On Fri, Dec 18, 2020 at 10:14:47AM +0100, Carlos Vidal wrote:
I think one important question is WHY we use Fedora.
In my case, I started using Fedora because it had the latest stable drivers
for the newest hardware. With today's hardware performances and the
widespread use of virtualization, that is no longer an issue (or at least
not a big issue).
I still use Fedora because it has the latest stable version of most
packages and modern sysadmin tools (i.e. cockpit, dnf, systemd were all
"tested" with Fedora).
What I mean by "stable" is that Fedora is not bleeding edge (like Rawhide),
but stable enough to put in production and give it a try.
As for roles, I don't think Fedora Server can compete in the
hypervisor/hyperconvergence arena against Proxmox or Xen.
Taking all this into account, this is how I view "Fedora Server" goals:
- Provide a minimalistic server install (for instance, NetworkManager is
overkill for a server, and in many cases a hindrance).
In favor of... ? systemd-networkd might make sense I guess.
Do note that NetworkManager has gotten vastly better in recent years
(IMHO). It can run and exit after setting things up, it has a really
nice cli/tui, etc. I find it handy on servers too if you need to setup a
vpn, or the like.
- Key packages like databases, languages, Web infrastructure must be
solid
and pre-configured for high loads (things like php-fpm, nginx, Postgres,
etc.).
- Provide kernels tuned for large RAM, high storage I/O and high network
I/O.
Do note that we can urge maintainers to do things for us, but not sure
we can ship seperate kernels and packages. Generally it's better to make
the packages usefull for many use cases and easy to
tune/change/configure.
- Provide easy integration into multi-node environments, with tools
like
Ansible (we may have to favor one such tool, like we favor cockpit).
- We must keep upgrades smooth, as they are now with dnf.
- A "Security Profile" may be suitable. For instance at a minimum a nice
Firewalld+Fail2Ban configuration, then go up with Snort, Tripwire, SELinux.
In short, have a distro that can be deployed in 5min in a small VM and
start doing something useful half an hour later :-)
Yep. We have that now and we should keep pushing it forward.
Good ideas. :)
kevin