View previous topic :: View next topic |
Author |
Message |
HydroSan l33t
Joined: 04 Mar 2004 Posts: 764 Location: The Kremlin (aka Canada)
|
Posted: Sun Jul 18, 2004 7:17 am Post subject: Who runs a full domain web-server with Gentoo? |
|
|
Judging from This Report, I was wondering how many people in the Gentoo Community run production/domain servers from Gentoo. And if so, list what your server does, or what you mainly use it for. (I'm just curious, thats all.)
Currently, my website (you can find it by clicking on the site link in my profile - nothing's on it right now since I'm redesigning it in PHP) is on a Gentoo-Hardened server running Apache2, PHP4, MySQL4, Postfix, ProFTPD, a local Rsync server, a local SAMBA server, and a bunch of other small things.)
Who here thinks Gentoo is ready for being a server, and what would the advantages or drawbacks be for large companies using Gentoo as a production server? _________________ I was a Gangster for Capitalism, by Major General Smedley Butler.
Server status: Currently down, being replaced with fresh install - 20% completed. |
|
Back to top |
|
|
Gherald2 Guru
Joined: 02 Jul 2003 Posts: 326 Location: Madison, WI USA
|
Posted: Sun Jul 18, 2004 7:26 am Post subject: |
|
|
some common sense:
If the staff knows gentoo best (i.e. they use it on their desktops) then it might be a "pretty good idea"
If the staff has an equal familiarity with something else -- say, debian -- then it's up for debate, though debian is probably more secure due to the sheer number of eyeballs on the code. That said, gentoo can be a little more customizable in some respects, so that makes it bit a more flexible and also adds a little security through obscurity to the mix.
If the staff knows other distros better, forget about gentoo. You'll be better off with what you're already familiar with, unless it happens to be extremely crappy and unsuited for production use.
Personally, I would probably run a Debian server but have Apache report it as Gentoo, to confuse people a bit and hey the possible extra Netcraft hit might benefit my fav distro _________________ Unregistered Linux User #17598363 |
|
Back to top |
|
|
kashani Advocate
Joined: 02 Sep 2002 Posts: 2032 Location: San Francisco
|
Posted: Sun Jul 18, 2004 7:59 am Post subject: |
|
|
server #1
5 instances of qmail, each running on its own dedicated drive. Capable of sending 2+ million mails in a day when customer notifications are sent out.
server #2
postfix/mysql/courier/webmail virtual mail server
server #3
nagios, RT ticketing system, postnuke based customer site, mrtg, Apache for various vhosts.
server #4
2.6/nptl mysql test bed. Just got it up adn running in less than a day even with having to track down odd hardware support.
server #5
new web cluster build for testing. Planning to use this as the temple to replace the Redhat 8.0 boxes.
Pros
1. Apache 1.3.x support that works. Probably the think that pissed me off most about Redhat 8.0.
2. New things like 2.6/nptl work pretty well. Though I waited till this week to start testing.
3. Easy to keep on top of the latest PHP or mod_ssl upgrade, both had security updates this week.
4. Getting better everyday.
Cons
1. Lack of any Gentoo reputation. Hard to get buy in from the other admins.
2. Their is quite a bit of software that expects you to have Redhat.
3. Still haven't tried to run an entire farm and maintain a prodcution image over months. Could get messy if we aren't careful.
4. php4 --> php5, mysql3 --> mysql4, apache1 --> apache2 have all had their "quirks". As Gentoo has generally made big progress with these, but there's usually a release or two that's interesting in unfun ways. Just part of Gentoo maturing, but it's annoying if you get bit by the wrong update. Generally I take the wait 1-2 months and then upgrade path.
I'm planning on moving the other 50 boxes on the network over, but we're going slow to make sure it's an improvement over what we've got.
kashani _________________ Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
Back to top |
|
|
yngwin Retired Dev
Joined: 19 Dec 2002 Posts: 4572 Location: Suzhou, China
|
Posted: Sun Jul 18, 2004 3:10 pm Post subject: |
|
|
My websites are hosted on a Gentoo server of NedLinux.nl. _________________ "Those who deny freedom to others deserve it not for themselves." - Abraham Lincoln
Free Culture | Defective by Design | EFF |
|
Back to top |
|
|
Mindstab Apprentice
Joined: 02 Jan 2003 Posts: 271 Location: Vancouver, Canada
|
Posted: Mon Jul 19, 2004 4:59 pm Post subject: |
|
|
Code: |
root@frost ~ # uname -a
Linux frost 2.4.26 #1 Fri Jun 4 14:33:18 PDT 2004 i586 Pentium 75 - 200 GenuineIntel GNU/Linux
GNU/Linux |
That box is responsible for mindstab.net and ubasti.com
It runs apache2(php4), proftpd, qmail. bind, mysql, snort, cvs server, and is my home firewall
So yeah, not bad for a pentium1 sub 200 mhz |
|
Back to top |
|
|
RedDawn Guru
Joined: 22 Sep 2003 Posts: 368 Location: Los Angeles, California
|
Posted: Mon Jul 19, 2004 6:36 pm Post subject: Re: Who runs a full domain web-server with Gentoo? |
|
|
HydroSan wrote: | Judging from This Report, I was wondering how many people in the Gentoo Community run production/domain servers from Gentoo. And if so, list what your server does, or what you mainly use it for. (I'm just curious, thats all.)
