem in the general case, but I will say that an AppImage was the only way I could get LMMS to work on my Gentoo system (a source-based distro, hence neither RPM nor APT-based).

Re:

[iggymanz]

How did they have me covered? We have hundreds of systems!

Nope, the thing to do is what we did over time, toss the Red Hat out the door.

Re:

[Junta]

A private hobbyist/home user would not be in the hundreds of systems.

Their free offering wouldn't cover your workplace, but it could be workable for a hobbyist/home user.

Except that a hobbyist/home user has an even easier time with no-registration linux distributions, so in a competitive sense they come up short even within those constraints.

I wonder how much more solid their Linux position would be had they never tried to reserve paid support exclusively to an edition that isn't freely available back in th

Re: wrong groups

[aRTeeNLCH]

I stopped believing in RedHat doing any good for the open source / free software world when I read that Jim Whitehurst and the rest of the management were all using Windows and/or Apple desktops.

Too little, too late

[brennnaaannn]

It's pretty much too late now. How many times will Red Hat do the same thing again?

RedHat = IBM

[SchroedingersCat]

RedHat is IBM now. "Free" RedHat is about as free as "free" Windows.

Re:

[Ostracus]

Then the GPL means nothing then, if you're going to abuse the word "free".

Re: RedHat = IBM

[ToasterMonkey]

GPL really means nothing to a RHEL customer.

Choosing between RHEL, CentOS, OEL is about how much will I need to pay, and how often do you put those sweet binary blobs out.

Source code to 99.99% of corporate Linux users is like the engine manual to your car, neat for a _few_ regular consumers, useless for everyone else, from small business, to large fleets, they just don't care. Let's put it this way, we're not grinding our own valves.

The expectation that anyone will find a use for it in the supported lifeti

Re:

[SchroedingersCat]

GPL applies to individual packages. It is rather easy to taint the distro by incorporating proprietary components. The entire point of CentOS was to untangle GPL from non-GPL components.

Re: RedHat = IBM

[e3m4n]

Free as in Beer? OR Free as in Speech? :-)

Re:

[scalptalc]

Free as in Beer? OR Free as in Speech? :-)

As long as you are bound to sharing your work it isn't "free" anything except cost. More like "Open". Dudes must have slept through third-grade Vocab and didn't see the politics in the bazaar. The BSDs are much more free; to the point of your work being able to be less open. You're still able to have an overlord if, e.g, you sign a support contract you didn't read very well, if you desire that. With Linux an overloard comes as a default, unless you break the license. That was always kind of a norm, wasn't i

Re:

[e3m4n]

well I prefer GPLv2 over GPLv3 for sure. But to be honest, RMS makes my head itch when I have to translate what he says, and I natively speak english.

Re: RedHat = IBM

[e3m4n]

TIL: IBM invented and controls Windows. Here I thought OS/2 was their project.

Fascinating testimonial...

[Junta]

While he isn't technically a Red Hat employee, RedHat probably provides most of GNOME foundations money, so he is mostly paid by Red Hat.

I think an open source project without a financial stake in sucking up to Red Hat may not care so much about this blessing of free Red Hat.

Most I've talked to have said that even if they were given RHEL for free, they find the prospect of having to register and such to be enough to want to go to Alma or Rocky as they come out, or even Oracle as they have their isos and yum repositories freely accessible.

Re: Fascinating testimonial...

[e3m4n]

Wasnt he the guy that created Enlightenment way back in the day? I really liked that desktop with its customizable look and feel. With the bladerunner looking frames and borders, transparency windows, and cool wisgets, I had something that looked nothing like MAC or Windoze

Canonical next?

[Maelwryth]

I wonder if Microsoft will buy Canonical? Just for the chaos it would cause it would probably be worth their while.

Re:

[Joey Vegetables]

No doubt.

But that should increase our resolve to support the remaining Linux distributions that are either non-commercial, or at the very least, not under the direct control of the technoligarchy.

While I'm mostly happy with Gentoo for now, should I ever have to switch, I'm far more inclined to go straight Debian rather than Ubuntu or anything else that's commercial.

Why are folks freaking out again?

[martynhare]

People can get free RHEL licenses for up to 16 physical machines regardless of who they are. For me and many other people, this is superior to what we had before from CentOS, as the original packages are subject to better validation, scrutiny and security measures than before. For those with more than 16 physical servers (as in actual enterprises) but who don't want to pay for support, one can use Oracle Linux because they offer unlimited free use of their rebuild, which was always better at delivering security patches in a timely manner than CentOS anyway.

