Are Minimal installs really better?
-
@IRJ said in Are Minimal installs really better?:
Configuration Drift
This is the big one for me. With a full install, you get most of the tools you need for troubleshooting and doing various tasks across the board. With minimal systems you need to add packages one by one as you need them. Which means your image could vary quite a bit from system to system.
Troubleshooting
This takes longer as every set of servers has a different set of tools, and many times needed tools are missingI don't have this with either. We don't get the drift because we use standards to do the setup. ANd we also find that the baseline is lacking things whether something simple like netstat or something complex like our Zabbix agent. But we have to add on to every box regardless.
-
@IRJ said in Are Minimal installs really better?:
@DustinB3403 said in Are Minimal installs really better?:
A lot of these issues can be addressed with tools like Ansible or setup scripts, so I find your topic a bit awkward.
Whatever way you want to slice it, package management is more difficult for OS level packages.
Not sure what you mean. Any tools that will come with the non-minimal install will be handled great by being installed only as desired by Ansible or whatever.
-
@IRJ said in Are Minimal installs really better?:
@DustinB3403 said in Are Minimal installs really better?:
A lot of these issues can be addressed with tools like Ansible or setup scripts, so I find your topic a bit awkward.
Whatever way you want to slice it, package management is more difficult for OS level packages.
Define OS level package, because I have no idea what you mean. I'm guessing it's something from Windows world, but even there I haven't heard about such thing.
How is this any difficult when managing packages:
- name: install some packages package: name: "{{ item }}" state: present with_items: - package 1 - package 2 - etc.......
-
With the full ISO for example, you'd find yourself wanting to uninstall a bunch of software you don't use.
Do you really need a podcast player on your Fedora Server?
-
I prefer minimal in most cases. I'm tired of the bloat. Not because it takes up so much disk space, but that's where bad things happen. Tools having issues that I didn't need to have there at all.
-
@scottalanmiller said in Are Minimal installs really better?:
I prefer minimal in most cases. I'm tired of the bloat. Not because it takes up so much disk space, but that's where bad things happen. Tools having issues that I didn't need to have there at all.
Don’t you normally installed Fedora Server instead of minimal?
-
@scottalanmiller said in Are Minimal installs really better?:
Tools having issues that I didn't need to have there at all.
I dont know if that is true. If a tool lay dormant and/or a service isn't running what kind of affect will it have? I find myself needing additionally shit after a packer image has been created and all the supposedly needed stuff has already been added.
-
@IRJ
I think it's best to start with the smallest most basic thing and then add what you think you always need. That becomes your personal or company's minimal install and that might be larger or smaller than someone's else because we all need different things.If we are talking Fedora Minimal Install then it's actually a pretty bloated affair compared to others like Debian for instance (only the base system, no extras). Even Fedora Custom Operating System option, which I assume is smaller than minimal, is bloated in comparison.
I have both installed on my test host in the latest versions and looking at
dmesg
Debian boots in 2.7 secs compared to Fedora's minimal/custom 9.7 secs. After boot Debian uses ~80MB RAM while Fedora uses ~240MB RAM. Fedora of course has more services running by default and pulls in more packages during install. Even Fedora Server's netinstall disk image is about twice the size. -
@black3dynamite said in Are Minimal installs really better?:
@scottalanmiller said in Are Minimal installs really better?:
I prefer minimal in most cases. I'm tired of the bloat. Not because it takes up so much disk space, but that's where bad things happen. Tools having issues that I didn't need to have there at all.
Don’t you normally installed Fedora Server instead of minimal?
I do on Fedora, but not on most things. I find that Fedora Server I use quite a lot of.
-
Minimal but not to the point of reaching alpine linux minimal. If you consider what is driving containers and everything it is about being very small and launch in seconds.. and they told me crazy when I spend hours making Windows xp and 7 as lite as possible 10 years ago and trimming the fat just to run single app like a game, i was such visionary.
-
Also even when you install something bigger, what you need isn't always there anyway.