Currently, my website (you can find it by clicking on the site link in my profile - nothing's on it right now since I'm redesigning it in PHP) is on a Gentoo-Hardened server running Apache2, PHP4, MySQL4, Postfix, ProFTPD, a local Rsync server, a local SAMBA server, and a bunch of other small things.)
Who here thinks Gentoo is ready for being a server, and what would the advantages or drawbacks be for large companies using Gentoo as a production server? |
same as you... |
|
Back to top |
|
|
codergeek42 Bodhisattva
Joined: 05 Apr 2004 Posts: 5142 Location: Anaheim, CA (USA)
|
Posted: Tue Jul 20, 2004 3:12 am Post subject: |
|
|
It's not a production server, bu I run my own little private (i.e., intranet) server whic hserves basically as a 'test-bed' for the scripts and cool Apache 2/PHP 5/MySQL/PostgreSQL/vsFTPd stuff... _________________ ~~ Peter: Programmer, Mathematician, STEM & Free Software Advocate, Enlightened Agent, Transhumanist, Fedora contributor
Who am I? :: EFF & FSF |
|
Back to top |
|
|
placeholder Advocate
Joined: 07 Feb 2004 Posts: 2500
|
Posted: Tue Jul 20, 2004 3:20 am Post subject: |
|
|
I recently started running an Apache server on this computer in order to serve my ever-dying webpage. Gentoo is definitely nice for servers IMO. |
|
Back to top |
|
|
Raffi l33t
Joined: 17 Mar 2003 Posts: 731 Location: Moscow, Id.
|
Posted: Tue Jul 20, 2004 3:17 pm Post subject: |
|
|
I run our companies website on a gentoo apache/php/mysql server, it mostly serves up press releases along with specs and other documents for our products.
This server originally was running on iis and sql server, but when I took over maintenance of the server I found keeping it patched, running and updated was more than I had time for. I re-implemented the server from scratch onto a redhat machine and was able to provide better uptime and security. As an added bonus, I freed up enough time to add features for our sales department.
After using gentoo for a while, I switch our web server to gentoo in order to get the latest apache and for the ability to build a server that only does the things I need. It's not worth the effort of fighting redhat to build a server without X and a lot of other extra things not needed on a web server. |
|
Back to top |
|
|
nsahoo l33t
Joined: 17 Jul 2003 Posts: 618
|
Posted: Tue Jul 20, 2004 8:32 pm Post subject: |
|
|
i have my personal blog on it .. i know .. i know .. you didn't ask that .. but, feeling chatty now.
blog is at http://nachi.heinz.cmu.edu if you care.
it's standing up nicely .. with mysql 4, php 4, apache 2 ... b2evolution for blog .. |
|
Back to top |
|
|
Lews_Therin l33t
Joined: 03 Oct 2003 Posts: 657 Location: Banned
|
Posted: Wed Jul 21, 2004 11:39 pm Post subject: |
|
|
I run a server, that
a) Runs apache/mysql/php for a website
b) Runs exim for use as a mailserver by two Win2k servers (ugh)
c) Serves a video feed to a TV
d) Serves files via Samba
I also have a small, personal one that keeps my fvwm configuration in a samba share and gets me my comics every day |
|
Back to top |
|
|
Cheesepie Apprentice
Joined: 19 Jan 2004 Posts: 154
|
Posted: Thu Jul 22, 2004 8:48 am Post subject: |
|
|
[ content removed ]
Last edited by Cheesepie on Thu Feb 09, 2023 12:59 am; edited 1 time in total |
|
Back to top |
|
|
s0r0k n00b
Joined: 04 Jul 2004 Posts: 31
|
Posted: Thu Jul 22, 2004 9:34 am Post subject: |
|
|
I run an apache/exim/courier-imapd/ircd server with gentoo (also offering shell services for some people), although I'm propably switching it to BSD soon :/ |
|
Back to top |
|
|
Gherald2 Guru
Joined: 02 Jul 2003 Posts: 326 Location: Madison, WI USA
|
Posted: Thu Jul 22, 2004 9:50 am Post subject: |
|
|
s0r0k wrote: | I run an apache/exim/courier-imapd/ircd server with gentoo (also offering shell services for some people), although I'm propably switching it to BSD soon :/ |
that's flamebait... reasons, you must tell us reasons! _________________ Unregistered Linux User #17598363 |
|
Back to top |
|
|
s0r0k n00b
Joined: 04 Jul 2004 Posts: 31
|
Posted: Thu Jul 22, 2004 11:10 am Post subject: |
|
|
Gherald wrote: | s0r0k wrote: | I run an apache/exim/courier-imapd/ircd server with gentoo (also offering shell services for some people), although I'm propably switching it to BSD soon :/ |
that's flamebait... reasons, you must tell us reasons! |
There's been a few security vulnerabilities in the linux kernel lately which have forced me to reboot (the iptables vulnerability and the local crash bug), and I don't like rebooting. |
|
Back to top |
|
|
Gherald2 Guru
Joined: 02 Jul 2003 Posts: 326 Location: Madison, WI USA
|
Posted: Thu Jul 22, 2004 11:17 am Post subject: |
|
|
Nor does anyone who hosts a server, but in this case I think it's a fair trade for all the other conveniences Linux has to offer.
