Which Linux for Professional Admins? 934
LazloToth asks: "Short and sweet: with so many distributions of Linux to choose from, and so many of them good to excellent, which Linux delivers the best balance of stability, high-level support options, security, rapid updates, and ease of administration? If an admin wants to standardize on one Linux distribution and have the best of all worlds on everything from file-and-print servers to database boxes, what, in the experience of the Slashdot pros, is that Holy Grail of Linuxes - - the one that does it all while also making upper management feel warm and fuzzy?"
Re:Ubuntu (Score:5, Informative)
I tried FreeBSD but gave it up. The main problem was that it does not run the 4.x versions of VMWare, unfortunately still a requirement for me. However, I also found that Debian did a better job managing configuration files.
One vote for SuSE... (Score:5, Informative)
Plus, it's Novell now, so it's owned by a "real company", which may or may not be something your own company/organization is looking for (some business do require some level of centralized accountability and support).
I've also been pleasantly surprised with SuSE 9.2 in other areas - it's the cleanest and easiest-to-use distro out of the box that I've used, with no obvious bugs that I've seen. No reason not to use it, and lots of reasons to use it. YAST2 is a big selling point, in my opinion.
Good admins don't need a specific distro... (Score:2, Informative)
That's what makes the difference between the "called" admins - and the real ones.
If you know how a Linux System works - you can administrate any system, e.g. any Distribution.
Re:SuSE (Score:5, Informative)
SuSE
- great administrative tools to support large networks
- rolling out new servers / workstation with auto-yast with pre-installed configuration/software
- YaST - Best configuration tool under the sun for Linux.
- 10+ years experience + now Novell.
Re:Gentoo (Score:2, Informative)
By the time you start compiling your kernel before you even boot gentoo the first time, I'll have my users working on a file/print/mail server already.
Re:Gentoo (Score:5, Informative)
Now onto my advice.
For the record, I use Gentoo on my home computer, and Debian on my server (as well as a Windows XP box for gaming).
Chris
Re:SuSE What more could you ask??? (Score:5, Informative)
For support I would have to put Red Hat and SuSE at the top. I think SuSE has newer stuff than Red Hat "Not counting Fedora". Mandrake is very good but I have no idea how good their enterprise level support is. That may actually depend a lot on where you are. If you are in France Mandrake maybe a clear winner for support. In Germany SuSE may have an advantage.
If one of the BSDs is an option the best supported one is probably OS/X.
Re:One vote for SuSE... (Score:4, Informative)
Argh...this kinda came out wrong... the reasons I gave up on other distros were not specifically due to the updates (Red Hat has a nice auto-update utility as well) but for a variety of reasons. SuSE is, IMO, the most polished distro I have used overall, and that includes the very nice YAST2. I have just not had any real problems with it, whereas I've had various bits of hardware that could never be properly configured under Mandrake or RH/Fedora, despite the fact that they were supposed to work out of the box. (This included the complete inability to even set hard drive mount points under Fedora Core 3, which is what finally led me to dump Fedora altogether.)
Re:Debian of course (Score:5, Informative)
Re:Gentoo (Score:1, Informative)
My suggestion: start with Debian (or anything quick and stable) then experiment with Gentoo until you think you've got it down. Once you're ready, make an iso and you're good to go for any level of deployment.
Re:Hardware (Score:2, Informative)
Re:Debian of course (Score:5, Informative)
Re:Gentoo and Debian the only serious contenders (Score:5, Informative)
Re:Ubuntu (Score:2, Informative)
Outside of those two distros, I've only used RedHat and Caldera. Hope that puts things in scope. As far as UNIX, I've used pretty much everything out there. Still prefer Debian.
what about GRML?! (Score:2, Informative)
Re:Debian of course (Score:5, Informative)
Re:One vote for SuSE... (Score:2, Informative)
Not Gentoo (Score:5, Informative)
Main reason?
Sure, on the surface, Gentoo seems easy to update. Problem is, updates break things. Time and again, I have watched emerge upgrade things, possibly give me important info somewhere in the millions of lines of code it scrolls pointlessly, then I reboot to a service not acting right. This last emerge cycle left me with:
Samba in a broken state. Non protected shares worked, anything else gave access denied. Why? Someone decided to move the default location of smbpasswd and didn't notify me in a way to catch it since I wasn't watching emerge line by line.
Apache was broken. It would start one process and hang. Examining the error log showed a problem in PHP. For some reason, it missed a package that has to be recompiled every time PHP is upgraded.
Postfix has been broken in the past by similar, as well as my imap server. Filing a bug report on one of the changes was simply met with "so, deal with it" basicially.
Gentoo has a lot of hype. Actually using it across 10 servers scares me though. It turns out to be worse then any other distro in the amount of work needed to keep it up to date, since you get to spend time hunting down problems. At lease SuSE was nice enough to generate messages to root about important changes I may need to check on manually.
