> I wasn't going to chime in until some real deployments have been
> I run a home network that's pretty much gentoo-only. The server
> provides DNS, DHCP, LAMP, Posfix SMTP, IMAPS (courier), TFTP (bsd),
> SAMBA, NFS.
> I am currently pursuing a career in IT and expect to bring up some
> public servers towards the end of the year. needless to say, they'll
> be running gentoo too. I don't forsee any problems.
> I want to echo Ricardo's warning -- update conservatively! He's right
> -- after a while, you know which packages you can update safely and
> which are potential problems. Staging environment is crucial for
> gentoo becasue you'll be running binaries that have never really been
> tested ... or run ... ever.
I run a home server under gentoo as well, which serves me fine as a
personal box, and I also run a public server which runs on a fairly
beefy server and hosts a few websites, including a TDI (the VW car)
forum which is insanely popular and we push about 250G/month on it
This used to be a debian system and was moved over to gentoo about 4
years ago when I had been spending lots of time with gentoo on my
desktop at home. I like gentoo, however I would exercise caution if
you're deploying on "real" systems.
The issue is the "updating conservatively" part mentioned above. As
anyone who has run a server that other people are depending on knows,
you REALLY want to update as little as possible. The less updates, the
less surprises and the less chance you'll somehow accidently break
someone's site doing a simple update late some night. Gentoo is still a
fairly moving target in this respect.
I upgrade packages maybe once a week and since I have fallen behind in
some, I'm scared as hell to upgrade. I still have apache 1.3 running,
and because it'd deprecated I can't update any of the packages that go
along with it, meaning that to upgrade to the latest apache files, I
have to upgrade EVERYTHING associated with apache with no really good
rollback plan. Apache, php, modules, mod_perl, etc. No biggie at all
if it's your home server, but that's potentially a lot of downtime (ie:
a couple of hours) as I compile, test, re-jig the config files, test
more, etc. I'm in the same boat with postfix, running a 2.0.x when 2.2
or 2.3 is available, glib, mysql (I did an upgrade where some new utf8
flags were enabled and suddenly a bunch of databases were invalid
because the encoding was different), postgres, sqlite (more that I'm not
sure what they link to that might be affected) and some other system
Now most likely nothing will happen on upgrade, but with some users who
do business and lots of mail of the server, I'd rather not take the chance
if the current setup is working fine.
Maybe I'm being overly paranoid and sensitive, but I've worked as a
sysadmin long enough to have seen (and caused) way more "oh oh" moments
when an upgrade of something did something it really wasn't supposed to.
The source nature of gentoo doesn't help here either. IE: I'm unable to
upgrade curl or net-snmp on my server as both of those link to php, and
because my php is "old" and non-upgradeable due to the deprecated apache
I still have installed, upgrading curl or net-snmp would (and has)
broken php and therefor apache and therefor I got a call late at night
wondering why things were suddenly broken.
Now here gentoo also made it (fairly) easy to rollback, as I just copied
curl-$newversion.ebuild to curl-$previousversion.ebuild (the old version
was long gone IIRC), recompiled and it all worked. This would have been
impossible with say, debian if a binary package had broken something as
there's no real way to backout to a package you don't have anymore (and
that exact thing bit me when my server was running debian and partially
why I switched *to* gentoo!).
So while you want to upgrade conservatively, you can't be too
conservative or else your current package versions will disappear from
out from under you.
> That having been said, gentoo has a nice habit of providing a really
> comfortable environment for the deployment of just about anything. And
> unlike Fedora / Redhat, Debian, and some others I've used, there aren't
> any surprises when you go to configure anything.
Another "yes and no" from me. The "no" part comes from package
re-organization by maintainers which bit users a while back with the
apache config re-org and before that something similar done to X. Not a
problem exclusive to gentoo, but still an issue if the distro is doing
major shifts here and there.
I hope no one thinks I'm slamming gentoo here. I really do like it and
have been running it and being a faithful user for years. I've just
also been a sysadmin long enough to be a bit paranoid about production
servers which have too many things being upgraded too often.
I think the secret is that if you run with gentoo you have to be
prepared to upgrade EVERYTHING fairly often, and not bit by bit if
you're uncomfortable with something it might be upgrading.
HTH, or at least maybe puts a different perspective on it for people.
And yes, I do plan to just bit the bullet and backup, upgrade everything
and then deal with any upgrade "pains" as they come. Just not sure
Alan <email@example.com> - http://arcterex.net
"Beware of computer programmers that carry screwdrivers." -- Unknown
firstname.lastname@example.org mailing list