Switch from CentOS 7 to Oracle Linux 7

5
0
Send lab feedback

Switch from CentOS 7 to Oracle Linux 7

Introduction

The following tutorial provides step-by-step procedures to automatically switch a CentOS 7 instance to Oracle Linux 7 by removing or replacing any CentOS-specific packages with the Oracle Linux equivalent. The README.md in the Oracle centos2ol repository on GitHub states that the script used in this tutorial is a work in progress and not designed to handle all possible configurations.

Please ensure you have a complete backup of the system before starting this process if the script cannot successfully convert the system.

Be sure to review the centos2ol project README.md file for the latest details.

Objectives

In this tutorial, you'll:

  • Check for non-standard kernels
  • Ensure the yum configuration is working
  • Disable or remove stale and non-CentOS repositories
  • Ensure 5GB free space in /var/cache
  • Disable all automatic updates, including yum-cron

Prerequisite

  • A system with CentOS 7 installed.

Check the CentOS Version

Note: When using the free lab environment, see Oracle Linux Lab Basics for connection and other usage instructions.

  1. Open a terminal and connect to your instance.

  2. Get the version of CentOS.

    sudo cat /etc/redhat-release
    sudo cat /etc/os-release

    Both of these commands show the instance is running CentOS 7.

Check for Non-Standard Kernels

  1. Get a list of installed kernels using yum.

    sudo yum list installed kernel

    The listing shows all the kernels installed using yum. We strongly recommend removing all non-standard kernels; for example, any kernel installed and not provided by the base or updates repo. Includes removing any centosplus kernels.

  2. Get a list of other installed kernels using grubby.

    sudo grubby --info=ALL | grep ^kernel

    Example Output:

    [oracle@centos-7 ~]$ sudo grubby --info=ALL | grep ^kernel
kernel=/boot/vmlinuz-3.10.0-1160.76.1.el7.x86_64
kernel=/boot/vmlinuz-3.10.0-1160.el7.x86_64
kernel=/boot/vmlinuz-0-rescue-281810806a454564906c048d496729db

    The list shows all the kernels configured for use. Again, we strongly recommend removing all non-standard kernels.

Remove Non-Standard Kernels with Yum

Because of the GRUB2 BootHole vulnerability, the Oracle Linux Secure Boot shim can only boot kernels signed by Oracle, and we can only replace the default CentOS kernels. While this may not impact a system if SecureBoot is disabled, enabling it later could render it unbootable. For that reason, we strongly recommend removing all non-standard kernels; for example, any installed kernel not provided by either the base or updates repo, including the CentOSPlus kernels.

Note: Skip this section if your system does not have non-standard kernels based on the description above or if you are using the free lab environment. (Do not attempt to remove the kernel using yum in the Oracle-provided lab environment. This system has only a single kernel installed. Removing the kernel entry of the only working kernel or the incorrect kernel may cause the system to fail to boot and require booting into single-user mode to fix the broken server.)

  1. Remove any non-standard kernels.

    sudo yum remove <KERNEL>

    Where <KERNEL> is is the complete package name provided by rpm -q kernel.

Remove Non-Standard Kernels with Grubby

grubby is a command-line tool for updating and displaying information about the grub boot loader's configuration files. This tool allows an administrator to disable kernels installed outside of yum.

Note: Skip this section if your system does not have non-standard kernels based on the description in the previous section or if you are using the free lab environment. (Do not attempt to remove the kernel using yum in the Oracle-provided lab environment. This system has only a single kernel installed. Removing the kernel entry of the only working kernel or the incorrect kernel may cause the system to fail to boot and require booting into single-user mode to fix the broken server.)

  1. Get the index assigned to each of the installed kernel's boot entries.

    sudo grubby --info=ALL | grep -E "^kernel|^index"

    Example Output:

    [oracle@centos-7 ~]$ sudo grubby --info=ALL | grep -E "^kernel|^index"
index=0
kernel=/boot/vmlinuz-3.10.0-1160.76.1.el7.x86_64
index=1
kernel=/boot/vmlinuz-3.10.0-1160.el7.x86_64
index=2
kernel=/boot/vmlinuz-0-rescue-281810806a454564906c048d496729db
index=3

  2. Remove any non-standard kernel's boot entries.

    grubby --remove-kernel=<MENU_INDEX>

    Where <MENU_INDEX> is the index value returned from the previous command's output.

