Actually, from the perspective of a developer I see nothing but benefits. Take for example, you no longer have to maintain DEPLOYMENT DOCUMENTS, and assist during rollbacks. It really makes you life easier… Yes you do need to preparer the packages and all but usually the rest is handled by a DevOps Specialist unless you know how to do that yourself.
As for the other problem, it all comes down the flexibility and how you want to configure your microservice. In the configuration you either specify local DB or remote DB. It all comes down to flexibility and configuration. And a DB is just one example.
Good to read. Should have mentioned am not a software developer…
__ OT __
The software wizz-kids yell at me regularly if I write some code:
Why didn’t you put this in a class !
And on my turn yell back why do you put everything in a class with those stupid getters and setters while it basically is a function…
Lose the argument most times though…
There is specific use for things like, for example, C (procedural programming), for many other apps, I would go with classes. It gives you the possibility to reuse code more efficiently like a container (classes), it has a specific use / purpose. The getters and setters if to get you specific data but you still have functions inside to accomplish work. Classes also allow you to better protect your code through public protected and private accessors (public for everyone, protected accessible but all derived classes, private only accessible by the class implementing it)… Btw, getters in C# for example, translate to functions that just give you access to a specific piece of information.
One of the reason why you wouldn’t use an object oriented language is for speed but the speed advantages of procedural programming over object oriented diminished over the years but yes it still maintains an edge. Like I said, depending on what you do, it is better to chose one over the other. It is like for C# and .NET CORE. It is amazing in many regards, EF CORE (ORM) is super fast now, comparable to Dapper in terms of speeds, faster than NODE.JS… Makes development of Restful APIs easy. I prefer it over Node.JS or Python’s / Django. However, would I use C# for, lets say, a system that requires to respond quickly at a given interval? Maybe not because then the garbage collector would come in and ruin your day. But are trying to make better (Garbage collection) each time so who knows in the future… Oh and now you can use C# and .NET CORE on any platform! Including Linux!! I’m certainly very happy about that.
What I am saying is, there is a right tool for everything.
Well, i am kinda worried, becouse i like too much NethServer!
This topic worries me more than the other about RedHat/IBM behaviour. Hahaha! Anyway i wanto to point out @Andy_Wismer introduced me to OpenSense, and boy, its awesome! So, why not consider FreeBSD, it has been around and stable for a lot of time.
So, that beeing said, i would like to add that, at least here in Brazil, most of my clients are replacing Firewalls for router boxes from tplink and cisco, like RV320. And i saw people here saying that some NAS has some modules that can do wonders… okey, i get that, and i saw some really awesome NAS indeed.
The idea of having NethServer 8 be just a solid base to run or orchestrate multiple services… is VERY cool… so why not having two solutions? This and a All in One Server?! I know its too much to ask, lol… but i would love to manage all my nethservers (7) from my only laptop! hahaha
Even though some NAS include “usable” firewall functions, there’s still the caveat:
Internet Problem, box needs a reboot.
All File users (It IS a NAS, mainly!) will get disconected because of a problem not directly affecting them at that moment…
A dedicated box can be rebooted (cable network funky, Fiber interrupted, etc…), without interrupting ANY other services…
NS has invested big time in cockpit to be the base for web-ui, for good reasons because it integrates much of the Linux based distro’s application interfaces. In the end of day (like it or not… I do) it depends on systemd. This kinda puts all BSD’s out off the scope…
For the mortals among us, which includes me, solutions like OpenSense and pfSence and the like are awesome however (IMHO) the needed knowledge threshold to set it up in a reasonable way surpasses NS philosophy. Note do not say they are hard to use once you know what you are doing with a particular setting.
To keep the conversation going, could NS stay a all-in-one server which teams-up with a firewall on dedicate hardware? Meaning one administration interface face?
I agree with you @mark_nl. While I did venture into this OPNSense world and it is great, Nethserver offers a more simplistic approach that would work better for many.
