Which Red Hat Should Be Worn in the Enterprise? 710
weatherbug asks: "I've recently been appointed as a member of a team to help determine the direction our organization is headed with Red Hat Linux. Currently we're using multiple versions from Red Hat 6.x through Advance Server 2.1. However, now that Red Hat has effectively separated their distributions into a 'consumer' (Red Hat 8,9, etc) and 'enterprise' (Red Hat Adv. Server 2.x, etc), we
aren't sure which version we want to adopt. A Red Hat salesman recently told us that the 'consumer' version of Red Hat was mostly for hackers and hobbyists who weren't concerned about stability and wanted the most up-to-date software, while the 'enterprise' version would be more stable and have a five-year product lifetime. As a long time Linux system administrator, I feel that this is a sales tactic and that there really is no compelling reason for us to ever use the 'enterprise' version. After all, it is Linux and it is open source, and we have enough in-house talent to not need Red Hat support. Why would we ever need or care about a five-year product lifetime? Am I wrong, and if so, could you set us straight? We'd be interested to know what other large organizations have decided to do."
IMHO, you answered your own question (Score:5, Insightful)
I think its more about RPMs and patches (Score:2, Insightful)
That depends (Score:1, Insightful)
Why bother at all? (Score:5, Insightful)
Are you writing custom applications? (Score:5, Insightful)
Food for thought.
And if you don't need Red Hat's service plan... why not just run Debian -> Stable?
same situation here... (Score:3, Insightful)
Our solution?
All machines now run FreeBSD and are kept up to date with CVSup. No more corporate BS. The saved $60/yr/machine covers the cost of an admin running "make buildworld" every now and then.
Once you get BSD set up just right with your make.conf and stuff like that, it's so easy to keep up to date.
I'd recommend this (or one of the Linux distros that use similar tech like Gentoo or Debian). Red Hat has made life difficult for anybody between "hobbyist" and "enterprise"
Buy the Enterprise one... (Score:2, Insightful)
Upgrade every year? (Score:5, Insightful)
"Enterprise" servers are one's that just work and you don't have to mess with them. That is contrary to what most sysadmins like to do with systems - that is, mess with them constantly.
Consider long term planning (Score:2, Insightful)
In 5 years... (Score:5, Insightful)
To some, the extra money is well worth the insurance you get.
For what it's worth (Score:5, Insightful)
But you need to evaluate your own needs obviously.
Re:I'm more worried about... (Score:2, Insightful)
But seriously, folks. It's Linux. Either it's Open Source and companies with expertise can admin and update it themselves, or you're paying somebody else to do that for you. And why pay Red Hat big bucks unless you need their expertise? Are they going to stop chasing bugs in the consumer division because of the obvious conflict of interest with their revenue stream selling support? Red Hat can either sell one or the other (well supported expensive enterprise or cheap you're-on-your-own consumer distros) otherwise it's obvious they don't care what happens to you if you buy the latter.
It depends (Score:5, Insightful)
First remember to think in terms of the company. While you and your fellow admins might be uber-gurus you might not be with the company forever. Will they find other slashdot reading uber-gurus to replace you, or will they be left with less capable people?
Then consider what you do on your own. Do you install RPMs from RedHat, or do you "use the source"? Do you update your own kernel? What do you do if there's a security flaw or bug in a software package? Do you use the source or the RPM.
RedHat offers an attractive model for companies who don't want to depend on having "Bob the admin" around and would rather depend on the idea that "RedHat" will be around (the former usually isn't there as long as is around.)
Everyone company has a different culture and answer, those are some of the questions to consider.
Re:What My Organization Did: (Score:4, Insightful)
It's not entirely a sales tactic. (Score:5, Insightful)
Beyond that, a lot of experienced tech executives, having been burned by a lack of support in the past, are not going to chance it without a service contract like the one Enterprise offers.
