Monday, April 14, 2014

Red Hat Software Collections

I just found out about a RHEL initiative to offer "software collections" which to me seems similar to Ubuntu's private repositories. From the announcement "Software Collections allow you to build and install applications without being constrained by the default versions that are installed on your system. Say you want to deploy an application that requires MariaDB 5.5 and PHP 5.4 or Python 3.3 on a system running CentOS 6.5. You don’t want to have to deploy a new OS. You don’t want to compile your own, and you may have other applications that depend on the system versions of those components." This certainly offers a very flexible option to install software on your RHEL servers. There is of course EPEL but this comes with the official RHEL support. This solves a number of my problems. Security audits always flag httpd packages on my servers as insecure just by looking at the major versions. Yes, there are ways to limit flags in our audit tools but it's not ideal. So for example, latest Apache release is 2.4, whereas RHEL offers 2.2. This will be flagged by the internal audit but if we're on the software collections release channel, we'd be running 2.4, etc. Further information can be found here. You can also participate in shaping the future of software collections by voting what you'd like to see in future releases. Here's the link to the survey.
Post a Comment