Re:Personally... (Score:5, Informative)
* Mandrake is Linux, as it is as stable as all other Linux distros
* includes recent versions of software
* easy administration: point-and-click interfaces (with text versions using ncurses) plus the classic ssh + vi +
* company commited to GPL Mandrake golden rules [mandrakesoft.com]
* LSB-compliant (Linux Standard Base)
* The company is making money (the company will be here for a long time)
* 2 main versions
- regular version (including gratis download edition)
- corporate edition (including support 24x7 and all that jazz)
And, oh, yeah, Mandrake has a native apt-get like tool called urpmi, with both GUI and text interfaces.
Peace
So true (Score:3, Informative)
And as a competent admin, I choose the distro that don't get in the way, that let me do the things my way. By that aspect alone, LFS [linuxfromscratch.org] would be the best, but it a bit exagerated. (I highly recommend to install it [linuxfromscratch.org] once though, if you are interested in better understanding of the system, it's parts and how they work, from boot to the password prompt and applications. I used it at my machine at home for quite some time.)
I choose Slackware. I used to install everything (after the initial instalation from the distro CD) from source, but it got tedious. Now I use swaret to upgrade the security-related packages. The software more importantly used (in my case: postfix, clamav and spamassassin and squirrelmail) are monitored from freshmeat and upgraded manually as I see fit (some from source code). Other software are not upgraded unless needed (if it works, don't mess with it).
The main source of problem, in all the distributions I tried, is the package system. Ugrading (or, in some cases, even installing new packages) can break the system. Of course when installing from source you also have the risk, but things are more under control if you know what you're doing.
RHEL no question (Score:3, Informative)
I purchase RedHat licenses for everything that is in the DMZ, or runs software that requires RedHat Enterprise Linux for support (think Oracle Databases).
Then I use Whitebox Linux [whiteboxlinux.org] for everything else. It's pretty much exactly the same as RedHat (you can pick another RHEL rebuild if you want, CentOS and Whitebox Linux are my two favorites). Whitebox can have problems from time to time, because it's a one man show. CentOS looks nice, but it sounds like the mailing lists are used less, and the web boards more for discussion and help (I've never participated, but that's the a complaint I've seen on WhiteBox lists about CentOS). I like e-mail lists for help/support. Call me silly. While web boards are nice for random discussions, I'd much rather review e-mail for technical support (both on the giving and receiving end).
I use that for the desktop. Other then, it's a bit RAM hungry, it's fine for a desktop for most people (the lack of a good MP3 player might bother most, but I play oggs, so I'm good with it). You need more then 128MB of RAM to run OpenOffice on it at a reasonable speed. (I was running a PIII-500 w/ 384MB of RAM and it was acceptable, with a new P4 w/ 128MB of RAM it was unbearably slow running Mozilla and OpenOffice at the same time. I put a 1GB of RAM in and now it's wonderful).
In the end, it means I can run almost exactly the same OS at home that I do at work. It's industrial strength, and all of the expertise I build up using it, is going towards one of the two distro's that all major software vendors support. I don't know of any Suse "rebuilds", otherwise I might recommend those.
Kirby
Re:Not Gentoo (Score:3, Informative)
Something like "emerge -u world | grep '*' >> important_update_info.txt"
The imporant messenges are all prefixed with * so you can easily catch them. Make a shell script to do it for you. Mail it to youself if thats what you need.
As for just blindly updating, thats not something you should be doing on a production server. Test server first, then roll changes to production.
Re:Goodness (Score:3, Informative)
Agree & love Gentoo (Score:4, Informative)
Now, it's very likely that the above poster upgraded his config files blindly and this is what messed up his installation, FYI config files in Gentoo aren't automatically overwritten, you're supposed to "merge" / manage them, and the process isn't very simple.
So, what to run in Production? Ideally you roll your own to production, Gentoo makes a great base system, trim it down to minimal files you need to do what your server needs, and then lock down all permissions. Ideally your production server will be as tight as it can be and still do its job. So keep a "master/build" server that has all your development files on it, and then a "production" server that only has what's needed to run on it. Make images of your production, and update by updating the master server, then the test production servers then the production servers. If you're running yum/emerge/urpmi/etc on a live production server you're opening yourself up for many risks.
Oh, it's hard to go wrong putting FreeBSD into production also, too bad it's
Re:Slackware! (Score:2, Informative)
tried almost all other distros but in the end its always slack that stays
Re:Gentoo (Score:3, Informative)
Interesting. For the record, I use suse pro 9.2 on my desktop, and suse 9.2 pro on my servers. (and a suse 9.2 pro box for gaming - personally, I don't see the point of bothering with microsoft issues just to play ut2004, doom3 or quake 3 arena when those games run quite nicely on linux)
But more to point of the original discussion, my employer's requirements are different from mine, and so they are running suse enterprise linux, aka SLES 9. They need the extra support and feel-good indemnification clauses that come with the enterprise version, but otherwise, it's actually pretty hard to tell the difference between suse pro and suse enterprise.
When it comes to smaller businesses, I've set up linux servers (yes, suse pro) for several of them. They all seem quite happy with it, since it tends to be a set-up and forget it proposition. It's cheaper, but no indemnification. Then again, they just want something that works, and there's usually no money lying around for sco extortion insurance anyway.
Re:SuSE (Score:2, Informative)
No .iso's to download? Another strike. Ya, I'm a free beer kinda guy.
