An Abridged Guide to the Enterprise Linux Landscape
Whether you are welcoming CentOS Stream or looking for alternatives, the recent decision from the CentOS community to focus on CentOS Stream has forced a lot of technical leaders to rethink their Enterprise Linux strategy. Beneath that decision, the business landscape involving Linux has shifted and expanded since its enterprise debut in the late 90s, when IBM would invest $1 billion in its development.
Today, Linux comes in every shape and size imaginable — with the kernel running on tiny low power computers and IoT devices, mobile phones, tablets, laptops all the way up to midrange and high-power mainframe servers.
Cutting through that expansive selection to understand which Linux distributions truly align with the needs of a business can lead to more frictionless deployments and successful execution while minimizing waste in maintenance cycles and optimizing overall cost.
This abridged guide to the Enterprise Linux landscape can give businesses an overview of which flavor (or flavors) of Linux will most adequately match their use cases.
For those looking for a more comprehensive guide, be sure to check out the Decision Maker’s Guide to Enterprise Linux.
Finding the Right Linux Flavor
Committing to a flavor can introduce many concerns. Beyond managing the deployments host-by-host, administrators must also consider the ecosystem components available to support the implementation at scale.
What mechanisms will be available for automatic patching? Can you optimize bandwidth by mirroring the distributions repository? Is remote desktop a concern? What about the kernel version requirements? Linux Kernel 4 contains optimizations that lead directly to dollars saved on cloud deployments, can you take advantage of that?
Are you looking at a container strategy, thinking of deploying your apps into Kubernetes, or other multi-cloud strategies? What about options for embedded Linux
Nowadays there’s a preferred flavor of Linux for each of these concerns. A single flavor of Linux is really the Linux kernel surrounded by a curated suite of other free software. That other free software is what makes one flavor of Linux distinct from another.
For instance, the CentOS operating system uses the yum package installation management utility, while Debian uses apt. Ubuntu offers the Unity desktop GUI experience, which is distinctly different in terms of look and feel than other Linux flavors that opt for Gnome or KDE instead. It follows then that different combinations of software make for distributions that are particularly suited for various enterprise use cases.
This guide will walk you through a comparison of several of these flavors of Linux, arranged by category:
- Continuously Delivering Free Enterprise Linux
- Container Optimized Free Enterprise Linux
- Free Embedded Linux
- Cloud Managed Enterprise Linux
- Commercial Enterprise Linux
- Fixed Release Free Enterprise Linux
- Fixed Release Free Business-Class Linux
Continuously Delivering Free Enterprise Linux
In general, Linux community members will choose a piece of open source software that they want to include in their own distribution of Linux, pull the upstream source code for that software, and build and package it in a way that is compatible with the Linux distribution. This package will be tested for compatibility alongside other packages that ship with the distribution, and, when ready, it will be included in that Linux distributions software repository.
When a Linux distribution increments its minor release, (e.g.. RHEL goes from 8.3 to 8.4) that release aligns with a specific and fixed set of package versions for all of the curated software. When that Linux is upgraded, that fixed set of packages is pulled, and it is in this way that administrators can be sure the underlying software functions supporting their applications remain compatible and stable.
This release pattern is called a “fixed release” schedule, and it has served monolithic deployments well for many years. One of the distinct drawbacks of a fixed release operating system is that, by design, it is difficult for system designers who subscribe to newer build patterns such as ephemeral deployments to take advantage of the newest functionality and security concerns that have been delivered by the upstream communities who support the curated packages.
In response to that, several “rolling-release” distributions of Linux have emerged, the two most prominent being CentOS Stream and OpenSUSE Tumbleweed. Aimed at companies who plan to always be building and deploying their environments via adopted images and who have already established mature CI/CD patterns, “rolling-release” distributions let administrators and developers take advantage of semantic versioning to always be pulling the newest patched versions of the various packages they are deploying.
CentOS Stream is the release of Red Hat Enterprise Linux that builds just ahead of RHEL and contains patches and updates that would normally need to be applied manually or pulled upon the official release of the next version of RHEL. It has the same look, feel, and experience of CentOS, but points to a continuously delivered repository of packages as opposed to a fixed release repository.
OpenSUSE Tumbleweed releases the same way but is in all other ways the same as the traditional fixed deployment of OpenSUSE, called OpenSUSE Leap. The primary differences are in the package management format -- OpenSUSE opts for zypper for package management where CentOS opts for yum – and the central administration. CentOS contains a suite of modular administration utilities where OpenSUSE provides the comprehensive YaST control panel.
Choosing the Right Rolling Release Distribution
The choice really comes down to which skillsets are easiest for you to access. OpenSUSE and its enterprise counterpart SLES have been serving large enterprises well for almost as long as Red Hat Enterprise Linux has and contains a full suite of management software and tooling that will meet the needs of most enterprises, and the same can be said of CentOS.
