Should You Run Arch Linux on Your Servers?

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

I think the question is asked too broadly. If it's a server you want to install once and never touch again your much better off with Debian or Centos.

If it's a server your constantly pushing updates anyway your probably better off with Arch, because long term distros can become quite a pain once you need more up to date library versions than provided.

And I will never forget how I completely screwed up an old Centos box, just because I dared to install Python 3.

👍︎︎ 131 👤︎︎ u/LeolinkSpace 📅︎︎ Sep 27 2020 🗫︎ replies

I've deployed Arch in production because our customer *really* want to have the same environment as our development environment. Even though we spent ages trying to convince them that is a bad idea. (They use Windows Server exclusively prior to this)

Turns out pretty stable and secure. Haven't ran into serious issue yet. And PKGBUILD made things a lot easier.

👍︎︎ 69 👤︎︎ u/marty1885 📅︎︎ Sep 27 2020 🗫︎ replies

My opinion: no, bleeding edge should never be run on servers that are actually used for something important and can never go down, if you want minimalism use centOS

👍︎︎ 139 👤︎︎ u/TheAwesomeKoala 📅︎︎ Sep 27 2020 🗫︎ replies

Hopefully, I'm not breaking any rules with this video.
I've always thought Dave from the YT channel tutorialLinux to be really grounded in how he presents stuff on his channel, so I thought it would be alright for the sub. He's super knowledgeable in all things Linux and sysadm, and I thought this video was particularly good because, well..obvious reasons;)
Seriously though, servers running on Arch is a pretty frequent topic on the sub, and hearing someones take on the subject with an extensive background in sysadm is pretty cool.

👍︎︎ 18 👤︎︎ u/dontgive_afuck 📅︎︎ Sep 27 2020 🗫︎ replies

Thought id give my two cents, I have a cyber security background.

I think its fine and a great idea to push people into newer versions. If you are having problems with a server updating and breaking then you are the issue in that scenario not the software. Make backups check the update before you do it, really is simple stuff. Especially if you are worried about zero days (security flaws on update releases) this is easily prevented by waiting and seeing others response to the update.

Stability does not equal secure, otherwise all the capture the flags (hacking challenges) that exist around the world must be created from fake problems and unrealistic settings. When something can be broken with the simple installation of non-malicious software I feel like thats a problem thats fixed by not being lazy.

Please feel free to have a discussion with me if you agree or disagree <3

👍︎︎ 8 👤︎︎ u/DerpyDinosar 📅︎︎ Sep 27 2020 🗫︎ replies

I feel like people exaggerate the breakage a lot. I am almost a year in and haven’t had it happen a single time. Beyond such, the fixes I hear of are very simple

👍︎︎ 8 👤︎︎ u/Yoshbyte 📅︎︎ Sep 27 2020 🗫︎ replies

For production and live environments? No.

CentOS is mega stable and tested inside and out with very stable releases.

We have a number of legacy servers running Arch and Gentoo, both of which require constant fettling to make sure they are happy. Currently in the process of moving their services over to some CentOS boxes.

👍︎︎ 23 👤︎︎ u/RastaKraken 📅︎︎ Sep 27 2020 🗫︎ replies

It really depends on what you want to run on your servers. Some software projects are just not that stable at their upstream origin. Some projects do a lot of testing before they release. Others not so much. Arch doesn't run beta or rando snapshot versions (unless you AUR it up that way) but versions that are official releases from upstream. Arch can be as stable as the upstreams of the software you choose to run.

With Arch it's on you to know where the sharp edges are. Many get lucky (or unlucky) while others do their due diligence to mitigate risk. The advantage of something like RHEL/CentOS is that someone else has done a lot of this leg work for you. (It's interesting though that some of their leg work wouldn't need done if they were running newer versions. And a lot of the leg work affects basically nobody but a particular enterprise customer somewhere. They do smooth out many common cases too, however.)

