On Tue, April 11, 2017 12:43 pm, Pete Biggs wrote:> >> I just read through this thread, and I must say I'm a bit worried, to >> the point that I'm asking myself: is CentOS still as reliable as it was? > > Yes. > >> This is not a rhetorical question, but a real one. On my Slackware >> servers, I'm hosting a few dozen websites, various platforms for schools >> and public libraries, some streaming stuff, webmail, etc. and these >> machines *never ever* give me any headache. Can I expect the same >> stability from CentOS 7? >> > I have a hundred or so CentOS desktops, ~10 webservers hosting many > virtual sites, an LDAP infrastructure, a couple of VM servers, a number > of large computational clusters, mail servers, mail relays, a Nextcloud > host and so on all running on CentOS of various flavours (but mostly 7 > now) and ALL of them rock solid. I don't see any of these random > reboots because of systemd, it is just not something I recognise - the > uptimes are usually in the months to years region.Years uptime, wow! What do you do when security update for kernel or glibc is released? These come as often as once every 45 days in my observation. Valeri> > Look, CentOS is a RHEL clone, RH make money out of this and they aren't > going to produce an OS that is flaky. If they did, no one would use it. > > P. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
> > Years uptime, wow! What do you do when security update for kernel or glibc > is released? These come as often as once every 45 days in my observation. >They're non-exposed hosts doing very specific things - think internal network with an air-gap to the internet. P.
On Tue, April 11, 2017 1:23 pm, Pete Biggs wrote:> >> >> Years uptime, wow! What do you do when security update for kernel or >> glibc >> is released? These come as often as once every 45 days in my >> observation. >> > They're non-exposed hosts doing very specific things - think internal > network with an air-gap to the internet.Ah, that explains. Doesn't suite me though: I do run machines in an assumption that bad guy is already inside. Saved me twice: I watched attempts of elevation of privileges (unsuccessful) before I locked regular user account that was compromised. So this doesn't suit me, alas, even for backend servers. I guess I had too "strict" teachers ;-) Thanks for clarifying! Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Similar. When user jobs can run for a couple of months you can't just do a reboot every few days. Yum makes doing updates easy, but that can bring another problem: I've seen people do "yum update" multiple times and not realise that they need to reboot. On 11/04/17 19:23, Pete Biggs wrote:> >> >> Years uptime, wow! What do you do when security update for kernel or glibc >> is released? These come as often as once every 45 days in my observation. >> > They're non-exposed hosts doing very specific things - think internal > network with an air-gap to the internet. > > P. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20170411/eb71e70f/attachment-0001.sig>