Check YUM Configuration

  1. Get a list of enabled repositories.

    sudo yum repolist

    Example Output:

    [oracle@centos-7 ~]$ sudo yum repolist
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: ftp.plusline.net
 * epel: mirror.imt-systems.com
 * extras: mirror.imt-systems.com
 * updates: ftp.plusline.net
repo id                   repo name                                       status
base/7/x86_64             CentOS-7 - Base                                 10072
docker-ce-stable/7/x86_64 Docker CE Stable - x86_64                         183
epel/x86_64               Extra Packages for Enterprise Linux 7 - x86_64  13738
extras/7/x86_64           CentOS-7 - Extras                                 515
updates/7/x86_64          CentOS-7 - Updates                               4383
zfs/7/x86_64              ZFS on Linux for EL7 - dkms                        55
repolist: 28946

  2. Update all installed packages.

    sudo yum -y upgrade

Remove or Disable Non-CentOS Repositories

Disable all non-CentOS repositories. This step helps avoid package conflicts with third-party repositories during the switch. You can re-enable the repos after the switch.

Note: For the free lab environment, there are several CentOS and Oracle repositories and two non-CentOS repositories named zfs and docker-ce-stable. You should disable the zfs and docker-ce-stable repositories in this section.

  1. Disable non-CentOS repositories.

    sudo yum-config-manager --disable <REPOSITORY_NAME>

    Replace <REPOSITORY_NAME> with the repository name of any non-CentOS repository enabled on your system.

Check Free Space in /var/cache

  1. Get a disk space usage report.

    df -h

    Note: For the free lab environment, the /var/cache is under the / mount point, which has 35G available. This system has the 5G free recommended by the centos2ol project.

Check for Automatic Updates in Cron

There are several ways an administrator can enable automatic updates. This section checks for cron jobs that execute yum directly or using a script. Disable these jobs, if found, to avoid them running during the switching process.

Note: For the free lab environment, although we do not have any cron jobs configured in this environment, the recommendation is to review the different files and their contents.

  1. List root's cron jobs.

    sudo crontab -l

  2. List the user's cron jobs.

    sudo crontab -u oracle -l

  3. List daily, hourly, weekly, and monthly cron jobs.

    sudo ls -al /etc/cron*

    Then, check the individual files using less or the editor of choice.

    Note: In the free lab environment, the files containing yum-cron in their name are managed by the yum-cron service. We'll address disabling these in the next section of this lab.

  4. List contents of /etc/crontab.

    sudo less /etc/crontab

Disable YUM Cron Updates

Another way to automatically apply updates is with yum-cron.

  1. Check for the yum-cron package.

    sudo yum list installed yum-cron

    Example Output:

    [oracle@centos-7 ~]$ yum list installed yum-cron
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
 * base: ftp.plusline.net
 * epel: ftp.plusline.net
 * extras: ftp.plusline.net
 * updates: ftp.rz.uni-frankfurt.de
Installed Packages
yum-cron.noarch                    3.4.3-168.el7.centos                    @base

    If the output shows the yum-cron package not installed on your system, skip to the next section.

  2. Check the state of the yum-cron systemd service.

    sudo systemctl is-enabled yum-cron
sudo systemctl is-active yum-cron

  3. Disable the yum-cron systemd service if it is active and running.

    sudo systemctl stop yum-cron
sudo systemctl disable yum-cron

Download and Run centos2ol Script

  1. Download the centos2ol.sh script from GitHub.

    The simplest way to get the script is to use curl:

    curl -O https://raw.githubusercontent.com/oracle/centos2ol/main/centos2ol.sh

    If you have Git installed, use the clone option to pull the repository from GitHub.

    git clone https://github.com/oracle/centos2ol.git

  2. Run the centos2ol.sh script.

    If you used git clone, change the current working directory to the centos2ol directory.

    See the usage options for the script by passing the option -h.

    sudo bash centos2ol.sh -h

    Now, run the script and wait for it to complete.

    sudo bash centos2ol.sh

    As part of the process, the default kernel is switched to the latest release of Oracle's Unbreakable Enterprise Kernel (UEK) to enable extensive performance and scalability improvements to the process scheduler, memory management, file systems, and networking stack. We also replace the existing CentOS kernel with the equivalent Red Hat Compatible Kernel (RHCK), which specific hardware or application may require if it has imposed strict kernel version restrictions.

  3. Reboot the system.

    sudo reboot

Confirm System Switch to Oracle Linux

  1. Using the terminal, again connect to your instance.

  2. Check the distribution version and kernel details.

    cat /etc/os-release
cat /etc/redhat-release
uname -r

Contribute to the centos2ol GitHub Project

  1. Get support.

    Open a GitHub issue for non-security-related bug reports, questions, or requests for enhancements.

For More Information

Oracle Linux Documentation
Oracle Linux Training
Oracle Linux Training Station
Upgrade Oracle Linux 7 to Oracle Linux 8 using Leapp

SSR