I consider for instance
screen
to be a pretty basic tool. Not in Fedora Server.
nmap
? Not in Fedora Server.
tcpdump
? Yes, it was there.
iperf
? No, not in Fedora Server.
smartctl
? Yes, it was there.I think whatever you distro/installation options you pick, you are going to need to add stuff anyway. If that is part of the post-installation process then it's going to be there when you need it.
-
@Pete-S said in Are Minimal installs really better?:
Also even when you install something bigger, what you need isn't always there anyway.
I consider for instance
screen
to be a pretty basic tool. Not in Fedora Server.
nmap
? Not in Fedora Server.
tcpdump
? Yes, it was there.
iperf
? No, not in Fedora Server.
smartctl
? Yes, it was there.I think whatever you distro/installation options you pick, you are going to need to add stuff anyway. If that is part of the post-installation process then it's going to be there when you need it.
The problem is that when you have many different admins that use different tools. You might use Nmap while some people just want to use netcat. If netcat isn't installed, I probably wouldn't even think to use Nmap just because Nmap isn't standard. Nmap will also trigger the hell out IDS systems
Every admin is going to install their own shit and they will be configuration drift. If you had the full sever install there is arguably enough tools to do everything. Sure you are going to want to install a few packages, but not the amount you will add with minimal.
-
@IRJ said in Are Minimal installs really better?:
If you had the full sever install there is arguably enough tools to do everything.
The above stuff was from Fedora Server install, not minimal.
-
@Pete-S said in Are Minimal installs really better?:
@IRJ said in Are Minimal installs really better?:
If you had the full sever install there is arguably enough tools to do everything.
The above stuff was from Fedora Server install, not minimal.
You left out my next sentence
If you had the full sever install there is arguably enough tools to do everything. Sure you are going to want to install a few packages, but not the amount you will add with minimal.
-
@IRJ said in Are Minimal installs really better?:
Every admin is going to install their own shit and they will be configuration drift.
That's a company standard problem, not an OS problem.
If a couple of guys doing admin work on the same machines sit down and think through what they use, you could probably come up with a comprehensive list that makes everyone happy. Post-install those packages are added on every machine.
On a regular basis you review the package list and add stuff or remove stuff and that becomes the new standard. Then push it out to all servers with automation.
-
@IRJ said in Are Minimal installs really better?:
@Pete-S said in Are Minimal installs really better?:
@IRJ said in Are Minimal installs really better?:
If you had the full sever install there is arguably enough tools to do everything.
The above stuff was from Fedora Server install, not minimal.
You left out my next sentence
If you had the full sever install there is arguably enough tools to do everything. Sure you are going to want to install a few packages, but not the amount you will add with minimal.
OK, I get it now.
Well, if you think Fedora Server is closer to what you want in a minimal install I don't see a problem using that instead. And then adding whatever is missing.
You get stuff like cockpit too but maybe that is something you always want.
I don't know if fedora has a list of packages that are added for each installation option.
-
@Pete-S said in Are Minimal installs really better?:
@IRJ said in Are Minimal installs really better?:
@Pete-S said in Are Minimal installs really better?:
@IRJ said in Are Minimal installs really better?:
If you had the full sever install there is arguably enough tools to do everything.
The above stuff was from Fedora Server install, not minimal.
You left out my next sentence
If you had the full sever install there is arguably enough tools to do everything. Sure you are going to want to install a few packages, but not the amount you will add with minimal.
OK, I get it now.
Well, if you think Fedora Server is closer to what you want in a minimal install I don't see a problem using that instead. And then adding whatever is missing.
You get stuff like cockpit too but maybe that is something you always want.
I don't know if fedora has a list of packages that are added for each installation option.
View group installs
dnf grouplist
View packages within group installs
dnf groupinfo "Development Tools"
-
Fedora Server adds this over Minimal Install (in Fedora 30)
I looked at:
dnf group list
and
dnf group info "<groupname>"
Difference between Minimal Install and Fedora Server Edition:
It's not the whole truth though because some of these packages are installed in Minimal Install but they are listed as optional. I don't know when packages that are marked optional actually are installed or not. One example is the packages in the Standard group.