And besides, two security vulnerabilites does not make a pattern. _________________ Unregistered Linux User #17598363 |
|
Back to top |
|
|
placeholder Advocate
Joined: 07 Feb 2004 Posts: 2500
|
Posted: Thu Jul 22, 2004 11:28 am Post subject: |
|
|
Yeah, I was also going to ask before I saw that it was asked. So what are your reasons? Would that not just provide server downtime and a hassle in the end? |
|
Back to top |
|
|
s0r0k n00b
Joined: 04 Jul 2004 Posts: 31
|
Posted: Thu Jul 22, 2004 11:39 am Post subject: |
|
|
It's not only the two vulnerabilities, there has been more, but I have started considering the change since these two.
Also it's not about security only, I feel that OpenBSD would suit my needs better, it provides everything I need by default, and doesn't take as much disk space as Gentoo. My current Gentoo installation is also very cluttered because all kinds of software experiments, and that makes me feel kinda insecure.
Anyways, you don't have to start ranting on this subject, I'll do what I consider best, and I'll still be using Linux on my desktop. |
|
Back to top |
|
|
placeholder Advocate
Joined: 07 Feb 2004 Posts: 2500
|
Posted: Thu Jul 22, 2004 11:56 am Post subject: |
|
|
s0r0k wrote: | It's not only the two vulnerabilities, there has been more, but I have started considering the change since these two.
Also it's not about security only, I feel that OpenBSD would suit my needs better, it provides everything I need by default, and doesn't take as much disk space as Gentoo. My current Gentoo installation is also very cluttered because all kinds of software experiments, and that makes me feel kinda insecure.
Anyways, you don't have to start ranting on this subject, I'll do what I consider best, and I'll still be using Linux on my desktop. |
That's fine. I was just curious because I don't see where the security is worse since Apache is pretty much secure out of the box and unless there's some kernel-level exploit they can only delete your site data. Oh well though, have fun using FBSD for your server. It might be a better idea anyway. lol |
|
Back to top |
|
|
s0r0k n00b
Joined: 04 Jul 2004 Posts: 31
|
Posted: Thu Jul 22, 2004 12:02 pm Post subject: |
|
|
Pwnz3r wrote: | s0r0k wrote: | It's not only the two vulnerabilities, there has been more, but I have started considering the change since these two.
Also it's not about security only, I feel that OpenBSD would suit my needs better, it provides everything I need by default, and doesn't take as much disk space as Gentoo. My current Gentoo installation is also very cluttered because all kinds of software experiments, and that makes me feel kinda insecure.
Anyways, you don't have to start ranting on this subject, I'll do what I consider best, and I'll still be using Linux on my desktop. |
That's fine. I was just curious because I don't see where the security is worse since Apache is pretty much secure out of the box and unless there's some kernel-level exploit they can only delete your site data. Oh well though, have fun using FBSD for your server. It might be a better idea anyway. lol |
It would be OBSD. |
|
Back to top |
|
|
placeholder Advocate
Joined: 07 Feb 2004 Posts: 2500
|
Posted: Thu Jul 22, 2004 12:16 pm Post subject: |
|
|
s0r0k wrote: | Pwnz3r wrote: | s0r0k wrote: | It's not only the two vulnerabilities, there has been more, but I have started considering the change since these two.
Also it's not about security only, I feel that OpenBSD would suit my needs better, it provides everything I need by default, and doesn't take as much disk space as Gentoo. My current Gentoo installation is also very cluttered because all kinds of software experiments, and that makes me feel kinda insecure.