The arguments for and against are like the arguments for and against buying insurance, because the support contract is a form of insurance. You will never convince me that the full coverage I pay for on my vehicle isn't worth it, because at the moment my car was stolen and totalled, I received more money back than I'd ever paid the insurance company. On the other hand, you'll never convince my girlfriend -- who drives an '83 Accord -- that anything other than the minimum liability insurance the law requires is necessary.
We're both right, because our situations are different.
Stable Software *is* worth money. (Score:3, Insightful)
This difference is especially apparent with Linux distributions. A distribution intended for desktop use will, by nessisity, include unstable software and libraries so as to allow constantly-unstable software like media players to work. On the other hand, a server distribution will run tested, stable versions of everything.
If Red Hat is actually claiming 5 year product lifetimes for their server products then it's probably worth getting them. That will allow you to not do a reinstall until your application needs a OS upgrade - instead of needing to reinstall because Red Hat no longer supports the old version.
There's more to it than just Red Hat's support... (Score:3, Insightful)
This is a management question (Score:5, Insightful)
What makes your boss feel more secure? Is your boss the kind to totally trust you and your judgement, or do they like to see some 'backup'?
Also, would you like to be totally on your own, or would you like to be able to say "Know what? I'm sick of this problem!" and call up Red Hat support? This could be helpful in shifting blame away from yourself.
Re:It depends (Score:2, Insightful)
In other words, untill the job market/econmy turns around. Drop RH. To easy to write yourself out of a job.
LFS should be a good start. Also, don't document anything! This way at minimum they have to keep you around to train your replacement.
Re:benefits (Score:5, Insightful)
You can get both from standard source on kernel.org as well. I think what the original poster is *really* asking is "What features exist in RH AS 2.1 that are truly unique and worth the money, as opposed to stuff any good linux hacker could've thrown together on his own?". Redhat would do well to answer this.
A few ways of looking at it (Score:4, Insightful)
If you are running commercial apps on the server, then have a look at what they officially support. We have two Websphere 5 servers and IBM supports Red Hat 7.3 and Suse 8.1 Pro (I may be wrong on that Suse version) on the server and Red Hat 8 for a development system. In this case, we also want support from IBM, so using AS makes sense even though Websphere works fine on Red Hat 9, Debian, etc.
The answer is really just a combination of what you're looking for. For a team of Linux experts who will update their own software, Red Hat is merely an installer. If you're going to update with RHN, then a long product lifecycle is important to keep your system secure.
It's about support (Score:4, Insightful)
Re:IMHO, you answered your own question (Score:5, Insightful)
* Do you want to recompile each package every time you want to update it, or do you want to do rpm -i?
* Do you want to backport source patches to your current version, and then install it, or do you want to do rpm -i?
* Do you want to have to watch every mailing list for possible security problems on your software, or do you just want to look in the errata section of the RedHat web site?
I think there's essentially five options:
* Continually reinstall your servers to the latest RedHat
* Buy Advanced Server
* Form a community group dedicated to keeping up with older versions of RH - making the above changes as a group
* Use a distro that already has a community group (i.e. - Debian)
* Do it all yourself
Or you could just leave your machine unpatched
Re:What My Organization Did: (Score:5, Insightful)
While I agree with this sentiment mostly, you have to realize that to the people that are paid to make these decisions (The Boss, the CIO, whatever) customizable == bad, at least as far as operating system decisions are concerned.
It's impossible to know if you'll always have the expertise to maintain all your wonderful customizations and since, if the operating system can't be made to work, everything fails, it's extremely important that your os configuration be very transparent.
Of course there are sacrifices in power, flexibility and so forth that you make when you choose this route, but to the CIO, ease of maintanence (not to mention replacability of maintenance staff) tends to trump those considerations.
Redhat realizes this and I think this is the source of their success.
Re:It depends (Score:3, Insightful)
Do you think that's unethical? Show me a company that values its employees more than its own well-being and I'll show you an administrator who values his own well-being most of all.