It is often the case that a proper fix takes a while in upstream but a downstream distro will pick up a dirty one and carry it until the proper fix happens. This is not an area where Arch will help you with beyond it being relatively easy (compared to many other packaging schemes) to modify package builds. (Sometimes that ease is only there if you have cherry-picking and rebasing skills with git and relevant programming languages. I mean, you do have to get the patch from somewhere.)

This will set off a lot of alarm bells with those worried about security. But those same alarm bells go off for every case of "nobody uses the software this way but if they did it would be vulnerable." Did I just hand wave off most CVEs? Ahem, er, maybe?

Arch can be manageable on the server but it depends a lot on how many you have, how diverse their software set is, and how much time you have. If you have a lot of servers are largely homogeneous I can see Arch working. If not, something like RHEL/CentOS will likely save your ass without you even knowing.

If you are constantly evolving your servers, I can see arch working better. But at some point you're gong to shift to a more maintenance oriented workload and Arch will have its clocks cleaned. Yes, CentOS might have a big version bump but you can do that, finish it, and move on with your other workloads.

👍︎︎ 4 👤︎︎ u/HighStakesThumbWar 📅︎︎ Sep 27 2020 🗫︎ replies

A really good reason not to run Arch on servers is the rolling-release development cycle itself. That brings in a huge amount of uncertainty to your servers. Now it isn't really necessary that the updates would definitely break something, but that's what is more likely to be a case when using Arch than a distro based on a fixed release development cycle like CentOS/Debian/Ubuntu LTS. In the case of servers, you would probably want to set it up and forget it. That's what CentOS or Debian offers. They only receive security and critical bug fixes. This ensures they do not change and continue to serve the same way they were setup. I personally like Arch very much but I would not use it for a machine that should never fail.

