View previous topic :: View next topic |
Author |
Message |
kres Tux's lil' helper
Joined: 14 Jan 2003 Posts: 122 Location: Narnia
|
Posted: Fri May 16, 2003 3:32 pm Post subject: Why, exactly, is Gentoo not "server" friendly? |
|
|
Call my old fashioned... but when ppl say server, I think of stripped down, built for purpose OS.
Also, this is what I think of when ppl say Gentoo.
I have built a few servers with it and find that there is a uber amount of control with the Gentoo system that I simply can not get on a RH, SUSE, FreeBSD {To a point} box.
If I need something, I compile it, slap it into place and go. Gotta get a lib? Er, I put it where I needed it.
As I reviewed a lot of the "Other Things Gentoo" posts I found that alot of the questions about "what should I use, X or Gentoo?" where ansewered with "Desktop=Gentoo, Server={Somth'n else usually BSD}
Hell the only problem that I EVER had with a server was with the Nagios ebuild - the ebuilder decided to move all the default locations and twist up the apache config. I didn't like it. So I backed out the ebuild and compiled it. No big deal.
Educate me ppl. I am running 2 Gentoo servers in my commercial production environments and I LOVE the things. I know EXACTLY what is on them, I can choose EXACTLY what I want to put on them using a well crafted ebuild statement, or just compile it myself without hassle. Why is Gentoo so pigeon holed by it's own user group as a "Desktop" OS primarly? _________________ Kres |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20485
|
Posted: Fri May 16, 2003 3:51 pm Post subject: |
|
|
There are sever threads covering this already.
To be brief, the nay-sayers are generally thinking of stability of packages. Here is a good place to point out Gentoo Linux Stable.
Keep in mind, many places are usinig Gentoo in a server/enterprise environment. Gentoo is one example.
Moved from Other Things Gentoo. _________________ Quis separabit? Quo animo?
Last edited by pjp on Fri May 16, 2003 3:52 pm; edited 1 time in total |
|
Back to top |
|
|
idl Retired Dev
Joined: 24 Dec 2002 Posts: 1728 Location: Nottingham, UK
|
Posted: Fri May 16, 2003 3:52 pm Post subject: |
|
|
Gentoo is server friendly... but its just up to personal preference what you decide to run on a server.
For me I'd only ever use FreeBSD on a server. Why? Stability, Speed, Efficiency. I'm not saying Linux doesn't have these qualities... I'm just saying FreeBSD is better at them _________________ a.k.a port001
Found a bug? Please report it: Gentoo Bugzilla |
|
Back to top |
|
|
kres Tux's lil' helper
Joined: 14 Jan 2003 Posts: 122 Location: Narnia
|
Posted: Fri May 16, 2003 4:52 pm Post subject: |
|
|
pjp,
Yer right, there are other server threads out there... but I found them to be rather fluffy and full of opinion, rather than fact-filled.
I was looking for something more specific like "There are often incompatibilites with the run-level definitions and scripts that make programs like NFS a bit squirlly." Or "most of the sys-kernel base optimizations raise hell in true server situations, causeing connecton saturation and poor port response under load..."
Stuff like that!
I guess I missed it, if it's there. Do you have a sample for me to find? _________________ Kres |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20485
|
Posted: Fri May 16, 2003 5:13 pm Post subject: |
|
|
kres wrote: | there are other server threads out there... but I found them to be rather fluffy and full of opinion, rather than fact-filled. | You are correct. I don't think I've seen much with actual facts. _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
gsfgf Veteran
Joined: 08 May 2002 Posts: 1266
|
Posted: Fri May 16, 2003 7:38 pm Post subject: |
|
|
Gentoo's main flaw is that packages aren't heavily tested. With say debian, you know stuf works by the time it's in stable. However as long as you install stuff on a test machine first (which you alwayws should) gentoo's great.
BSD may be better, however, since it's usually more stable and is (at least somewhat) designed for the server. But i think gentoo's just as good. _________________ Aim:gsfgf0 |
|
Back to top |
|
|
Mystilleef Guru
Joined: 27 Apr 2003 Posts: 561 Location: Earth
|
Posted: Fri May 16, 2003 7:59 pm Post subject: BSD ain't better than Gentoo and vice-versa... |
|
|
Hello Gents,
Isn't it the responsibility of the system administrator to determine whether to upgrade a package based on stability or whatever upgrade policy is being implemented?
I mean, any responsible system/network administrator will not leave that decision to the developers. It is also the responsibility of the system administrator to carry out extensive testing, stability and compatibility examinations before adopting, upgrading and/or deploying a package.
