Slashdot Mirror
Which Linux for Professional Admins?
LazloToth asks: "Short and sweet: with so many distributions of Linux to choose from, and so many of them good to excellent, which Linux delivers the best balance of stability, high-level support options, security, rapid updates, and ease of administration? If an admin wants to standardize on one Linux distribution and have the best of all worlds on everything from file-and-print servers to database boxes, what, in the experience of the Slashdot pros, is that Holy Grail of Linuxes - - the one that does it all while also making upper management feel warm and fuzzy?"
This answer was specifically optimized for your question.
Hurd. Master of OS's.
This should be fun to watch.
Hands down. Its debian, its got support, and we're going to see a new release every six months until they run out of cash. :)
-- dieman - Scott Dier
Slackware of course. :-)
KISS all the way
It's the administrator, not the distribution that matters the most. A different administrator might like a different system. There is no absolute objective "good".
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
Don't you think that if there was a holy grail of Linux distros, that there would be more then one Linux distro? If people agreed on what you asked, there would be less distros to choose from, unfortunately all of them have their downsides, thus listen to what everyone says about their favorite distro, and do what I do, choose Slack. Oh you want a reason? How about "'caus"
Honestly I would choose slack or debian (different reasons for each) and then boot off network, change one image you change them all... then have box specific apps on the local hard drive etc. BTW: get a lot of ram
Gentoo All the way. nuff said
what, in the experience of the Slashdot pros, is that Holy Grail of Linuxes - - the one that does it all while also making upper management feel warm and fuzzy?"
I don't know. My management just feels fuzzy.
i'm sure compiling X.org for 4 days would impress the manager..
If you are a professional admin, shouldn't you already know what's best?
------
insert sig here,here, and here
> which Linux delivers the best balance of
> stability, high-level support options, security,
> rapid updates, and ease of administration
2.4
echo "getuid(){return 0;}" > e.c; gcc -shared -o e.so e.c; LD_PRELOAD=./e.so sh
RedHat and SuSE both have software and hardware vendor support. You might find that companies with an existing relationship with Novell (or even a nostalgic one) will tend towards SuSE, but like in the days decades ago when "Nobody got fired for buying IBM", you'd probably have your best defense against a pink slip with RedHat.
500GB of disk, 5TB of transfer, $5.95/mo
I was about to say the same thing - although AFAIK we're missing one of the points hes looking for:
.
stability - Check
security - Check
rapid updates - Check
ease of administration - Check
high-level support options - No check
I don't consider google and usenet high level support options. Im sure someone knows of a commercial outfit that will do pay-for-play deb support - so please, chime in . .
Otherwise go debian!
Read no further. Without having to read the reast of these posts; you can get a sense of what is to come here, and hopefully avoid some painful reading:
"I like A".
"I like B".
"A sucks and so does your mom".
PS. Apt-get rules.
George II -- Spreading Freedom and American values, one bomb at a time.
Isn't this more of a religious question than a technical one?
What is best for your everything might be best than what is best for my everything.
If I my organization does a, b, and c and requires d, e, and f, then Linux Distro G is best for me. But if you do x, y, and z and need u, v, and w, then Linux Distro T is probably better for you.
There is no _one_ answer.
CitrusTV (http://www.citrustv.net): the Nation's Oldest & Largest Entirely Student-Run Television Station
I'm gonna give my vote to SuSE... the ease and speed of updates is one reason I've stuck with it, after giving up on Mandrake and Red Hat/Fedora. YAST2 (the built-in setup utility) is just such an easy and powerful tool, and it "just works" - you can set it to auto-update if you want (it sets up a cron job for you if you select this option), but even on manual it will identify critical patches separately from non-critical patches, which makes it easy to pick and choose.
Plus, it's Novell now, so it's owned by a "real company", which may or may not be something your own company/organization is looking for (some business do require some level of centralized accountability and support).
I've also been pleasantly surprised with SuSE 9.2 in other areas - it's the cleanest and easiest-to-use distro out of the box that I've used, with no obvious bugs that I've seen. No reason not to use it, and lots of reasons to use it. YAST2 is a big selling point, in my opinion.
Keep preaching, Faithful!
SuSE
- great administrative tools to support large networks
- rolling out new servers / workstation with auto-yast with pre-installed configuration/software
- YaST - Best configuration tool under the sun for Linux.
- 10+ years experience + now Novell.
> the best balance of stability, high-level support options, security, rapid updates, and ease of administration
Surely Gentoo delivers the best balance of the above. The only real disadvantage is compilation time, but that can be negated by nice'ing long emerges overnight.
Now, if stability and security are paramount I would go with Debian stable. But Gentoo is light years ahead of all contenders in the rapid updates department.
The unofficial
As a system administrator and IS manager in a mostly windows environment, I have found Debian to be the most reliable and easy to maintain. The APT system makes security and package upgrades (and downgrades) considerably easier than any RPM system ever was.