Anyways, you don't have to start ranting on this subject, I'll do what I consider best, and I'll still be using Linux on my desktop. |
That's fine. I was just curious because I don't see where the security is worse since Apache is pretty much secure out of the box and unless there's some kernel-level exploit they can only delete your site data. Oh well though, have fun using FBSD for your server. It might be a better idea anyway. lol |
It would be OBSD. |
I've been up for a long time. lol Didn't realize you put OpenBSD. It doesn't help that my memory sucks and that I was also talking to someone about FBSD earlier. lol |
|
Back to top |
|
|
drewmanto n00b
Joined: 29 May 2004 Posts: 26 Location: Arizona
|
Posted: Thu Jul 22, 2004 2:34 pm Post subject: |
|
|
s0r0k wrote: | Pwnz3r wrote: | s0r0k wrote: | It's not only the two vulnerabilities, there has been more, but I have started considering the change since these two.
Also it's not about security only, I feel that OpenBSD would suit my needs better, it provides everything I need by default, and doesn't take as much disk space as Gentoo. My current Gentoo installation is also very cluttered because all kinds of software experiments, and that makes me feel kinda insecure.
Anyways, you don't have to start ranting on this subject, I'll do what I consider best, and I'll still be using Linux on my desktop. |
That's fine. I was just curious because I don't see where the security is worse since Apache is pretty much secure out of the box and unless there's some kernel-level exploit they can only delete your site data. Oh well though, have fun using FBSD for your server. It might be a better idea anyway. lol |
It would be OBSD. |
It comes down to personal taste as always, i have gentoo on every desktop/laptop in the house. However i run FreeBSD and OpenBSD on every production server and firewall. I can tell you without a doubt this is just because of my personal taste. The only thing i can say is better in OBSD is PF(This is purely a personal opinion, i do not feel the need to start a netfilter/iptables VS pf war in this thread.). _________________ fvwm Iron men
Ikaro - http://fluxmod.dk/ikaro.dk/public_html/
taviso - http://dev.gentoo.org/~taviso/
Syzygy - http://desintegr.free.fr/fvwm/
Sparks - http://www.bzsparks.com/fvwm/ |
|
Back to top |
|
|
supernovus Apprentice
Joined: 13 Jul 2003 Posts: 150 Location: inside my head
|
Posted: Thu Jul 22, 2004 5:18 pm Post subject: |
|
|
I ran a production server with about 30 domains on it for a while. It had:
Kernel 2.4.xx
Apache 2 with PHP, mod_perl, and mod_webapp attached to Tomcat 4.x
MySQL 4.x
qmail
djbdns
vsftpd
and some ircd that I can't quite remember what it was.
Later when hosting things in my home became too expensive, I moved everything to a dedicated provider, and now my home server just runs:
Kernel 2.6.xx
iptables
dhcpd
But I can say I've never had any problems with using Gentoo as a server. If you want to know the scary part, the server ran for over a year in a co-location place running a heavily customized Linux-from-Scratch distro, back before I found Gentoo... My LFS was using 2.4.xx back when 2.2 was still the default on most distros... I always like to keep current _________________ Remove OTW |
|
Back to top |
|
|
mmealman Guru
Joined: 02 Nov 2002 Posts: 348 Location: Florida
|
Posted: Thu Jul 22, 2004 6:06 pm Post subject: |
|
|
There's nothing inherent in Gentoo that makes it unready as a server, Linux is always Linux and apache on Red Hat isn't any less bug prone than apache on Gentoo.
I use Gentoo on our prod servers, one runs around 150 websites, another is a virtual email system and then we have a dev server and a storage server. I've been using it in production since March 2003 and have found it to be very good for our use. It gives us the ability to heavily customize our systems and is probably one of the more agile Linux distributions around.
Before too long we'll be selling Linux server solutions for customers(file sharing, email, firewalling) and we won't be using Gentoo for that but most likely SUSE. In that situation we won't need Gentoo's flexibility and a dist like SUSE is a little easier to mass install and support.
Gentoo has a role and it does that role better than any other distribution out, but for now that role tends to be a niche market. |
|
Back to top |
|
|
TriGuN n00b
Joined: 18 Aug 2003 Posts: 71 Location: Boca Raton, FL
|
Posted: Thu Jul 22, 2004 6:29 pm Post subject: |
|
|
Server 1 (blackhawk):
- Apache2 http://neoturbine.net:8000
- ProFTPd
- PostFIX
- Courier (IMAP, POP3)
- MySQL
- bahamut-IRCd (part of the NeoturbineNET network)
- RSYNCd
- Samba
- CUPSd
- distccd
All running on a PIII 733 MHz CompaQ 5900T. _________________ -Steve Bularca-
-NeoturbineNET IRC-
http://neoturbine.net:8000/irc |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|