The CentOS Atomic SIG has released an updated version of CentOS Atomic Host (7.1902), an operating system designed to run Linux containers, built from standard CentOS 7 RPMs, and tracking the component versions included in Red Hat Enterprise Linux Atomic Host.

CentOS Atomic Host includes these core component versions:

  • atomic-1.22.1-26.gitb507039.el7.centos.x86_64
  • rpm-ostree-client-2018.5-2.atomic.el7.x86_64
  • ostree-2018.5-1.el7.x86_64
  • cloud-init-18.2-1.el7.centos.1.x86_64
  • docker-1.13.1-91.git07f3374.el7.centos.x86_64
  • kernel-3.10.0-957.5.1.el7.x86_64
  • podman-
  • flannel-0.7.1-4.el7.x86_64
  • etcd-3.3.11-2.el7.centos.x86_64

Download CentOS Atomic Host

CentOS Atomic Host is available as a VirtualBox or libvirt-formatted Vagrant box, or as an installable ISO, qcow2 or Amazon Machine image. For links to media, see the CentOS wiki.


If you’re running a previous version of CentOS Atomic Host, you can upgrade to the current image by running the following command:

# atomic host upgrade

Release Cycle

The CentOS Atomic Host image follows the upstream Red Hat Enterprise Linux Atomic Host cadence. After sources are released, they’re rebuilt and included in new images. After the images are tested by the SIG and deemed ready, we announce them.

Getting Involved

CentOS Atomic Host is produced by the CentOS Atomic SIG, based on upstream work from Project Atomic. If you’d like to work on testing images, help with packaging, documentation – join us!

You’ll often find us in #atomic and/or #centos-devel if you have questions. You can also join the atomic-devel mailing list if you’d like to discuss the direction of Project Atomic, its components, or have other questions.

Getting Help

If you run into any problems with the images or components, feel free to ask on the centos-devel mailing list.

Have questions about using Atomic? See the atomic mailing list or find us in the #atomic channel on Freenode.

A substantial number of released/updates were announced on Tuesday, March 19th, and are listed below. For timely announcements of these updates, subscribe to the centos-announce mailing list, at .

Errata and Enhancements Advisories

We issued the following CEEA (CentOS Errata and Enhancements Advisories) during March:

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during March:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during March:


We are pleased to announce new official Vagrant images of CentOS Linux 6.10 and CentOS Linux 7.6.1810 for x86_64. All included packages have been updated to February 28th, 2019.

Known Issues

  1. The VirtualBox Guest Additions are not preinstalled; if you need them for shared folders, please install the vagrant-vbguest plugin and add the following line to your Vagrantfile:
    config.vm.synced_folder ".", "/vagrant", type: "virtualbox"

    We recommend using NFS instead of VirtualBox shared folders if possible; you can also use the vagrant-sshfs plugin, which, unlike NFS, works on all operating systems.

  2. Since the Guest Additions are missing, our images are preconfigured to use rsync for synced folders. Windows users can either use SMB for synced folders, or disable the sync directory by adding the line
    config.vm.synced_folder ".", "/vagrant", disabled: true

    to their Vagrantfile, to prevent errors on "vagrant up".

  3. Installing open-vm-tools is not enough for enabling shared folders with Vagrant’s VMware provider. Please follow the detailed instructions in
  4. Some people reported "could not resolve host" errors when running the centos/7 image for VirtualBox on Windows hosts. We don't have access to any Windows computer, but some people reported that adding the following line to the Vagrantfile fixed the problem:
    vb.customize ["modifyvm", :id, "--natdnshostresolver1", "off"]

Recommended Setup on the Host

Our automatic testing is running on a CentOS Linux 7 host, using Vagrant 1.9.4 with vagrant-libvirt and VirtualBox 5.1.20 (without the Guest Additions) as providers. We strongly recommend using the libvirt provider when stability is required.


The official images can be downloaded from Vagrant Cloud. We provide images for HyperV, libvirt-kvm, VirtualBox and VMware.

