xcp icon indicating copy to clipboard operation
xcp copied to clipboard
verified publisher icon xcp-ng

List of useful extra packages for dom0

Open olivierlambert opened this issue 7 years ago • 69 comments

We should be able to allow people to download directly some "extra" packages that can be really useful.

The only downside is that we'll need to synchronize any package update from CentOS to XCP-ng.

Monitoring

General

  • htop (prettier than top): no extra deps
  • iftop (network top): no extra deps
  • iperf (handy to check network issues): no extra deps
  • netdata (this RPM seems to work)

Security

  • wireguard (that would be VERY nice to avoid exposing XAPI publicly for "Cloud" setup)

UPS

  • apcupsd
  • nut

Misc

  • vim
  • mc

If you have ideas of stuff that you'll like, let us know here

olivierlambert avatar Aug 22 '18 17:08 olivierlambert

For UPS monitoring

  • apcupsd
  • nut

mkninc avatar Aug 22 '18 18:08 mkninc

@mkninc thanks for the feedback, can you check if those RPMs on CentOS 7 require external deps not already present in XCP-ng?

olivierlambert avatar Aug 22 '18 18:08 olivierlambert 

===========================================================================================================
 Package                 Arch                   Version                         Repository            Size
===========================================================================================================
Installing:
 apcupsd                 x86_64                 3.14.14-5.el7                   epel                 305 k
Installing for dependencies:
 libusb                  x86_64                 1:0.1.4-3.el7                   base                  19 k

===========================================================================================================
 Package                   Arch                  Version                         Repository           Size
===========================================================================================================
Installing:
 nut                       x86_64                2.7.2-4.el7                     epel                1.6 M
Installing for dependencies:
 freeipmi                  x86_64                1.5.7-2.el7                     base                2.0 M
 libusb                    x86_64                1:0.1.4-3.el7                   base                 19 k
 nut-client                x86_64                2.7.2-4.el7                     epel                206 k

mkninc avatar Aug 22 '18 19:08 mkninc

  • vim
  • mc ("graphical" file browser)

borzel avatar Aug 22 '18 20:08 borzel

I love mc, totally agree with the suggestion :)

stormi avatar Aug 29 '18 09:08 stormi

#40 was asking for cryptosetup, too.

stormi avatar Aug 29 '18 10:08 stormi

Good catch, let's close the other issue to centralize requests here :+1:

olivierlambert avatar Aug 29 '18 10:08 olivierlambert

Hi, one mistake ;) Cryptosetup is cryptsetup ;)

But I have one more package as request ... nrpe

That is nice for an external montoring

adnae avatar Aug 29 '18 10:08 adnae

  • monitoring: check-mk-agent (and xinetd and maybe changes at the firewall rules for port 6556)

borzel avatar Aug 29 '18 10:08 borzel

yum-utils and yum-plugin-versionlock for easier package/repository management

jcharaoui avatar Aug 29 '18 15:08 jcharaoui

We had added traceroute in #32 but that was in the old repo, so we need to add it again.

stormi avatar Aug 30 '18 14:08 stormi

I usually install cryptsetup manually from the centos base repos on XS7 and it works fine.

Also:

  • monitoring: munin-node

fetzerms avatar Aug 31 '18 18:08 fetzerms

Troobleshooting:

  • htop
  • iftop
  • iperf
  • tcpdump
  • nload
  • mtr
  • sysstat (iostat, mpstat, sar)
  • dstat
  • nethogs

Monitoring:

  • netdata
  • net-snmp-utils
  • nagios-plugins

Hardware RAID tools:

  • tw_cli
  • storcli

Editors

  • vim
  • emacs-nox

Security

  • fail2ban
  • ferm

Misc

  • hdparm
  • pv
  • lshw
  • dnsutils

gdelafond avatar Sep 02 '18 10:09 gdelafond

locate - useful to ...locate things tmux - screen too, but tmux better for terminal sessions

oallart avatar Sep 12 '18 05:09 oallart

bwm-ng small and simple console-based bandwidth monitor iptraf Interactive Colorful IP LAN Monitor iotop simple top-like I/O monitor shorewall(firewall)

yctn avatar Sep 20 '18 16:09 yctn

Hi, we are heavilly using nmon - nmon.sourceforge.net have binaries for RH/CentOS 7.2, works well.