Opinions aside, how does BSD performs better in a server environment than Gentoo Linux? The answer is, that can only be determined by the qualification, judgement and experience of the system/network administrator in charge of either systems, or the OS policies in place. _________________ simple, sleek and sexy text editor for gnome
"My logic is undeniable." |
|
Back to top |
|
|
guero61 l33t
Joined: 14 Oct 2002 Posts: 811 Location: Behind you
|
Posted: Fri May 16, 2003 11:14 pm Post subject: |
|
|
It seems a lot of security people have complained about having a compiler on a production system/server... I can understand that, but...
My personal opinion is that I would use Gentoo on any platform I deemed worthy of maximum computing power, whether it be my desktop, a backroom server, or the little P-100 I keep under my desk for filesharing, mail serving, etc. My wife's Mac still runs OSX because she doesn't need "maximum computing power", she just likes using it because it Just Works (tm). |
|
Back to top |
|
|
ghuug Bodhisattva
Joined: 07 May 2003 Posts: 53 Location: West Africa
|
Posted: Sat May 17, 2003 1:16 am Post subject: |
|
|
guero61 wrote: | It seems a lot of security people have complained about having a compiler on a production system/server... I can understand that, but... |
Well, that's the thing I do not understand. what's the reason? A lot of folks probably would say - "to compile exploits, and use them against your server", others said "gcc requires a lot of dev libs, that can be used against server". But let me tell this straight - if someone wants to exploit your server, they will do it even if you don't have gcc and all dev libs. Upload gcc, upload libs, -> compile. Or upload binary -> execute.
Yes, I agree - gcc on server may cause some problems with kids, who train how to use gcc, but this is not a problem at all - if you know how to make servers secure.
I used FreeBSD for 6 years on the servers, and each server had gcc - those servers were heavily loaded and no single incedent. While my friend used RedHAT and didn't have gcc (used RPM) - as a result of outdated software his servers were hijacked regulary. Now that I know how to use GRSecurity I moved on Linux on production servers and yes, I still have GCC and all developer libs, but it does not make server more open to hackers/crackers/kids.
So this whole stuff about GCC is only a myth for those who don't know much about server security and prefer to stay with outdated binary packages. |
|
Back to top |
|
|
hewbert n00b
Joined: 10 Dec 2002 Posts: 63 Location: Rapid City, SD
|
Posted: Sat May 17, 2003 2:02 am Post subject: |
|
|
port001 wrote: | Gentoo is server friendly... but its just up to personal preference what you decide to run on a server.
For me I'd only ever use FreeBSD on a server. Why? Stability, Speed, Efficiency. I'm not saying Linux doesn't have these qualities... I'm just saying FreeBSD is better at them |
Blasphemous! |
|
Back to top |
|
|
paranode l33t
Joined: 06 Mar 2003 Posts: 679 Location: Texas
|
Posted: Sat May 17, 2003 2:55 am Post subject: |
|
|
I think people choose FreeBSD specifically because its kernel is optimized for the purpose of mad networking and serving many clients concurrently whilst maintaining good memory management. Linux can certainly do these things well, and you could probably optimize the kernel moreso for this purpose, but I think FreeBSD has been proven to be more robust in high-load network environments. I remember reading on slashdot some time ago about a slow old computer running FreeBSD which had like 1.5 million connections at the same time. It's very well suited for that purpose.
But I love Gentoo! And IMO FreeBSD isn't nearly as cool for a desktop OS. _________________ Meh. |
|
Back to top |
|
|
upnix n00b
Joined: 02 Jan 2003 Posts: 63 Location: Canada
|
Posted: Sat May 17, 2003 8:39 pm Post subject: |
|
|
First off, it is my opinion that Gentoo isn't ideal for servers.
Why?
Servers should be "serving" not compiling. Yes, you can (and probably should) have a development server, but realistically not everyone has or can afford one.
Gentoo's solution to ANY security problem is upgrade. This isn't always the best way to do things when you have software that depends on a certain version of software. In the BSD's and in RedHat (although not as often), if there's a hole in something (say Apache) they patch the version that shipped with the OS. For me personally, I NEED to use (and stay with) specific versions of Apache for ColdFusion. This argument applies to almost any piece of software.
https://forums.gentoo.org/viewtopic.php?t=31494
Anyway, I'm not sure any of the above is "opinion" so much as the way it is. Certaintly if you're careful Gentoo should work fine as a server, but I myself don't use it.