I'm honestly not sure what all the fuss is about. The majority of users are actually better off under this new regime than before, regardless of how scummy things may have looked originally.

Re:

[waspleg]

The point is that water is warm, and getting warmer, Mr. Toad.

This has always been the problem with the commercialization of Linux, and is following the Silicon Valley drug dealer model, albeit with a much longer ramp up time since they weren't trying to pull this shit until IBM made a puppet out of their corpse.

I admit I stopped running CentOS at.. I think version 7, it's been awhile.

Re:

[Anonymous Coward]

People can get free RHEL licenses for up to 16 physical machines regardless of who they are.

For now. And you have to register to license. And keep that going. Until the terms are changed again. And again.

For me and many other people, this is superior to what we had before from CentOS, as the original packages are subject to better validation, scrutiny and security measures than before.

They were the same packages before, so they couldn't possibly be better, in either direction, nor will they be so now.

one can use Oracle Linux

How about no?

I'm honestly not sure what all the fuss is about.

Obviously. So for you the right choice appears to the Red Hat. I hope you fare well.

The majority of users are actually better off under this new regime than before, regardless of how scummy things may have looked originally.

I, and a great many others, disagree.

To me, trust matters. And the trust has been broken. I don't see any attempt to earn it back.

I will see what happens with the upcoming rebuild proje

Re: Why are folks freaking out again?

[e3m4n]

I was considering switching to Oracle Linux. How does the 16 license thing work if youre a consultant helping a customer build their one-off? Can I still do customized kickstart ISOs that let me bundle a few other packages like before? Does it hit my license or is that done during install, leaving my iso useful across all my clients?

Re:

[couchslug]

It took howls of betrayed rage to persuade IBMHat to offer those licenses after being proven untrustworthy. Users are valuable because they promote the product and CentOS was wonderful "market chumming" for RHEL.

I figured things would go sour eventually and avoided CentOS but users who like what it offers have considerable influence on what software and support their bosses pay for. Those advocates looked bad to their PHBs when CentOS was torpedoed by surprise and may not wish to risk another humiliation.

Re:

[unixman99]

I don't see how RH can stop anyone using more than 16 servers for free WITHOUT paying. The license is for the support, the software is OSS remember? Or are you talking about access to the RHN, errrr I mean RHSM, or is it it RHUI?

Interesting question

[couchslug]

Odd that you were downmodded rather than replied to with specifics.

Re:

[martynhare]

The answer is that the binaries aren't technically OSS in of themselves. You can apply any restrictions you want to the binaries you supply to people, as long as you fulfill the requirements of the GPL, namely, that you provide the corresponding source code (and/or applicable info on build systems if a preprocessor is used) when asked. When you use RHEL, you're binding yourself to a contractual arrangement which impacts on your freedom slightly.

They additionally use trademark law to make straight rebuil

Re: Why are folks freaking out again?

[hey00]

The possibility that the majority is users may be better off with the new arrangement is irrelevant.

The majority of desktop users are fine with Windows, but I have no doubt you'd be the first to complain of Linux desktop went away.

Beyond the trust issues rh will face now, there are real people and orgs that will be left in the dust.

A company I know is operating a few thousands computers, all of them on centos. Those 16 free instances mean jack shit.

They have 3 choices now: pay up for licenses, whose while v

In the real world, this isn't a big deal...

[martynhare]

Scripts to automate all this are easy to come by [github.com] and for CentOS Linux desktops, it's really no biggie to shift over. There is also another option: Use CentOS Stream. It is a CI repo of the latest stable, well-tested packages due to be added to the next minor update pack. In a desktop/workstation scenario it actually comes with pretty big advantages, like being able to get modern LibreOffice and Firefox much quicker in some cases.

When the news first came out, it took me a couple of weekends to move my wor

Re: In the real world, this isn't a big deal...

[hey00]

Oracle may be an option, but that's all a pain to migrate thousands of machines, and you have no guarantee it will work out be as painless as advertised.

Cent OS stream, a rolling release, is not an option for most people who used centos, and you know it.

Because we want freedom, not free beers

[GPLHost-Thomas]

This is free as in free beer. That's not what we want, we want the full 4 freedoms. That you don't care, and think it's the same thing is ok, but please don't pretend everyone else is being silly and complaining for no reason.