👍︎︎ 15 👤︎︎ u/itsmypc 📅︎︎ Sep 27 2020 🗫︎ replies

Captions

should you run arch on your servers this is a question i've asked myself and uh over the last few months i've been migrating to arch for all the workloads over the last say 10 years that have uh kind of been left over uh from old consulting gigs from software projects that i worked on from friends and family hosting things everything basically not at my 40-hour week kind of main career job uh all of those projects have been until now on various operating systems from centos to debian to ubuntu and i finally was kind of joking around with a friend like yeah you know i love arch on my personal machines why not use it for servers everywhere and you know like the whole all the sys admins just have a little belly laugh and we move on to the next topic but that stuck with me and i was like you know screw it i'm just going to do it and in this video give me like 10 minutes and i'll talk about the pros cons experiences i had uh and few things that i would caution against or situations that i would caution against uh using arch in see inside [Music] so to understand why you would want to use arch on a server box that is serving something you have to understand why people like using arch on their desktops and laptops the reason i like using arch on my desktops and laptops it started there's a couple main reasons but it started with package availability often you are faced with a problem on ubuntu and a lot of other kind of release based distros package availability is not as incredibly vast as when you're using arch the arch community maintains bleeding edge versions of literally just about anything you can think of available through the package manager so you don't need to manually download the compile install configure stuff like you you do it all through the package manager which also means you don't need to remember everything that you manually installed so you can make sure it gets security upgrades and everything else that's a huge benefit to using arch just about anything you can think of is one pacman command away from running on your machine or at least being installed being hyperbolic here the second reason i love arch is that it is minimalist it occupies a very very narrow slot for me right between too much of a pain in the ass to install configure setup minimalist like build your own distribution stuff and between too much magical things are running and i don't even know what's going on on my own machine anymore and they're conflicting and i'm like cloud init is doing things in the cloud and conflicting with some stuff that's already running on the box that i didn't know about and i get mad and i get frustrated and i go to stand up and i'm angry and i talk to my friends about it and when you run a minimalist distribution you're just much you're getting much closer to the stuff that you've actually configured is pretty much all that's running on that box it really fills that need for me of kind of being in control reducing the surface area in terms of like attack surface for security stuff there's not that much mystery stuff happening on the machine i'm i feel like i can keep in my mind what is actually happening on that box so i actually moved just shy of 10 discrete workloads so separate projects websites services that i was running and maintaining for people in companies to discrete arch vms in amazon and in google cloud how was it uh it's been great uh having first of all having one kind of base configuration for all of my sort of free time maintenance legacy projects is wonderful but i think the benefits of this aren't just for your personal service i think you could roll out art like if i started a company tomorrow i probably would base the server images on arch unless i had a really good reason not to so aside from the package availability it's wonderful aside from the minimalism it makes me feel safe inside the third huge reason that i love arch is that it is it's a rolling distribution what that means is every time you do um pacman syu to upgrade all of your packages analogous to like an app to get upgrade on ubuntu it brings me up to the bleeding edge version of everything so the very newest version of everything the kernel the kind of like base os system utilities and all the software i have installed now that sounds like okay don't all package managers do that which is you would think that but they don't an ubuntu lts version is going to use the same kind of core libraries with just very minor updates for security and major bug fixes until you upgrade to the next version so when you go from 1804 to 2004 on ubuntu that's when kind of the base system actually gets upgraded all those core utilities aside and actually a lot of the uh optional stuff you've installed those services like mysql your php uh your python um those things are more or less static on these lts versions and a lot of companies want that that gives them a feeling of safety of stability fine but inevitably and i've been part of projects like this several times where what should be a small changeover like ubuntu 1404 to 1604 you scope a certain amount you're like hey i know that's going to be some tech debt but we'll manage it and it's always more than you think so slowly as a long-term distribution ages you're building up this invisible tech debt that you are going to have to pay off at some point one of the wonderful things about arch in a server environment is that you pay this tech debt off as it occurs and if you have any kind of reasonable image building process where you're not just like rolling things out in production willy-nilly without testing or god forbid using mutable infrastructure out in like your production environment so you're building images and then promoting them through some testing and build process out and then approving them for production if you're doing that i actually do recommend even if you're in a larger organization that you use arch now my personal projects that i'm using this for there's a max of three uh people that are working on any one of these projects and most of them have only me essentially working on them plus some sort of end customer but i still would recommend them for larger orgs like i said before if i started a company tomorrow i would definitely use arch as the base server os because again provided that you are rolling out images in a sane way you're actually fairly safe and you get to deal with each issue as it comes up for example one of the things that could happen one of the objections to this would be but dave what if i'm running my sequels some version and my devs are using some about to be deprecated like it's already causing warnings feature and if we just use pac-man to upgrade everything to the most bleeding edge version well then one day the image just won't work like the application won't work because bicycle will be like no that's deprecated and you can't use that anymore and then everything will be broken and like the sky will fall and everything will be on fire and it'll just be 20 20 forever and fine but then you go fix that right like when it comes up then you roll out a fixed image and congratulations that's one more thing you don't need to deal with in some huge like three month upgrade project where everything on the box on the base image gets upgraded so i hope that's a a bit of caution but also a bit of optimism for like it shouldn't be that big of a deal if you have reasonable processes and if you don't have those reasonable processes you got way bigger problems than what server os you're running i've had a great experience so far i love using arch on my personal systems and i highly recommend trying it starting for your personal project see how you like it and then once you're kind of comfortable with a long-lived arch box out in the world in production somewhere uh maybe some of you will make a move at a small flexible agile company to be like hey if we're looking for select standardize on a base image let's use let's try arch i think it's a cool idea let me know if you've done this before let me know what you think in the comments below obviously if you have any questions i'm happy to answer them thanks very much for watching like and subscribe etc watch me on the tick tocks and uh i'm just kidding i'm a real real sad nerd just doing doing the linuxes in the basement in my clouds and i'm not gonna take a talk and i never will be but i love you anyway peace i just recorded a 12-minute video without actually hitting record on the camera this should work a little better

Info

Channel: tutoriaLinux

Views: 10,547

Rating: 4.8526702 out of 5

Keywords: computer, how-to, Linux, tutorial, system administration, sysadmin, command-line, CLI

Id: _HKm9MzbIWQ

Channel Id: undefined

Length: 9min 14sec (554 seconds)

Published: Sat Sep 26 2020