Well supported *nix with auto update

Question

We're going to migrate some of our applications to linode.com and I would like to install a self-updating operating system.

We have pro sysadmins on call to if the sh*t his the fan but we would like to keep maintenance to a minimum.

Our technology is LAMP (MySQL + PHP) and LAPP?? (Postgres + PHP). Each box would only have one DB server installed.

As long as we're running MySQL 5+, PHP 5.2+ and Postgres 8.2+ we're happy. We have no special requirements.

We'll also have Nagios or similar installed for monitoring etc.

Edit: Thanks all for your suggestions. I was thinking really of whether a Red Hat or Ubuntu or alternative? subscription was worth it update wise.

Can one rely on auto-updates?? Would any topple the server??

Answer 1

I always recommend Debian Stable for Linode use, because it is, well, stable. It doesn't update too often, and it uses well tested versions rather than the latest broken thing. It also allows for very small installations that don't drag in a lot of cruft like X11, and it is easy to configure and maintain over an ssh session.

Answer 2

Ubuntu 10.x and higher of the Server Edition now asks if you'd like to automatically install security updates near the end of the installation process. You can also configure this post-installation by configuring/installing the apt-get package unattended-upgrades.

See the Ubuntu help documentation for further information.

Answer 3

CentOS and the others in the RedHat family have yum-updatesd service which does autoupdates. No custom scripts are needed.

You can set it up at /etc/yum/yum-updatesd.conf. The config file is pretty self-explaining. Be sure to start the service and make sure it starts at boot, chkconfig yum-updatesd on.

Answer 4

Running fully automatic updates is a recipe for a disaster. Even (especially?) if you only have one box at the colo, you should set up a local box with as near to the same config as possible -

• get this machine to notify you when updates are available,
• manually trigger the update on this canary machine,
• run an automated regression test on your app

You will have some assurance that the update will not break your production system(s).

Although I'm personally not a fan of Ubuntu on servers (because of upstart and some previous bad experiences with updates), Canonical's Landscape is a very useful tool. Fedora is probably not ideal for this type of installation - I'd suggest Suse, Centos (repackaged version of RHEL without the support package), Redhat are all well maintained distro's which can deliver what you need.

Whether you need the full support package - we can't answer that. Certainly if you are using non-open source 3rd party software then a support contract with the OS distributir is a must, but in your case, where all your software is either bespoke or bundled in the distro then it merely serves to supplement the skills available in your sysadmin team.

Answer 5

CentOS is my recommendation. Check out Debian and FreeBSD (Unix derivative, not Linux based.) as well.

Edit: I should add that I would like to ask for additional information on the auto-update feature. Should this be built in to the OS or something you can write? Adding an auto-update feature is very easy using shell and cron. Could be something as simple as the following:

#!/bin/bash

yum -y update

Then add your script to cron to run at desired time/intervals.

Answer 6

If you have pro sysadmins on standby, who will have to get the manure out of the fan, then ask them. The easier job you make for them, the less will they cost you (if they work on a per hour rate), or will be more productive.

Beside that, I would recommend any distribution with a long-time support.