Since CentOS 7 reached its end of life (EOL), you can migrate CentOS 7 to Alibaba Cloud Linux 3. This topic describes the differences between Alibaba Cloud Linux 3 and CentOS 7.
For information about CentOS EOL plans, see CentOS EOL guidance.
For information about the EOL plans of different operating systems, see Maintenance support for operating systems.
Differences of the kernel and core toolchain
Component | CentOS 7 x86 | Alibaba Cloud Linux 3 x86 | Alibaba Cloud Linux 3 Arm64 | Description |
gcc | 4.8.5_44.el7 | 10.2.1_3.8.al8 | 10.2.1-3.5.al8 | After CentOS 7 is migrated to Alibaba Cloud Linux 3, your applications must be recompiled to adapt to the dynamic link libraries (DLLs) used in Alibaba Cloud Linux 3 to prevent failures to identify DLL files. |
glibc | 2.17_326.el7_9 | 2.32_1.16.al8 | 2.32-1.12.al8 | |
Kernel | 3.10.0-1160.114.2.el7 | 5.10.134-16.1.al8 | For more information about kernel differences, see the Kernel differences section of this topic. | |
binutils | 2.27_44.base.el7_9.1 | 2.35_12.2.al8 | None. | |
systemd | 219_78.el7_9.9 | 239_74.0.3.al8 | None. | |
grub2 | 2.02_0.87.0.2.el7.centos.14 | 2.02-148.0.1.al8.1 | None. | |
Differences of important system components
If you compile and install later versions of components in CentOS 7 instead of using the versions available in the Yellowdog Updater Modified (YUM) repository, you may be unable to log on to the system or run applications after you migrate CentOS 7 to Alibaba Cloud Linux 3. To resolve the issues, you must compile the components in Alibaba Cloud Linux 3, or obtain the components from the Alibaba Cloud Linux 3 YUM repository.
Component | CentOS 7 x86 | Alibaba Cloud Linux 3 x86 and Arm64 | Description |
Python | Python 2, Python 3.4, and Python 3.6 | Python 2, Python3.6, Python 3.8, and Python 3.11 | By default, the |
java-1.8.0-alibaba-dragonwell | None | 3:8.15.16.372-2.al8 | By default, when you run the |
java-1.8.0-openjdk | 1:1.8.0.412.b08-1.el7_9 | 1:1.8.0.412.b08-2.0.1.1.al8 | |
golang | 1.20.12-1.el7 | 1.20.12-8.0.1.al8 | None. |
nginx | 1:1.20.1-10.el7 | 1:1.20.1-1.0.3.al8 | None. |
php | 5.4.16-48.el7 | 7.4.33-1.0.1.al8 | None. |
mysql | None | 8.0.36-1.0.1.1.al8 | By default, when you run the |
mariadb | 5.5.68-1.el7 | 3:10.5.22-1.0.1.al8 | |
postgresql | 9.2.24-9.el7_9 | 13.14-1.0.1.al8 | None. |
redis | 3.2.12-2.el7 | 6.2.7-1.0.2.al8 | None. |
openssl | 1.0.2k_26.el7_9 | 1.1.1k_12.0.1.al8 | None. |
Differences of important system components
Component | CentOS 7 x86 | Alibaba Cloud Linux 3 x86 and Arm64 |
Package management | yum | dnf |
Network packet filtering framework | iptables | nftables |
Container component | docker | podman Note You can also introduce Docker Community Edition (CE) for self-deployment. |
Port differences
Distribution | Protocol | Port | Service |
CentOS 7 | TCP/UDP | 111 | rpcbind |
TCP | 22 | SSH | |
TCP | 25 | smtp | |
UDP | 68 Note This port is listened on by the NetworkManager process. | dhcp | |
UDP/UDP6 | 323 | chronyd | |
Alibaba Cloud Linux 3 | TCP/UDP/TCP6/UDP6 | 111 | rpcbind |
TCP | 22 | SSH | |
UDP | 68 Note This port is listened on by the dhclient process. | dhcp | |
UDP/UDP6 | 323 | chronyd | |
TCP/UDP | 5355 | systemd-resolve |
Kernel differences
sysctl system parameters
The following table describes the differences of only important sysctl parameters.
