Debian vs Gentoo for production server

[LinuXelite]

Hi,

We have few servers (RedHat Advance Server). I'm evaluating Gentoo and Debian to replace RedHat.

The server's processors are Opteron. It will be a web server and a Qmail server. 2000 users are going to use this server.

Gentoo is great and I use this distrib at home and for our internal servers. However, I'm not sure at all about it's stability for an production, entreprise server. It might be too cutting-edge and I don't trust the QA team as much as Debian or Redhat. The security is great but glsa-check does not work on AMD64.

Debian is very stable, but do not support officialy AMD64. However, the secury update system is awesome and Debian 3.1 includes many of the newest software (Apache2, MySQL 4.1...)

What would you do? Do you use Debian or Gentoo on a production server (eg. You host hundred of domains or have thousan of users

I know OpenBSD, FreeBSD are excellent choice but I prefer Linux for the kernel 2.6, ext3, dm-crypt and ReiserFS.

 

[thedaver]

Have you contemplated CentOS? It's redhat Ent. based and uses a pretty recent kernel with support for a ton of CPUs IIRC.

My opinion also is that the pre-packaged versions of qmail, particularly when integrating with vpopmail and courier, are sorely lacking in proper configuration. As a result, you'll most likely want/need to build your qmail (etc.) from source.

Also, Apache2 is still a bit frowned upon for "security" purposes.

It seems from your post that you're at a point of crossed-swords between "newest software" and "security"+"stability" and AMD64 support.

You haven't mentioned why your trying to move away from Redhat anyways....

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[Trevoke]

Well, I'm a Gentoo user, so first, a bit of fanboy-ism.
Gentoo is only as unstable as you let it be. The stable branch is very stable and I've never had issues with it (but you're talking to someone who unmasked GCC 4.*).

Debian is the stable monster. It'll be there when you die and when you come back. It's likely that God uses Debian, if he's not on a *BSD (although given the current state of the world, I sometimes wonder if he's not using ~universe in Gentoo).

In the end, I would go for Gentoo because it's the distribution I know best and I enjoy how much control I get over the userland. The only thing to remember is, "if it ain't broke, don't fix it!" ... And even though you probably should do an emerge --sync once in a while, the only real update you should do is change profile...

-Haben sie fosforos?
-No tiengo caballero, but I have un briquet.

 

[thedaver]

ACK! I misused "your" instead of "you're" in my post. I hate that, I hate that, I hate that! ARG! Where's that edit button!? Sorry, pisses me off. Don't you hate when you tweak your own pet peeve!?

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[LinuXelite]

I want to move away from RPM based distrib... so this include CentOS or Whitebox

Of course I'll never to a emerge -uD world on a production server

I agree with you... the stable branch of gentoo is "relatively" stable. But for a production box I'm not sure. The best choice would be to maintain my own portage tree so I can test everyting before updating my box, but I don't have time for that right now.

My priorities:

1- Security;
2- Stability;
3- Amd64 support and great package management (apt-get, emerge);
4- Bleeding edge software (as much as possible).

Just another point for Gentoo. They patched qmail a lot and this is very nice. They support AMD64 pretty well.

Last thing, if you check the gentoo-dev mailing list, there is a thread where 90% of gentoo developers agreed to the fact that Gentoo is NOT meant for entreprise/production server.

Well I guest Gentoo is good for production server as long as YOU KNOW WHAT YOU DO.

 

[Chacalinc]

What's about ubuntu linux? It supports AMD64 (at least as the page says)

Ubuntu is a Debian-based linux, so you have apt-get and dpkg. Quite easy to install.

Cheers.

"Avoid virus, boil your PC 1 min. before use it

 

[LinuXelite]

I don't see any advantage of using Unbutu in place of Debian on the server area.

 

[Trevoke]

Gentoo is not "meant" for Production. It's not.. It's too complicated, and you need to document it. God forbid the sysadmin should go on permanent recovery, you now have a server that no one can use because no one knows what the heck he did with it.

If you want REALLY STABLE though... Forget Opteron. buy a DEC ALPHA, quad-processor (four processors at 500Mhz with 8 megs of cache on them should perform nicely, yes?) and install Gentoo. Of course, you WILL have to test out a lot of masked packages.. But that'll be stable.

-Haben sie fosforos?
-No tiengo caballero, but I have un briquet.

 

[LinuXelite]

I don't think gentoo is "complicated". It's also well documented and the support is great.

 

[Trevoke]

You and I as Gentoo users both know that.
I'm talking about an outsider perspective.

-Haben sie fosforos?
-No tiengo caballero, but I have un briquet.

 

[thedaver]

I'm curious why the "anti-RPM" stance? Bad experience? Preference?

I only mention it since "apt-get" and "yum" have long been extended into RedHat(-like) OSs.

I guess my point is that I have started to view Debian and Redhat(-like) distributions as increasingly similar in their handling of updates.

Where I see the significant divergences are
1) Redhat handles libraries in a unique manner that often interferes with compiling from source (particularly OpenSSL and GD)
2) I'm not happy (see note above) with anybody's packages for qmail+vpopmail+mysql+courier. I've really only found that source works best.
3) Redhat is a real PITA to remove Apache2 to "downgrade" to Apache1.23.x. There are lots of dependencies wrapping mod_perl, PHP, etc.... Can speak to trying this on Debian, never needed to try.

Finally, I view your fourth preference for "bleeding edge" capabilities as pretty dubious relative to this being a "stable" server. These are mutually exclusive, potentially dangerous, and reflect a bit of feature-creep against your core requirements....

</editorial>





D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[danomac]

I am also a gentoo user. I use gentoo internally as well for servers and for testing web scripts and such.

I myself run a webserver publicly on the 'net that runs gentoo as well, and it's mysql database is currently seeing ~180 queries per second. It only has what is needed to do the webserver task, and I've tweaked it a little bit. As far as stability that I've observed with that webserver since late 2003 is that it is very stable (barring a failed hard drive and a power outage, and the odd kernel/php/apache/etc update.)

I don't know if I'd recommend it as a true production server. I had tried Debian initially on the same PC but I was having issues trying to do something (upgrade the kernel? I can't remember..) and the Debian community I interacted with didn't want to help at all. Had I had a different experience I'd probably still be using Debian today.

And yes, if something happens to the sysadmin for a gentoo machine there'll be a lot of confusion....