PeS-hkfree avatar Sep 21 '18 11:09 PeS-hkfree

The list is becoming overwhelming and I see no reason to reject any package from it (except if they require libs that would overwrite those of XCP-ng).

I'm considering a new approach, because I don't think maintaining a significant portion of the CentOS repos in ours will make sense in the long run. Actually two new approaches:

  1. Add CentOS and EPEL repos to XCP-ng but limit them to a whitelist. This means that every additional package will have to be approved manually but without the need for us to maintain the package afterwards, leaving this to RedHat and CentOS people who already do a good job.

  2. Add unrestricted CentOS and EPEL repos, using the yum-plugin-priorities plugin, with the highest priority given to XCP-ng packages. This would allow installing anything from CentOS and EPEL provided they don't try to overwrite a package from XCP-ng. I'm using this yum plugin in xcp-ng-build-env for similar reasons and it seems to be working well.

In both cases I would have to rethink the yum upgrade process a little bit because we would need to update the CentOS and EPEL repository files before the upgrade, but I think I can make it work quite easily with just an extra step to the procedure (= update xcp-ng-release before updating the other packages).

stormi avatar Sep 24 '18 08:09 stormi

The list is becoming overwhelming and I see no reason to reject any package from it (except if they require libs that would overwrite those of XCP-ng).

True.

I'm considering a new approach. Actually two new approaches, because I don't think maintaining a significant portion of the CentOS repos in ours will make sense in the long run.

I agree.

1. Add CentOS and EPEL repos to XCP-ng but limit them to a whitelist. This means that every additional package will have to be approved manually but without the need for us to maintain the package afterwards, leaving this to RedHat and CentOS people who already do a good job.

It will require more work for the XCP-ng Team, but all packages could be tested (and upgrades with them installed too). Many question in this case:

  • will the list be fully open or be limited by criteria (wich ones)?
  • who will be responsible to update this list ? update frequency ?
2. Add unrestricted CentOS and EPEL repos, using the yum-plugin-priorities plugin, with the highest priority given to XCP-ng packages. This would allow installing anything from CentOS and EPEL provided they don't try to overwrite a package from XCP-ng. I'm using this yum plugin in xcp-ng-build-env for similar reasons and it seems to be working well.

It will be more difficult to reproduce problems as everybody will be able to install any packages, but people will be really free to do what they want. In this case, packages known to be working could be put on a list in the wiki, with a warning telling that others have not been tested ?

gdelafond avatar Sep 24 '18 10:09 gdelafond 

1. Add CentOS and EPEL repos to XCP-ng but limit them to a whitelist. This means that every additional package will have to be approved manually but without the need for us to maintain the package afterwards, leaving this to RedHat and CentOS people who already do a good job.

It will require more work for the XCP-ng Team, but all packages could be tested (and upgrades with them installed too). Many question in this case:

* will the list be fully open or be limited by criteria (wich ones)?

The criteria that I can think of right now: not overwriting (or depending on packages that would overwrite) existing XCP-ng packages

* who will be responsible to update this list ? update frequency ?

Me at first, then if people join to share the work this could probably be maintained collectively. Update frequency: at least once every big release, probably more often. It mainly depends on the test effort people are willing to provide.

2. Add unrestricted CentOS and EPEL repos, using the yum-plugin-priorities plugin, with the highest priority given to XCP-ng packages. This would allow installing anything from CentOS and EPEL provided they don't try to overwrite a package from XCP-ng. I'm using this yum plugin in xcp-ng-build-env for similar reasons and it seems to be working well.

It will be more difficult to reproduce problems as everybody will be able to install any packages, but people will be really free to do what they want. In this case, packages known to be working could be put on a list in the wiki, with a warning telling that others have not been tested ?

Yes

stormi avatar Sep 24 '18 10:09 stormi

I have a specific request as the wanted package is not a tool, but a dependency for a tool.