Changed configuration options
sysctl system parameter | CentOS 7 x86 | Alibaba Cloud Linux 3 x86 and Arm64 | Description | Linux community patch information | ||
Value | Read and write permissions | Value | Read and write permissions | |||
kernel.panic | 0 | rw | 1 | rw | The default behaviors between CentOS 7 and Alibaba Cloud Linux 3 are different. This option controls whether the kernel waits for n (the value of sysctl) seconds to automatically restart if a panic occurs. Valid values of n:
| None |
kernel.watchdog_thresh | 10 | rw | 50 | rw | The watchdog timeout periods (in seconds) between the two versions are different. The cloud links are more complex. The value of the parameter is changed in Alibaba Cloud Linux to reduce the probability of false-positive warning alerts. | None |
kernel.nmi_watchdog | 1 | rw | 0 | rw | The hard lockup detection states between the two versions are different. Non-Maskable Interrupts (NMIs) are not supported in Elastic Compute Service (ECS), and therefore the hard lockup detection feature is not needed. If you use bare metal devices and need the hard lockup detection feature, you can manually enable the hard lockup detection feature. | None |
kernel.hung_task_timeout_secs | 120 | rw | 240 | rw | The timeout periods (in seconds), in which a process in the D (TASK_UNINTERRUPTIBLE) state is not scheduled, between the two versions are different. The cloud links are more complex. The value of the parameter is changed in Alibaba Cloud Linux to reduce the probability of false-positive warning alerts. | None |
vm.drop_caches | 0 | rw | None | -w | The read and write permissions between the two versions are different. This option supports the behavior of reading the last written value in CentOS 7, which misleads users that this option is to specify the non-cached mode, instead of initiating a task to clear the cache. To prevent misunderstanding, the read permission is removed from Alibaba Cloud Linux 3. |
|
vm.dirty_ratio | 30 | rw | 40 | rw | The value of this option varies based on the profile or mode that is used to tune performance. In CentOS 7, the value of this option is set to 30 when the tuneD daemon uses the virtual-guest profile to tune performance. The value of this option is set to 40 in Alibaba Cloud Linux when the ECS-performance mode is used to tune performance. | None |
vm.numa_zonelist_order | default | rw | Node | rw | The option becomes invalid during the iteration of the Linux community versions. This option controls the order of selection from each node&zone during system memory allocation. Due to the iteration of the Linux community versions, manual control is no longer required. |
|
net.ipv4.tcp_mem | None | rw | None | rw | This option consists of the following integer values:
The default value of this option varies based on the system memory size. However, for the same memory specification, the buffer size in Alibaba Cloud Linux 3 is about half of the buffer size in CentOS 7. This is because the initialization algorithm for default values was modified during iteration of the Linux community versions. |
|
net.ipv4.tcp_fastopen | 0 | rw | 1 | rw | The default value varies based on the Linux community version. This option controls whether the system can send and receive messages related to TCP Fast Open. Valid values:
|
|
net.ipv4.tcp_fack | 1 | rw | 0 | rw | The option becomes invalid during the iteration of the Linux community versions. This option is used to support the TCP Forward Acknowledgment (FACK) feature. The FACK feature is replaced by the Recent Acknowledgment (RACK) feature. Consequently, this option becomes invalid in Alibaba Cloud Linux 3. |
|
net.core.somaxconn | 128 | rw | 4,096 | rw | The default value varies based on the Linux community version. This option is used to specify the maximum length of the socket listening queue. The maximum length of the socket listening queue is changed from 128 to 4,096 to meet the requirements of servers. |
|
net.core.default_qdisc | pfifo_fast | rw | fq_codel | rw | The default Queuing Disciplines (qdiscs) models between the two versions are different. The qdiscs value is set to Fair Queuing Controlled Delay (FQ_Codel) in Alibaba Cloud Linux 3, which can prevent the bufferbloat issue. | None |
Removed configuration options
The following table describes the configuration options that are used in CentOS 7 but are removed from Alibaba Cloud Linux 3.