Chris |
|
Back to top |
|
|
nukes n00b
Joined: 09 Mar 2003 Posts: 13 Location: Scotland, UK
|
Posted: Sun May 18, 2003 5:31 pm Post subject: |
|
|
I think Gentoo is fine for servers. I have used it on a few. I ended up taking it off as it wasn't worth compiling everything specially for a set of K6/IIs. I stuck Debian on instead. But I don't see any reason that there should be a problem. You get all the security patches and only install what you need (deb will do that as well though) the only problem really is if you have version requirements like upnix mentioned.
I'd happily use Gentoo for a server if it was a reasonable speed and could affor the cpu time for compiling the software. I like it a lot and would make some of the work much easier (much better handling of runlevels and init scripts than other distros imo) _________________ _____
NuKeS |
|
Back to top |
|
|
starachna Tux's lil' helper
Joined: 17 Apr 2003 Posts: 104 Location: south africa
|
Posted: Wed Jun 18, 2003 12:55 pm Post subject: i think gentoo is cool for server |
|
|
personally i think gentoo is cool for server, depending on how you do the setup, i've heard of webservers, running x - no that's my point, your not going to play games on it, it's supposed to serv pages, and only that, i mean a web server should be a minimal installation ? not so ? and it's not that expensive either - get urself a good connection and bob's ur uncle, any 650 dell could be a webserver
my 2 cents _________________ http://www.3am.co.za - za psy trance |
|
Back to top |
|
|
elzbal Guru
Joined: 31 Aug 2002 Posts: 364 Location: Seattle, WA, USA
|
Posted: Wed Jun 18, 2003 1:11 pm Post subject: |
|
|
It all comes back to a matter of trust. When you choose a server operating system for an environment you are responsible for, your job is on the line to choose something appropriate. The question is 'will I get fired for choosing xxx'? (A related question is 'can I sleep at night with a xxx server OS in the datacenter'.)
Gentoo performs fine as a server operating system - better than many other linuxes (high performance, easy to administer, etc). However, when something goes wrong and people start pointing fingers, the sad truth is that some fingers will get pointed at the new kid on the block.
This is one of the primary reasons people say "I want xxx" (insert FreeBSD, Solaris, Debian).
As for my opinion in a heavily opinion-laden thread... At work I use Sun/Solaris and Windows 2000 Server (not by my choice), and I am setting up a single-purpose OpenBSD server for an environment. For my home datacenter (you know, the noisy pile of computers and switches in the closet), I use FreeBSD and Solaris. As soon as I have a specific need for newer hardware (i.e. I'm considering going to wireless-802.11g, but FreeBSD does not have the drivers in a stable release yet), I will happily set up Gentoo in the server closet. In the time I've used Gentoo, I've found it to be very stable. I found that Gentoo was more appropriate for a desktop OS over FreeBSD (at least for me) because of its better handling of games designed for Linux (you can get these to run in FreeBSD, but they are not always reliable). |
|
Back to top |
|
|
idl Retired Dev
Joined: 24 Dec 2002 Posts: 1728 Location: Nottingham, UK
|
Posted: Wed Jun 18, 2003 1:17 pm Post subject: |
|
|
I'm actualy considering installing Gentoo on my server instead of FreeBSD to replace OpenBSD. Mainly because of Portage, the ease of updating software and I've not yet spent much time on secureing a Linux box.
I can see having to compile software as being a problem because its a slow machine, but I will be using distcc to help with that. _________________ a.k.a port001
Found a bug? Please report it: Gentoo Bugzilla |
|
Back to top |
|
|
paul138 Guru
Joined: 09 Aug 2002 Posts: 370 Location: Ottawa, ON
|
Posted: Thu Jun 26, 2003 2:28 pm Post subject: |
|
|
This thread cracks me up.
What you run on your server is a personal or corporate preference/requirement. At our location we have 10+ Gentoo servers running everything from 1.2 to 1.4_rc4. All of them are rock-solid.
To argue what is good or bad is like trying to nail Jello to a tree (ok, nobody is arguing, I just love to say that) _________________ Talk is cheap because supply always exceeds demand. |
|
Back to top |
|
|
flickerfly l33t
Joined: 08 Nov 2002 Posts: 677 Location: Lanham, MD
|
Posted: Thu Jun 26, 2003 6:24 pm Post subject: |
|
|
We have several Gentoo servers in position running all sorts of things, mostly behind the scene. Eventually I'll get our fileserver off RH and onto that, but that means taking it down and I have other things in the priority list. _________________ An Evil Genious' Guide to Sheeple and How To Avoid Becoming One | 0x4C9EF4A |
|
Back to top |
|
|
mmealman Guru
Joined: 02 Nov 2002 Posts: 348 Location: Florida
|
Posted: Thu Jun 26, 2003 6:46 pm Post subject: |
|
|
I think it depends on how you manage your servers. I first used Debian unstable, then testing when it came out, on my servers for the last 5 years or so. I'm installing a new server fairly soon that will be Gentoo and after that I'll be switching my old servers to Gentoo.