Re:For what it's worth (Score:3, Insightful)
Re:Which do we use? (Score:1, Insightful)
This is what it boils down to for me (Score:2, Insightful)
Re:benefits (Score:5, Insightful)
my question is then why chose red hat at all? (Score:3, Insightful)
I think red hat's strategy in having "consumer" and "commercial" versions is pretty much what you stated that they rh salesman stated. "consumer" versions can have the latest and greatest, while the "commercial" versions can be slightly older, but stable, production proven versions. In any evolving software, the more time you can let people bang on software, the more stable it will prove to be. Also, more companies will target those stable versions than they will the bleeding edge stuff, unless they are forced to through a new kernel feature.
Young and inexperienced (Score:2, Insightful)
There is value to RH ADV SRV. You yourself mentioned a few of them. Inexperienced decision makers tend to error on the side of being cheap instead just buying the right product. The end of life support is enough to tip the scales. Upgrading a out of date RH distro that has been hacked all to hell is not something you would want to do in the enterprise level numbers.
The cost of licensing ADV SRV is a very small portion of the lifetime costs.
Re:What My Organization Did: (Score:3, Insightful)
Hear, Hear!!
I've had the experience of having someone else's highly customized creations dumped in my managerial lap after the customizer bolted for greener pastures. We had to bring in someone on contract to rebuild from scratch.
Running the slickest software is all well and good, but the people who pay the bills and salaries value reliability and trust more than they value squeezing out the last n'th of performance.
DEBIAN (was: Are you writing custom applications?) (Score:5, Insightful)
It is hard to beat having security patches backported for keeping a system stable. (The other main reason I switched to Debian is that its the only distro that will install run on all the different hardware I use like PA-RISC, Alpha, Sparc{32,64}, and MIPS without jumping through any hoops).
Before anyone jumps on me with a "this other distro is even better", let me clarify that I'm posting this only to say that I think there's a better option than RedHat. In particular, other great distros like Slack and Gentoo that don't have binary package management systems (for better or worse) aren't really comparable to RedHat. Mandrake, from the few days I've used it, just seemed like a flashier and even more bloated version of RedHat.
The only downside I've found to using Debian over RedHat (or the other distros that are based on RedHat) is that some commercial apps are geared towards RedHat and only release RPMs. In particular, Compaq's Linux support software/drivers are almost exclusively in RPM format. Now 'alien' does indeed convert them to installable
And yes, it is much easier to use 'apt-get' than dealing with the RHN to get 'up2date' working.
Debian (Score:4, Insightful)
Off the shelf != stable (Score:1, Insightful)
Regardless of what you choose, you need to do a soft rollout and test it to death (excessive load, lose a disk, simulate a crash and restore) before you unleash it on the unwashed masses. Once it has been rolled out, you need to watch for security updates and apply them manually, always expecting to have to back it out a minute later because it's flawed.
The only thing that enterprise editions buy you is the ability to point a finger at someone else when something goes wrong.
Re:go with RH 9 (Score:3, Insightful)
Another tip for keeping your RPM database in good shape: don't ever use --force or --nodeps. If you do, you might as well go ahead and reinstall from scratch, it will come back and bite you later on. The RPM DB does not usually simply corrupt itself, in 90% of the cases, in my experience, it's because someone did a --force at some point, the rest is because of HW problems (sig 11's, flaky memory).
Re:Security Patches (Score:2, Insightful)
"There are at least several glaringly obvious major problems in every release."
Care to point one out? Anything in Red Hat 7.3, 8.0 or 9 will do but it must be "glaringly obvious" and "major".
I really hate it when people throw claims like this around and don't back it up with something. I hope you can.
Thanks.
Re:IMHO, you answered your own question (Score:3, Insightful)
I hate to be the one to tell you this, but lots of open source programs have both RPMs and SRPMs available from their website. No need to wait on RedHat, and you can still use RPM.
* Do you want to backport source patches to your current version, and then install it, or do you want to do rpm -i?
This statement is just untrue. I ran RedHat 7.2 long after everyone else went to 7.3 and then to 8.0. There was no "backporting" to do. If a newer version of a program came out, I just downloaded the new version and installed it.