sysctl system parameter | Value | Read and write permissions | Description | Linux community patch information |
kernel.panic_on_stackoverflow | 0 | rw | The option was removed during the iteration of the Linux community versions. This option is used to control kernel stack overflow detection. In subsequent kernel version iterations, the kernel stack has the guard pages feature to perform detection by default. Therefore, this option is invalid. |
|
kernel.random.read_wakeup_threshold | 64 | rw | The option was removed during the iteration of the Linux community versions. |
|
kernel.compat-log | 1 | rw | The option was removed during the iteration of the Linux community versions. Virtual 8086 mode is not supported on x86 64-bit architectures. If this option is configured, warning logs are printed when vm86old() and vm86() are called. The unnecessary warning logs are removed. This option is also removed. |
|
kernel.numa_balancing_settle_count | 4 | rw | The option was removed during the iteration of the Linux community versions. Linux uses more scientific metrics to distinguish loads for different types of tasks. Therefore, this option is no longer used to control the frequency threshold. |
|
kernel.sched_shares_window_ns | 10,000,000 | rw | The option was removed during the iteration of the Linux community versions. This feature is invalid in CentOS 7. |
|
kernel.sched_time_avg_ms | 1,000 | rw | The option was removed during the iteration of the Linux community versions. Linux uses the per-entity load tracking (PELT) algorithm for the real-time (RT) scheduling class. The predecessor algorithm and related parameters that include the option are no longer used. |
|
vm.hugepages_treat_as_movable | 0 | rw | The option was removed during the iteration of the Linux community versions. This option is intended to allow the allocation of non-migratable large pages from the ZONE_MOVABLE area to reduce memory fragments. This feature seriously affects the memory hot swapping feature and was therefore removed. |
|
vm.nr_pdflush_threads | 0 | r- | The option was removed during the iteration of the Linux community versions. This feature is invalid in CentOS 7. |
|
net.ipv4.tcp_tw_recycle | 0 | rw | The option was removed during the iteration of the Linux community versions. This option allows the system to quickly reclaim sockets in the TIME-WAIT state. The feature is implemented based on the condition that the timestamps of the same remote address monotonically increase, whereas the timestamp random drift feature of NAT and TCP conflicts with the condition. As a result, the net.ipv4.tcp_tw_recycle option was removed because it cannot be used. |
|
net.ipv4.tcp_thin_dupack | 0 | rw | The option was removed during the iteration of the Linux community versions. This feature is replaced with the TCP RACK feature. |
|
net.ipv4.tcp_max_ssthresh | 0 | rw | The option was removed during the iteration of the Linux community versions. This option is intended to change the TCP slow start speed and is now replaced by a more effective and automated method. Therefore, the option is removed. |
|
fs.negative-dentry-limit | 0 | rw | This option is an in-house feature developed in CentOS 7 and is not a common feature of the Linux community. The option is removed from CentOS 8. | Why negative-dentry-limit sysctl parameter is not available in Red Hat Enterprise Linux 8? |
fs.may_detach_mounts | 0 | rw | This option is an in-house feature developed in CentOS 7 and is not a common feature of the Linux community. The option is removed from CentOS 8. | What is the parameter fs.may_detach_mounts on Red Hat Enterprise Linux 7? |
/sys/ parameters
Path | CentOS 7 x86 | Alibaba Cloud Linux 3 x86 and Arm64 | Description |
/sys/block/<blk>/queue/read_ahead_kb | 128 | 4,096 |
|
/sys/module/virtio_net/parameters/napi_tx | None | Enabled |
|
Kernel cmdline parameters
cmdline parameter | CentOS 7 x86 | Alibaba Cloud Linux 3 x86 and Arm64 | Description |
cgroup.memory=nokmem | Not configured | Configured | This parameter is used to disable kernel memory accounting (CONFIG_MEMCG_KMEM) for cgroups. Disabling kernel memory accounting helps improve system performance. For more information, go to the OpenAnolis community.
|
crashkernel=auto | Configured | Not configured | This parameter is used to automatically calculate the size of the reserved memory for the Kdump service of the kernel.
|
net.ifnames=0 | Configured | Configured | This parameter is used to restore the legacy mode such as eth0 and eth1 for the network interface naming feature and disable the predictable network interface naming feature of systemd. By default, this parameter is configured in CentOS and Alibaba Cloud Linux. Note Network interface naming changes can easily affect compatibility. For more information, see What do I do if the "Unsupported network configuration" error message appears? |
Kernel Kconfig parameters
The following table describes the differences of only important kernel Kconfig parameters.
Kconfig parameter | CentOS 7 x86 | Alibaba Cloud Linux 3 x86 | Alibaba Cloud Linux 3 Arm64 | Description |
CONFIG_NR_CPUS | 5,120 | 1,024 | 1,024 | The maximum number of CPU cores supported. No instances with more than 1,024 cores exist in Alibaba Cloud. The difference of this parameter between the two versions does not have any impact. |
CONFIG_NODES_SHIFT | 10 | 6 | 6 | The maximum number of non-uniform memory access (NUMA) nodes supported. No instances with more than 64 NUMA nodes exist in Alibaba Cloud. The difference of this parameter between the two versions does not have any impact. |
CONFIG_PREEMPT_NONE | Is not set | y | Is not set | The kernel preemption mode. The none preemption mode provides better performance in the cloud, but this mode is disabled in Alibaba Cloud Linux 3 for Arm64 due to historical reasons. Starting from kernel version 5.10.134-17 in Alibaba Cloud Linux 3, the cmdline parameter can be used to dynamically change the default preemption mode. |
CONFIG_PREEMPT_VOLUNTARY | y | Is not set | y | |
CONFIG_BTRFS_FS | m | Is not set | Is not set | Alibaba Cloud Linux 3 supports the Ext4 and XFS file systems, but not the b-tree file system (Btrfs). |