Slashdot Mirror
Which Linux for Professional Admins?
LazloToth asks: "Short and sweet: with so many distributions of Linux to choose from, and so many of them good to excellent, which Linux delivers the best balance of stability, high-level support options, security, rapid updates, and ease of administration? If an admin wants to standardize on one Linux distribution and have the best of all worlds on everything from file-and-print servers to database boxes, what, in the experience of the Slashdot pros, is that Holy Grail of Linuxes - - the one that does it all while also making upper management feel warm and fuzzy?"
This should be fun to watch.
I say debian. Choose stable and use apt-get for updating. Yup Debian
Slackware of course. :-)
KISS all the way
It's the administrator, not the distribution that matters the most. A different administrator might like a different system. There is no absolute objective "good".
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
SuSE, SuSE, SuSE...
Simple & Easy - more than you could ask...
Gentoo All the way. nuff said
There are naked people!!!11
In general, RHEL on the production servers, and Fedora Core everywhere else in the office.
If you don't like that, and if you don't have important production servers (i.e. print servers and file servers are all that Linux is running in the shop), then debian everywhere would also be a good choice.
As for the desktop, anyone who is putting Linux on thier desktop becomes thier own admin. I wouldn't even TRY and maintain those boxes, just let them be and slap them if they start blowing up the network or something.
We run SuSe over a cluster of several hundred servers. Extremely easy to deploy, very secure out of the box and it supports auto-updates which saves us a world of admin time.
Base install w/apache, mysql and mod_backhand takes about thirty minutes to online.
I was about to say the same thing - although AFAIK we're missing one of the points hes looking for:
.
stability - Check
security - Check
rapid updates - Check
ease of administration - Check
high-level support options - No check
I don't consider google and usenet high level support options. Im sure someone knows of a commercial outfit that will do pay-for-play deb support - so please, chime in . .
Otherwise go debian!
Isn't this more of a religious question than a technical one?
What is best for your everything might be best than what is best for my everything.
If I my organization does a, b, and c and requires d, e, and f, then Linux Distro G is best for me. But if you do x, y, and z and need u, v, and w, then Linux Distro T is probably better for you.
There is no _one_ answer.
CitrusTV (http://www.citrustv.net): the Nation's Oldest & Largest Entirely Student-Run Television Station
Doesn't the question hinge around the hardware vendor certifying a particular distro? I mean, Debian or Gentoo may be great, but it is not so good when you can't get a driver for a Fibre Channel card for your HP StorageWorks SAN, or if you do manage to get one going, your configuration is unsupported (ie no regression testing performed by the vendor).
> the best balance of stability, high-level support options, security, rapid updates, and ease of administration
Surely Gentoo delivers the best balance of the above. The only real disadvantage is compilation time, but that can be negated by nice'ing long emerges overnight.
Now, if stability and security are paramount I would go with Debian stable. But Gentoo is light years ahead of all contenders in the rapid updates department.
The unofficial
As a system administrator and IS manager in a mostly windows environment, I have found Debian to be the most reliable and easy to maintain. The APT system makes security and package upgrades (and downgrades) considerably easier than any RPM system ever was.
While APT is available on Fedora, I have always found Debian to be well-thought out and reliable, even for a Windows guy like me.
This should be a poll, not an ask slashdot. That way Debian would still win, but you'd be able to tell without reading 10^8 responses.
Red Hat Enterprise on the production servers. Gentoo on the play^Wdevelopment boxes.
Yes, RHEL's got outdated software and an outdated kernel. I don't care. It's rock-solid. The security updates can be applied without upgrading the config. I don't need anything else.
If he has RHAT stock, RHAT.
If your CEO is rich enough to be a limited partner in any of Azeo Ventures (Lazard Group), ABN AMRO, Viventures, AXA Placement Innovation or OFIVM's VC funds: Mandrake - since those VCs invested in MandrakeSoft.
There's so many options and so many 'ways of doing things' with Linux and EVERYBODY knows they are right and everyone else is wrong or simply misguided...
Gentoo Linux users will proclaim that their distro is simply the best and the only option to go for. However, you still have a steep learning and a long setup time for building a system, which requires more then just passing knowledge of Linux, which isn't bad. It just isn't necesarily conducive to the 'standard' corporate environment. (My opinion may not match your own.)
Red Hat Linux is supported by a long standing team of Linux Engineers that has built itself around supporting the Enterprise computing environment, which makes it a good choice for such environments.
Mandrake Linux has made a name of itself for desktop use, mostly for consumer end-users, although they are working hard at making inroads to the corporate enterprise environment.
