Hi Chris, > I'm given to understand that we're not sitting on pins and needles > waiting for CentOS 8 so we can finally overcome some operational > hurdle. While Michael has been working up new features for 5210R, > these aren't items that require RHEL8.
That's certainly true. With the Nginx SSL-proxy on 5209R we *do* have support for TLSv1.3 and ciphers that go beyond what CentOS 7 supports out of the box. On a nuts and bolts level CentOS 8 itself doesn't introduce anything radically new or different beyond what CentOS 7 offers. The kernel is a bit newer, Apache and OpenSSL are slightly newer and support TLSv1.3 out of the box, but beyond that there isn't much else. As for 5210R: The changes that I made to it (and the addition of new features such as the chrooted jails) could as well be backported to 5209R. It would rock the boat a little too much for my comfort, but it could be done easily enough. > It's just a matter of how many ports of a feature the devs want to be > responsible for. Currently it's five distinct branches of code: Three for BlueOnyx, two for Aventurin{e}. They're fortunately close enough that I can follow the "code once, then copy the difference" approach. I agree that it's certainly best to just wait for CentOS 8 (or 8.1) to come out. Even when 5210R is finally available you still might not have immediate incentive to migrate from 5209R to 5210R, because there might not be enough "added value" to make it worthwhile for your given usage cases. Still: There is a certain painting on the wall and I'm not entirely liking what I see over there in RedHat-land and their puddle of free spawns. They do have some institutional and organizational problems which I couldn't care less about. There are issues that go deeper, such as fundamental decisions about version and feature freezes and what they actually port back and what they don't. I'm having a lot of cripes with some of the decisions they made there. They weren't wise, some are outright foolish and others unnecessarily lazy. However: They *do* affect the long term usability of their OS a great deal. We did get a lot of life out of EL5 and EL6 and that's something to be really grateful for. But I can already foresee that neither EL7 or EL8 will age that well. They'll have to be carried over the finishing line on a stretcher. As is we're "married" to RPM based distributions due to the inherited build architecture that dates back to the Cobalt days. It might be useful to do a fork that can spit out *.deb's as that will provide us with more long term options. Even if it won't directly lead to BlueOnyx for Debian it would provide us with a convenient life-raft in case we ever need one. > In the meantime, we can sit back and relax and let our existing > 5200-series machines continue to purr. Especially as I sit and watch > the cPanel world burn. You want controversy and screaming? Host a > bunch of cPanel. Trust me. It's ugly right now. It's *that* bad? I wonder what they did to rack up such a bad karma. ;-) -- With best regards Michael Stauber _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx