Best practices for remote Linux machines
by bheadmaster from LinuxQuestions.org on (#56X7Y)
Let's say you're developing software for some special purposes, and you're deploying it on your own machine, on a remote location (perhaps behind a firewall). You're using [GNU-slash-]Linux as your operating system. You have no physical access to the machines, but you do have a remote terminal access like SSH.
What are some best practices for managing and maintaining such machines?
In my experience, there are a lot of things that can make it pretty painful:
- upgrades on popular distributions like Ubuntu can sometimes have unpredictable consequences
- not upgrading your system leaves potential security holes and risks dependency issues if you're upgrading your developed software
- a lot of stuff happens "under the hood" which implicitly requires unrestricted network access (e.g. NTP time synchronization)
- eventual security breaches and/or system issues can reinstall, and therefore physical access
- etc. etc.
I was thinking that maybe a do-it-yourself distribution like Slackware could make the system much more stable, at the expense of not having a dime-a-dozen engineers that are comfortable with the system...
So I'm looking for other people's experience with this.
Whatever's on your mind related to the topic :)
What are some best practices for managing and maintaining such machines?
In my experience, there are a lot of things that can make it pretty painful:
- upgrades on popular distributions like Ubuntu can sometimes have unpredictable consequences
- not upgrading your system leaves potential security holes and risks dependency issues if you're upgrading your developed software
- a lot of stuff happens "under the hood" which implicitly requires unrestricted network access (e.g. NTP time synchronization)
- eventual security breaches and/or system issues can reinstall, and therefore physical access
- etc. etc.
I was thinking that maybe a do-it-yourself distribution like Slackware could make the system much more stable, at the expense of not having a dime-a-dozen engineers that are comfortable with the system...
So I'm looking for other people's experience with this.
Whatever's on your mind related to the topic :)