Navigating CentOS 7 EOL to Maintain Your Cloud Security

To stay secure in the cloud, you need to ensure you’re using security solutions that reflect your evolving work requirements and the ever-changing cyber threat landscape. But you also need to keep up with technological change as solutions come and go. End of life (EOL) for a preferred operating system can necessitate a shift in your efforts, as is the case with the CentOS Linux 7 EOL.

In this blog post, we’ll provide some background information on EOL for CentOS Linux 7. We’ll also discuss some next steps you can take to maintain your cloud security through this change.

CentOS 7 EOL: Marking a Shift in Priorities

CentOS is a Linux distribution developed by contributors to the CentOS Project community. In 2020, CentOS Project coordinated with Red Hat to fully invest in CentOS Stream. This upstream development platform supports upcoming releases of Red Hat Enterprise Linux (RHEL).

Fast forward three years. In April 2023, the CentOS Project made the following announcement: "RHEL 7 reaches End of Maintenance on June 30, 2024. After June 30, 2024, there will be no updates published for CentOS Linux 7." In its announcement, the CentOS Project also said that CentOS Stream 8 would no longer receive updates after May 31, 2024, noting that the operating system had "fulfilled its purpose" given the transition of RHEL 8 to Maintenance. 

How You Can Keep the Cloud Secure

EOL means the CentOS Project will not update its operating system with security fixes going forward. This lack of support may expose you to new risks if you continue to use CentOS Linux 7. Such is the case even if you’re using the CIS Benchmarks™ and the CIS Hardened Images® for this operating system, as we won’t be able to update these resources for CentOS Linux 7 after June 30, 2024. As a result, we recommend moving to another distribution of Linux.

The CentOS Project called out RHEL as an option in its April 2023 announcement. In doing so, it acknowledged the connection between CentOS and RHEL. Per Red Hat, CentOS derived from RHEL sources, and new versions of the operating system (OS) came out in alignment to the RHEL release cycle.

"If you want to stay within the RHEL ecosystem, you’ll need to decide if you want to move to a RHEL8 or a RHEL9 based distribution," the CentOS Project noted. It also included some resources on RHEL8 and RHEL9 with the recommendation that organizations "carefully read each of these to help select the right platform for your systems."

Planning Your Migration to RHEL

If you decide to migrate to another OS in RHEL, you need to do so with the realization that CentOS and RHEL are very similar but will require hands on implementation to migrate.

To assist with the migration process, Red Hat offers a CentOS Linux migration assessment to evaluate your current environment and plan your next steps. It also offers convert2rhel, a script you can download and install on your system. Before you run the script, Red Hat advises that you first update and upgrade your system(s) and get them ready for conversion.

As part of the migration process, you may need to upgrade your systems from RHEL 7 to RHEL 8. You can purchase an Extended Lifecycle Support (ELS) subscription for RHEL 7 if you're intent on migrating to that operating system. Otherwise, you can save yourself the added expense by upgrading to RHEL 8 in place. As explained by Red Hat, you can do this by installing Leapp tools, running the pre-upgrade assessment, remediating any issues that arise, running the in-place upgrade, and then validating your upgraded systems and applications.

Make a Change before the CentOS Linux 7 EOL Date

CentOS Linux 7 support for security fixes, patches, and feature updates will end on June 30, 2024. As a result, we will no longer be updating our CIS Benchmarks, and the CIS Hardened Images will no longer be patched monthly by CIS for this operating system.

Whether you go with RHEL or another operating system, now is the time to choose another operating system so that you can stay secure in the cloud. When you do, be sure to use the corresponding Hardened Image so you can simplify the process of securing your data and systems on a new operating system. You can reach out to our Cloud Sales team to learn about your options or navigate the conversion process to RHEL. (They're working hand-in-hand with Red Hat to help organizations like you navigate the RHEL conversion process if you need support.) Alternatively, you can get started exploring your options on your own.

Want to take a closer look?