On Fri, Dec 18, 2020 at 10:14:47AM +0100, Carlos Vidal wrote:
I think one important question is WHY we use Fedora.
In my case, I started using Fedora because it had the latest stable drivers for the newest hardware. With today's hardware performances and the widespread use of virtualization, that is no longer an issue (or at least not a big issue).
I still use Fedora because it has the latest stable version of most packages and modern sysadmin tools (i.e. cockpit, dnf, systemd were all "tested" with Fedora).
What I mean by "stable" is that Fedora is not bleeding edge (like Rawhide), but stable enough to put in production and give it a try.
As for roles, I don't think Fedora Server can compete in the hypervisor/hyperconvergence arena against Proxmox or Xen.
Taking all this into account, this is how I view "Fedora Server" goals:
- Provide a minimalistic server install (for instance, NetworkManager is
overkill for a server, and in many cases a hindrance).
In favor of... ? systemd-networkd might make sense I guess.
Do note that NetworkManager has gotten vastly better in recent years (IMHO). It can run and exit after setting things up, it has a really nice cli/tui, etc. I find it handy on servers too if you need to setup a vpn, or the like.
- Key packages like databases, languages, Web infrastructure must be solid
and pre-configured for high loads (things like php-fpm, nginx, Postgres, etc.).
- Provide kernels tuned for large RAM, high storage I/O and high network
I/O.
Do note that we can urge maintainers to do things for us, but not sure we can ship seperate kernels and packages. Generally it's better to make the packages usefull for many use cases and easy to tune/change/configure.
- Provide easy integration into multi-node environments, with tools like
Ansible (we may have to favor one such tool, like we favor cockpit).
- We must keep upgrades smooth, as they are now with dnf.
- A "Security Profile" may be suitable. For instance at a minimum a nice
Firewalld+Fail2Ban configuration, then go up with Snort, Tripwire, SELinux.
In short, have a distro that can be deployed in 5min in a small VM and start doing something useful half an hour later :-)
Yep. We have that now and we should keep pushing it forward.
Good ideas. :)
kevin