If you never used our images before:

vagrant box add centos/6 # for CentOS Linux 6, or...
vagrant box add centos/7 # for CentOS Linux 7

Existing users can upgrade their images:

vagrant box update --box centos/6
vagrant box update --box centos/7

Verifying the integrity of the images

The SHA256 checksums of the images are signed with the CentOS 7 Official Signing Key. First, download and verify the checksum file:

$ curl -o sha256sum.txt.asc
$ gpg --verify sha256sum.txt.asc

Once you are sure that the checksums are properly signed by the CentOS Project, you have to include them in your Vagrantfile (Vagrant unfortunately ignores the checksum provided from the command line). Here's the relevant snippet from my own Vagrantfile, using v1803.01 and VirtualBox:

Vagrant.configure(2) do |config| = "centos/7"

  config.vm.provider :virtualbox do |virtualbox, override|
    virtualbox.memory = 1024
    override.vm.box_download_checksum_type = "sha256"
    override.vm.box_download_checksum = "b24c912b136d2aa9b7b94fc2689b2001c8d04280cf25983123e45b6a52693fb3"
    override.vm.box_url = ""


If you encounter any unexpected issues with the Vagrant images, feel free to ask on the centos-devel mailing list, or in #centos on Freenode IRC.


I would like to warmly thank Brian Stinson, Fabian Arrotin and Thomas Oulevey for their work on the build infrastructure, as well as Patrick Lang from Microsoft for testing and feedback on the Hyper-V images. I would also like to thank the CentOS Project Lead, Karanbir Singh, without whose years of continuous support we wouldn't have had the Vagrant images in their present form.

I would also like to thank the following people (in alphabetical order):

  • Graham Mainwaring, for helping with tests and validations;
  • Michael Vermaes, for testing our official images, as well as for writing the detailed guide to using them with VMware Fusion Pro and VMware Workstation Pro;
  • Kirill Kalachev, for reporting and debugging the host name errors with VirtualBox on Windows hosts.

Dear CentOS enthusiast,

Another month into 2019, and we have a lot to tell you about.

CentOS is 15!

As you may have seen either at recent events, or on social media, we're getting ready to celebrate our 15th birthday! As part of that, Rich has been interviewing various people who were around in those early years, to get some of the back-story on how it all happened. You'll start seeing these interviews on the blog in the month of March.

This week, we have published an interview with Greg Kurtzer, who founded the project in the first place.

Later, we'll be publishing interviews with Karsten Wade, Manuel "wolfy" Wolfshant, and Mike McLean, with others to come.

If you would like to talk about your involvement in CentOS, please get in touch with Rich at  You don't need to be one of the founders - just to have something interesting to say about your involvement, past, present, and future.

Releases and updates

February was a very busy month for errata and updates. The links below are to the release notes for each update.

Errata and Enhancements Advisories

We issued the following CEEA (CentOS Errata and Enhancements Advisories) during February:

Errata and Security Advisories

We issued the following CESA (CentOS Errata and Security Advisories) during February:

Errata and Bugfix Advisories

We issued the following CEBA (CentOS Errata and Bugfix Advisories) during February:

SIG Updates

SIGs - Special Interest Groups - are where people work on the stuff that runs on top of CentOS. We have recently started having SIGs report quarterly, so we have just a few of them each month, getting through the entire list every 3 months.


There was presentation on NFV SIG at the CentOS dojo.

We hope to get vpp 19.01 release RPMs in mirrors before the end of February. Stay tuned.

More information on the NFV SIG, including how to get involved, may be found on their wiki page.

Opstools SIG

The opstools SIG has published their quarterly report to the CentOS Blog.

More information on the Opstools SIG, including how to get involved, may be found on their wiki page.

Virtualization SIG

The Virtualization SIG has published their quarterly report to the CentOS Blog.

More information about the Virtualization SIG, including how to get involved, may be found on their wiki page.


FOSDEM was, of course, in February, but we reported on that in last months' newsletter.

This month, we'll be sponsoring FOSSAsia in Singapore! We'll have a CentOS table there, and we'll have participation from numerous of our favorite projects, including Ansible, ManageIQ, Fedora, and Dogtag.

We are ramping up towards the CentOS Dojo at ORNL, which is now just a month and a half away. We have published our speaker list, and the full schedule of talks should be up very soon. Register today to attend! (Registration is free, but due to the nature of the facility, you must register in advance to gain access through security.)

If you would like to host a Dojo, or have a suggestion for where we should have one, please get in touch with the CentOS Promo mailing list.

Other upcoming events are always listed on the events wiki page.

Contributing to CentOS Pulse

We are always on the look-out for people who are interested in helping to:

  • report on CentOS community activity
  • provide a report from the SIG on which you participate
  • maintain a (sub-)section of the newsletter
  • write an article on an interesting person or topic
  • provide the hint, tip or trick of the month

Please see the page with further information about contributing. You can also contact the Promotion SIG, or just email Rich directly ( with ideas or articles that you'd like to see in the next newsletter.


As I’ve mentioned, as we approach our 15th anniversary, I’ve been talking with some of the people who were around in those early days, to get more of the backstory. (See our YouTube channel for the full interview.)

