Preface: I'm posting this here rather than in 'technical and security issues' because I am not looking for a debate about distro superiority and ins and outs of emerge vs rpm vs apt. Rather, I'm interested in technical managers/executives' thoughts on long term deployment/security strategy.

There seems to be uncomfortable trade-offs with whatever Linux distro you choose. It seems the two basic scenarios are:

Long period of guaranteed security updates, but eventually you're running mostly 5-yr-old versions of everything, which is hard to sell to customers who want latest/greatest. (example: RHEL)

Shorter period of updates (18 months) with no good upgrade method, but you've got cutting edge technology. (example: Fedora Core)

How do the big guys approach this choice? When you have hundreds or thousands of servers to manage, what tradeoffs do you consider?

I have never really had a problem with RHEL, as long as things are supported and patched as needed I would still be running RH 9 if it were supported.. I have no come across too many things which I was unable to provide due to an outdated OS.. can you maybe give us an example.

Right now I run RHEL 3 and I will probably stick with it until it gets close to EOL or I get new servers running RHEL 4

I use Fedora with yum. Sometimes, I use SRPMs to recompile things such as postfix.

Since I haven't got as far as a Control Panel, I don't have a lot of customers yet either. So, it's not a big problem.

Best Regards,
Jason

I am running a 3 year scenario and replace all hardware and software (if needed) every 3 years. That gives me enough time for planning, setup and implementation and also allows proper budgeting.

Christoph

Have you ever heard about OS migrations? I imagine, its not very hard... and for techs. distro isnt headache. Suppose it doesnt matter its RH or Fedora untill its updated/pached/configured.

Example for OKI-Paul: what versions of PHP and MySQL are current on RHEL-3 ?

WHRKit: What distro is giving you 3-years of updates?

e-view: OS migrations... yes indeed. They're a tremendous pain, involving potential extended downtime for your customers when their custom code won't run on the new OS. In 2003 we forklifted dozens of servers from RH7 to RH9 -- now we're up against the same sort of task, despite having purchased an extra year of RH9 upgrades from Progeny.

Ahh, the joys of running FreeBSD :)