Acutally I downloaded the SuSE 9.2 pro .iso the other day and installed it. I'm a slackware user myself, but SuSE is *nice*.
Re:Not Gentoo (Score:2, Informative)
Now, I have a friend who has a remote dedicated Gentoo server who adamantly refuses to run etc-update and his box breaks every time he runs emerge -u world.
For my money Gentoo is the answer. Weekly emerge sync's & upgrades (look at what you are upgrading), consitent usage of etc-update, and a good thorough understanding of Gentoo's USE and ARCH settings will keep a Gentoo box in good working order.
At work, when we have a new service to provide, we look at the following OSs in order
1. OpenBSD
2. Gentoo Linux
3. Mac OS X
4. Windows.
All of our external services run from OpenBSD, most of our internal services run in Gentoo (even a predictive dialer) or OS X, and a total of 3 servers run windows.
When security is really important however, we don't even consider Linux, opting instead for OpenBSD.
Just my $.02
Re:Gentoo (Score:3, Informative)
Perhaps the whole up2date versus yum versus yast versus apt-get debate. Easy to upgrade depends as well, since Fedora is easy to upgrade but they drop support so damn quick that you better upgrade, unless you are using software that borks unless you use a specific distro (Ensim for instance)
Personally, I see a great deal of difference in SuSe (my new fav) and debian and redhat (my first distro). In package management, configuration setup and number of preconfigured packages (although I don't really mind compiling my own sources).
Me, I use SuSe on the desktop and was using Redhat on the server, although that is getting migrated to SuSe as well. (if they weren't that different, I wouldn't need to migrate now, would I?)
Re:Debian (Score:4, Informative)
Debian stable is enterprise grade. Bugs and security fixes are backported, very slow upgrade cycle (typically 2 to 3 years), extensive testing. It is, in my experience, the only truly stable (in the tradition of Solaris and BSD) Linux distribution. It's great in an enterprise environment because you don't need to upgrade it frequently, and the Debian security team provides security patches that don't screw your system up -- you can configure apt to download and install security updates immediately in the background. Debian stable is the server you put in the corner and forget about. It'll run forever.
Then, there's Debian testing, which will eventually become the next stable. For most people who don't need the very latest software (especially GUI environments) but who do want more frequent updates, testing is ideal. It's not much less stable than Debian stable, much more up to date, but not so bleeding edge that it breaks constantly (like Gentoo).
Debian unstable, despite its name, is actually quite stable -- I rarely have any problems with it. It's good for a desktop machine when you want the latest and the greatest, and are willing to spend some time updating the machine (because you'll need to do it frequently).
Those are the big three that people run. There is a fourth: Debian experimental. This contains packages that haven't made it into unstable yet, usually because they have bugs or other problems. I don't know anyone (other than clueless noobs) that would try to run experimental -- what's much more typical is to run unstable and pick occasional experimental packages out by hand.
People that talk about how far behind Debian is usually only use stable, which is the default install -- but upgrading to testing or unstable is trivial (ie, one command). Understand that for enterprise servers, new is not the same as good. Take a look at Solaris and see how old a lot of the included software is -- that's because you're supposed to configure Solaris (and most servers) to do what you want and forget about them. Debian follows this model. Stable is amazingly stable.
The only real issue (as some other posters pointed out) is that many commercial vendors only support stuff like RHEL and SuSE, which ties your hands sometimes. But in other situations, Debian Stable beats the pants off of both of those offerings in terms of stability -- they never fail (well, almost -- x86 hardware is flaky, after all, but that's not Debian's fault).
Re:Gentoo (Score:3, Informative)
You do know that you can do a stage 3 install & use prebuilt packages these days, don't you? You only have to compile the kernel. Later when you update/upgrade the system you can compile the components being upgraded/updated. Let's face it: even though many of us linux geeks like to compile stuff from scratch (stage 1 baby!) Portage is really damn cool. You've got a huge repository of packages from which to choose. All of which are just an emerge away! ;) Pretty painless management as I've experienced it.
Oh and while I'm on it, Gentoo is already working on a GUI frontend for installation. That will make the stage 3 w/ prebuilt packages install quite painless.
Re:Ubuntu (Score:2, Informative)
No, I'm not really serious. Yet.
Re:Well, SuSE or RedHat, obviously. (Score:3, Informative)
That might have been true a few years back but it's no longer true. Redhat employs Alan Cox, Ulrich Drepper (glibc), Tom Lane (postgresql) and quite a few other glibc, kernel, gcc, and application developers to write code. They help get the code ready and apply/develop any patches necessary to get software stable and bug free. Suse/Novell employs similar big names (Miguel de Icaza, etc.) to help in developing and fixing their releases.
With Suse or Redhat if you have a problem after installing Oracle, I'm sure they will work with you and Oracle to get the problem fixed. And less that may involve the developers on staff at Redhat or Suse to work on it and come up with fixes.
Re:Gentoo (Score:2, Informative)
I run my emerge --update using nice, and this then allows the rest of the system to run normally, while updates operate on a low priority thread. This minimizes the affect on the box.
Re:Gentoo (Score:1, Informative)