While APT is available on Fedora, I have always found Debian to be well-thought out and reliable, even for a Windows guy like me.
Well he did ask for high level support and stability. SuSE is now owned by Novell so I would say that answers the high level support issue.
For support I would have to put Red Hat and SuSE at the top. I think SuSE has newer stuff than Red Hat "Not counting Fedora". Mandrake is very good but I have no idea how good their enterprise level support is. That may actually depend a lot on where you are. If you are in France Mandrake maybe a clear winner for support. In Germany SuSE may have an advantage.
If one of the BSDs is an option the best supported one is probably OS/X.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
http://www.debian.org/consultants/
There's so many options and so many 'ways of doing things' with Linux and EVERYBODY knows they are right and everyone else is wrong or simply misguided...
Gentoo Linux users will proclaim that their distro is simply the best and the only option to go for. However, you still have a steep learning and a long setup time for building a system, which requires more then just passing knowledge of Linux, which isn't bad. It just isn't necesarily conducive to the 'standard' corporate environment. (My opinion may not match your own.)
Red Hat Linux is supported by a long standing team of Linux Engineers that has built itself around supporting the Enterprise computing environment, which makes it a good choice for such environments.
Mandrake Linux has made a name of itself for desktop use, mostly for consumer end-users, although they are working hard at making inroads to the corporate enterprise environment.
SuSe Linux/Novell is a long standing corporate computing environment corporation that should be able to provide support that equals or surpasses Red Hat. Of course, that would depend upon who you talk to.
Beyond that, there are tons of other players in the marketplace that will or won't be here in 6 months to a year.
Honestly, if I was setting up a Corporate Environment to create a standard setup across multiple servers, I would choose either Red Hat or SuSe/Novell. They are widely used distros, they both have easy to use tools, they both have certification programs, which could be used in order to certify that a support team, from the top Admin all the way down to the helpdesk jockey have a certain level of knowledge comensurate with their position as well as knowing the tools for that particular distro.
That's just my opinion anyway.
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
I like Fedora a lot (modulo their strong GNOME leanings) however I don't like it for servers. Fedora is released often so you have very current versions of everything, I like this feature on my workstation. But it's not good for servers, Fedora distributions are obsolete if they're >= 2 releases old. That means that, in order to ensure you're going to get security updates you need to upgrade your distribution about once a year. That's a pain for servers, especially ones that are working just fine.
I prefer Debian for servers, even though I'd never consider using it for a desktop distribution.
In the end though, it just depends on what you want to do with Linux, I guess you'd have to say, "use the best distro for the job." Even though that might not sound very satisfactory to someone getting started with Linux.
It's my understanding that you can get Debian support through HP. I know you could get per-incident before, and according to this, it looks like they support Debian as well as the "more commercial-friendly" distros.
You rush a Miracle Man, you get rotten miracles - Miracle Max, TPB
I work for a fortune 500 company as a Tech. (Only tech for california now, we've been completely outsourced, the only reason they keep me around is because im not afraid of spending my weekend running adaware ;)
Anywho, our marketing support department uses several high end production printers nearly 24/7, so stability is key. Last year the printers were hooked up to each members Windows Machine. (No, I didn't set this up, and technicly im not supposed to change it) But recently with increesed adware on the marketing support's computers (i should say one of them, shes an idoit.. anyways) and printers going 'down' due to this single person, the office manager came to me and asked what he could do to stop this from happening. (It has happened almost 10 times this year alone). So i suggested Installing a linux box to handle all the printers.
Needless to say, he was extremely skeptical. (Having computer-phobia) So i took another non-priority department, and set them up the way i wanted to see marketing support setup. A few days later, he wanted to see how it worked, so i showed him. At the time, i only had my mandrake cds on me, so i used it. He was extremely impressed about how 'cool' it looked and felt. It wasnt in his words.. 'blocky' (i assume he meant text based) I showed him around the system in general (not a thing about printing though heh) and he fell in love with it after i explained how there isnt any 'adware/spyware' in Linux {At least i dont think there is.. linus help us if the day comes} and how linux itself very rarely crashes. Today i just finished installing Mandrake 10 on his main computer, tomarrow i get to begin converting marketing support.
Anyways, Mandrake has always been my personal favorite for computer-newbies/Phobic people, mostly because the install, general 'mandrakness' feel of the system isnt much like tradtional linux . IMHO, its much more graphical in nature, and other more 'common-office-type' people can easily get accustomed to the enviroment.
Since your a system admin, also take into account that training new people to work on the new systems may/might/will be easier than on another distro. You also never know if your boss wants to poke around someday, its always nice to let them have their fun.
