My lab network runs on Linux, and has for almost a decade now. I need to test and support a variety of technologies, and Linux is the natural choice for that kind of scenario, given that it usually has the broadest base of infrastructure-oriented applications, and the most bleeding-edge features.
This doesn't mean that I savor instability, however. Indeed, a big part of my work depends on having an environment that is stable enough to facilitate rapid deployment of test systems and services, and reproducible testing. But I also need to be able to push the bounds of specific network-wide technologies, and that requires an infrastructure that is somewhat malleable. Linux gets me the combination of reliability and features, but it's actually a pretty tough balance to strike, since many of the Linux distributions tend to be optimized for other kinds of environments.
For example, some of the production-quality Linux distributions like Red Hat Enterprise Linux and Novell's SUSE Linux Enterprise excel on the stability part, but they do so by sacrificing some cutting-edge features, and they are always behind their counterparts when it comes to new technology. On the other end of the spectrum are bare-metal distributions like Gentoo Linux and the classic Debian, both of which are great for experimenting with brand-new technologies, but they don't provide the kind of long-term stability that I need for my lab.
For the past few years, I've been running SUSE Linux 9.3, because I've found that it provides the best combination of stability and features for my needs. The base operating system is stable and well-known, and it's also fairly easy to incorporate new technology when needed. But SUSE 9.3 is getting long in the tooth at this point, and some of the newer technologies are starting to require newer kernel support models, so it's well past time to move on.
The problem for me is that I haven't been able to find anything better than SUSE 9.3 for use in my labs. Even the SUSE 10 line has always come up short when measured against the 9.3 release. For example, SUSE 10.0 introduced a new hardware-detection model which wasn't very reliable, with some hardware only being discovered on every second reboot. Meanwhile, SUSE 10.1 had serious problems with its new package management model, which made it extremely difficult to maintain a reliable system. In both cases, there was no compelling reason to upgrade away from SUSE 9.3.
In fact, I was so disappointed by SUSE 10.0 and 10.1 that I gave serious consideration to changing to another distribution entirely, but the only other release that even comes close to my needs is Red Hat's Fedora, and it is missing features that I consider essential for my environment. For example, I use the XFS filesystem for my servers, since it's at least 20% faster than Ext3, it has the best crash-recovery mechanisms that I've found, and it has rock-solid support for features like extended attributes and ACLs. But Fedora doesn't really support XFS (it can be made to work, but just barely), and there's nothing about the distribution that justifies taking a +20% performance hit in exchange. For this and other reasons, I've continued to stick with SUSE 9.3.
When openSUSE 10.2 was released in December, I approached it with a combination of hope and trepidation. However, after performing an extended amount of testing, I can conclusively state that it's the first release I've seen in several years that's worthy of succeeding SUSE 9.3 as the centerpiece of my testing network. Although there are some serious kinks that still need to be worked out with some of the components, and it's quite obvious that the release as a whole would have benefited tremendously from another month or two of developer time, most of the important features work as expected out-of-the-box, and the operating system is quite stable overall. There's also a fair amount of newer technology in the base system, so this release should be usable for another couple of years.
Hardware And Setup
For my new server, I used a Tyan S5162 motherboard with a dual-core Pentium (Presler) processor and an ICH7R SATA controller with four Seagate ST3808110AS drives. OpenSUSE 10.2 recognized the motherboard (even down to the revision level), and was able to support the processor's 64-bit extensions in SMP mode without any tweaking.
OpenSUSE is one of the first distributions to implement the new dmraid components for hardware-assist RAID cards, and while it also was able to recognize my ICH7R SATA RAID-0 and RAID-1 volumes, it was unable to create partitions on all of them (the installer got confused about the partitions, and would only create one or two of them). Furthermore, GRUB is unable to boot from a dmraid array, meaning that it is only really useful for secondary storage. All told, the dmraid support in openSUSE 10.2 is too weak to use, and it will probably be a while before it works reliably in the way that people expect.