SuSe Linux/Novell is a long standing corporate computing environment corporation that should be able to provide support that equals or surpasses Red Hat. Of course, that would depend upon who you talk to.
Beyond that, there are tons of other players in the marketplace that will or won't be here in 6 months to a year.
Honestly, if I was setting up a Corporate Environment to create a standard setup across multiple servers, I would choose either Red Hat or SuSe/Novell. They are widely used distros, they both have easy to use tools, they both have certification programs, which could be used in order to certify that a support team, from the top Admin all the way down to the helpdesk jockey have a certain level of knowledge comensurate with their position as well as knowing the tools for that particular distro.
That's just my opinion anyway.
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
Not a "linux" distro, but nothing screams "professional admin" more than BSD...
I like Fedora a lot (modulo their strong GNOME leanings) however I don't like it for servers. Fedora is released often so you have very current versions of everything, I like this feature on my workstation. But it's not good for servers, Fedora distributions are obsolete if they're >= 2 releases old. That means that, in order to ensure you're going to get security updates you need to upgrade your distribution about once a year. That's a pain for servers, especially ones that are working just fine.
I prefer Debian for servers, even though I'd never consider using it for a desktop distribution.
In the end though, it just depends on what you want to do with Linux, I guess you'd have to say, "use the best distro for the job." Even though that might not sound very satisfactory to someone getting started with Linux.
This answer was specifically optimized for your question.
... and was installed on all systems from a once-precompiled customized .tbz.
Seriously, gentoo could make sense in a enviroment with many equally equipped systems. But otherwise I think debian or RH/FC is the way to go for larger deployments.
If ease of administration, stability and security is more important that than latest versions of the latest applications and the ability to use the latest bleeding edge hardware, then the *BSD distributions (e.g. FreeBSD, OpenBSD and NetBSD) may be the answer. Granted, a fairly good understanding of UNIX will be required, but if you're fairly proficient at adminsitering one or more Linux distributions, then *BSD will be very easy to learn. Even better, the documentation is generally better written, more complete and more up to date than any Linux distribution that I've seen.
This answer may not be what you expect, but then again the question, as posted, deserves a thinking outside the box type of answer. You stated that you want the best of all worlds, and then mention file/printer server and database boxes. It sounds like you're more interested in servers than clients. *BSD is ideal in this regard.
---- It won't be as bad as you fear or as good as you hope, but it will take twice as long as you plan.
we're going to see a new release every six months until they run out of cash.
Oh yeah, that's the sort of thing I want to read when I decide to use an OS enterprise wide: "...until they run out of cash".
These posts express my own personal views, not those of my employer
stability
Below standard. Bleeding Edge, often beta.
high-level support options
None?
security
Standard. Maybe a bit above due to easy, high customizablity.
rapid updates
No. Bleeding edge is not equivalent to rapid.
apt-get upgrade apache is rapid - it takes 15s on a fast system.
emerge apache isn't rapid. It takes half a hour.
and ease of administration?
Below standard. All typical manual administration by editing standard config files. No centralized "managers".
Don't get me wrong. Typing this from a Gentoo box, and I like my Gentoo. But that's a zealot/fanboy distro. Not a pro admin distro. I keep it because I like it, I can fiddle with it, learn. I can do cool stuff with it. If I was to manage a farm of 200 different of these I'd easily go crazy.
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
Yep.. I love Ubuntu (go dieman) and Debian for all of my home stuff.. but I have to say.. for all of our servers and workstations, doing just about every task we need from desktop PC's, to HPC clusters, to single machines with 16+ processors, Redhat wins hands down as the mmost stable, easy to make work, and supported by all the stupid commercial software vendors OS we have. With systems like IRIX falling by the way-side, Redhat is my fav for "on the job" stuff.
"Nobody got fired for buying IBM"
Oh, but you could still use that for your advantage. I bet the folks at IBM would love to sell you that Novell or RH setup -- naturally along with their own services & support contract -- and voilà, what was bought was from IBM, you got Linux, and nobody got fired. Assuming that that old rule still applies, of course...
“Wait for Hurd if you want something real” –Linus
if you're new to any operating system, WTF are you doing installing it in a production environment?
new to gentoo or debian or redhat or windows. if you don't know the OS you shouldn't be pushing it in production. if you know the product enough to be hired as an administrator in it, then you should have no problems with it in a production environment.
debian isn't any easier to learn than gentoo just because you can apt-get a package vs emerge some source to compile. both distros can install a successfully working package in one line (or bork a system in one other line)
abcdefghijklmnopqrstuvwxyz
.. was that they branded themselves the way they did. The manager who's reluctantly in charge of choosing a linux flavor, will go with what he recognizes. He doesn't have the first clue of what makes a good distro for his business, but he remembers that clever RedHat ad in his last issue of "Ignorant Managers Monthly".
if you need high level support options, your job description isn't "admin" it's "executive"
-dk
Dream with the feathers of angels stuffed beneath your head.
