On Thursday, January 10, 2019 1:16:11 PM EST Rick Stevens wrote: > If I may offer my $0.02, Fedora on production systems is not a great > idea. We manage well over 2000 servers each in two data centers. The > vast majority (>85%) are CentOS-based because of its relative stability. > The remainder are generally Ubuntu LTS-based, again because of its > relative stability. Fedora is great for production systems. I think it's wild that people keep saying otherwise, and they consistently list CentOS as being the better option. The only major difference is that Fedora has more frequent updates. That does not make it unstable, for sure. Fedora is always in a stable condition at release. > Fedora changes every 6 months--sometimes in major ways that are not > necessarily backwards compatible with existing systems. Oh, never mind, there it is. You never meant stable, you meant "It updates too often for me to figure out how to manage." > It is very cumbersome to update 3000+ servers every 6 months and > deal with the compatibility issues that crop up. We have to deal with > those when CentOS or Ubuntu gets a major upgrade (such as CentOS6 > -> CentOS7), but that happens every couple of years and is far more > manageable. As far as security is concerned, any significant security > patches are generally backported to CentOS and Ubuntu and applied > when they come out. The few cases where a patch can't be applied, > well, those are fairly rare and dealt with as what they are...exceptions > to the general rule. Not at all. This is, in fact, why we have deterministic tools to manage systems. I personally manage well over 1.5k production servers, and a few hundred on-premises servers, all running the latest release of Fedora, with the exception being that I run them with Freed-ora-freedom. > At the network level, our VPNs and core routers are Cisco, our edge > switches are Foundry. We have two 10Gbps uplinks to the Internet so > smaller hardware is not an option. Fortunately, I'm well versed in these > beasties as Cisco IOS isn't a particularly intuitive system. This is common, and I personally believe that we need to fix this. > For a router/VPN gateway in a SOHO environment (even some medium-sized > cases), I'd go along with those who recommended using OpenWRT on > inexpensive router hardware. It is Linux-based and optimized for use on > such devices. It is relatively easy to manage via its web-based GUI and > does its job quite well. Fedora or any full-up Linux system, is (IMHO) > overkill in such cases. A complete Fedora installation would be an excellent, incredibly flexible router. -- John M. Harris, Jr. <johnmh@xxxxxxxxxxxxx> Splentity https://splentity.com/
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