Common NetworkManager Submodules NetworkManager-bluetooth NetworkManager-wifi NetworkManager-wwan dhcp-client dnsmasq iptables
Fedora Server product core PackageKit chrony polkit realmd timedatex NetworkManager-team dhcp-client fedora-release-server
Hardware Support atmel-firmware b43-fwcutter b43-openfwwf ipw2100-firmware ipw2200-firmware iwl100-firmware iwl1000-firmware iwl105-firmware iwl135-firmware iwl2000-firmware iwl2030-firmware iwl3160-firmware iwl3945-firmware iwl4965-firmware iwl5000-firmware iwl5150-firmware iwl6000-firmware iwl6000g2a-firmware iwl6000g2b-firmware iwl6050-firmware iwl7260-firmware libertas-usb8388-firmware usb_modeswitch zd1211-firmware
Headless Management PackageKit cockpit openssh-server cockpit-networkmanager cockpit-packagekit cockpit-selinux cockpit-storaged
Standard abrt-cli acl at attr bash-completion bc bind-utils bridge-utils btrfs-progs bzip2 cifs-utils cpio crontabs cryptsetup cyrus-sasl-plain dbus deltarpm dos2unix dosfstools ed ethtool fedora-release-notes file fpaste fprintd-pam gnupg2 grubby hunspell iptstate irqbalance jwhois logrotate lsof mailcap man-pages mcelog mdadm microcode_ctl mlocate mtr nano net-tools nfs-utils nmap-ncat ntfs-3g ntfsprogs opensc pam_krb5 passwdqc pciutils pinfo plymouth psacct quota realmd rng-tools rsync rsyslog smartmontools sos sssd sudo symlinks systemd-udev tar tcpdump telnet time traceroute tree unzip usbutils util-linux-user vconfig wget which wireless-tools words zip
-
@black3dynamite said in Are Minimal installs really better?:
I don't know if fedora has a list of packages that are added for each installation option.
View group installs
dnf grouplist
View packages within group installs
dnf groupinfo "Development Tools"
Thanks, I managed to figure that out.
-
@Pete-S said in Are Minimal installs really better?:
Fedora Server adds this over Minimal Install (in Fedora 30)
I looked at:
dnf group list
and
dnf group info "<groupname>"
Difference between Minimal Install and Fedora Server Edition:
It's not the whole truth though because some of these packages are installed in Minimal Install but they are listed as optional. I don't know when packages that are marked optional actually are installed or not. One example is the packages in the Standard group.
Common NetworkManager Submodules NetworkManager-bluetooth NetworkManager-wifi NetworkManager-wwan dhcp-client dnsmasq iptables Fedora Server product core PackageKit chrony polkit realmd timedatex NetworkManager-team dhcp-client fedora-release-server Hardware Support atmel-firmware b43-fwcutter b43-openfwwf ipw2100-firmware ipw2200-firmware iwl100-firmware iwl1000-firmware iwl105-firmware iwl135-firmware iwl2000-firmware iwl2030-firmware iwl3160-firmware iwl3945-firmware iwl4965-firmware iwl5000-firmware iwl5150-firmware iwl6000-firmware iwl6000g2a-firmware iwl6000g2b-firmware iwl6050-firmware iwl7260-firmware libertas-usb8388-firmware usb_modeswitch zd1211-firmware Headless Management PackageKit cockpit openssh-server cockpit-networkmanager cockpit-packagekit cockpit-selinux cockpit-storaged Standard abrt-cli acl at attr bash-completion bc bind-utils bridge-utils btrfs-progs bzip2 cifs-utils cpio crontabs cryptsetup cyrus-sasl-plain dbus deltarpm dos2unix dosfstools ed ethtool fedora-release-notes file fpaste fprintd-pam gnupg2 grubby hunspell iptstate irqbalance jwhois logrotate lsof mailcap man-pages mcelog mdadm microcode_ctl mlocate mtr nano net-tools nfs-utils nmap-ncat ntfs-3g ntfsprogs opensc pam_krb5 passwdqc pciutils pinfo plymouth psacct quota realmd rng-tools rsync rsyslog smartmontools sos sssd sudo symlinks systemd-udev tar tcpdump telnet time traceroute tree unzip usbutils util-linux-user vconfig wget which wireless-tools words zip
I know if wanted to include the optional packages, I would use
--with-optional