For decades Red Hat has led the enterprise Linux market, but as popular as its eponymous Linux distribution might be, CentOS 7 is orders of magnitude more widely used—20 times as popular, by my back-of-the-envelope estimate. And while CentOS once masqueraded as a Red Hat Enterprise Linux (RHEL) clone, the company changed all that in late 2020 with the introduction of CentOS Stream. So far, so good, so what, right?
Wrong. Red Hat announced that CentOS 7 will be end-of-lifed in June 2024 (goodbye security patches and software updates). More recently, Red Hat announced that CentOS Stream will now be the sole repository for public RHEL-related source code releases. For enterprises doing long-term IT planning, which is almost any enterprise of reasonable size, now is the time to consider what to do post-CentOS 7.
Red Hat, of course, would like you to stick with Red Hat, and offers a straightforward way to migrate CentOS 7 instances to RHEL in the cloud, something that becomes “very difficult” if you opt for would-be clones like AlmaLinux or Rocky Linux, according to Gunnar Hellekson, a Red Hat vice president. This idea is echoed by onlookers like Dane Elwell.
Well, Red Hat would say that, right? There’s no way Red Hat can be happy about so-called “bug for bug” clones like Alma and Rocky scabbing off their efforts without contributing anything back and, worse, actually siphoning away revenue that Red Hat could otherwise invest in improving its products, including CentOS. Magnus Glantz, principal solution architect at Red Hat, says as much in a post deriding Rocky Linux and AlmaLinux for “making money off others’ hard work.”
Regardless, this isn’t about making Red Hat happy. It’s about making smart, safe IT investments. That means RHEL, not a quasi-clone.
All take, no give
Everyone wants a free lunch, it seems. Back when Red Hat announced it was moving to a stream-based approach to CentOS updates, the Hacker News crowd waxed indignant. “I and many other people used [CentOS] because it was a way to get the benefits of Red Hat without paying for it,” lamented one unhappy non-customer. Well, sure. Most people prefer to get things for free. We’d also like to have unicorns as pets. But in the real world, if you get enough people free riding on a product, that product will go away.
The editors of Admin Network & Security Magazine promoted a recent profile of Rocky Linux with this teaser: “You’ll learn why this [Rocky] Linux distro that is still less than two years old has already gained a wide audience with users around the world.” No one needs to read the article to know why Rocky and Alma have gained a following: Both purport to give their customers RHEL without paying for RHEL. Everyone likes unicorns, particularly free ones.
This is where reality starts to bite. Both Rocky and Alma promise to be free RHEL, and both might actually be good at the “Linux” part of the “Red Hat Enterprise Linux” name. The founder of Rocky Linux, for example, was one of the creators of CentOS. Clearly he knows Linux and how to follow in the wake of an established project.
This ability to follow, however, is not really what enterprises need. Enterprises want their infrastructure to be safe, solid, and predictable. In other words, boring. “Boring” begins with the operating system, and the OS of choice for many enterprises is Linux, more specifically, RHEL. Small wonder then that although developers may dally with other OSes, they want them to be RHEL. Free RHEL, if they can find it. Enterprises thinking about moving off CentOS to some form of RHEL should consider the following questions, starting with a basic one: Are AlmaLinux and Rocky Linux viable alternatives for commercial use?
- How are Alma Linux and Rocky Linux guaranteeing compatibility today? How do they guarantee they will be able to maintain this promise?
- Will the volunteer organizations of AlmaLinux and Rocky Linux continue to do the work necessary to create and update? Will they struggle like CentOS.org did in its earlier days, which led to Red Hat hiring the CentOS team? (Working for free gets old, it turns out.)
- Do the AlmaLinux and Rocky Linux organizations have the technical domain expertise to properly patch, update, and maintain business and mission-critical systems? Being OK at cloning someone else’s work doesn’t qualify you to take on the more demanding work of supporting a mission-critical OS, especially when you have no ability to influence the upstream distribution to meet customer requirements.
- Will Red Hat continue to publish source code in a manner that allows these organizations to continue to exist without having to create code? Red Hat’s track record of contributing code is long-lived and laudable, but CentOS Stream showed that the open source mainstay might be looking for new ways to package its code.
- Is it worth the risk and effort if you have to upgrade again in a few years?
Saving money in the wrong place
All of this big-picture stuff makes the decision to try to save a few dollars seem silly. This is the OS—the foundation for all the applications, databases, etc., that an enterprise runs. Despite its centrality to IT success, the OS is relatively cheap compared to what enterprises pay for other software. The OS seems like the exact wrong place to try to go clone to save relatively little money.
Don’t believe me? Ask Salesforce, which recently wrote about why (and how) it was migrating from CentOS 7 to RHEL 9. As Salesforce architect Anish Bhatt noted, “From integrating cutting-edge processors to stopping bugs in their tracks to boosting security, upgrading Salesforce’s OS to RHEL 9 provides a durable, enterprise-grade OS platform and unlocks many concrete benefits for Salesforce Engineering and our customers.”
Bhatt specifically mentions support for the “latest hardware to harness new software innovations for our customers,” something CentOS 7 (and presumably its clones) couldn’t muster. Also, “a new level of customer support, whereby Red Hat engineers can help Salesforce Engineering pinpoint issues in mere minutes, enabling rapid fixes,” along with an improved security posture.
This is a good reminder of how enterprises should assess the risk versus reward of going with a clone of RHEL. Software is never merely a matter of bits and bytes. It’s also the processes and people that stand behind it. For enterprises that are serious about infrastructure, it pays to support the company that is best placed to support you. In this case, that’s Red Hat.
Next read this: