25 Sep 2011

Rolling with Arch Linux - No Upgrade Required

I've been a staunch Ubuntu guy (more recently Debian) for years, I provide free hosting from a Debian based server and produced my Linux Integration Workshop based on the Ubuntu Desktop release, however client needs have recently pushed me to look elsewhere for my server platform.

It's basically down to online merchant security. I have a client running Ubuntu 10.04LTS in a Linode, who needs installed packages (i.e Apache, PHP etc) to be the most recent version releases in order to comply with the latest PCI-DSS scan requirements. Ubuntu 10.04, although an LTS (5 year long term service release) doesn't deliver up to date package versions from its repos, which is somewhat annoying and requires back porting from the more recent distro repos to patch (I'm not a fan of manual installs in this instance), a workaround yes but not the cleanest, and, still a 'workaround'. What I needed was a rolling distro offering the most up to date versions of all packages at every upgrade, a bit like the Mint LMDE, but server based, i.e a distribution you only ever have to install once, and once only.

After voicing my requirements I was put onto Arch Linux by a colleague in the NTI Leeds co-working space, and, after only two days of R&D I honestly can't see me ever using anything else for my base server builds, it's the business.

Light and clean Arch Linux offers i686/x86_64 network or combined installation options with a staged install process. Admittedly it's not the most user friendly installation routine and for the uninitiated may appear quite daunting after the guided hand holding of Ubuntu, however if you know your onions and apply mild diligence it's actually quite straightforward, especially of you're only laying down a CLI based server instance.

System management is via the pacman utility with 'repos' holding thousands of quality packages from core, extra and community sources. The Arch Wiki is outstanding and I've been pleasantly surprised at what's on offer, and how easy they all are to install at every stage (the ufw was one such example). Particularly nice is the BSD style DAEMON loader which offers simple 'run at boot' config by simply adding a launch DAEMON to the /etc/rc.conf file, super quick, super easy, and works flawlessly. After enabling a few mods I had a secure LAMP up and running in no time and with a symlink across to user public_html and an accompanying chmod o+x on both was serving up php pages quite happily.

As stated before, and worth reiterating, Arch Linux IS NOT Ubuntu, it IS NOT Debian, and as such does require mild tweaking to get things running slick and happy, however there's nothing deep required in doing so and in most cases it only involves manual creation of a few web folders, some permissions work and some config file adjustment from defaults, all of which, as server users, should be areas you're on top of as a matter of course anyway.

Arch Linux is available as an option from Linode, and although not a standard offering from Amazon EC2 can be launched quite happily. In fact should you wish to dabble I have an 8GB US East public instance configured for general use, just do a search for AMI number ami-978548fe (As it's only an 8GB image new users qualify for the 1 year AWS free tier if launched as a Micro). Initial login is via root using your selected .pem and you're strongly advised to create a new system account, immediately disable ssh root login and re-configure hostname + hosts accordingly.

I would also like to point you at the excellent LifeHacker Arch Linux intro which lists everything you need to get going. For LAMP and more server related How-To's, again, the excellent Arch Linux Wiki is the place.

If you would like help setting up your Linux server, of maybe fancy some free hosting? Feel free to get in touch anytime.

No comments:

Post a Comment