So I have a Web server running Fedora Core 4. That was the latest and greatest Fedora when I opened my hosting account, but now it’s slightly out of date. The Fedora project is up to version 6, and the stuff installed on my server no longer really gets updated. I’m not a systems administrator, and I’m not even qualified to pretend to be one in meetings, so I’m at a bit of a loss when it comes to dealing with this situation.
I like having more recent software packages, but I don’t want to have to reload the OS on the server box frequently, both because it’s a huge pain and because I have to pay to have it done. Plus it causes a painful email outage.
It seems to me that my options are:
Keep Fedora Core 4, and when I want new stuff compile and install it myself, outside the OS packaging system. The problem is that I’m not going to maintain everything myself like that, and all of the packages that I don’t override will just get older. Also, then I’ll be in charge of keeping up with security updates for all of the packages that I compile and install on my own.
Have the box reloaded with CentOS. I’ll still have lots of old packages, but at least I’ll be using a distribution that is built around the idea of keeping old, stable packages around for a long time. I’ll still get security updates and so forth, but I’ll hardly be on the cutting edge.
Have the box reloaded with the stable version of Ubuntu (or Debian). I should then be able to keep up with the latest and greatest packages, and keep upgrading the distribution without dealing with OS reloads. The only downside here is that I’m not a Debian expert, nor do I know any Debian experts.
How do real systems administrators handle this problem?
Update: I think I’m going to have the server reloaded with FreeBSD. I’ve always liked the FreeBSD ports better than any Linux package management scheme.
May 21, 2007 at 2:53 pm
I manage around a hundred Debian systems and it generally works quite well – just apt-get update / apt-get upgrade on a regular basis, assisted by a package such as apticron which will send email notices when new packages are available (that’s what I do for my home / testing systems; I’ve automated the process at work).
We’re using Debian after having Red Hat and SuSE break systems when upgrading to a new release (even with fresh installs of the previous version) – Debian’s never done that. We generally install it on a new system, “apt-get dist-upgrade” every time a new release comes out until we retire the machine five or so years later.
The big catch will be newer versions of packages (e.g. the latest “ooh, shiny” release of your favorite language). Generally you’ll have few problems pulling a specific package from the testing distribution or backports.org but you’re running against the philosophy of the stable distribution and may occasionally run into problems if you can’t wait until the next release (generally 12-18 months).
In general, though, it’s unusual for this to be an issue on servers unless you’re very aggressively tracking some key programs and presumably in those cases the benefits are worth having to do more testing before upgrading.
May 21, 2007 at 3:45 pm
I haven’t used Linux in many years, after one too many versionitis-related issues. Seriously, the plethora of variants may indicate a vibrant ecosystem but to me it’s just confusing. I have used FreeBSD since release 4.4 and have found it to be quite easy to manage, since the source code for the OS and userland are integrated and available from a single authoritative repository. Ports (16,000 of them at this writing) cover pretty much everything anyone could want.
YMMV, of course, but for a robust and proven server OS (Yahoo is the usual reference site to point to), I recommend it highly.
May 21, 2007 at 4:14 pm
I second the rec for Debian (or Ubuntu which is basically the same story). That’s what 80% of my Linux systems at VT run on (the others are Red Hat only because that’s what the vendors (Oracle and Blackboard) require for their software to install). Upgrades are smooth, especially for server components.
I run Ubuntu on all my personal computers and my home server and it’s worked out great. Version 6.06 (Dapper) will be supported for two more years and as mentioned, the dist-upgrade feature is always available to keep yourself up-to-date.
May 21, 2007 at 4:19 pm
Your first solution is a non-starter. Don’t do it. Gives me the shakes, just thinking about it. (Think how you’d react upon seeing somebody doing copy-paste-mangle coding instead of factoring things out into functions — similar reaction.)
Second solution: eh. It could work, but in general the RedHat-derived distributions really seem to want you to reinstall for “major” upgrades of the OS. Perhaps that’s gotten better with CentOS and the like, but I’d be surprised if it was completely transparent.
Third (and fourth) solutions: Debian, as Chris says, is much much better about being an “install once, upgrade forever” deal. That’s probably the best way for you to go. You’ll have to decide between Ubuntu and straight Debian; the advantage of the former is that it’s probably a bit more n00b-friendly; the advantage of the latter is that I expect you’ll be able to track Debian stable for at least as long as you’re interested in doing so, with very minimal changes to your configurations. Upgrades between Ubuntu releases seem to be a bit more problematic than upgrades between Debian “stable” releases, at least from what I’ve seen.
Finally, if Paul’s comments about BSD ports sound good but you’d like to stick with a Linux-based system, Gentoo is worth a look. It’s the easiest way to keep most things at very stable release levels and still get security fixes for them, but have the very latest Apache/etc web dev stack.
Holler if you need more specific advice, by the way; happy to help out…
May 21, 2007 at 4:43 pm
One word: Debian. Upgrading between Debian releases is relatively easily and foolproof; I’ve been on the same Debian install on one of my servers for 3 yrs without a hiccup.
