The end of CentOS 7 – what's next?
From June, CentOS 7 users will only have the choice of switching to the upstream version or looking at the OpenELA alternatives. A little decision aid.
(Image: iX)
- André von Raison
From June 30, 2024, there will no longer be any security updates and bug fixes for CentOS 7 in the official CentOS repositories. This means that many users will have to consider which distribution they want to use for their systems in the future. Not all of them will probably follow the path propagated by Red Hat and switch to CentOS Stream. This change from a so-called bug-for-bug compatible operating system, i.e. one-to-one compatible with RHEL, to an upstream version is likely to unsettle many users. Upstream means that new features will find their way into CentOS Stream before they do so in RHEL. However, this means that the operating systems are no longer completely the same - which has advantages and disadvantages. Although users will receive new features earlier, this may also affect the stability of the systems.
OpenELA - the answer from competitors
In summer 2023, Red Hat also announced that it would no longer make the RHEL source code available at git.centos.org as before, but only to paying customers via the Red Hat customer portal. Anyone who passes on the source code is in breach of the customer agreement with Red Hat and can be excluded from support. As a result, Oracle, SUSE and CIQ - all of which offer a RHEL derivative or support for it and therefore depend on the free availability of the source code – have founded the Open Enterprise Linux Association (OpenELA for short). Its aim is to continue to make the source code for Enterprise Linux (EL) and the associated tools freely available. The OpenELA organization itself does not offer any services; these continue to come from the companies behind it. However, other providers of enterprise Linux derivatives such as AlmaLinux and EuroLinux are not yet part of OpenELA.
For users, the question therefore arises as to what update options are available if they do not want to make the switch to CentOS Stream but want to stay with a RHEL derivative. In principle, it is advisable to migrate to a version 8 or 9 of Enterprise Linux. For all users of CentOS 7 who are not yet ready to make the switch, SUSE with Liberty Linux and CIQ with the CIQ Bridge offer an alternative to stay on CentOS for longer.
Liberty Linux
As is well known, SUSE Linux Enterprise (SLE) is not based on the RHEL source code, but SUSE has been offering additional support for RHEL through its Liberty Linux offering for some time. In addition, SUSE has now added updates for CentOS 7 to its portfolio - until June 7, 2028. Security updates are available for vulnerabilities that are rated 7 and higher in the Common Vulnerability Scoring System (CVSS). Users can choose between an offer with package updates and support (SUSE Liberty Basic) and one with package updates only (SUSE Liberty Lite). It is interesting to note that only a few package sources (repositories) need to be added for use in CentOS 7 systems. No further changes to the system are required.
CIQ Bridge
CIQ, the company behind Rocky Linux, takes a similar approach: with its CIQ Bridge, it offers a support package with updates that also close security vulnerabilities of the CVSS7+ severity level. In a further subscription, there are also updates for CVSS levels 5 and 6 vulnerabilities. However, CIQ expressly does not see the bridge service as long-term support for CentOS 7, but rather as assistance to enable the transition from CentOS 7 to Rocky Linux 9 without time pressure. The manufacturer also offers support for newer kernels than those available from Red Hat.
Red Hat
At Red Hat, CentOS 7 systems can be converted to RHEL 7 and then provided with support and updates until June 2028 with Extended Lifecycle Support (ELS). However, the preferred option here is to migrate to newer RHEL versions.
Oracle Linux
Oracle does not provide direct support for CentOS 7. However, updates and support for Oracle Linux 7 are available for slightly longer, namely until December 31, 2024, and those who take advantage of Extended Support will also receive package updates and support until June 2028. However, Oracle recommends that users update to Oracle Linux 8 and 9. Like CIQ, Oracle also supports newer kernels than RHEL and those with Btrfs.
The switch
Red Hat and Rocky Linux offer convert2RHEL and migrate2Rocky scripts for switching from CentOS to RHEL and Rocky Linux respectively. However, migrate2Rocky only supports migration away from CentOS for version 8.5. For CentOS 7, you can use the ELevate tool from AlmaLinux: It extends the Leapp framework from Red Hat (Leapp stands for Legacy Application) with metadata for various Enterprise Linux distributions. ELevate can currently be used to upgrade from CentOS 7 to AlmaLinux 8, EuroLinux 8, Oracle Linux 8 and Rocky Linux 8. A further upgrade to version 9 of the respective distributions is then possible.
If packages from third-party sources are installed on the CentOS 7 system to be migrated, caution is advised in our experience: In tests, the update with ELevate did not work in every case. In this case, a new installation of the system with the desired operating system and subsequent migration of the data is recommended.
Example of a migration from CentOS 7 to Rocky Linux 9
On the AlmaLinux website you will find detailed documented examples of how CentOS 7 systems can be updated to AlmaLinux 8 and then to version 9. The same steps can be used for a modernization to Rocky Linux, EuroLinux or Oracle Linux. The update is carried out in several steps. First of all
yum install -y http://repo.almalinux.org/elevate/elevate-release-latest-el$(rpm --eval %rhel).noarch.rpmto install the RPM repository for the current operating system version. You can then use
yum install -y leapp-upgrade leapp-data-rockyto install the Leapp framework with the metadata for the desired new distribution (Rocky Linux in this example). All the necessary packages are now available and leapp preupgrade can be used to check whether any additional steps are required before the upgrade. Once these possible adjustments have been made, the leapp upgrade call raises the installation to the desired status. Updating to the next higher operating system version is carried out in the same way.
Conclusion
Obviously, the demand from CentOS users has been noticed by the enterprise Linux providers and accordingly, there are now a whole range of offers for a smooth time after the expiry of CentOS 7. In addition, a merger has been formed with OpenELA, which will probably ensure that there will continue to be derivatives and thus alternatives to RHEL in the future. There are no technical differences – at least so far – apart from minor details: the feature of the Enterprise Linux derivatives is that they are bug-for-bug compatible with the original.
However, a migration away from CentOS 7 is advisable in any case, as the operating system is celebrating its 10th anniversary this summer and is therefore simply outdated in many respects despite its popularity.
(avr)