I'm used to testing upgrades on a beta machine and fixing problems on that before going into production, so running Gentoo on a server shouldn't cause me any problems.
In fact, it'll fix a few limitations I've been having with Debian, like making it easier to custom compile certain packages(php) and being easier to install(the new server requires a very recent kernel for hardware support).
But for people who are more used to a "plug it in from the vendor, and it'll just work" Gentoo probably isn't suitable for them. They should use something like Debian's stable branch. |
|
Back to top |
|
|
cdunham Apprentice
Joined: 06 Jun 2003 Posts: 211 Location: Rhode Island
|
Posted: Fri Jun 27, 2003 12:56 am Post subject: |
|
|
mmealman wrote: | But for people who are more used to a "plug it in from the vendor, and it'll just work" Gentoo probably isn't suitable for them. |
I would say for people like this, managing servers isn't suitable for them.
I'm running a dedicated server on Gentoo at The Planet, and so far it's working out great, but I can see some troubles ahead. More on that in a minute.
There are a number of things I love about Gentoo, like portage, this forum, the responsiveness of the developers to bug reports, and having access to a number of versions of packages, sometimes even the latest ones and NO RPM HELL! OK, I know rpm hell is generally an avoidable problem, I just hate that I have to avoid it is all...
I also love that I have a system custom-built to my specifications and optimized for my hardware (more or less), without the pain and agony of LFS. Did I mention that I love portage? Because of all these things I love about it, Gentoo is my choice for workstations, servers, and whatever else we can port Portage to.
So, the looming black clouds... I already see that emerge -up --deep world is telling me that I need a new baselayout. I also am hearing that the next rev of OpenSSL requires an entire system rebuild, for some odd reason. These are painful things to consider. I don't (yet) have enough infrastructure running so that I can pull a server off the line and upgrade it while the others handle the load. Someday, but for now I've only got the one. This means that while rebuilding, gcc driving the CPU to 100%, slowing down the server response to users. Not a big deal for an occasional security update in the middle of the night, but when the as-of-yet-undetected vulnerability in OpenSSL is discovered, and the only upgrade means a full system rebuild, yikes!
But, I think I will keep using Gentoo. I'm comfortable with the support from the community and the developers, and the functionality is right. It just is a good fit for me, so I'll work through the downsides. When I add that second server, my problems will grow for a time, but when the third and fourth (LVS) servers are in place, I'll be able to worry less, being able to let a server be rebuilt, rebooted, whatever, without killing my entire capacity.
A bit of a ramble, but I'd thought I'd share...
By the way, a plug for the folks at The Planet. Probably could have gotten a better deal elsewhere, but they seem to have it together over there, and they have some fat bandwidth (and Gentoo!). There is an rsync mirror in the same facility, so that is BLAZINGLY fast! Now, if they could only mirror distfiles...
I get nothing for telling you this... take it for what it's worth. |
|
Back to top |
|
|
kashani Advocate
Joined: 02 Sep 2002 Posts: 2032 Location: San Francisco
|
Posted: Sun Jun 29, 2003 8:57 am Post subject: Gentoo Servers |
|
|
I'm using Gentoo for my personal server as well as running 4 Gentoo and 40 odd Redhat servers in production right now. My job exp is mostly for ISPs and other 24x7 type shops.
Running Gentoo takes a bit of getting used to. Just like any other operating system it takes time to learn what you can get away with. I ran Gentoo for a few months before putting it into production. By then I had utterly destroyed it twice, broke the compiler once, broke perl packages by doing a full cpan update, and was on my 8th rebuild.
Lots of people mention stablity as the reason to run Debian/Red Hat/etc and point to Gentoo's latest and greatest philosophy as a downside. With Linux/OSS/GNU being the moving target it is, I was custom building half the packages I cared about to support software people wanted to run. Or recompiling packages to get support for things that weren't in the Red Hat build. Or rebuilding packages to fix problems with them. I was overjoyed by Gentoo's package system since its entire purpose was to support what I was doing on a daily basis. And I have found making custom ebuilds an order of magnitide easier than rpms.
Take something like the building a virtual MTA system. You'd end up compiling most of the software yourself to get support for everything you need built in, postfix with ssl, mysql, sasl, etc.
