What is our primary use case?
Currently, we're running our web servers on Red Hat Enterprise Linux.
How has it helped my organization?
It improves our security posture, especially around patching. It has built-in security features for risk reduction and maintaining compliance. SELinux, which is basically the default firewall provided by Red Hat, allows me to secure myself in terms of the network ports that are exposed or enabled, which reduces the risk. When you have a web server, you have a public IP, and for the public, it's easy to do a port scan on that particular public IP, but when you do implement proper security controls in terms of firewalls, you're able to enable only those ports that you need for communication. For example, for a web server, you'll enable port 443 for HTTPS and one or two extras for a particular requirement for Tomcat or something else. The setup and configuration are quite easy. OS-level patching is a big deal for us for maintaining compliance. With the enterprise subscription, you do get patches as soon as they're released by Red Hat.
It helps with portability. I can take a snapshot of my Red Hat virtual machine and restore it anywhere regardless of the virtualization platform, as long as the processor architecture stays the same. For example, if you're doing a backup and restore from a RISC-based processor, you can always restore it to any other RISC-based processor. Similarly, if you're taking a backup or a snapshot on any X86-based processor, you can restore it on the same processor architecture, regardless of the platform you're running. It could be Dell, IBM, or something else. Portability is a huge but often understated feature. It means that if a server has gone down, regardless of the issue, when I have the backup, I can get my services back online in a matter of minutes by just doing a snapshot restore from one server to another, or from one container platform to another. It enables me to have the highest levels of uptime for my applications. Of course, it's also impacted by the hardware I'm running. I'd rate it a nine out of ten in that aspect.
Standardizing our web applications with Red Hat Enterprise Linux has enabled us to take advantage of automating some of the workflows. For example, previously when I had a mixture of different distributions, if I wanted to deploy a particular setting across all of them, I had to do configurations on each distribution separately, whereas now, all my web servers are running on Red Hat, so I can create a simple YAML script and apply the same configuration across all of them.
In terms of development also, configurations have been evened, and when you're taking advantage of open-source tools, it even becomes easier. We've integrated some of the native tools, such as YAML, into our CI/CD pipelines, and it's easy for our developers to deploy the same source code across different servers. For example, if you have Application A that is clustered across three or four servers, you can easily use that one single pipeline and do the same configuration across all three clustered servers. It saves us time. We are also getting a bit of quality control because we are sure that the same configuration has been applied to all three clustered servers. It has enabled us to centralize the process of DevOps in our organization.
What is most valuable?
The first one is security. Initially, the reason for going for Red Hat was mostly around security because our web servers are normally public-facing, but now, all the other distributions have probably also caught up in terms of security settings.
Aside from security, the advantage of Red Hat as compared to the other distributions is the availability of support and patching. When you have an enterprise subscription with Red Hat, you get support and patching. If you're deploying a new product in the market and you're not sure of its compatibility with Red Hat, you can easily reach out to their support team, and they'll be able to guide you about whether they support that particular product and how far have they gone in terms of testing how Red Hat works with that particular product. For example, we were deploying a new Nginx server a few months ago, and we were not sure whether the latest version was supported by Red Hat. We had a support call and got one of the engineers into a session, who was able to take us through the level of support provided by the Red Hat operating system for the latest Nginx application. Support is very crucial in such cases. Patching is also crucial. In the case of any common vulnerability exposure that has been or can be exploited, you can rely on Red Hat to quickly patch that vulnerability.
One of the reasons for preferring Red Hat is that you can run it on X86-based hardware from Intel or AMD, or you can run it on RISC processors, such as IBM or Sun Microsystems. In terms of portability, it's supported by all the virtualization platforms out there, such as Hyper-V, VMware, and OpenShift for containers. For portability, I'd rate it a nine out of ten.
What needs improvement?
Deploying clusters on Red Hat, as well as on Oracle Linux, is a bit involving. I'd like them to simplify the setup or at least give meaningful log files to be able to see what's happening at the cluster level.
For how long have I used the solution?
It has been close to 10 years since we have been using it in our organization, but personally, I've dealt with Red Hat in production for two years.
What do I think about the stability of the solution?
