83 lines
2.8 KiB
Markdown
83 lines
2.8 KiB
Markdown
# Software and Licenses
|
|
|
|
```{tableofcontents}
|
|
```
|
|
|
|
|
|
## Licenses
|
|
|
|
Our Red Hat Enterprise Linux subscriptions are provided by ETHZ, other licenses
|
|
are usually managed by Roland Blättler.
|
|
|
|
The RHEL repositories can be accessed on the [ETHZ Satellite server](https://id-sat-prd-02.ethz.ch). It is only accessible from within PSI and a
|
|
special account is needed, which can be requested at
|
|
<https://cd-portal.sp.ethz.ch/_layouts/15/start.aspx#/SitePages/Home.aspx>.
|
|
|
|
One thing to keep in mind is that several groups at PSI use the Satellite server
|
|
directly, so not all PSI hosts known to the Satellite belong to the central
|
|
Linux environment. In particular the network team has a number of systems there.
|
|
|
|
Normally only certain infrastructure systems are registered with the Satellite.
|
|
|
|
About once a year we report the total number of systems to ETHZ, so they can
|
|
track subscription usage. When we started using the ETHZ subscriptions in 2016
|
|
we provided an estimate of 2000 systems max.
|
|
|
|
|
|
## Distribution and deployment
|
|
|
|
All software is distributed as RPMs with the following exceptions:
|
|
|
|
- some software is provided via AFS/NFS instead
|
|
- configuration files and scripts that can be considered configuration, e.g. the
|
|
files in `/etc/cron.daily`
|
|
- server applications can be deployed by cloning a Git repository (e.g. sysdb)
|
|
|
|
There are a number of advantages to deploying software as RPM:
|
|
|
|
- automatic installation/protection of dependencies
|
|
- inventory of installed software (`rpm -qa` etc) including version
|
|
information
|
|
- integrity checking (`rpm -q --verify`)
|
|
- ownership tracking (`rpm -qf`, `yum provides`)
|
|
- no network dependency, which is useful for laptops and increases reliability
|
|
on other systems
|
|
|
|
|
|
## Repositories
|
|
|
|
We maintain an internal mirror for every repository that we use, or at least a
|
|
local repository containing the specific packages. We never point `yum.conf`
|
|
(or any other package manager) to an external repository directly.
|
|
|
|
The repository server is `repos.psi.ch`.
|
|
|
|
Currently we maintain the following repositories:
|
|
|
|
1. RHEL 7 (almost all channels)
|
|
2. EPEL for RHEL 7
|
|
3. Puppetlabs PC1
|
|
4. Google Chrome
|
|
5. OpenAFS (PSI)
|
|
6. GPFS (PSI)
|
|
7. OpenHPC
|
|
|
|
The mirroring is done using :manpage:`reposync(1)` with custom :manpage:`yum.conf` files.
|
|
|
|
|
|
The script to run a sync of all the repositories is `/opt/pli/sbin/psi-mirror-yum` but is
|
|
currently not executed automatically.
|
|
|
|
To add a new repository to the list the files `/opt/pli/etc/mirror/yum.conf` and
|
|
`/opt/pli/etc/mirror/repolist` should be edited. The first file contains the repositories
|
|
definitions, the second one the list of repositories to mirror.
|
|
|
|
|
|
|
|
## Packaging
|
|
|
|
All packaging information for in-house packages must be tracked in Git. The
|
|
repositories containing packaging information should be in the
|
|
[linux-packages](https://git.psi.ch/groups/linux-packages) group on the
|
|
Gitlab server.
|