Besides this, for anyone doing some real work, 16 servers is nothing. For something like OpenStack, for example, 16 servers is absolutely nothing. I have just provisioned a new cluster, I'm up to 30 physical servers, not including the Ceph storage and compute nodes (48 if you include

Re:

[thegarbz]

I'm honestly not sure what all the fuss is about.

Some people have businesses to run. They aren't playing with Linux on their home desktops. The fuss is mostly about:

7th December 2020: CentOS 8 End of Life: September 2029
8th December 2020: CentOS 8 End of Life: December 2021

You may not understand the fuss, but that just means you've never actually run a server in a business. It doesn't matter if you're a Linux vendor, hardware supplier, or deliver office supplies to the receptionist. A retrospective change in a formerly announced product lifecycle which is

Re:

[thegarbz]

Also to drive home the absurdity of all of this, RedHat is offering support for CentOS 7 until 2024. They are literally EOLing a more recent product despite both versions being offered the same service agreements.

They've altered the deal, you can either sit with your thumb in your arse and pray, or you can choose yourself a different business partner not run by an evil empire like IBM (that analogy worked out better than I envisaged when I started typing).

Migrated to Debian10

[SteveC5]

Well it was a âoefriendly farewellâ from centos 7/8 to debian 10. My small network of production servers dont do anything crazy/advanced/sophisticated so a stable linux distro is all ive ever wanted/needed. Anything that needs support/subscription/cost is used on the software installed on the servers. Was a centos user since 5 too. Cant rely on IBM keeping their OSâ(TM)es free without headaches or concerns

Debian will match Redhat's offer

[labradort]

I don't have to say "on behalf of Debian" but it would fulfill the joke:
Debian will match Redhat's offer of a free OS.

IBM on Redhat appears to be the same changing cascade of deals as when Oracle took over Sun Microsystems.

Some

[MSG]

CentOS users were not happy

*Some* CentOS users were not happy. Some of us are really excited.

For all of the good that CentOS was, the rebuild process was complex, and during a typical year there would be two months during which there were no updates [1]. And that includes *security* updates. From my point of view, CentOS has been a good platform for development and testing, but I've always recommended RHEL for production, *especially* for public-facing hosts due to the poor security story that accompanies CentOS.

CentOS Stream fixes the one big flaw that's kept me recommending that CentOS not be used for production services. That's always been with regret, because I actually really prefer rpm/yum distribution channels for security reasons. End-to-end signing means that I can verify the origin of my software at any point in time, and I can use Katello to selectively release patches. I can't do either of those things with dpkg distros, because the packages themselves aren't signed.

CentOS Stream is a Free (and free) rpm-based distribution without long delays for security updates, and I'm really excited about that. Fedora has been a good fit up until now, but it does move pretty fast, and some sites prefer interfaces that last longer.

1: I know that a bunch of people will chime in to say "...but you can enable the CR repos!". If continuous release repositories are good enough for you, I have some *really* good news about CentOS Stream.

Re:

[labradort]

The concept of delays for security patches is not generally true. Perhaps in the initial release of a major version there would be a gap, but for any nasty zero days and so on, CentOS was patched almost at the same time as Redhat. I work in a facility where we've migrated most Redhat to CentOS, and there were no issues with obtaining security patches quickly. However we stay behind a little to be in the sweet spot for sufficient security and less bleeding edge, and that's version 7.* today.

Re:

[MSG]

https://en.wikipedia.org/wiki/... [wikipedia.org]

Expand that table. Every time there's a point release, the CentOS team has to rebuild the point release and resolve build ordering issues. During each of the "delay" periods, there are *no* updates to the base or updates repository, because any new packages will rely on the new base repo. If there are security updates during that period, you won't get them.

Point releases happen twice per year. The average delay is over a month. Those are two or more months out of every

Re:

[MSG]

dpkg packages *can* be signed, but they generally aren't. Usually, instead, the repository metadata is signed and the packages are not. As a result, if I selectively merge updates into a private repository tree and rebuild the metadata, the original signatures are lost. I can sign the new tree myself, but if I import compromised packages, it's very unlikely that I'll ever know it. Also, I can't log in to a running dpkg-based system and verify an arbitrary package against a signed original, because those

Why is \. still using Creepy Guy Logo?

[ayesnymous]

RedHat changed their Creepy Guy logo a long time ago. Time for Slashdot to do the same.