In my experience, Ubuntu does not upgrade as well or as easily as Debian (perhaps less testing? whatever the reason).
May 21, 2007 at 5:06 pm
I’d also go for the third solution, although I use Gentoo. I like Gentoo because for any installation (after the actual installation), releases just don’t matter at all. This means, for example, that modern packages generally get to me a lot sooner than for many other distributions (especially Debian). On the other hand, you have to compile everything from source (or at least, emerge has to do that for you). That can take a little longer (but it can run unsupervised and can send reports of it’s progress by email), but it also means every package is compiled with the options I need, instead of the full-blown packages Debian uses by default.
May 21, 2007 at 5:33 pm
Thanks for the feedback. I actually really like Gentoo, but my hosting provider doesn’t offer it. (I used a laptop running Gentoo as my main development machine back in the day.)
FreeBSD is a consideration as well. I was on pair.com for a long time, and they’re based on FreeBSD. I’ve also installed it and run it myself at times. I just get the feeling that BSD is sort of falling by the wayside these days (most of my sysadmin friends are on the Linux side of the fence). That said, BSD has always been my sentimental favorite.
I think at this point I’m down to choosing between FreeBSD, Ubuntu, and Debian, all of which are offered by my hosting provider. Decisions, decisions.
May 21, 2007 at 7:28 pm
we’ve been very happy with our migration to Ubuntu. i’m no sysadmin expert, and i’m able to easily get by, and for the things i get stuck on the Ubuntu community has been very helpful to me. Gentoo, which i also run, is another excellent choice.
either way, the advantages of package management are hugely compelling if you’re going to be responsible for any of the maintenance and upkeep. feel free to ping me (or just post), if you have specific questions concerns.
May 21, 2007 at 8:45 pm
call me old-school, but I’d recommend Debian for any system that doesn’t require a desktop manager, because of its proven track record. Otherwise, use Ubuntu 6.06 LTS, which will be supported until 2011. By that time you will have shut that current server down.
Debian provides support for its previous releases for up to 1 year, so since stable/Etch is brand-new, you’re in the sweet-spot for a Debian installation right now.
I’d generally warn that automating the upgrade process is quite risky. I don’t know how someone could manage “a 1000 servers” like that. Also, dist-upgrading generally works, but is the equivalent to a heart transplant. It’s like upgrading to Vista from XP. It can be done by a normal user, unless something breaks, which is usually a kernel-module.
As this is your private machine, you don’t have to worry about security support for old packages so much (we, for example, have to keep PHP 4.3.11 around, because we have software that won’t run with 4.4’s “fixes”), so I’d go with Debian Etch and backports.org if you need something special.
May 21, 2007 at 10:40 pm
I just get the feeling that BSD is sort of falling by the wayside these days (most of my sysadmin friends are on the Linux side of the fence). That said, BSD has always been my sentimental favorite.
Not sure why you would think that. There’s as much energy there as I have ever seen. Take a look. The version numbers may not move as quickly as some other products, I’ll admit 😉
With 16,000 ports and the Linux ABI for those things that haven’t been ported, it’s pretty complete.
May 21, 2007 at 11:29 pm
I’ve used Debian and now Ubuntu. I’m just about to retire a machine that’s been my server for probably 6 years now, using Debian, with regular “apt-get update && apt-get upgrade”s. A few of those times I had problems (I’ve learned to always have a second SSH window opened, and to make sure that I can log in with a third before I close the first two…), and sometimes an upgrade will foul up config info, but overall it’s been amazingly trouble-free.
And if you really have to run the latest and greatest, “apt-get source”, judicious use of patch and diff, and “dpkg-buildpkg” seem to have given me most of what I think I would have otherwise gotten from Gentoo…
May 22, 2007 at 12:13 pm
Debian is a great choice for a server. I love Ubuntu on the desktop and don’t really see any reason why it wouldn’t be fine for web hosting as well; you have the advantage tht new packages are available sooner than with Debian, but the disadvantage that (currently) Debian packages seem to see somewhat more testing prior to release. Which may change, granted.
I really don’t see much reason to go with any linux besides Debian or Ubuntu at this point. dpkg/apt is a much better package management system than RPM in my opinion.
Gentoo is great in principle (I ran it for years) until you have to install a bunch of stuff that is really large, then it becomes more time consuming than I really wanted to deal with. It was great for me in one respect; I actually DID take advantage of portage’s ability to configure things via the make opts. But if this doesn’t matter to you, then there’s really no point in a source distro.
But it sounds like you’re going with BSD. BSD is of course a solid choice for a server, and the ports system is great. It’s probably a great choice for you.
May 22, 2007 at 1:30 pm
I’m actually still vacillating. I have always gotten along better with FreeBSD ports than with Debian apt, but I feel like Debian/Ubuntu is where the market is going. Plus for systems administration advice I have to rely on the advice of others, and I know more Linux people than BSD people these days. Most of them are in the Red Hat world, but I’m definitely not going with any Red Hat derivative.