Gentoo as a Production OS

[sf_alpha]

I also use Gentoo on production system (I have around 10-20 servers).

Gentoo offer nice customization, I mean not only the USE Flags or CFLAGS. I found that initscripts system is also powerful and ebuild system is great.

Making ebuild or my own initscripts is easy. I can integrate my own software, patches and other stuffs inside overlay.

If your site have a same hardware such as same series of DELL as I have. Use of one server as package builder inside chroot, only add FEATURES="buildpkg" in make.conf, You should use same make.conf and anything in /etc/portage for every servers to do this.
Share /usr/portage among all servers using NFS, you get portage, package, distfiles in place. 'emerge -k whatever' is much like yum or apt-get.

One thing I need to mention you. You may create nice customized Stage3 from that chroot with only one tar command then deploy the hundreds of server from the install CD with the GRUB on it. Now you have you own MyGRP (My Gentoo Reference Platform).

People usually hate Gentoo because of compiling time, but it actually because they even not know what the emerge command can do

(Change: remove buildsyspkg)
_________________
Gentoo Mirrors in Thailand (and AP)
http://gentoo.in.th

[steveL]

Great summary, sf_alpha, and nice outline of how to do it: thanks! /me links here from tips

[Kasumi_Ninja]

[Suicidal]

[Kasumi_Ninja]

[tylerwylie]

I deal with Gentoo on production systems all the time, in virtual machines as well as physical. Works pretty well I must say but we are in the process of replacing them.

[Kasumi_Ninja]

[tylerwylie]

[Kasumi_Ninja]

[sf_alpha]

I think only FEATURES="buildpkg" is enough.

But I not sure is the system packages are built or not with only buildpkg so I added buildsyspkg also.
_________________
Gentoo Mirrors in Thailand (and AP)
http://gentoo.in.th

[Suicidal]

[anomalizer]

After years of using gentoo, I'm still not sure how to have a perfectly reproducible setup. Assume I have 3 boxes configured to be exactly the same (getting ot that stage is a big deal in itself), adding a 4th box after six months that is a replica of the first 3 boxes seems near impossible.

Note that I am neither saying the software is unstable or the package management is flaky; just that it is very tough to try and replicate an existing setup. That IMNSHO makes it a bad choice for production environments.

[Suicidal]

[Kasumi_Ninja]

[crackytron]

This thread is a really interesting read

This is what I've decided to do:

RHEL Server on Rackspace that is managed and auto-updates.

3x Gentoo Virtual Servers installed on this:

- Virtual Server one: "Present"
This would be the production system, it would be booted all of the time and would contain the most current version of sites, etc.

- Virtual Server two: "Past"
This Virtual server would not be running most of the time, it would contain the last most stable configuration and would only be updated when I was SURE that "Present" was 100% stable. It would also be a fallback if "Present" broke for some reason. It would be like a redundant system.

- Virtual Server three "Future"
This is where I'd apply updates, develop sites, test ideas. When I was 95% certain this was stable, I would have mirrored onto "Present" and the copy of "Present" cloned onto "Past".
It would run most of the time but have a very small % of the server's resources. Sites on here would be ideally deployed via an SVN based deployment system (I have one that sort of works anyway).

This would mean that there was stability, capacity for testing, and a good scope of fallback should shit hit the fan.
Hackers would only be able to gain access to "Present", and they wouldn't be able to touch the actual RHEL OS. If "Present" was comprimised, I could copy "Past" onto it, do further testing of "Future" then copy future onto it.

The problems:

- I have no idea how to do this.

- I think it is a good idea but I'm not 100% sure. Is it overengineered?

- We'd need 3X the hard disk space.

- It would take a lot of work to set up.

I've heard Virtuozzo does something like this - whats the general consensus on virtual servers for a configuration like mine. Is there much performance hit to doing what I do? Also it is expensive and if there are any free alternatives that'd be awesome.


Lastly, I don't know about server-hardware much at all. If anyone could recommend whether I should order an Xeon, Opteron, SCSI vs SATA, how much RAM, sensible RAID? - I don't want to overspend and bankrupt our small company but I don't want to underspend. FYI we're going to be going with Rackspace as their support is excellent.


PS - Apologies if I'm asking too much. I know I should get proper training but I'm working for a small company and we cannot afford things like that :E

PPS - Also would it be dumb to use a server like this as an SVN repos?
_________________
welp

[steveL]

[crackytron]

Thanks steveL!

I think what I'll do is I'll try setting up OpenVZ (the open version of Virtuozzo AFAIK) on a test server or something. Once thats done I can fuck around to my hearts content.

With OpenVZ/Virtuozzo do all the servers have to be running and sharing CPU or can you say like, limit two of them to 0% CPU, etc?

I'm kinda a developer with linux knowledge(ish) thats acting as a sysadmin. I'm not complaining as I enjoy it but it does mean I lack experience.

Here's what I was speccing out for the server with rackspace:

[welp]

What what what?! What's my nick doing in your sig?
_________________
Gentoo/BSD, Gentoo/Alt AT and Bugday lead
AMD64, Xfce, Sunrise, www-servers, net-irc, lang-misc, Artwork
If you find a bug, submit it! Bugzilla

[crackytron]

[georgia_tech_swagger]

I have a half dozen production colo servers plane flights away running Gentoo. I now have a very deep and very real fear that there will be a fork where most Devs go, or Gentoo might become defunct. If that happens, I will have to eat thousands of dollars in plane flights, man hours, and downtime flying on planes to datacenters to change servers to Debian. If this happens, I will never come back to WHERE EVER this community ends up.

Aren't there a couple of major managed hosting companies in Europe who use Gentoo? If I'm their CTO, I'm *enraged* right now.

[blu3bird]

domainFACTORY
_________________
Black Holes are created when God divides by zero!

[AllenJB]

There will be no fork. At least, not one that most of the devs will follow.

[Seek]

Daniel Robbins won't do a fork.
Read his latest Blog for further information: http://blog.funtoo.org/2008/01/what-to-do.html
and the Gentoo foundation still exists: http://www.gentoo.org/news/20080118-foundation-status.xml

After those events happened, Gentoo is just more 'awake' and hopefully getting better than before.
I think you don't need to worry about your Servers.

[i92guboj]

Don't worry.

People telling you the Earth is flat will not make it flat just using words.

Gentoo is as active as it always was. I have been here for years and can't notice any regresion. In which regards functionality all is better and better everyday, at least that is my view of the things.

[c0d3g33k]

Unless you paid for a support contract or have some other sort of explicit agreement that leads you to believe Gentoo will continue in perpetuity to support your business and save you trouble and money, you have no basis for any expectation in that regard. FLOSS is a wonderful, wonderful thing, but it doesn't guarantee anything except the ability to carry on with all that you were given.

You have the source code available to you, the tools, portage etc. There is nothing at all preventing you from continuing to run Gentoo, making the updates and changes you want and keeping your servers going. The Gentoo developers, the Gentoo community, the upstream developers of the packages you want owe you nothing. The only thing you stand to lose if the unthinkable happens is loss of free support and development. It's the latter you seem most concerned about losing, and it's the latter you have the least claim to receive.

The builder of my house doesn't owe me indefinite upgrades and repairs just because he built it, even when I pay (dearly) for it, let along getting it for nothing. I am responsible for maintaining it myself. I can do that by paying for workmen to do the things I need, or convince members of my community to help me (most likely in exchange for time spent helping them). With Gentoo you can hire someone to do the work for you, or do it yourself.

That's more than you get from most commercial software.

TANSTAAFL.