Looking for someone to set up a new server

Bill Campbell bill at celestial.com
Tue Sep 13 14:38:10 PDT 2011


On Tue, Sep 13, 2011, Fairlight wrote:
>On Tue, Sep 13, 2011 at 02:48:52PM -0400, Boaz Bezborodko, the prominent pundit,
>witicized:
>> I can wait a bit if necessary, but I remember going with Centos 4 just 
>> as 5 was coming out.  I don't like loading a new OS into an operating 
>> system and especially not in software that hasn't be certified for it.   
>> I could be convinced to go with 5, but since our demands don't grow all 
>> that quickly servers tend to last 4 or 5 years.  I was just trying to 
>> avoid outdating the OS too early.
>
>CentOS 5 has official updates until March 31, 2014.  I'd take that over
>going to CentOS 6 straightaway.  It's part of the cost of doing business on
>linux servers and expecting stability--you sacrifice the first year or so
>of any given life-cycle.  That's just the way it's always been with even
>the best distros.
>
>I really do concur with Bill on staying with 5.x for now.
>
>Even after that point, given that SRPMs are readily available, you can
>still hold it together with duct tape and baling wire.  Grab the SRPM,
>install it, rip out the old source and patches, drop in the new vendor
>source, and build the RPM.  Often, things need to be tweaked a bit if they
>won't build, but sometimes you get lucky and nothing extra is necessary to
>make it work.  You thus get new versions with CentOS stock configs.  I've
>held both Red Hat and SuSE systems together for up to 2yrs past EOL using
>this methodology.  Not as easy as grabbing vendor updates, slightly more
>expensive depending on the package (PHP is a lot bitchier than OpenSSL,
>for instance...I know kernel developers that would rather reinstall a new
>OS than upgrade PHP this way, since PHP breaks things on a z-level point
>release [where z is in x.y.z version numbers), but I've done it with 100%
>success rates), but definitely doable.  Even without SRPMs, it's possible
>to hold a system together well past EOL (even without the stuff Bill uses),
>but it's a nice shortcut that meshes with the vendor stock specs.  You
>never know the difference, the way I go about it.

We don't worry about vendor updates for most server software,
openssh, openssl, apache, postfix, postgresql, etc. as we use
these from the OpenPKG portable package management system.  This
is a system that's completely independent of the underlying
vendor's packaging system, and works with Linux, FreeBSD, HP-UX,
etc., and I even have the critical parts running on OSR 5.0.6a.
Using these doesn't break the vendor's on-line updates or touch
vendor stuff beyond adding a few cron entries, the start/stop
scripts, and pointing the vendor's sendmail to the proper place.

Typically critical updates for the OpenPKG SRPMS are done within
24 hours of the source's updates for things like clamav, either
done by the OpenPKG team or I do them myself for packages where
I've done some customization.

Bill
-- 
INTERNET:   bill at celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186  Skype: jwccsllc (206) 855-5792

People who relieve others of their money with guns are called robbers. It
does not alter the immorality of the act when the income transfer is
carried out by government.


More information about the Filepro-list mailing list