Last week, I spoke with Greg Kurtzer, who founded the Caos Linux project, which turned into the CentOS Project in 2002. I got an eye-opening story of how it all started.

In October of 2000, Greg, who was already an avid Debian GNU/Linux fan, joined an organization (LBNL) that was a Red Hat shop. (This was before Red Hat Enterprise Linux.) And, while generating packages for work, he decided that what was really needed was a community-managed distribution of RPM-based Linux, much like Debian existed for the dpkg crowd.

Now, in the early days of open source and free software, we had communities that were more defined by personalities than by technologies. Granted, that situation still exists today, but if you didn’t endure the flame wars of the late 90’s and early 2000’s, it can be a little hard to imagine just how bad it sometimes got.

With Caos Linux, Greg had an opportunity to set a new tone for the project as more welcoming, beginner friendly, and encouraging than was the norm at the time.

When Red Hat Linux became Red Hat Enterprise Linux, and the project could no longer use Red Hat Linux as the build system, they began to work with Rocky McGough who was already doing a rebuild of RHEL for his employer. (There were a number of these projects at the time.) He was changing roles professionally, and wanted the project to continue, and so agreed to merge with the work that Greg was doing. Rocky was, effectively, the first technical lead of CentOS. The name itself was coined by a participant in the UK, who will be mentioned again later.

The process was started by Greg to create a 501c3 non-profit entity - the Caos Foundation - which would host the CentOS Project. There was a framework being created to cover governance, funding, and organizing volunteer effort. Unfortunately, the individual who came up with the name ‘CentOS’ also owned the domain name, and declined to release it to the foundation as promised.

Meanwhile, when a RHEL-rebuild project called White Box Linux was discontinued, it became clear that what the community wanted was a free alternative to Red Hat Enterprise Linux. CentOS moved into that space, based on the work that White Box had done.

As CentOS was starting to gain popularity, word came to the project that Rocky had committed suicide. In addition to being very tragic, this presented certain technical difficulties to the project, since he was the technical lead at the time. In hindsight, it is a shame he didn’t get to see what the project would become in time, as the foresight may have prevented this tragedy.

Greg passed on the technical lead position to the individual in the UK who held the domain name, while Greg continued to manage the project, community, and governance side of things. Donations to the project started to come in to support the infrastructure and other needs of the project. And third-party vendors making a business around the project also began to appear and prosper. The project was growing rapidly, and donations to the project were growing rapidly.

From there, due to a number of situations not really germane to this article, Greg moved on, and the CentOS project, through a number of events, came to where it is today. We’ll explore some of these other transitions in upcoming interviews and articles.

Of particular interest to me during my interview with Greg, were his remarks about setting the tone in a project. Being welcoming, kind, and patient takes so little time, but creates a community that people want to participate in, are proud to be part of and which is sustainable for a long time, due to the ability of new participants to enter and feel ownership. I’ve published a separate, much shorter, video with just those remarks, which I’d encourage you take two minutes to watch, too.

CentOS Opstools SIG Quarterly Report
Dec 01, 2018 - Feb 28, 2019


Provide tools and, documentation, recommendations and best practices for operators of large infrastructure.

Membership update

We need to be honest to see that contributions decreased over the time. Members moved on, and at the same time, we failed to attract new contributors.

Health and Activity

CentOS opstools packages are being consumed by OpenStack Kolla, and at the same time, for example also by oVirt.

During FOSDEM, we got in touch with collectd upstream. collectd is also integral part of the OPNFV Barometer project. While Barometer provides containers to test the project, the same can be achieved by using packages from CentOS-Opstools.

Architectual-wise, we are shifting from using sensu and fluentd. If anyone is interested in keeping them, it's the right time to step up.

The replacements will be using rsyslog and Prometheus. Currently, we are not building Prometheus under the opstools SIG; interested
persons are encouraged to step up here!

Issues for the Board

None at this point, but we should keep an eye on contributors.

Happy birthday, CentOS!

15 years ago, the CentOS project started up in order to fill a gap left by a change in the way that Red Hat decided to market their product.

Many of the people that were involved in those early days are still involved today, although in different capacities than they were then. Over they years, their involvement has changed, due to their own changing job responsibilities, as well as the shifting technological landscape.

Over the next few months, as part of our celebration of our 15 year anniversary, I'm going to be talking with some of these people that were involved in the early days, as well as some that have joined later on, to talk about how and why people get involved in this project.

If you would like to tell your story, please get in touch with me at and we'll schedule an interview.

