Every Linux release reaches its end of life (becomes EOL) at some point.
Becoming EOL means that it is no longer supported by a vendor or the community, and does not get any security updates or bug fixes. Using EOL OS creates software update problems and security vulnerabilities.
Most of the security issues on various Linux distributions were related to vulnerabilities in OpenSSL library, used for SSH and HTTPS. Keeping a system with an outdated version of OpenSSL is like keeping a house with a lock that is known to be broken with a key publicly available. There are many dramatic stories about Heartbleed, Poodle, Ticketbleed and other 0-day OpenSSL vulnerabilities which compromised many thousands of servers all over the world.
- With an EOL OS that you cannot upgrade, you are forced to continue running older applications.
- Without security updates, your system is increasingly susceptible to newly discovered vulnerabilities and associated attacks – and becomes an obvious and easy target for hackers. Using firewalls is not enough to protect your servers from attacks, especially for the telephony servers that can not be fully isolated.
We were fully aware that Version 6 of CentOS used by Thirdlane as a base distro for our software will reach its own EOL by the end of November 2020, so early in 2020 we started preparing for migration to Version 8.
Our target release date was December 2020, and everything was going as planned, until the Red Hat announcement https://blog.centos.org/2020/12/future-is-centos-stream/ that CentOS will no longer be a rock-solid conservative RHEL clone with many years of support and CentOS 8 EOL was re-scheduled from 2029 to 2021.
While a few companies and groups of volunteers came forward with alternatives almost immediately, it became clear that the future of CentOS is not clear, and we have to make a decision about what to do next for Thirdlane and customers.
It was clear that moving to another distribution would take quite a long time, create a disruption for customers, and will not guarantee that the same won’t happen again. We also did not want our customers to continue on the EOL system for too long, so we made a decision to use a new version of CentOS (for now), while trying to become less distribution dependent in the future.
That is the path we’ve taken:
- Target CentOS 7 instead of CentOS 8 - it will be supported till 2024
- Replace ISO based distribution with an installation script that installs Thirdlane V 11 components on top of a base CentOS 7 distribution
- Use containerization for Thirdlane applications. We already moved a key component to Docker and will continue on this path
- Provide a script that allows to update CentOS 6 based system to CentOS 7 in-place
The last item required a lot of hard work, but was ultimately successful. We started with a CentOS 6 to CentOS 7 update process that was created by Red Hat. The process was only capable of converting earlier versions of CentOS 6 to early versions of CentOS 7, and was otherwise broken and abandoned.
After months of intensive testing we made it operational and capable of converting production versions of Thirdlane from any CentOS 6 to modern CentOS 7. While there is no guarantee that this will work automatically for any customized installation, our team has a high level of confidence that we can deal with, and resolve any issues on a particular server.
We will be releasing Version 11 of Thirdlane platform and applications shortly, and strongly advise you to upgrade as soon as possible – staying with the EOL version of OS is very dangerous and puts your business at risk as CentOS 6 or Thirdlane for CentOS 6 will no longer be updated.
Our team will be happy to assist in migration – just let us know when you are ready!