* Do you want to have to watch every mailing list for possible security problems on your software, or do you just want to look in the errata section of the RedHat web site?
You don't have to watch every mailing list. It wouldn't hurt to be on the mailing list for the programs you use the most, though, and there are places on the web besides RedHat's site where you can find out about different programs' security problems fairly quickly.
Besides, there are a lot of commercial programs for Linux where the company that makes it will only offer support if you're running a specific version of RedHat. I think, as far as your company is concerned, having support for those (often expensive) programs is more important than getting RedHat's support, since you can do the OS support yourself, whereas you are entirely dependent on your commercial program's developers if you run into problems and the last thing you'll want to hear is "Oh, well, see, we don't support the program on that [distro | RedHat version]."
Support costs, lock-in negate Redhat's luster (Score:2, Insightful)
Still, I fear Redhat's motives. Their code and RPMs are frequently found to be full of security vulnerabilities and remote root exploits. Now they are only going to release patches for "consumer grade" versions for one year?! Sounds almost as bad as the offerings from Redmond. Redhat should offer patches for security flaws and bugs for much longer than one year.
The other thing not to loose sight of is that Redhat is charging an arm and a leg for the Advanced Server options and for support. Advanced Server seems to be somewhat proprietary (and likely to become more so.) Redhat's offering looses something that was once a positive aspect of Linux -- relative freedom from vendor lock-in. Watch out for rising prices once they have a captive audience!
Finally, and this may be the weakest point, but the fact that Linux runs on commodity hardware and has such a large community for grass-roots support contributes to its cost effectiveness. If the intent is to run high end hardware, and pay through the nose for support contracts... what's the benefit over HP-UX, Solaris, AIX? All of those are proven operating systems from companies with years of experience providing support. HP's support is the best I've ever seen.
There's a lot of freedom in sticking with the most widely deployed versions of Linux, the ones with the biggest communities behind them. Give Debian and SUSE a good long look.
Slashdot ignorance (Score:4, Insightful)
The Red Hat Advanced Server product is just what we want. It is stable, well tested and has a long support life. The cost goes towards an annual support contract which removes the fear that Linux has no backup when there's problems. Knowing that pay for, commercial software (such as Oracle) and specific hardware models are certified for this platform makes life very easy. You need to think how some of our customers who are used to Sun or Microsoft feel about using a "toy" operating system. To them, the financial costs are not the issue, having a mature, stable and supported platform on which to run their applications is all that counts.
We've standardised on Red Hat Advanced Server ES for our Linux customers, but we're still using 8.0 internally. We have enough UNIX experience to manage our own boxes, but for customers, Advanced Server is perfect.
Red Hat may not be the most hardcore distribution, but it is the most respected in the business world. That's why we are happy to use and recommend it.
Re:benefits (Score:3, Insightful)
cow manure!
Obviously you've never seen/used/pushed-to-the-limit a RH AS 2.1 in a big machine (many CPs, several GBs RAM, external storage, cluster environments). And, my guess, is that you've never gotten into serious Windows server administration past the 'use the wizard'.
Repeat after me: my home machine is not an enterprise computing system.
Please, FUD somewhere else.
Peace --
Use Debian instead (Score:1, Insightful)
Well, after a couple of weeks of studying and testing, I must say I'll never go back.
Debian simply rules.
Try it out.
Alex
Re:I'm more worried about... (Score:5, Insightful)
This is where you don't understand the differences between their "Enterprise" and "standard" editions...
First of all, microsoft doesn't chase and fix bugs, and they are not out of business. In fact, they are the most profiting company in this half of the world (probably the whole world).
Secondly, That is what RedHat means about a "5 year product life" It means that the "Enterprise" edition of their software will be supported for five years, as opposed to RedHat Linux 9.0's support which will last maybe 1.5 years if your lucky.