I've also found Gentoo easier to use for rolling out new systems. Being able to create several ebuilds with a few different combinations of patches in a short amount of time saved my ass while working on an email project invloving some interesting qmail tuning. Also I couldn't find a Red Hat RPM for qmail worth the bits it was written in.
emerge -u world, up2date, or apt-get should be run with caution and much testing. Anyone who isn't testing new software no matter the distribution sytem before it goes into production is going to have an outage. Other distros may have better tested packages than Gentoo, but that doesn't mean I'm going to blindly update to them on a production system.
About the only downside I have with Gentoo is building a system does take some time. On the other hand you can a system mostly built in an hour, kick off 3 commands before you leave, and come back to finished system in the morning.
I'd be interested in what people think other ditros do better than Gentoo in the server space. The only concrete problem I've herd people mention is the lack of security releases.
kashani _________________ Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
Back to top |
|
|
Bangz Tux's lil' helper
Joined: 23 Jan 2003 Posts: 148 Location: Brisbane/Austrralia
|
Posted: Sun Jun 29, 2003 3:56 pm Post subject: |
|
|
I would like to make a comment. I'm far from a nix expert and I also lack the expertise as working as a network admin responsible for critical system, but as a normal person looking as gentoo...
I love gentoo because of emerge. The fact dependancies are taken care of for you and everything is compiled for your system is great. This is why soo many people use it. For a desktop OS, heck, even a SOHO server it's great.
But speaking from a features side of things, why does a critical systems server which hosts all the companys database need to have such a system (emerge)? It doesn't... |
|
Back to top |
|
|
axl Veteran
Joined: 11 Oct 2002 Posts: 1146 Location: Romania
|
Posted: Mon Jun 30, 2003 1:09 am Post subject: |
|
|
to all people saying that portage can slowdown the actual work of the server... PORTAGE_NICENESS=-10
to all people saying it is not stable... u people should learn to use a computer. what about uptime of 156 days ? what about no crash ? what about no crack ? what about no breaks in the dependencies system ? what about the awesome emerge sync; emerge -u world ? ( and mind you i use ARCH ). the only times my servers are reseted is when there are problems at the electric systems or on kernel updates.
to all people saying it is not good having a compiler installed.... u people are a joke. really. it's opensource. the whole ideea of this thing is compiling stuff. why on earth should u use a precompiled binary made by somebody else. most people have no ideea what a package actually does, how it works and what it depends on. for ex php. most people have no ideea that for instance u can create flash or manipulate images using php. i saw custom cgi scripts creating huge security holes only because at that time redhat didn't had suport for that stuff. it's stupid. anyway let's say u don't have compiler installed. who says the cracker can't actually update the system and install gcc ? who says the cracker doesn't use binarys ? it is a stupid precaution that only slows the work down and the only upside is that it protects u from a variaty of very dumb crackers. with a little experience u can avoid that type of crackers. anybody heard of iptables?
i see absolutly no reason at all not to use gentoo on a real server. i use it actually on all my servers ( arround 40 ). it's rock solid. it's fun. it's fast. it's complete. the only little downside is the preparing time. it takes about 2 days to prepare a server, but this is normal. using slackware ( my previous linux choise ) took me 3 or 4 days. i used to recompile half of the packages anyway.
i use it for a huge variaty of stuff starting from web ( static and dinamic ), ftp, samba, rsync, half-life , workstations, clustes, mail, webmail and other things i can't remember. a total of gentoo's i watch over sums around 120 mashines. all work great.
--------------------------------------------------------------------------------------
to paranode:
afaik the maximum tcp open connecions ever achieved was on a AIX ( arround 40.000 if i remember right ). 1.500.000 is not phisically posible. there are only 65535 ports on a single computer. even if all the ports are multithreading like apache for instance more then 1000 parralel conections on pentium 1 would be possible even with gentoo... ) so 1.500.000 is a lot of bull...t |
|
Back to top |
|
|
cdunham Apprentice
Joined: 06 Jun 2003 Posts: 211 Location: Rhode Island
|
Posted: Mon Jun 30, 2003 2:07 am Post subject: |
|
|
axl wrote: | to all people saying that portage can slowdown the actual work of the server... PORTAGE_NICENESS=-10 |
Hey, good idea! (doh!) _________________ This post more meaningful in a scalar context. |
|
Back to top |
|
|
cdunham Apprentice
Joined: 06 Jun 2003 Posts: 211 Location: Rhode Island
|
Posted: Mon Jun 30, 2003 2:09 am Post subject: |
|
|
And you mean +10, not -10, right?
_________________ This post more meaningful in a scalar context. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|