What’s the best linux distribution?

Lots of people ask me what’s the best Linux distro, some say what’s the best for a newbie others want to setup a home server and some others want to build a gatekeeper. So what’s the best distro to accomplish all this?

To be sincere I like OpenSuSE a lot and I use it for all my personal things and my work laptops, but I wouldn’t recommend  it for server usage, I don’t recommend any of the desktops distros (aka distribution) for that matter due to a simple issue. The  desktop distros like OpenSuSE, Fedora, Ubuntu , etc have a small support cycle. This means that if you want to have security upgrades you’ll need to be constantly updating your server install.

For usage in a server environment I like to use SLES, RedHat and CentOS. The support cycle is great (at least 5 years), the stability and endurance of the OS is great in any of them.

Once again I prefer SLES, this is due to the great tools and support they provide.However I don’t say the same about RedHat support, whenever I need them I  had to find the solution on my own.

These are the two main scopes of Linux distros out there, the desktop and server, but they aren’t the only scopes where you have Linux. For instance if you want to have a firewall, proxy, content filter, qos, and traffic shaping I would recomend the excellent Endian FW (www.endian.it).

If you want to have your linksys/asus and other router working with linux, you may use dd-wrt, would you like to have an older computer as a

media center look at Geex-Box. A hacker distribution so you can test your systems security just download BackTrack. The list can continue and you will be able to find a distribution suited to your needs. Some may need just a live cd or dvd system, other a complete server suite like SME server (that will give you the same offer as Windows small business).

To conclude I don’t think there’s a better distro, there are differences and those differences make some people like one distro over the other.

Personally I like OpenSuSE and SLES.

Cheers,

Pedro Oliveira



Software appliances – The good, the bad and the ugly

As a part of my work I have to design and plan Hardware, Systems and Software deployment, and as many of you guys know sometimes it’s not that easy. Dimensioning hardware for specific roles can be a pain, sometimes you don’t even have the software as it’s being “produced” by the development team and still you have to tell how many machines, routers, switches and all the small things the project will take.
But some other projects aren’t this difficult and you don’t need such an amount of flexibility to do them, you don’t need a custom based firewall cluster, you don’t need a web server or database cluster, you just need a simple, reliable and out of the box setup that make things work in the smallest amount of time.
When you need something like this many sys admins have an excellent way to things in a tested and production prof way (specially if they are open mined to use open source);

The Software Appliances

The appliances are really helpful  but before you start using them you need to know a few things, so lets start by the bad:

  1. Lack of flexibility
  2. Hardware choices are often hard due to  the lack of drivers/modules available

The lack of flexibility is probably the biggest problem with appliances, usually they aren’t inflexible but to master the appliance you’ll have to put a big effort on the manuals, this should’ t be a problem if you stick to a few appliances but if you use a lot of them then you’ll probably take more time to master them than to study the OS and all the applications your need (apache, samba, iptables, and so on). About hardware choices, appliances are suited to run on most hardware out there (after all they use a linux kernel, at least most of them do) but if you run cutting edge hardware you may find it hard to make it work with your appliance, specially if your appliance version as more than 6month-1year.

Let’s go to the good now:

  1. Easy installation.
  2. Fewer skills required.
  3. Dedicated support, sometimes paid, usually free from the community.
  4. Performance boost (In the cases where the appliance comes with it’s how hardware).
  5. Security.

So in conclusion appliances can be a great help, but they need extensive planning and testing before going to a production environment. Think not only about the present needs of your client but also about the future and expected ones. Bellow I’m going to write about my favorite software appliances and what are they for.

  1. dd-wrt – This is a great appliance for a bunch of Linksys, Asus, and another brand router, access point, home gateways, etc.
  2. Endian FW – Probably the appliance I use the most, you need firewall with a proxy server with content filtering? Do you need a VPN server or an antivirus scanner for your internet connection? Try this one.
  3. SME server – Do you need a windows domain server, a smtp server, pop server? Do you need to setup a small office in 2 hours? Choose SME server.

There are a lot of other appliances I’ve used since I’ve started working below a few honor mentions:

  1. GeexBox – For multimedia content displaying
  2. IPcop – Similar to endian (but endian has more features)

I’m done with appliances today, but you may wonder… what about the ugly? Well I didn’t find any that goes in this category, but the word goes well on the title 🙂 .

Cheers,

Pedro Oliveira

Linux Flexibility a plus or a minus?

Some days ago I was talking to a fellow sys admin at my company about the lack of features of a firewall appliance that we use a lot (www.efw.it), personally I like to use it a lot, it’s simple to maintain full featured, but we were talking about the lack of mail proxy details like graphs, personalized white/black list and so on.

But in the end it’s no the product that is lacking functionalities, it’s just not what we need for that specific client, and with a little work on our part we could have all that we needed on the appliance. So why take it on the firewall guys that make a great product?

What I’m trying to say is that is very difficult to suit everyone needs and a Linux/Unix sys admin is in the end a very demanding “client”, we’re used to flexibility and having all in the package. If you want’ to build a router you can have all the functionalities of a thousands of dollars equipment in a inexpensive box with a few packs of software besides the kernel and iptables, and gnu utils. you can even add a web interface by using some opensource software. All that make us too demanding when looking for a specific solution, usually we want it all.

When I did Microsoft NT support (yes there were parts of my life where I did sold my soul and used Microsoft), I relied on software that was meant to do something and just that and didn’t complain, I knew if i needed something else I needed to pay for it, and sometimes pay of the integration on my environment, pay connection licenses and so on.

With linux i’m used to grab some software on the need change it to my needs and my clients needs and we all benefit, I rely on my knowledge and know how, usually give back my work and share it with the community and specially with my company and co-workers, this way my clients don’t rely only on me and get happy, usually they get happy because prices are much better, and in the end the like to be the special kind of client that rely on highly qualified teams that are extremely demanding on the software they use… sometimes even more than they should be.

This is the beauty of flexibility on Linux. We all love it but it’s quietly changing who we are, just don’t be too picky.

Chers

Pedro Oliveira