[BlueOnyx:23201] Re: Upcoming BlueOnyx 5210R additions

[Michael Stauber]

Hi Chris,

> I'm given to understand that we're not sitting on pins and needles
> waiting for CentOS 8 so we can finally overcome some operational
> hurdle.    While Michael has been working up new features for 5210R,
> these aren't items that require RHEL8.

That's certainly true. With the Nginx SSL-proxy on 5209R we *do* have
support for TLSv1.3 and ciphers that go beyond what CentOS 7 supports
out of the box.

On a nuts and bolts level CentOS 8 itself doesn't introduce anything
radically new or different beyond what CentOS 7 offers. The kernel is a
bit newer, Apache and OpenSSL are slightly newer and support TLSv1.3 out
of the box, but beyond that there isn't much else.

As for 5210R: The changes that I made to it (and the addition of new
features such as the chrooted jails) could as well be backported to
5209R. It would rock the boat a little too much for my comfort, but it
could be done easily enough.

> It's just a matter of how many ports of a feature the devs want to be responsible for.

Currently it's five distinct branches of code: Three for BlueOnyx, two
for Aventurin{e}. They're fortunately close enough that I can follow the
"code once, then copy the difference" approach.

I agree that it's certainly best to just wait for CentOS 8 (or 8.1) to
come out.

Even when 5210R is finally available you still might not have immediate
incentive to migrate from 5209R to 5210R, because there might not be
enough "added value" to make it worthwhile for your given usage cases.

Still: There is a certain painting on the wall and I'm not entirely
liking what I see over there in RedHat-land and their puddle of free
spawns. They do have some institutional and organizational problems
which I couldn't care less about. There are issues that go deeper, such
as fundamental decisions about version and feature freezes and what they
actually port back and what they don't. I'm having a lot of cripes with
some of the decisions they made there. They weren't wise, some are
outright foolish and others unnecessarily lazy. However: They *do*
affect the long term usability of their OS a great deal.

We did get a lot of life out of EL5 and EL6 and that's something to be
really grateful for. But I can already foresee that neither EL7 or EL8
will age that well. They'll have to be carried over the finishing line
on a stretcher.

As is we're "married" to RPM based distributions due to the inherited
build architecture that dates back to the Cobalt days. It might be
useful to do a fork that can spit out *.deb's as that will provide us
with more long term options. Even if it won't directly lead to BlueOnyx
for Debian it would provide us with a convenient life-raft in case we
ever need one.

> In the meantime, we can sit back and relax and let our existing
> 5200-series machines continue to purr.  Especially as I sit and watch
> the cPanel world burn.  You want controversy and screaming?   Host a
> bunch of cPanel.  Trust me.  It's ugly right now.

It's *that* bad? I wonder what they did to rack up such a bad karma. ;-)

-- 
With best regards

Michael Stauber