Both communities are mature and promise longevity, and both have a reputation and documented history of providing quick responses to security vulnerabilities and other concerns.
Container-Optimized Free Enterprise Linux
Given the modularity of Linux, it can be scaled up and scaled down by adding and removing supporting packages. The Linux kernel itself can even be stripped down to its basics. One important concept in newer, microservice or 12-factor deployments is the concept of disposability. Environments are expected to be composed and decomposed automatically, and the applications running on those environments should in turn start quickly and stop gracefully. This is all so that if there is a need to elastically scale an environment, or rapidly deploy a new version of some business function, it can be done with extremely low downtime and no noticeable service interruption.
This means that the operating system needs to behave the same way, and so a container optimized Linux environment in essence is one that has been stripped down to only the basic components needed to support the lightweight application running on top of it.
Two enterprise-ready distributions of Linux that match this category are Fedora Core and Photon OS.
PhotonOS is VMWare’s foray into the container orchestration space via its Tanzu Kubernetes grid project. Tanzu is meant to give a business the ability to run familiar and traditional VMWare virtualization technology alongside newer container-driven deployments.
Fedora CoreOS is the Red Hat derivative Enterprise Linux container-optimized entrant. It contains all of the requisite tropes of a Red Hat product operating in that ecosystem, and is the preferred operating system for supporting apps running in an OpenShift environment.
Choosing the Right Container-Optimized Distribution
So, this choice comes down to which container ecosystem vendor, if any, you are ready to commit to. This choice might come from legacy, especially if the business can lean on a previous vendor relationship to secure a better deal. Both Red Hat and VMWare are very keen to retain their customers as the entire world moves to container-based multicloud deployments and are known to offer steep discounts in return for multi-year retention.
Free Embedded Linux
Embedded Linux distributions match a lot of the same concerns as container-optimized distributions, except that there’s typically a deeper focus on hardware-level compatibility and security hardening. Typically these trimmed-down variants will be running on low power hardware capable of running a subset of functions. Think Apple Watches, FitBits, and even less sophisticated devices.
When looking at the concerns an enterprise would face when choosing an embedded Linux distribution, three distributions rise to the top.
Alpine Linux is focused heavily on protecting the applications running on top of it, but also balances some of that with a focus on usability, opting for the familiar ‘apt’ package manager to software installation.
Debian, although not strictly for embedded Linux concerns, is one of the oldest and most trusted distributions of Linux, and forms the basis for many derivatives, the most famous of which is Ubuntu. Debian blends usability with flexibility, and can be configured minimally, making it suitable for an embedded environment. In fact, the popular Raspberry Pi tiny computers are typically used with a Linux flavor called Raspian, derived from Debian.
Finally, the Yocto project provides an interesting option for businesses. Rather than providing a single distribution, Yocto provides a set of utilities for generating a distribution of Linux optimized for an embedded use case. This way, businesses can crank out distributions of all shapes and sizes that fit the hardware running them.
Choosing the Right Embedded Distribution
Businesses who are very concerned about keeping proprietary software running on the embedded device safe should proceed directly to Alpine Linux. Those who want to embed, but want a wide set of potential capabilities to choose from and a more comprehensive Linux experience will find that Debian meets their needs. Finally, businesses who are planning on shipping across a range of differently sized hardware should look at Yocto, whose approach will simplify generating and managing many different images.
Cloud Managed Enterprise Linux
This is a very specific use case, so specific that the only flavor of Linux that really bears mentioning here is Amazon Linux.
Amazon Linux is the most cost-effective Linux to run in the Amazon cloud but does relegate you to the choices made by Amazon. Amazon will control things at the kernel layer and will apply optimizations that they consider to be best for running inside of their EC2 environment.
Amazon Linux was built from the Red Hat source code RPMs, like CentOS and other derivatives, back in 2010. Though Amazon Linux 2 currently aligns to RHEL 7 in terms of RPM package versioning, it has deviated substantially at this point, and many packages built for RHEL derivatives will not cleanly install on the system. At this point, Amazon Linux should be considered its own flavor and not necessarily compatible or aligned with another distribution. This means that lock-in will be unavoidable here, so if you plan to deploy on Amazon Linux, you should run your tests on it as well.
Commercial Enterprise Linux
Commercial Linux vendors will provide value-add products and services to a distribution of Linux and sell licenses of their product. This almost always includes a support and maintenance capability, and may also feature add-ons like enhanced deployment capabilities, monitoring, and other enterprise tooling.