I'm trying to install salt-minion in order to join an xcp-server to our saltstack master, which is used for hundred of servers. I follow this guide : https://repo.saltstack.com/#rhel

But salt has a few dependencies that are not satisfied :

  • python-backports-ssl_match_hostname , which can be installed from base centos without difficulties
  • systemd-python, which cannot be installed from base, as systemd-* packages are in the exclude list un yum centos repos configuration

As far as I see, It seems that systemd is not the same version as in centos classic distribution, so I think that the better solution is to add this package in xcp-ng repositories/iso. As the source package for systemd-python is systemd, I think that it can be generated with the whole systemd-* packages ?

update

As stormi said me on IRC, this packages is in fact available, in builddeps for 7.5, and will be in base in 7.6. So my question is already answered. Thanks to him

ManicoW avatar Oct 18 '18 22:10 ManicoW

Adding deltarpm as mentioned in #120

stormi avatar Jan 07 '19 09:01 stormi

nvme-cli, as mentioned in https://xcp-ng.org/forum/topic/908/smartmontools

stormi avatar Feb 07 '19 10:02 stormi

Netdata. For the love of data.

xianglo avatar Feb 08 '19 10:02 xianglo

yum-cron, automatic security updates

jotihojr avatar Feb 09 '19 15:02 jotihojr

joe - A simple text editor

adhawkins avatar Feb 28 '19 10:02 adhawkins

Current wishlist, with additional information for each package.

Troubleshooting

package provenance added dependencies action
htop epel none installed by default (8.0)
iftop epel none installed by default (8.0)
iperf epel none added to repo (8.0)
iperf3 centos none added to repo (8.0)
traceroute centos none added to repo (8.0)
~~tcpdump~~ already installed none -
nload epel none added to repo (8.0)
mtr centos none added to repo (8.0)
~~sysstat~~ already installed none -
dstat centos none added to repo (8.0)
nethogs epel none
bwm-ng epel none
iptraf-ng centos none
iotop centos none added to repo (8.0)
nmon epel none
pv epel none
fio centos several

Monitoring

package provenance added dependencies action
netdata needs packaging ?
nrpe epel nagios-common
check-mk-agent epel GeoIP,bind-libs,bind-utils,bind-libs-lite,bind-license
munin-node epel 62 packages
net-snmp-utils centos net-snmp,net-snmp-agent-libs,net-snmp-libs
nagios-plugins epel nagios-common

Security

package provenance added dependencies action
wireguard needs packaging ?
cryptsetup centos cryptsetup-libs installed by default (8.0)
fail2ban epel a lot
ferm epel none

Hardware RAID tools

package provenance added dependencies action
tw_cli needs packaging ?
storcli needs packaging, a RPM exists on broadcom's website none at runtime

UPS

package provenance added dependencies action
apcupsd epel libusb
nut epel freeipmi,libtool-ltdl,libusb,nut-client

Other hardware-related tools **

package provenance added dependencies action
~~hdparm~~ already installed none -
dc3dd epel none
nvme-cli centos none added to repo (8.0)
lshw centos none added to repo (8.0)

Editors

package provenance added dependencies action
vim-enhanced centos gpm-libs,vim-common,vim-filesystem added to repo (8.0)
emacs-nox centos 8 packages
joe epel none added to repo (8.0)

Misc

package provenance added dependencies action
deltarpm centos none
dnsutils needs packaging ?
mlocate centos none, but doesn't it add I/O overhead?
mc centos gpm-libs added to repo (8.0)
socat centos none added to repo (8.0)
tmux centos none added to repo (8.0)
wpa_supplicant centos none added to repo (8.0 updates)
yum-cron centos none available in repo as part of yum suite, but I don't advise using it! (8.0)
yum-utils centos none installed by default (8.0)
yum-plugin-versionlock centos none available in repo as part of yum suite, but I don't advise using it! (8.0)

stormi avatar Apr 05 '19 16:04 stormi

Suggested on the forum: socat, useful to open VNC access

stormi avatar Jun 18 '19 02:06 stormi

For netdata, there are official packages now : https://packagecloud.io/netdata/netdata

gdelafond avatar Jul 10 '19 20:07 gdelafond

dc3dd is usefull to wipe a disk (it is like dd if=/dev/zero but with live status & more options)

gdelafond avatar Jul 13 '19 09:07 gdelafond

For netdata, there are official packages now : https://packagecloud.io/netdata/netdata

and netdata is present in epel repo too.

gdelafond avatar Jul 13 '19 11:07 gdelafond