[Cialug] Upgrade questions

Josh More morej at alliancetechnologies.net
Tue Dec 20 17:46:21 CST 2005 

Wow, lots of questions today. 
 
I divide Linux distributions into two main categories:  Servers and
Workstations. 
 
For a server class system, you need stability and security.  This means
prompt 
minor-version updates but slow major-version updates.  It also means a
lengthy 
support cycle.  I recommend SUSE Linux Enterprise Server, Red Hat
Enterprise 
Server, and CentOS -- in that order. 
 
I do not recommend debian for servers, as I distrust the combine
packaging 
and configuration paradigm that is used in apt.  (I don't like it in
yast either, 
but the Novell support and consistent paradigm make up for it.) 
 
I feel that a server should have a three to four year lifetime, after
which point, 
you should build a new server, migrate the services is provides, and
repurpose 
the original hardware.  This fits within the 5 year support window of
the major 
Enterprise Linux distributions. 
 
 
For workstations, however, you need quick access to new features.  This
means 
prompt minor-version updates (security still matters!) and fast
major-version 
updates.  Support is less important.  I recommend OpenSUSE, Fedora Core,

and Ubuntu for this use.  Mandrake likely fits here too, but I've not
used it lately, 
so I will let Dave weigh in. 
 
I do not recommend Novell Linux Desktop for techies like us.  While it
is a very 
nice desktop, it is frustrating if you need rapid access to new
technologies (toys). 
 
I feel that a workstation should have around a six to nine month
lifetime, and be 
rebuilt every cycle.  This not only keeps the system fresh and clean,
but it also 
encourages people to use network-based tools and keep things off their
non-RAID 
hard drives. 
 
 
Regarding how to get from where you are to where best practice dictates,

I recommend getting a new machine and building it with a server-level 
OS.  Then, install each service you need, one at a time, documenting and

testing all the way.  (Be sure to use DNS here, no hard coded IPs!). 
Work 
up a dependency document, and shift services over one at a time, as you 
can isolate the dependencies.  It actually takes a lot less time than
you may 
think. 
 
 
Regarding where to put things, just refer to the Filesystem Hierarchy
Standard 
( http://www.pathname.com/fhs/ ).  If your distro doesn't support it,
get a 
better distro.  These days, most distros support it, although some may
need 
special modules.  I will say, though, set up your system this way: 
 
/boot 
swap 
/ 
LVM 
   /home 
   /srv 
   /var 
   /opt 
   /usr 
   . 
   . 
   . 
 
/boot and / should be standalone partitions, to ease disaster recover.  

swap should be as close to the beginning of the disk as possible. 
Everything else should be on LVM, so that you can control the sizes on 
the fly.  Especially /var. 
 
 
I hope that this helps (and doesn't start a religious war). 
 
 
 
 



-- 
-Josh More, RHCE, CISSP, NCLP 
morej at alliancetechnologies.net 
515-245-7701

>>>sthiessen at passitonservices.org 12/20/05 1:03 pm >>>
Well, I'm mostly concerned that with the pace of open source updates,
that sooner or later program A requires Dependency B which requires
Dependency C which requires OS update D which requires ...

Add to that keeping up with security updates ... Since I am not a
full-time Linux administrator, I don't want to have an old system that
is exploitable, but I am not always confident that I am informed enough
to know that I am up to date.  I have my 9.2 system autoupdating itself
from the SuSE online update, but that's as far as I have gone. 
Sometimes I feel, Well, maybe just installing a new OS every so often
is more secure.  At the same time, I risk other programs, etc breaking
because of the dependency issues.

I just wasn't sure how most people handle this kind of thing.

Thanks,

Stuart
On Dec 20, 2005, at 11:38, Dave J. Hala Jr. wrote:

>Are you having trouble getting patches? Are you having version issues?
>Are you going to have these issues in the near future? (1yr?)
>
>If not, I think that old saying goes: If it ain't broke, don't fix it
>
>
>
>On Tue, 2005-12-20 at 11:33, Stuart Thiessen wrote:
>>Hi! I wanted to ask a question that is surely a newbie question ...
>>
>>Ok, I have a server running SuSE 9.2.  I know that is an older version
>>so I was thinking maybe I should upgrade it to newer specs to avoid
>>patching issues, etc.
>>
>>My main question is this ... how do I really do upgrades of the
>>operating system without it affecting my data and configuration files
>>for different services?  Have they come up with a methodology by which
>>you can update your system well and inform you of the gotchas, or you
>>just have to read up on all the new versions and manually update each
>>program that creates a gotcha situation?
>>
>>On my particular system, I have /, /boot, /opt, /usr, /home, /var all
>>on different partitions. I am assuming if I upgraded to a newer
>>version
>>of SuSE or decided to go with a different distribution, that I could
>>just update all the other partitions but leave /home untouched, right?
>>What about httpd configurations or other server configs? I know I
>>should back them up before upgrading, but then just restore them on
>>top
>>of the upgrade or is there a better system for managing these kinds of
>>situations so that you don't have to go server by server and
>>restore/fix everything?
>>
>>Does this make sense?
>>
>>Stuart
>>
>>
>>Cialug mailing list
>>Cialug at cialug.org
>>http://cialug.org/mailman/listinfo/cialug
>--
>
>Open Source Information Systems, Inc. (OSIS)
>Dave J. Hala Jr., President <dave at osis.us>
>641.485.1606
>
>
>Cialug mailing list
>Cialug at cialug.org
>http://cialug.org/mailman/listinfo/cialug
>
>


Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20051220/a9da5f33/attachment-0001.htm

More information about the Cialug mailing list