It's quite stable. I haven't had any issues in terms of performance and stability with my Red Hat servers. If I have an issue, it's normally a hardware-related issue or a storage-related issue. It's rarely at the OS level.
What do I think about the scalability of the solution?
It's quite scalable. I personally haven't had any issues in terms of scaling Red Hat, be it in a virtual machine or be it through a container. I haven't had any issues in terms of scaling. I do know one limitation they have, but it applies to very few people. For example, the amount of RAM they support does not reach one terabyte. However, I've not had a use case where I needed to have one terabyte of RAM on one particular server.
We have around 20 Red Hat servers. They're distributed across Azure and on-premise. They're normally running web services. Most of the applications they run are accessed by everyone in the organization, and there are 3,000 to 5,000 users.
How are customer service and support?
So far, I've not had an incident for which I needed to take their support. I have not yet contacted Red Hat support.
Which solution did I use previously and why did I switch?
We were mainly running CentOS, but then Red Hat dropped their support for CentOS. For us, our security posture is highly important. Our major pain point was around patching. Whenever we had any vulnerable web servers exposed to the public internet, we were not able to get patching for any CVEs that were found. That's why we switched our web servers to Red Hat. Patching was Red Hat's main advantage. In terms of security features and control, such as user management and permissions, Red Hat is quite similar to other distributions. I don't see any difference in terms of other aspects. The switch wasn't because of a lack of features, but after switching to Red Hat, we are now exposed to their enterprise features or tools, such as OpenShift. So, our investment in Red Hat was because of their support and patching.
How was the initial setup?
We have deployed Red Hat on-prem on Hyper-V. We've also deployed Red Hat on-prem on VMware, and we also have Red Hat on Azure Cloud. In terms of version, we have everything from 7.2 and all the way to 7.6. We currently don't have any real deployment of version 8 or version 9.
I'm the person who does most of the deployments. The deployment is quite easy. I'd rate it an eight out of ten in terms of the ease of deployment. Deploying Red Hat would be quite easy even for a beginner system administrator because it guides you during the deployment. It asks you whether you want to use a feature or what features you want to install alongside the operating system. Do you want a file server, or do you want a web server? The installation is quite straightforward and simple.
For me, normally the complete configuration from deploying the OS and managing storage, users, and security takes less than 30 minutes. In less than 30 minutes, I'm usually up and running.
What about the implementation team?
We do everything in-house. We don't use any third-party help. Usually, I do all the deployments myself, but I also have an assistant. So, we currently have two people: me and my assistant.
It doesn't really require any maintenance. It just requires occasional patches. That's also handled by me and my assistant.
What was our ROI?
There is definitely an ROI. Automation definitely reduces the time taken to implement a particular task and the number of employees needed to do the same task. For me, it's majorly in terms of automation, uptime, and availability. The fact that Red Hat is quite portable means that whenever one of my systems goes down, I can easily just take a snapshot and get my services back online.
What's my experience with pricing, setup cost, and licensing?
Their licensing is quite okay. It isn't expensive, and it's slightly cheaper than Microsoft. Taking into account its features, its price is okay.
Support is something that serious enterprises would want to have. The advantage of running an open-source tool is that you do not have to pay for the tool in terms of licensing, but you don't have support. In certain situations, you might need support. For example, when one of your systems goes down, but you do not have the expertise internally to recover it. Depending on the industry you're working with, having downtime might not be optimal or might be costly. It might even be costlier than paying for the support or licensing of Red Hat.
Apart from support, for organizations that have some of their services exposed to the public internet, security is very important. They would want the patches for the latest common vulnerability exposures found to be affecting the particular systems they are running. So, support and security are the key features why any serious organization should choose Red Hat as opposed to an open-source tool.
Which other solutions did I evaluate?
We evaluated other options, but they were probably inadequate. We had the option of using AIX, but it wasn't portable for our use case.
What other advice do I have?
It's normally an issue of balancing the cost of support and the features that you are looking to achieve. If security is number one to any organization, Red Hat is a no-brainer. If support is a key issue, Red Hat again is a no-brainer. If you're facing any security or support issues, I'd recommend going with a distribution that has some sort of licensing tied to it.
I'd rate Red Hat Enterprise Linux an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.