18 months of support is not good enough. I have servers that sit around for years which need to be up to date with all current security patches. Although apt-get dist-upgrade is not difficult to do, it is not practical to do every 18 months or so.
What about security releases? Is Ubuntu as good about security as Debian? You know, there is a reason Debian takes so long to release stable. It is very well tested. Ubuntu is a little too bleeding edge for most serious server environments. In my experience, the latest greatest packages are not generally necessary on servers. I'd stick with Debian, personally.
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
Nice job missing the joke, Einstein. However, just to counter you with a bit of reason, and not dogma..
stability:
If you use their standard package set, meaning not keyed for your specific architecture, stability will not be bleeding edge. You'll be building programs with configurations that are well-tested, generally since the inception of portage.
high-level support options:
Yeah, you're right here. But as far as I'm concerned, if the bosses hired you, they should have confidence in your skills and your resourcefulness.
security:
Right here, too. Also - to me - any security in linux is standard, unless you're running an older (read: 2.4.x) kernel that doesn't have much new feature influx. At that point, kernel security approaches that of the BSD's, though I would argue that base system and system services security is still rather low due to lack of development cohesion.
rapid updates:
Wrong. Wrong wrong wrong wrong wrong. So wrong. For gentoo to be considered for a corporate environment, you would definitely set up a centralized build server, possibly with distcc installed on all of the workstations to mitigate the load, distribute it across the network and speed up compilation times. This build server would also act as a weekly package checkpoint. All of the servers and workstations would use this machine as their central package repository and using a little cron magic and universal, standardized config files, every machine would update on saturday or sunday, grab the new packages off the server, install them, and be done with it. There would be no office-drone typing emerge -u world, then going on an extremely long coffee break. If you were to set up a network of 200+ gentoo machines without making your own, custom stage three tarball, you ARE crazy.
and ease of administration:
See above. After you got the initial infrastructure in place, it would be a breeze. Assuming everything works out right. But hey, they hired you to admin the systems, right? That's what you're there for.
Now, personally i'm past my gentoo phase. Goin' back to the ol' faithful FreeBSD. But, just because Gentoo is a source-based power-user-centered distro doesnt mean you can't cook up your own in-house solution while taking advantage of the awesome tools gentoo provides. The only reason apt is faster than emerge is because emerge uses source by default, while apt-get uses binary packages by default. However, portage can use binary packages and apt-get can indeed install from source. In their default forms you're comparing apples to oranges.
Bottom Line: I can be done, and if you have the know-how, it can be done well.
I mean, linux is linux is linux. Usually the only things that change are:
1) the package system
2) the installer
BeauHD. Worst editor since kdawson.
There's no easy answer to such question. In fact, I think there's none. The best Linux choice for a professional admin is the one he knows better. A serious admin knows how to harden any linux distro (if security is a concern) and how to quickly deploy solutions if ease of use is the main choice for linux. If he is truly a professional, he knows how to learn quickly any distro's tool.
If he relies too much on the tools the distro has I'd not call him a true Linux Admin.
-- There are two kind of sysadmins: Paranoids and Losers. (adapted from D. Bach)
In setting up a server to be used by large numbers of people over long periods of time, installation speed really doesn't matter much. It's the ongoing administration, the efficiency for the admin of the configuration and upgrading process that matters most.
This post written under Gentoo-linux with an SCO IP license.
Good point indeed, but I think you are missing the grand scheme of things. A sys admin may get fed up with their current operating system of choice, Windows to be exact, or they may be intrigued by Linux' low (almost non-existant) entry costs and want an alternative. Why spend 6 months trying every distro known to man just to make a key decision: Which distro do I want to spend my time learning thoroughly?
If a new user to Linux can't find those types of answer, or at least key comparisons of various distro's, then Linux doesn't stand a chance. You will inevitably have folks that try one particular distro, become completely disatisfied with it and never touch Linux again.
Foresight into any operating system is a must if you expect people to translate years of WIndows experience to a new platform.
While I appreciate your wit, I am disappointed in your ability to think your opinion through.
both distros can install a successfully working package in one line (or bork a system in one other line)
The second statment is far more likely for gentoo than for debian; at least with the 'stable' apt cache you can be pretty sure that normal (un)install procedures should not harm the system.
You probably need to be unlucky to completely fuck up gentoo, but you might come across a broken emerge build, which might require anything between basic system knowledge up to arcane c(++) wisdom to fix whatever conflict arose.