Red Hat Enterprise Linux
Undoubtedly the most popular commercial Linux distribution is Red Hat Enterprise Linux or RHEL. Recently purchased by IBM, RHEL’s customers generate billions of dollars a year in revenue. Alongside their commercial Linux, Red Hat has also branded several other open source technologies that work together to form a business ecosystem. For instance, the Satellite 5 and Satellite 6 projects, based on the open source Spacewalk and Foreman/Katello community projects, provide the patch management and upgrade capabilities necessary to manage thousands of Linux hosts.
SUSE Linux Enterprise Server
The SUSE Linux Enterprise Server (SLES) distribution of Linux is also popular with enterprises, especially throughout EMEA. The SLES product is the commercial counterpart to the OpenSUSE Linux project. As a distribution, it focuses on a lightweight and simple user experience, backed up by a diligent focus on security, including impressive responsive times when dealing with package vulnerabilities. SUSE’s recent purchase of the Rancher container engine based on Kubernetes shows their willingness to play in the container orchestration space, positioning them well for future deployment practices.
Canonical Ubuntu Enterprise
The Canonical corporation offers an Enterprise package for the community Ubuntu Linux distribution which they call Ubuntu Enterprise. It is effectively a series of paid services such as hardware certification, approved builds (including builds of OpenStack), and general support. The distribution itself doesn’t differ between offerings, i.e. there is only one distribution of Ubuntu, which makes for convenient deployment and a low-friction entryway to their enterprise services.
CloudLinux offers an enterprise-class distribution of Linux aimed at businesses with hosting concerns, but, given that hosting is a fairly demanding responsibility for a server, it follows that the distribution can be considered stable enough to run enterprise production workloads on. Though it doesn’t have as wide of an ecosystem as products like RHEL, SUSE, and Ubuntu, it does build behind RHEL and so it will be compatible with many products in that ecosystem.
Fixed Release Free Enterprise Linux
This is the widest category of Enterprise Linux, and it’s quite likely that you are reading this article because of the recent disruption in this space. CentOS is one of the most well-known free Enterprise Linux distributions and has, up until the recent debut and shift in focus to CentOS Stream, built behind the RHEL source RPMs.
This process is just what it sounds like. Because of the terms of the GPL, RHEL is obligated to keep the source code for their modified distributions of other free software products publicly available. It does so in the form of RHEL source RPMs, which are RPM-packaged codebases that correspond to binary distributions of packages that support the distribution.
Binary Compatible RHEL Distributions
Distribution communities such as CentOS, Springdale, and Oracle Enterprise Linux will download these source packages and rebuild and repackage the software therein, and then host them in their own repositories, alongside the base distributions that they brand. In this way, binary compatibility is ensured with the parent distribution, bringing all the stability and power of RHEL to a GPL release. This is also the model for the upcoming AlmaLinux and Rocky Linux releases, both of which were created in direct response to the business community at large seeking alternatives to CentOS Stream. This compatibility is so seamless that all of these distributions can be migrated between one another without system downtime, stripping branding from one product and replacing it with branding from another.
OpenSUSE Leap is the fixed-release community edition of SUSE Linux Enterprise Server (SLES), mentioned in the section above, and it is also binary compatible with its enterprise twin. Both distributions build from the same codebase, and migration utilities can also migrate these systems in place. The products are essentially the same, but the SLES product offers a support guarantee.
Fixed Release Free Business-Class Linux
For small to mid-size enterprises who don’t need to manage thousands of hosts at scale but still need a stable and reliable distribution, the two best flavors are ClearOS and community Ubuntu.
ClearOS is offered by HPE and is based on CentOS. HPE has built a GUI-driven administration console for the OS, and advertises it as an alternative to Microsoft Windows Small Business Server.
Ubuntu community is, as mentioned above, the same distribution of Linux; an Ubuntu Enterprise and can be freely downloaded and deployed, minus the support capabilities. Ubuntu offers a lighter ecosystem of products that scales very well to a small to mid-size enterprise footprint, and also offers easy deployment of OpenStack and related technologies.
There’s no shortage of Linux to choose from for your enterprise. Diligence towards truly understanding your current and future deployment needs can guide you to the right choice for your business. Remember that the point of the operating system is to support your apps. In general, seek a solution that fully supports the deployment of your application while avoiding paying for functionality that you don’t need or capabilities that don’t strategically add value.
Various flavors, as you’ve read in this article, are built with certain themes and priorities in mind. As much as possible, then, align the priorities of your business to what you can derive as the priorities of the organization supporting the flavor. If security is top of mind, make sure that the distribution has a reputation of responding quickly to new vulnerabilities. If you’re managing a massively scaled infrastructure, make sure that ecosystem features like automated patch management are considered. Extra investment now will pay dividends throughout the full lifecycle of your deployment.
Get the Full Guide to Enterprise Linux
My colleagues at OpenLogic and I put together a 27-page report that dives in on the top distribution within the Enterprise Linux landscape. You can download the full guide to Enterprise Linux distributions, here.