Since I wanted to use XFS on RAID-5 for my primary storage, I chose to run the ICH7R in raw SATA mode with software-based mdraid partitions. Using the SUSE installer, I set up a RAID-1 mirror for the "/boot" partition formatted with Ext3 (system recovery capabilities are more important than performance here), a RAID-0 span for the "swap" partition, and a RAID-5 "/" (root) partition formatted with XFS for everything else. Although the installer created all this for me without difficulty, it didn't install GRUB across the RAID-1 mirror volumes correctly, and I had to manually override the boot setup to get the system working. Apart from the setup problems, the filesystem seems to be working flawlessly, with good stability and performance.
The remainder of the hardware installation process went pretty well, but not without problems. For instance, the installer correctly recognized the XGI Volari Z7 on-board video chip, but it did not have a monitor configuration for my HP L1925 LCD panel (other distributions have it, and its not a new monitor). I also installed openSUSE 10.2 on a pair of PCs with Broadcom-based wireless adapters, which openSUSE's installer claimed as supported, but it did not perform a complete installation of all the necessary files.
I also encountered the old hardware-detection problems during installation--half the time it would load a "USB-Storage" module and try to automatically discover DSL and ISDN devices during network setup, but wouldn't do any of that stuff the other half. Thankfully these problems appear to be isolated to the installer, and have not manifested in the operating system itself.
The current version of the SUSE installer seems to have a lot of problems, unfortunately. Obviously, it should be aware of the requirements for booting RAID arrays that it claims to support, such as knowing that it cannot boot from dmraid, and knowing that software RAID needs special handling by GRUB. There are other problems beyond that, too. For example, the installer has a system-recovery mode that can theoretically examine and correct a variety of filesystem problems, and while I've had good success with this module under SUSE 9.3, it appears to be completely broken under openSUSE 10.2--it could not recognize the software RAID partitions at all, which is just ridiculous considering that it was the program that had created them.
Outside the set-up process, however, the hardware system seems to work pretty well, with just a few annoyances, and there are many improvements as well. For example, the Intel Ethernet drivers in SUSE 10.1 had a nasty habit of leaving the hardware in an error state during shutdown, which in turn prevented the system from being managed with IPMI over the network, but I've had no such problems with the drivers in the 10.2 release. On the other hand, the IPMI support in 10.2 is a little weak in general--the power-down function is mapped to the user power control, so a remote power off signal will cause a logout dialog box to appear instead of putting the system into shutdown mode. Meanwhile, the IPMI plug-in for lm_sensors requires kernel features to be enabled which are not present in 10.2, so I have to use incomplete legacy sensor interfaces to monitor system health.
There are some other hardware improvements that are worth noting. For example, openSUSE 10.2 includes version 5.37 of the smartmontools package, which supports monitoring SATA hard drives directly. openSUSE 10.2 also includes version 2.04 of the nut UPS toolkit, which includes support for the Tripp-Lite SMART2200RMXL2U in my rack, which is good because Tripp-Lite's own software doesn't seem to work with this setup. Overall, hardware support is all-around better, and the few things that don't work are not show-stoppers.
Applications And System Services
On the software side, the most visible difference between openSUSE 10.2 and prior releases is the inclusion of a new menu system in KDE and Gnome. The KDE menu has received a fair amount of praise, but I run Gnome on the servers that have a GUI (fewer features translates to fewer potential problems), and I found the new Gnome menu to be rather unhelpful. The new menu uses a drop-down box to choose between "favorite applications" and "recent applications," with everything else behind a "more applications" button. I found that I was hitting the "more" button more often than not, which was taking longer than just traversing the legacy hierarchical menu, so I went back to the classic menu instead.
While I'm on the subject of the GUI, I should mention that openSUSE 10.2 ships with release candidate 2 of version 7.2.0 of the X.Org X Window System. While this isn't much of a problem for server systems that don't need fancy graphics, it has proven problematic for my desktop systems, given that there aren't many proven third-party drivers available for it yet. I have already had problems with OpenGL on my ATI graphics cards, for example, which came as a bit of a surprise since these systems worked well enough on prior releases of the SUSE 10.x line.
One other unfortunate condition in openSUSE 10.2 is that the fonts don't look as good as they did under 10.1. Whereas the previous release used the Bitstream Vera font family by default, that font isn't even included in the default installation of 10.2 (it's on the DVD but you have to manually install it). Worse, the font that is embedded into the SUSE applications and menu is jagged and unreadable, and it cannot be changed since it's embedded. This is a minor complaint, but its one of those things that you run into every time you use the system, so it grates on you.
