When you're provisioning software onto a machine that will run in Production, you don't want to be running software from anywhere. You need to know that you can trust the source of the software before you ship it into Production.
In our case, we run CentOS. These are our criteria for determining whether or not to trust a package.
- Packages are maintained by CentOS/RedHat directly.
- Packages are maintained by the vendor of the software directly.
- Packages are maintained by a reputable third-party source (as few of these as possible).
- Packages are maintained by us. That is, we compile them from source ourselves.
Your criteria may look different. If you don't have criteria, and generally just install software from anywhere, I have two pieces of advice.
- Stop it.
- Our criteria has been very good to us. Feel free to borrow ours.
- CentOS Plus
- Continuous Release
- EPEL
- Extras
- Fast Track Fixes
- Gluster
- OpenStack
- OS Packages
- Updates
- Virtualization
- Couchbase
- Docker
- Duo Security
- Elastic Beats
- Elastic Curator
- Elastic Logstash
- Elastic Search
- Erlang
- Facebook OSQuery
- Git-LFS
- Google Stackdriver
- Grafana
- Keybase
- Mongo DB
- MySQL 5.7
- MySQL Connectors
- MySQL Tools
- New Relic
- Nginx
- PostgreSQL 10
- Rsyslog
- Sensu monitoring
- VirtualBox
- Yarn
- Cityfan — The least trusted of the bunch. Provides modern cURL packages. (cURL didn't receive support for TLS 1.1/1.2 until version 7.34.0. CentOS 6 ships with 7.19.0. CentOS 7 ships with 7.29.0.)
- Remi — Remi is a member of the RedHat SCL group. He packages modern PHP builds for RedHat/CentOS.
- Nodesource 7.x, 8.x, 9.x — Nodesource is a trusted member of the Node.js community.
Build scripts for these packages are available for inspection. In the meantime, these are the packages you'll find in the Lucky Rocketship Underpants repos. I generally try to stay on top of updates, and will keep old versions around for some time as to not break your provisioning scripts which grab specific versions.
All packages are built against CentOS 7 x86_64.
yum list | grep -i direct-centos7-custom | sort- Autoconf 2.69
- Automake 1.15
- Chag 1.1.4
- CMake 3.8.2
- cmark 0.27.1
- Docker Compose 1.13.0
- GCC 6.3.0
- Git 2.13.1
- GitHub Hub 2.2.9
- GitQL 1.3.0
- Golang 1.8.1
- Hashicorp Consul 0.8.4
- Hashicorp Packer 1.0.0
- Hashicorp Terraform 0.9.8
- Hashicorp Vault 0.7.3
- HHVM 3.19.1
- hiredis 0.13.3
- httpstat 1.0.0
- jq 1.5
- LLVM, Clang, LLDB, LLD 4.0.0
- Ninja Build 1.7.2
- Oracle Java 8u131 + the unlimited crypto package
- Pandoc 1.19.2.1
- pfff 0.29
- PlantUML 8059
- Python 2.7.13 and 3.6.1
- Ruby 2.4.1
- server-info 1.0.0
- Siege 4.0.0
- sift 0.9.0
- Square Certstrap 1.0.1
- Statsite 0.7.1
- TextQL 2.0.3