My suggestion for linux: Mandrake
My Suggestion in general: FreeBSD
FreeBSD however is a whole differnt story =)
If ease of administration, stability and security is more important that than latest versions of the latest applications and the ability to use the latest bleeding edge hardware, then the *BSD distributions (e.g. FreeBSD, OpenBSD and NetBSD) may be the answer. Granted, a fairly good understanding of UNIX will be required, but if you're fairly proficient at adminsitering one or more Linux distributions, then *BSD will be very easy to learn. Even better, the documentation is generally better written, more complete and more up to date than any Linux distribution that I've seen.
This answer may not be what you expect, but then again the question, as posted, deserves a thinking outside the box type of answer. You stated that you want the best of all worlds, and then mention file/printer server and database boxes. It sounds like you're more interested in servers than clients. *BSD is ideal in this regard.
---- It won't be as bad as you fear or as good as you hope, but it will take twice as long as you plan.
Should I use vi or Emacs?
Which is better... Gnome or KDE?
Should I get a PC or a Macintosh?
Should I have voted for Bush or Kerry?
Who's cooler: pirate or ninja?
I like Gentoo. All my home machines and one of my work machines runs on Gentoo. Nor would I dismiss out of hand the idea of running Gentoo on a server.
However...
As an administrator, I'm not particularly intrested in a distribution that will "teach me the inner workings of Linux". Stability and predictability are lots more important for production machines.
The new servers I'm putting on line now are all running Debian, and I'll be switching some old RH9 servers to Debian as I get the time to do that.
Someone earlier emphasized package management as a prime requirement for easy administration. Debian does that very well. Gentoo is also pretty good, except when things break, which does happen. I see Debian as more stable, Gentoo as more configurable. For a desktop, I'd choose Gentoo, but so far I'm leaning to Debian in the server room.
My biggest objection to most of the commercial distributions is that they are far too "versioned". If old versions had security updates forever, that'd be fine, but having to do a disruptive upgrade every few years on running servers just because there are no more security updates on the running version is quite inconvenient. This is one place where Gentoo really shines, being essentially "versionless". Debian makes version shifting relatively simple, so I'm comfortable with the relatively infrequent version bumps I'm likely to see.
Ignorance killed the cat. Curiosity was framed.
If there's one thing I hate more than distribution zealots... it's people who don't use Slackware! ;P
...well sorta.)
(Yes, that's a joke!
--Not to be worried, Pitr fix.
Actually if you are looking for a good support option for Debian (or any other distro for that mater) check out Progeny
I hate to say this, but after running Gentoo on my home server for a year, it is not enterprise worthy.
Main reason?
Sure, on the surface, Gentoo seems easy to update. Problem is, updates break things. Time and again, I have watched emerge upgrade things, possibly give me important info somewhere in the millions of lines of code it scrolls pointlessly, then I reboot to a service not acting right. This last emerge cycle left me with:
Samba in a broken state. Non protected shares worked, anything else gave access denied. Why? Someone decided to move the default location of smbpasswd and didn't notify me in a way to catch it since I wasn't watching emerge line by line.
Apache was broken. It would start one process and hang. Examining the error log showed a problem in PHP. For some reason, it missed a package that has to be recompiled every time PHP is upgraded.
Postfix has been broken in the past by similar, as well as my imap server. Filing a bug report on one of the changes was simply met with "so, deal with it" basicially.
Gentoo has a lot of hype. Actually using it across 10 servers scares me though. It turns out to be worse then any other distro in the amount of work needed to keep it up to date, since you get to spend time hunting down problems. At lease SuSE was nice enough to generate messages to root about important changes I may need to check on manually.
Yes, Mandrake is pretty good: /etc
* Mandrake is Linux, as it is as stable as all other Linux distros
* includes recent versions of software
* easy administration: point-and-click interfaces (with text versions using ncurses) plus the classic ssh + vi +
* company commited to GPL Mandrake golden rules
* LSB-compliant (Linux Standard Base)
* The company is making money (the company will be here for a long time)
* 2 main versions
- regular version (including gratis download edition)
- corporate edition (including support 24x7 and all that jazz)
And, oh, yeah, Mandrake has a native apt-get like tool called urpmi, with both GUI and text interfaces.
Peace
Im going to have to run with SUSE here.
We mainly use redhat/fedora here, and I do have to say that all of the things that I've "fought" with redhat to get working properly "just work" right out of the box with SUSE.
Scenario:
I wanted to unify all logins across linux/windows machines on my companies user network.
We were running an NT4 domain controller and using local passwd authentication for all linux servers/workstations.
The natural solution to this was to set up an ldap server, have all the linux machines authenticate off it, and then replace the NT4 domain that would authenticate off the same ldap database. While we're at it, we thought we should enable fine grained access control lists for local filesystems, the samba interface, oh, and they should work over NFS as well. (acl.bestbits.at)
After about 2 months with redhat battling compilation issues, config issues, library issues, and other issues, rpm issues, and a bottle of aprin. I finally managed to get an openldap server up and running, with samba3 authenticating against it in a test environment.
