Hi Sean, How are you Kurt?
Eric, good post! Oh goodie! Distro WARZ! :) The "project update" should include realistic human timeline (hands available per day, etc) and state available resources for each phase, with parts and materials, and include dependencies, such as vnc or ssh access, install VPN (recommended over VNC or ssh of course), etc. For each version of existing software you have standardized upon, including Mysql, php, python, webdav, SSL and anything you will need for systems development should be documented as your "development LAMP package", making the package list is the first step to writing a script (since you have more than one box to configure) or post install kickstart file that can be referenced in your Build Wiki, or NOTES. If you might need webmin or cfengine/puppet, this is also the time to install that great package, which will allow a great many key based server changes automated, including configuration changes, keys, and password changes. Be sure to add your list of packages to pull and your server hardening NX bit, and tcp-ip kernel optimization or, /etc/sysctl.conf recommendations, MySql chroot, and other server security like sudo for instance. Chroot Apache if you are running some insecure Php application, etc. Also, Sean, CentOs is fine, unless you expect to need regular kernel level and source binary security patches, then the $365.00 reg fee/and patches from Redhat is WELL WORTH IT! Patch management in a producted environment is absolutely as important as secure aged passwords. On Sun, Jan 31, 2010 at 11:10 PM, Kurt Granroth <kurt+plug-disc...@granroth.com> wrote: > A few details: > > Fedora = Community based "bleeding-edge" distro > begets > RedHat Enterprise Linux (RHEL) = Proprietary long-term distro > shadowed by > CentOS = Community version of RHEL long-term distro > > OpenSUSE = Community based "bleeding-edge" distro > begets > SUSE Linux Enterprise Server (SLES) = Proprietary long-term distro > shadowed by > Nothing => there is no community version of SLES > > I guess there is also: > > Ubuntu = Community based "bleeding-edge" distro > begets > Ubuntu Long Term Suport (LTS) = Community long-term distro > > I'm not aware of a proprietary "enterprise" version of Ubuntu in the > same vein as RHEL and SLES. I know that LTS is geared to compete with > them but it really "feels" more like CentOS. Maybe when Canonical > matures a bit more? > > On 1/31/10 10:21 PM, Steve Phariss wrote: >> I know that Fedora and redhat are related and how, not so sure on the >> SuSE genealogy. It is my understanding that OpenSuse is the >> "development" version of SuSE in the same way that Fedora is the >> "development" version of Redhat. My point being (as has been discussed >> in the last few messages) that since this is to be a production >> environment, the bleeding edge version is not the best choice. >> >> Steve Phariss >> >> On Sun, Jan 31, 2010 at 6:13 PM, Eric Shubert <e...@shubes.net >> <mailto:e...@shubes.net>> wrote: >> >> Steve Phariss wrote: >> > The downside to "newer bits" is that they may not be as tested. >> > Arguably, a CentOS/RHEL install will have more long term stability. >> > Newer is not always better when it comes to getting down to business. >> > OpenSuSE is the equivalent to using Fedora correct? >> >> No, Fedora is related to RedHat. Fedora is community driven and bleeding >> edge, from which RedHat is derived. CentOS is a rebranded (from sources) >> RedHat. People will commonly refer to CentOS systems as being RHEL >> (which they are for the most part). >> >> OpenSuSE uses rpms, and it too has an Enterprise version, but that's >> about all that it has in common with Fedora/RedHat/CentOS. >> >> > a test/dev >> > distribution for the main distro... >> > >> > >> > >> > Steve >> > >> >> -- >> -Eric 'shubes' >> OpenSuse is very fun, but lacks the ease of administration (package management and community support of Ubuntu.) Also, I love Suse SLES for DNS servers, SELinux -type AppArmour security level kernels, and other situations where the server is expected to be under siege! While not Linux, OpenSolaris is VERY FUN, especially running any of the BLAST add on repos. CentOs makes the best postgres cluster; web server farms (using Alan Cox's Ultra Monkey type NO-ARP networking Cluster). Of course as SysAdmin, I love RHEL especially if we have a sat update server ($$) because I like my systems patched or at least patchable. If I am building an Oracle server, I want Oracle's Linux version (Redhat). I love debian; Ubuntu LTS 8.04 --> makes a fine CMS LAMP/Email server. And of course, I also love KUbuntu for a notebook system. At FreeGeek.org we rolled our own Distro called thr Freakbox, so I can certainly appreciate the collaboration skills and hard work that goes into that project. I especially like Gentoo, however, just for the sheer similarity to Lincoln logs, letting me build the OS piece by piece. I love knoppix for NOC/build distro tool kit. I prefer Backtrack4 to most of the other security distros, because it's very well engineered. I recommend Knoppix and BT4 as pendrive installs if you spend any time in the NOC, and need to be able to get into something (including Windows servers) really quickly. Be sure you install it persistent in that USB key.' -- Skype: (623)239-3392 AT&T: (503)754-4452 http://obnosis.110mb.com/nuke/index.php http://uncyclopedia.wikia.com/wiki/Arizona --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