As for changing to FreeBSD, personally I wouldn’t go that route. Many say it is more secure, it has been a round a long time, and I’ve seen a lot of debates on security comparing FreeBSD with Linux and there was never a clear winner. I have chosen OPNSense because I needed a bit more and yes I did have less of a hard time with VPN. VPN never fully worked for me with Nethserver and it worked well right away with OPNSense. That being said, if I would have to do anything from the command line (if it didn’t have a good UI) I would be lost because I know LINUX best.
Perhaps it is just me but there are way more Linux stuff around and while FreeBSD may have been around a bit more, Linux is catching up very fast, it is very secure and you have so much choice out there in terms of distribution. I would compare JAVA to C#. C#, while younger, is not much more advanced and offers way more features than Java… I guess Oracle is to blame for that.
If there was an equivalent to OPNSense offered using Linux, I would go with that over FreeBSD. Again it has nothing to do with me being against it but that there is way more knowledge out there in terms of Linux stuff…
Last but not least, I don’t know if I have been unlucky but there is the matter of community support. Reaching out to the OPNSense community is A PAIN! If you are too junior or you have a question elites just don’t care to answer because they see it is a newb question, GOOD LUCK getting any kind of help. I have been lucky to have @Andy_Wismer help me who has a lot of experience (and yes Thank you Andy!!). If I would have to poke around OPNSense at the command line, it would be more difficult even because of what I explained… I would also like to say, I can’t remember what system I wanted to install almost two years ago, it was also based on FreeBSD and the support was HORRIBLE! I was not asking for anyone to do my work for me but, at least some kind of collaboration like we have here. So like I said, I don’t know if I was unlucky but so far everything FreeBSD related has left me with a bitter taste. Again I mean no offense to those who like FreeBSD, these are just my observations based on experience.
That being said, I do hope Nethserver sticks around and I do hope it remains Linux based.
To answer that question, it could be but it could make things difficult if they need to move on to a new technology which could come in conflict with something else you use in Nethserver. It would involve challenges. I’m not saying it is impossible but you are talk working with another team. It would definitely slow things down. Again not impossible. The other good question is with whom? The only two top firewall systems are there are pFSense and OPNSense as far as I could see that are free. Well pFSense has been acquired by Netgear and they have done shady stuff so, I don’t even consider it “Open Source” anymore. That leaves OPNSense which is FreeBSD based which would be a challenge.
Ohh yeah!!! How could I forget, I remember seeing that a while ago. I dismissed it at the time because it just looked so hard to use. But yes I presume this could be an alternative one day… The UI feels very old indeed.
Not supporting multiwan, lots of “bells an whistles” like peek and splice or other “gateway” like different user access for management,
It’s strongly and willingly developed as kernel, optimizations, performance tuning (multi-core QoS based, nifty!) and hardening… But also lacking so much on other interesting/necessary customer oriented options. I hope the best for the team, but this is the third year in a row that i cannot think/rely on a project like that for firewalls.
Going back to development: cockpit is enabling a so deeper access to the hardware and linux management compared to NethGUI, so IMVHO is currently the core for the future of NethServer. If SystemD is a necessory for Cockpit. the only alternative seems to be Debian compared to CentOS Stream.
Or am i missing something?
Side story similar environment, different derived project: Also Rockstor is leaving CentOS7 for OpenSuse based-installation for version 4.0
I personally could live very well with that decision to go the Debian route. Going Debian would mean a lot of work for sure. All the packages would have to be redone from rpm to deb, and that is just one part.
As far as i can feel from Filippo’s words, the current decision is “stay with stream”, only for avoiding troublesome major release problems and backportings. And maybe the stability of the releases by IBM Linux… Sorry… RedHat CentOS Stream department will be satisfactory.
The step we are talking about is on a “what if” streams sucks more than (put your worst considered distro as stability, security and quality here), and it’s just… talk.
Everybody who is proposing Debian and Ubuntu seams to forget how to migrate from NS 7 to NS 8 ?
Except by a full re-installation and a data migration I don’t see how ?
But to go with the flow
Why not using cockpit on CentOS 8 than build service in container such as LXC/Docker, …
Cockpit manage very well container.
@stephdl in fact I still don’t understand why NS7 use portainer for that
hahaha