Here at Conetix, we’re big fans of the Community Enterprise Operating System (CentOS) platform as it runs the majority of our web hosting infrastructure.
The version stability and long term support for security updates (thanks also due to the Red Hat release cycles) make it an excellent base platform to ensure we have both a secure and reliable system.
While nearly all of our systems have been using the release 7 (CentOS 7) variant, we’ve begun deploying newer systems to CentOS 8 now that some of the initial compatibility issues have been ironed out.
In this article, we’ll outline some of the new features rolled in and why they’re great reason to use for hosting.
Updated software management
For those used to using YUM (the package manager for Red Hat / CentOS), a new version is now available. Known as DNF (Dandified YUM), this features increase performance, increased flexibility through a far more detailed API, less memory usage and dozens of other improvements.
Nearly all of the commands are exactly the same, and you can still run as “yum” commands as it’s simply a symlink to the new “dnf” command. For example:
yum install httpd
dnf install httpdBoth of these commands call exactly the same thing, so you can use the old commands while you transition. We’ve definitely seen the speed improvement when running updates so already it’s a great bonus!
| Official Documentation: | https://dnf.readthedocs.io/en/latest/ |
OpenSSL 1.1.1
We’re lucky enough that the use of NGINX across our hosting platform allowed us to roll TLS 1.3 out last year, but the inclusion of OpenSSL 1.1.1 in CentOS 8 means all services (including Apache and outbound PHP) can now use TLS 1.3 directly as well.
This allows for greater security and therefore greater protection of data against Man in the Middle (MITM) attacks.
PHP 7.2
While we use Plesk to provide updated PHP versions (including PHP 7.4), having PHP 7.2 as the base version allows for easier compatibility with systems such as WP-CLI by default.
MariaDB 10.3
Like PHP, Conetix had always run the latest, compatible MariaDB version (10.3) on our systems but this required replacing system defaults with externally packaged ones (from MariaDB themselves).
Having this now as the distribution default removes one extra level of management and potential update risk as there’s more testing involved with the system defaults.
Updated Kernel
With CentOS-8 being based on the 4.18 Linux Kernel, this allows for all of the additional features and improvements since 3.10 (CentOS-7) to be incorporated. While some of these features have been backported for CentOS-7, having a more-up-to-date baseline allows for greater expansion in the future as well.
While the individual feature changes are too numerous to list here (a summary is available here for those really interested!), some of the key stats will give an idea on the level of change:
- 12,879 changes
- 1,668 developers
- 553,000 lines of code added
- 652,000 lines of code removed
Source: https://lwn.net/Articles/760690/
Increased support timeline
CentOS 8 will receive full updates until 2024 with security (and critical bugs) updates until 2029. Here’s a table to compare:
| Distro | Full Updates | Security Updates |
|---|---|---|
| CentOS 6 | May 2017 | November 2020 |
| CentOS 7 | August 2020 | June 2024 |
| CentOS 8 | May 2024 | May 2029 |
This means that if you install a CentOS 8 system today, you’ll be receiving security patches all way until May 2029!
Many other updates
If you’re using CentOS 8 in a non hosting environment then of course there’s hundreds of other features (including updated GUI etc) which may be applicable to you as well.
For a detailed overview of the new features and changes, please check out the Red Hat Enterprise Linux 8 Release Notes.