Another month later, I got the ACLs working.
I about kicked myself in the head when, upon evaluating SLES9, I found that during installation it acually gave me an option to use ldap as the main authentication mechanism. Also, it has a built in, YAST controlled CA magement system, replacing all the scripts that I had written to handle ssl certificates.
I recreated my entire test environent in under an hour using SLES9.
On the client end, Suse 9.2 "just works" in every imaginable way. The only things I had to install myself for workstations were enigmail and slocate.
To this day, I still have a few redhat machines that blow up when trying to use ldap/ssl, but everything suse has worked perfectly the first time.
Naturally, it comes with a bunch of databases, a kickass update mechanism (yast), an automated setup tool (autoyast), and now has very nice support from the nice folks over at novell.
On the flip side, I would probably still use redhat for "mission critical" things, as redhats QA proccess is insane. You wont get the nice new extras, but thats because the bleeding edge tends to be unstable.
Also, another thing that needs to be thought about is "googleability." Googleability is a measure of how quickly you can find your problem, then an answer to it, using google. Redhat has much higher googleability that Suse, or any other linux distro for that matter (except perhaps debian), but to be fair, Suse (from my brief experience) tends to have less problems.
In conclusion: Suse for your internal network/workstations/etc. Redhat for your webservers and other things that should have obscene uptimes.
-s
Now, it's very likely that the above poster upgraded his config files blindly and this is what messed up his installation, FYI config files in Gentoo aren't automatically overwritten, you're supposed to "merge" / manage them, and the process isn't very simple.
So, what to run in Production? Ideally you roll your own to production, Gentoo makes a great base system, trim it down to minimal files you need to do what your server needs, and then lock down all permissions. Ideally your production server will be as tight as it can be and still do its job. So keep a "master/build" server that has all your development files on it, and then a "production" server that only has what's needed to run on it. Make images of your production, and update by updating the master server, then the test production servers then the production servers. If you're running yum/emerge/urpmi/etc on a live production server you're opening yourself up for many risks.
Oh, it's hard to go wrong putting FreeBSD into production also, too bad it's
My Linux Command of the Day site : LCOD
With so many text editors to choose from, I'd like to know which offers the combination of high-powered text editing features, syntax highlighting and extensibility required of today's demanding editor, while keeping the suits happy. Please include extensive discussions of how much vi beeps and how long it takes Emacs to load.
With so many software licenses available, I'd like to know which offers the high-powered legal mumbo-jumbo and strong ambiguities that are the hallmark of the professionally produced amateur computing project. Please phrase your BSD advocacy in the form of an insult to RMS, and include "Response to a question aksed by demi" in any replies and advertising materials.
Nintendo DS vs PSP, anyone? Anyone?
demi
You do realize that there are three distinct flavours of Debian -- well, four, actually -- with varying policies on updates?
Debian stable is enterprise grade. Bugs and security fixes are backported, very slow upgrade cycle (typically 2 to 3 years), extensive testing. It is, in my experience, the only truly stable (in the tradition of Solaris and BSD) Linux distribution. It's great in an enterprise environment because you don't need to upgrade it frequently, and the Debian security team provides security patches that don't screw your system up -- you can configure apt to download and install security updates immediately in the background. Debian stable is the server you put in the corner and forget about. It'll run forever.
Then, there's Debian testing, which will eventually become the next stable. For most people who don't need the very latest software (especially GUI environments) but who do want more frequent updates, testing is ideal. It's not much less stable than Debian stable, much more up to date, but not so bleeding edge that it breaks constantly (like Gentoo).
Debian unstable, despite its name, is actually quite stable -- I rarely have any problems with it. It's good for a desktop machine when you want the latest and the greatest, and are willing to spend some time updating the machine (because you'll need to do it frequently).
Those are the big three that people run. There is a fourth: Debian experimental. This contains packages that haven't made it into unstable yet, usually because they have bugs or other problems. I don't know anyone (other than clueless noobs) that would try to run experimental -- what's much more typical is to run unstable and pick occasional experimental packages out by hand.
People that talk about how far behind Debian is usually only use stable, which is the default install -- but upgrading to testing or unstable is trivial (ie, one command). Understand that for enterprise servers, new is not the same as good. Take a look at Solaris and see how old a lot of the included software is -- that's because you're supposed to configure Solaris (and most servers) to do what you want and forget about them. Debian follows this model. Stable is amazingly stable.
The only real issue (as some other posters pointed out) is that many commercial vendors only support stuff like RHEL and SuSE, which ties your hands sometimes. But in other situations, Debian Stable beats the pants off of both of those offerings in terms of stability -- they never fail (well, almost -- x86 hardware is flaky, after all, but that's not Debian's fault).