So in general every distro might fail at some point; use whatever you are comfortable with.
ok, point the rest of us without half a brain to instructions on doing so.
what on earth makes you think someone's going to have 200 machines with identical requirements?
...
...
We're not talking about clusters here, we're talking about a corporate network.
Machine 1. DNS Server
Machine 2. Email server
Machine 3. File Server
Machine 4. Intranet web server
Machine 5. Development server
Machine 6. Production server for internal software 1
Machine 7. Production server for internal software 2
Machine 8. Database server
Machine 9. Public web site
It's highly unlikely that all, or even most of the machines will have the same purpose, the same software, the same SLA requirements or even the same hardware.
So you want a distribution that is least likely to beak stuff, requires the least amount of babying and provides the most amount of central management.
You also want one that is certified to work with your third party commercial software - Oracle, Legato, DB2, etc...
You're probably going to end up looking at either RedHat Enterprise Linux or SuSE, or maybe Debian - although that will probably fail the certified by 3rd party commercial vendors requirement.
Being able to get commercial support is probably beneficial too. But that's probably not as important, as apart from the possibility of priority bug fixes OS support is usually pretty worthless. Better to spend that money on better / more admins and better hardware support.
Advanced users are users too!
Oh well. I'll go ahead and waste some time playing 'let's pretend the question was serious' because I'm bored at the moment. What attributes should an organization of any size consider when choosing an OS to standardize on? In no particular order (indeed, the priority of each of these criteria is going to be a situational judgement), here are some things to think about:
Future stability of the maintainers. How likely is it that the maintainers will still be issuing updates (security or functionality) a year from now? 5 years? 10 years?
Support availability. Where can we get support? Is the support community going to be around as long as the distribution? Is there a talent pool to hire from when the guy who chose this distro decides to run off to Montana and join some skinhead cult?
Kluge-ability. (Or cruftiness quotient.) If one of our geeks quits, how hard will it be for the newhire geek to figure out how to operate & maintain what the old geek left in place?
Certification programs. How can I give those go-getters on Help Desk some formal training?
Robust package system. Are the packages I'm likely to need available? Updated? Do they install reliably, repeatably, and without a lot of side issues?
Hardware compatibility. We want to use foo hardware. Will this OS be stable on it?
Availability/stability/scalability. Just lumping some obvious stuff together here. What are our needs in these areas? Which OS' lend themselves to the availability/stability/scalability requirements & architectures we envision?
Enterprise directory. How will we manage users? Can we run a single sign-on environment?
Mass management. So we'll have lots of computers. Can we manage them in groups or will we need to manage each one as a separate entity? Think user management, security management, filesystems, hardware/software audit & inventory, application upgrades, and so on.
Ease of Migration. How hard will it be to move our existing functions onto this new OS? How hard would it be to back out if we had to? What if we change our minds a few years from now - how tightly are we locking ourselves in?
Usability. Let's think about our users for a minute (gasp!). What's their level of expertise? Will we need to train them all how to use this OS and the services we offer on it? Will we be insulting them with an overly dumbed-down interface?
And that's just a start. You'll notice I didn't pick any distro (let alone my favorite), because my choice is almost moot. Any enterprise admin worthy of the title is going to be considering all this and more in making such a choice. The likelihood that he'll end up with his own favorite shiny toy as an enterprise standard is actually pretty low, once he realizes that he has to put the needs of the business before his own.
Me: Hi, Oracle, I am having problems getting Oracle 9i to install on my Gentoo server.
Oracle: We don't support Gentoo
Me: Hi, Veritas, I am trying to set up VCS on my Gentoo cluster.
Veritas: We don't support Gentoo
Don't think Gentoo is going on any of my servers. We standardized on Suse do to the huge support structure that has been put in place with them being purchased by Novell. When you are a single admin over 112 servers you need to be sure that each one you log in to is exacly the same. Automation is key. Good vendor support is a requirement.
Paying taxes to buy civilization is like paying a hooker to buy love.
In the "real world this is not the case. Most server software can be compiled against libriaries several generations behind. This is partially due to the magic of automake/autoconf and partly due to things not changing all that much. Also alot of the apps that get work done tend to not have anythign on the system dependant on them. For example PHP. At my previous job we setup Redhat Enterprise servers. However we needed php5 and decided to compile it from the tarball. The only thing that depended on php was our code and this was for new apps so php wouldnt break anything.
Same could be applied to qmail or samba. And once an OS becomes EOLed you can just keep patching the kernel and the end user app.
--- Justin Dearing http://www.justaprogrammer.net/ We're just programmers.
Q: What car is the best?
A: The one you own and know inside out.
Oh, you mean windows?