The point is that if you are a hobbiest, you will want the latest and greatest version of linux. And you will be forced to upgrade to the latest and greatest version if you want support (Read: patches and updates to the software). If you want support (Patches and updates) for more than a typical hobbiest needs, then you need to go with the "Enterprise" version, which will be officially supported by redhat with updates and security patches for at minimum of 5 years.
If you don't need the telephone support and just need updates and patches, I suggest bypassing redhat's services altogether and going with Debian Linux, which has simlar long term support networks in place by default.
The bottom line is that if you go with the "enterprise" version, RedHat will train and maintain a technical support staff that is capeable of troubleshooting your version of Enterprise Linux for five years. They will also release security updates to your version for five years. If you don't go enterprise, no matter what kind of support services you need, your version of Redhat will be defunct (read: no more security updates on unsupported versions) in probably less than a year. This is not good for enterprise servers that don't need to be upgraded to the latest and buggiest software every 9 months.
Re:Red Hat 7.3, with bugfixes (Score:3, Insightful)
You should be compiling stuff like Apache from source anyway, so that's no problem. But if it's a big monster system-critical package like glibc, you'll have to get the SRPM, patch it yourself, and build another RPM. It can be done, but it might take a few hours of work when all is said and done.
Of course, unofficial support might continue, by community members releasing fixed SRPMs. But do you want to count on that?
Re:What My Organization Did: (Score:3, Insightful)
I guess you were sleeping when you wrote that comment tho, so I won't hold it against you...
Re:Red Hat 7.3, with bugfixes (Score:3, Insightful)
Re:I'm more worried about... (Score:4, Insightful)
As for the workstations in the company, you can use whatever you want. The most important machines are the servers and you would want support from RH on those. The support includes bugfixes, drivers etc and for a stable environment for the next 5 years, just as if you had bought Solaris, HP-UX, AIX or any other enterprise UNIX flavour.
Re:I reccomend... (Score:2, Insightful)
Just because redhat is the most popular doesn't mean it's the best. The learning curve when switching from RH to Debian is minimal and the benefits far outweigh the "support" that redhat provides. Support shouldn't be needed if you've got a decent IT team.
Re:I'm more worried about... (Score:2, Insightful)
just to inject a little reality: Yes, MS _does_ chase and fix bugs. They have 2,500 full time developers and 2,500 full time testers devoted to that one task. I know. I used to work at MS in the windows division while windows xp was under development. Even when they create a new branch in their revision control for the next release of windows, the number of devs initially working on it is small. They don't even put the bulk of their team on the next release until a couple service packs are released to fix major stuff in the current release. If they didn't do this, they would most certainly lose a ton of business, if not all of it. Also, they aren't the most "profiting" (try profitable) company in the world. They aren't even in the most profitable industry (pharmaceuticals), and they aren't the most profitable in the software industry (http://www.worldtechtribune.com/worldtechtribune
If you don't like MS for whatever reason, that's fine --- but be rational.
Re:Support for Oracle... (Score:3, Insightful)
If you are spending the kind of cash Oracle, DB2, SAP, or other enterprise software licensing requires you might as well spend the cash required for the enterprise versions of RedHat or SuSE. You also want to be sure to run EXACTLY the version of the distribution your application vendor and hardware vendor support. When you are spending 5 or 6 figures to roll out an application it really isn't worth fucking around on something as basic as OS support.
Even if you are just using the linux box as a web server, email server, DNS server, etc. it is worth getting both the support and product lifetime the enterprise distributions provide. I've got better things to do with my time than test, certify, and deploy to multiple locations a new version of the linux distribution every 12 months. Besides at 3am I need to be sure I can get support, that my hardware is supported by my OS vendor, and that my OS is supported by my hardware vendor.
With IT staff costing roughly $40/hr each or more if you are using consultants paying for stablity and real support starts to look cheap. Add in the cost to the company of downtime and support is a bargan.
Re:Straight from the source (Score:2, Insightful)
http://freshrpms.net/
As we like to chant around here whenever our RH boxes get automagically updated, "apt-get is great, apt-get is good, apt-get is great, apt-get is good..."