The back-end services seem to work pretty well, and I haven't encountered any major difficulties with any deep system infrastructure yet. I was able to install and immediately use the bundled releases of OpenLDAP, ISC's DHCP server, named, Apache2, MySQL, PHP, Samba, Net-SNMP, and even Cacti, all with my pre-existing configuration files. This was a pleasant surprise, since it took a fair amount of hacking to get all this stuff working right under SUSE 9.3, and having it all just work out-of-the-box with 10.2 is very, very nice.
There does not yet appear to be any significant problems with any of these packages, although there are some minor issues here and there. For example, the version of Net-SNMP included in the release has a known bug where the amount of cache memory is not reported separately, and this causes my Cacti templates to produce misleading charts, but that's a cosmetic bug and is likely to be fixed sooner rather than later. Similarly, PHP uses the /tmp directory for its session files by default in openSUSE 10.2, although you can make it use /var/tmp/php or another directory of choice by editing the php.ini files under the /etc/php5 directory tree.
There are some nice features in some of these packages, which are particularly well-suited to my network environment. For example, I use OpenLDAP as a common data-store for many of my network services, including everything from DHCP configuration data to Samba authentication to SMTP blacklists, and most of the openSUSE packages support LDAP seamlessly (as does the operating system itself). There is also a new YAST widget for building and managing your own PKI, and it seems to work for simple stuff so far, although I haven't really pushed it yet.
PAM authentication of network-based "root" accounts now works as expected, too. My preferred setup is to limit the use of the built-in "root" account to whatever local system services actually require it, and then use an LDAP-based administrator account for any human super-user duties, but this hasn't worked with SUSE for many years due to the way that PAM requests were being processed (it has worked with every other UNIX and Linux platform I've tested). Finding out that it now works with openSUSE 10.2 is a nice treat, kind of like finding a forgotten $20 bill in your pocket.
The ZENWorks package management system seems to finally work the way we were told it would, and it might even be worth using now. It seemed pretty snappy in my limited testing, and there were none of the deadly 30-minute update problems that were rampant in SUSE 10.1. However, I've long since given up on this technology, and have been using the third-party Smart package management toolkit almost since I learned about it, so I still removed ZMD and the related components out of reflex. Somebody let me know if it's still broken.
What It's Good For
Overall, I've been very impressed with openSUSE 10.2, and have decided that it's worthy of replacing my SUSE 9.3 systems. Considering how long I've been using that release, that's a fairly significant testament.
Hardware support seems to be pretty good, although it took some banging to get everything working, and there are still a few areas that are extremely weak (especially in the RAID setup and recovery areas). Once everything was configured to my liking, performance and stability have proven to be rock-solid on my server systems, although my desktop systems still have some problems (including a sporadic system hang on my ASUS P4C800-E desktop PC).
The critical infrastructure services that I need are all working good, even with the minor flaws and problems. For the most part, they work the way I want them to, and do so out of the box, which is a vast improvement over SUSE 9.3 which required me to recompile almost everything to get things working right. The interface has some problems that need to be resolved, but those are mostly cosmetic, and they do not affect the quality of service provided by my servers.
There also are lots of interesting new technologies that are likely to become more useful as the features are fleshed out over the next few months and years.
The system could really have benefited from another month or two of developer time, but it still manages to come across as remarkably solid for the number of features that are there. It's also quite apparent that the installer needs some serious loving if it's ever to be restored to its previous luster and glory--SUSE used to have the best installer, and while it's probably still among the best, it has fallen far.
All told, I consider openSUSE 10.2 to be a real winner for server duties in my labs. Given the number of pre-release packages that are included, this probably isn't a particularly good choice as a server platform for business-grade networks, but Novell doesn't position it as such, either (that's what their "enterprise" products are for). I don't think it's as good of a desktop release as SUSE 10.1, either, and there are better distributions for that anyway, but other people are likely to disagree with me here.
Eric A. Hall worked in almost all segments of the networking industry over the past 20 years. He managed a regional network for a multinational corporation, served as lab director for Network Computing magazine, consulted to Fortune 100 and Wall Street clients, worked for a Silicon Valley startup, and founded his own startup. He wrote hundreds of articles, two technical books, and a handful of RFCs and drafts. He currently provides technical research services for his clients.