For years I have used Ubuntu for my desktop environment and CentOS in production. Why? Ubuntu makes a great desktop distro and since CentOS is basically a copy of Red Hat, it is considered an enterprise OS.
The trouble with being an Enterprise OS is you avoid the latest updates to the OS and aggressively patch proven packages. CentOS has worked fine for me up until recently and I suspect all my future deployments will use Ubuntu. CentOS packages are lagging behind and this lag is causing pain. Here are some examples of my recent pain points.
Every 3 months on the dot I fail my PCI compliance scan with the following error.
OpenSSH 4.3 is vulnerable Severity: Critical Problem
OpenSSH is up to version 5.8 but RedHat keeps patching 4.3. It is totally secure, it has the latest patches but every 3 months I need to contact the scan company and prove that I have a patched release. Not fun.
CentOS is using gcc 4.1.2. Gcc 4.1.2 was released in 2007 and many tools are requiring newer versions to work. Most recently I tried using opscode/chef and while the site says it works with CentOS you’ll need to update the compiler to 4.2 or higher. This defeats the purpose of using Chef IMO.
I also find myself building things like git on CentOS that are part of the standard repository on Ubuntu. Sure, I can start adding random repositories to get these things but I’d rather work with an OS that has them in the default/supported repository.
I’ve talking with colleagues at several other companies over the past few weeks and several are using Ubuntu Server or are planning on getting off CentOS in the near future. A side note on Rails from my talks, there seems to be little excitement about CoffeeScript or Sass in Rails 3.1 (just learn css and js already) and folks prefer test-unit and shoulda over rspec. I totally agree with this sentiment.
This post was written by Tony Primerano