Do you consider Arch Linux suitable for server environment? Its rolling release model and simplicity seems to be a good thing, because once you installed it, you do not need to reinstall like the release model from other distros.
But that constant upgrading does not cause stability problems? Although it is bleeding edge, Arch Linux uses the most recent STABLE version of software.
Probably the biggest issue with Arch as a server operating system is that it's not clear where and when applications may break after an upgrade. More often than not, you have to keep up with what's going on in the wiki and on the forums before doing any sort of upgrade; with Debian and CentOS, you can well assured that any upgrades won't break any applications, since more often than not, the upgrades done on the STABLE branch will be security/bug fixes.
Although I love arch, I wouldn't use it for production environment. First of all, in a production environment you need something stable and well tested. In addition, because it's quite stripped, you need to make custom scripts or setup things manually (It's sometimes good because you know exactly what is running in your system, but very bad because it takes too much time to configure it). Besides that, because it's not widely used in production environments, in case of a problem you won't find the support that you would find if you were using Debian or Fedora (Arch community is great, but to be honest, is not as large as Debian's or Fedora's)
To summarize, I think it's great for desktop use, but not for a production environment.
Yes.
Pros:
really minimal system out of the box, great for performance especially on low-end machines/VPS. No unneeded services - compared to CentOS 7 which started several VM-related services that weren't even applicable to me as I was running on bare-metal.
up to date software and big repositories; I lost quite a bit of time with CentOS when something wasn't in the repos and I was forced to either compile it from source or install third-party RPMs/repos, and then end up in dependency hell because these third-party RPMs were conflicting with upgrades from official repos.
systemd, though other distributions (even Ubuntu) are switching to it so it's less of a pro but something to be expected from any decent distro.
network configuration tools that makes sense. No desktop-grade Networkmanager nor firewalld (looking at CentOS/RHEL).
package manager that does just what it says on the tin. The package manager won't try to "help" you by automatically configuring or starting the service you just installed (looking at Ubuntu/Debian). It's also fast, better than
yum
, and maybe a tiny bit faster thanapt-get
.installation process that doesn't force you to use any defaults and offers lots of room for customization - compare that to CentOS/RHEL which forces you to use LVM and swap, something not always needed (almost never in my case actually)
/usr/bin/python
is actually the latest Python 3, not the prehistoric Python 2.7. That's always a problem for me with most other distributions, and you can't easily change that either (at least not system-wide) as it will break many apps who rely on it.Cons:
some upgrades require manual intervention and can break. I recommend having a replica of your production environment in VMs and testing the upgrades there before rolling them out on the real servers.
no default working configurations. Bad for people who just want to run apt-get and install their default insecure LAMP stack to deploy their crappy vulnerable PHP app and pollute the internet. Of course, that's actually an advantage for serious people as it forces you to review the config files before starting the service.
no SELinux support. There is GRSecurity and its RBAC, but you'll need some time to get used to it and fine-tune it.
I would disagree on the fact that you get less support. Sure, that's true. Is that a disadvantage ? No in my opinion. There's very little in Arch that could break and will require support from someone familiar with Arch. Usually if you need support you'll need it for a particular software, in which case you'd ask its developers and the fact that you're running Arch becomes irrelevant.
For me, using Arch is way easier and less time-consuming than using CentOS and its Networkmanager, firewalld and other unneeded services (they can be disabled, but that's already wasted time). Plus, I know every single service that runs on the system because I would've installed it, no sneaky software that nags me about a bug and wants to phone home even though I just installed the system.
I am running several Archlinux Servers since 2013 in an production environment and it works like a charm.
Sure you have to make sure that updates are going well by running them often and to always check the archlinux page before you upgrade.
But thats it, in the end you will have much more troubles upgrading RedHat/CentOS from 6 to 7 (almost impossible) or SLES/SLED from 11 to 12 and so on.
You have constantly small updates that, from time to time, cause some action but i never had something big in the last 5 years.
And also you are always up to date, if there is a security leak in the kernel, in openssl, in the bash or whatever, you have the updates in a few hours rather than days to months.
My Server for example is fully upgraded and protected against spectre v1, spectre v2 and meltdown, i am pretty sure that only 1% of the people posting here have servers protected against all three.
Its fast, its secure, its stable(!) and you have current software which reliefs you from a lot of issues.
I can highly recommend using Archlinux on Server, only downside is that you have to know what you do. You should have installed an LFS system at least once so you understand the very basics on how a Linux distro is built and works.
The only Server System i found more rock solid than Archlinux in a Server Environment was Gentoo. There was one Gentoo System without updates for 700days and 1 hour later this system was up to date and running with the only down-time being a single reboot.
But other Systems like Debian/Ubuntu, RedHat, SUSE will just screw you up completely when there is a distro upgrade. RedHat even actively discourages you to do an distro upgrade and recommend to reinstall (according to the official documentation).
So yes, RedHat is more upgrade stable than Archlinux, but only because you dont get big upgrades. And when you get them, you are screwed.
I would always suggest one of:
CentOS. It's a free RHEL clone, meaning you get a very long support cycle (7 years), during which you can get just security fixes and minor enhancements, so keeping the system patched is very, very easy. Also, lots of "commercial" software target RHEL, so they are easier to install on CentOS. Drawbacks: I prefer apt/dpkg to yum/rpm, not easy to get bleeding edge software running on it, somewhat spartan software selection
Ubuntu LTS. Actually I still haven't used it, but it also has a long support cycle and it's Debianish
Debian testing. Debian's my favourite distro, works really well and it has a stupidly huge package selection which is very-well put together. It's somewhat more time-consuming to keep patched, but it's easier to install software (i.e. there's more stuff readily packaged).
I would suggest considering pros to using Arch Linux to one of those three and see if it's worth it.
I would say yes, with the caveat you should never just run pacman -Syu on a production server and keep diff-image backups of the system drive that can be rolled over the filesystem in case of breakage.
MUCH more usable (far less breakage webs) than Debian testing / sid. If you want cutting edge packages and a minimal install, Arch is the best distro for that but requires a lot of comfort with manual management.
The main difference of server distros is that you get security updates only, while on arch, you get major revisions of the packages too, which may break stuff.
If you want to make arch suitable for servers, all you need to do is changing your mirrors (The place where you get packages from). For example:
In the same way, if you use mirrors specifically designed for servers, where you get only minor revisions, then it would be safe to use arch on servers.