posts

Linux Server and Linux Cloud support is a must and here is why

figure
Jun 15, 2022
Dmitry Chuyko

Prepare the umbrella before it rains

Linux is the most popular operating system for servers and the cloud: it is flexible, versatile, and suitable for a wide range of user cases, from cloud to embedded devices. It is also open-source, just like OpenJDK, which means you can build your custom distribution or use a ready solution without paying a dime. The large Linux community will take care of bugs, security patches, and enhancements so your OS will always be safe, updated, and stable. Or will it?

In this article, we will look into a less obvious issue related to software development — Linux support. We will find out why you should treat it the way you treat an insurance policy and how to choose a reliable Linux distribution.

  1. What can go wrong with your Linux Server or Linux Cloud distro?
    1. Licensing issues
    2. Delayed security updates and bug fixes
  2. Linux Server and Linux Cloud commercial support nuances
  3. Conclusion: unlock the bonus!

What can go wrong with your Linux Server or Linux Cloud distro?

Licensing issues

A standard Linux distribution includes the Linux kernel and additional tools, libraries, and documentation. The kernel and many software components are distributed under the ​​GNU General Public License (GPL), version 2. However, a distro may aggregate proprietary software distributed under other licensing conditions. Using licensed utilities free of charge may lead to litigations or unexpected expenses related to copyright violations. Linux community members may have no evil intention of putting proprietary software into the packages with Linux Server/Cloud distributions, but ignorance is no excuse. In the end, you will be the one to bear responsibility for utilizing licensed components in development and production.

Delayed security updates and bug fixes

Linux software is developed within a large community whose members dedicate themselves to its enhancement and enforcement. You don’t have to pay for updates because developers work voluntarily. But you are also not guaranteed to receive timely patches for the same reason. There is no responsibility imposed on a specific person. Although the community strives to preserve the max. safety of packages, it is not their primary job. A package maintained by one developer may tomorrow be transferred to another community member or left unattended.

Ideally, a Linux Server/Cloud distribution should receive regular updates so that your data is always protected. For example, a CPU release cycle of Java binaries has proved to be an excellent preventive measure against zero-day vulnerabilities and exploits.

As far as bug fixes are concerned, there is a procedure for reporting bugs found in the Linux kernel. A user has to identify a subsystem causing the issue and send a report with a detailed bug description to subsystem maintainers via Bugzilla or a subsystem mailing list, which can be found in the MAINTAINERS file. A maintainer usually takes 1 to 5 business days to react to the report. However, the response may take two weeks, depending on the circumstances.

If you have a business-critical application or the one handling sensitive data, you can’t afford to wait several weeks for a bug fix: it would be like waiting in line for an umbrella when it is pouring rain. So community editions are not always suitable for enterprise development, which leaves us with an obvious solution — commercial support.

Linux Server and Linux Cloud commercial support nuances

With the linux-kernel mailing list receiving more than a thousand reports per day, drawing attention to your particular problem may be extremely difficult. All that time, your application will be vulnerable to attacks. The solution is to protect yourself from risks by investing in dedicated support. Commercial support is like an insurance policy: a company will spend much more on recovering from cyber-attacks. The damage also includes hidden costs such as loss of customers and reputation, falling stock prices, etc. So see about protecting all software components you are using, including the runtime and operating system.

How will you benefit from high-quality Linux Server/Cloud support?

  • 24/7 or 24/5 online or phone support from engineers developing the product
  • Access to the latest patches and fixes, as well as troubleshooting tools and product documentation
  • Continuous delivery of updates
  • Prompt feedback based on SLA

Luckily, some Linux vendors offer commercial support, for instance, Red Hat Enterprise Linux (RHEL), Ubuntu, or SUSE Linux Enterprise Server. What should be taken into consideration when choosing a Linux vendor?

  • Subscription plans vary and may be quite expensive. RHEL Server with premium support costs $1,299 a year and includes 24/7 support for 1 and 2 severity cases and standard support within business hours for other issues. Advanced support for Ubuntu costs $1,500 for a physical server and $500 for a virtual one.
  • Each vendor fixes bugs by priority. For example, Red Hat has a bug tracking system for submitting defects found in Red Hat distributions, so the team works tirelessly on eliminating issues and enhancing their product. It is great for RHEL users in general but may be suboptimal for you. There is a chance you still have to wait for a while for your problem to be solved if a more severe vulnerability is calling for immediate attention.
  • What if you need Linux for the cloud? Amazon developed Amazon Linux 2 for Amazon Cloud, supported through a subscription to AWS Support. But it is not suitable for multi-cloud or hybrid cloud environments as your issues will be solved only within the scope of Amazon Cloud.
  • When choosing optimal support plans, don’t forget about important characteristics of the Linux distribution, such as size. A heavyweight distro will consume more resources and affect cloud costs. Unfortunately, the most lightweight distro, Alpine Linux, goes with community support only.

Conclusion: unlock the bonus!

Using a free Linux Server/Cloud distribution helps you to lower TCO in the short term, but goes hand-in-hand with the risks of not receiving prompt help when required.

A perfect Linux distribution for Java applications is characterized by the following:

  • It is lightweight and suitable for building microcontainers
  • It contains tools for convenient Java development
  • It is supported by a reliable vendor fully responsible for component licensing and timely fixes

It would also be better if the vendor provided unified support both for Linux and Java so that you could work with one partner. Does such a distro exist? Actually, yes! BellSoft engineers created a unique solution for your Java applications — Alpaquita Linux. It is a small Linux distro of only 2.9MB in size, with features for enhanced security and performance, security advisory, and 24/7 commercial support from engineers who develop the product.

But there is more! Alpaquita Linux is part of Alpaquita Cloud Native Platform, a tiny container with Alpaquita, Liberica JDK Lite, and Liberica Native Image Kit for developing and deploying cloud-native Java applications.

We guarantee that ACNP will take your enterprise development to a new level!

posts
Alpaquita vs Alpine: a head-to-head comparison
figure
Nov 10, 2022
Dmitry Chuyko
shorts
Critical vulnerabilities in OpenSSL 3.0
Nov 11, 2022
Sergey Chernyshev

Find out about the newest CVEs discovered in OpenSSL 3.0 and how to eliminate the risk of exploits

Subcribe to our newsletter

figure

Read the industry news, receive solutions to your problems, and find the ways to save money.