Virtualization SIG quarterly report, Dec 1 2018 - February 28 2019


Packaging and maintaining different FOSS based virtualization applications that one can install and run natively on CentOS.

Membership Update

We are always looking for new members.

Tomasz Baranski and Yuval Turgeman joined the SIG for oVirt project.

Releases and Packages

oVirt 4.2 reached end of life with the upstream release of oVirt 4.3. Upstream is planning 4.3.1 to be shipped live on February 26th, the SIG will rebase on that.

On Xen side, Xen 4.8 has been updated to 4.8.5-1

On libvirt side, latest upstream release 5.0 has been tagged for release

Health and Activity

The Virtualization SIG remains fairly healthy. All the projects within the SIG are updating regularly on biweekly meetings.

oVirt had a conference in Milan on November 16th 2018 and is planning a new conference in Rome this spring.

oVirt was also present at and Fosdem.

Xen 4.10.2 is also available, and the dom0-enabled Linux kernel is at 4.9.127. Release candidate builds of Xen 4.12 are also available.

Issues for the Board

oVirt pushed a patch for having a CentOS appliance including oVirt Guest Agent in

We've updated centos-release-xen to default to Xen 4.8 in the CBS repos.

In this post, we're going to talk about how to use buildah to build container images on CentOS.

buildah is a command line tool that facilitates building OCI compliant images. There's a plethora of information available around what buildah is on its GitHub landing page so we won't dive more into what it is. However, it's worth mentioning that buildah helps you build container images without having to run any daemon in the background, unlike the docker CLI tool which requires the Docker daemon to be running in the background.

Installing buildah

buildah is already available in the CentOS repos. All we need to do is:

$ yum install -y buildah
$ buildah -v
buildah version 1.5-dev (image-spec 1.0.0, runtime-spec 1.0.0)

buildah offers a number of features and options. To know about these, simply execute buildah on the command line or refer to its manual page (man buildah).

Building the container image

buildah can build a container image by referring the same Dockerfile that docker build refers to. Let's consider this simple Dockerfile for example. All it does is install the wget package:

$ cat Dockerfile

RUN yum install -y wget && yum clean all

Now, build the container image named wget :

$ buildah bud -t wget .
$ buildah images
IMAGE ID             IMAGE NAME                                               CREATED AT             SIZE
2f254a4fff8d                 Dec 17, 2018 05:07     210 MB
9b6563cfaff2         localhost/wget:latest                                    Jan 16, 2019 11:01     234 MB

You can use this container image with podman by doing:

$ podman run -it --rm wget bash

podman is a tool for managing pods, containers, and container images. Its website contains extensive detail about its capabilities and uses.

Use the container image with Docker

buildah also makes it possible to use the image thus built via the local Docker daemon. It's as simple as doing a buildah push:

$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE

$ buildah images
IMAGE ID             IMAGE NAME                                               CREATED AT             SIZE
2f254a4fff8d                 Dec 17, 2018 05:07     210 MB
9b6563cfaff2         localhost/wget:latest                                    Jan 16, 2019 11:01     234 MB

$ buildah push wget:latest
Getting image source signatures
Copying blob sha256:b05580fca2f9aabb2d8fa975b29146c9147c8418e559f197c54a4fac04babb95
 200.47 MiB / 200.47 MiB [==================================================] 4s
Copying blob sha256:fa5e7b9f8f4d8f07f7af27cd06269ba16ba0f06cbacacc7c7e96a616da885cab
 22.82 MiB / 22.82 MiB [====================================================] 0s
Copying config sha256:9b6563cfaff28baa1075e86b60c502f85fc31b56bdb641d314a7c61d2e91fae8
 1.33 KiB / 1.33 KiB [======================================================] 0s
Writing manifest to image destination
Storing signatures
Successfully pushed

$ docker images
REPOSITORY                        TAG                 IMAGE ID            CREATED             SIZE   latest              9b6563cfaff2        6 minutes ago       226 MB

Initially, the local Docker daemon storage had no container images. We did buildah push wget:latest to push the image to local Docker daemon's storage. Now doing docker images shows the image and can then be used with docker run

That's it

In this blog, we saw simple steps that need to be performed to install and use buildah to build OCI images which can then be pushed to local Docker daemon's storage. buildah can also push container images to the remote registry. It is highly recommended to read the documentation to know about more features and capabilities of buildah.

In a future blog, we will share how the CentOS Container Pipeline team managed to build container images on OpenShift using buildah.

Just a quick update - the schedule from the recent CentOS Dojo at FOSDEM has been updated to include the videos from each presentation.

Note: Three of the talks are missing video due to equipment failure.