While Red Hat is phasing out CentOS 8 at the end of 2021, users are thinking about their options. […]
In the midst of all the news from the AWS re:Invent last week – mainframe modernization, database updates, ARM-based Graviton3, etc. – you may have missed one thing, but it deserves the spotlight: Amazon Linux 2022. AWS CEO Adam Selipsky did not mention it in his keynote, although it received a tweet from AWS Compute Services VP Deepak Singh (as well as this chess game and this tree). But that’s probably appropriate, since Amazon Linux 2022 is the kind of big deal that’s supposed to fade into the background while providing stability, security, and performance.
It is also an interesting publication, both for what it is not and for what it is. For the first time, Amazon Linux 2022 is not based on the code of Red Hat Enterprise Linux (RHEL) (nor was it ever based on CentOS, the long-time RHEL clone that caused a stir in late 2020 when Red Hat announced that it was abandoning a fixed publishing pattern in favor of a rolling, “stream-based” approach). Instead, Amazon Linux 2022 is based on the upstream project of the Fedora community.
Whether looking ahead or just a stroke of luck, AWS’s focus on Fedora could well pay off. But for companies wondering what to do with the CentOS free pass, which ends soon, it may be worth remembering that “free software” is often not free.
“The most abused software in the history of computer technology”
It makes sense that each of the cloud providers is built on CentOS. Everyone does that. Each. Take a look at the underlying operating systems of some of the largest software-as-a-service providers in the world, and you’ll find plenty of CentOS. Take a look at IBM’s consulting practice and see how for years the company advised its customers to “just use CentOS”. European fashion brands that would never tolerate someone selling an imitation of their overpriced bags use CentOS. The entire telecommunications infrastructure in China runs on CentOS. (Yes, really. Facebook is also CentOS-based.
And the use of CentOS is not limited to test and development instances. In a conversation with someone close to CentOS, he told about the statement of a senior employee of a large cloud provider, where many large customers use CentOS: “This is the most abused software in the history of computer technology. Our top 10 CentOS users have over 50,000 instances, and they are the who’s who of the Fortune 100. You know what you’re doing. These are not developers running Dev/test. These are not small businesses.“
And why? Because CentOS has long been considered safe. Certainly, Red Hat has tried to explain to customers that using CentOS in production is equivalent to running with scissors in your hand (“Go ahead, but you will get injured in the process!”), but in reality it was pretty much exactly like RHEL, and Red Hat spent years teaching the market that “RHEL = safe”.
With the announcement of CentOS Stream, which came a few years after Red Hat acquired CentOS, Red Hat made CentOS less secure. Suddenly, CentOS went from a “trusted RHEL clone” to a “somewhat confusing RHEL beta code”. As already mentioned, many people complained, but it is not clear whether they would have found the alternative better. For years, the CentOS community struggled to keep up with its popularity. It’s nice to be popular, but it’s less nice when (a) you don’t get paid for that popularity and (b) some of the biggest companies in the world (banks, telecom companies, etc.) run large parts of their operations on CentOS and therefore demand all sorts of changes to the code. This is an excellent recipe for a burnout of the maintainers, which in turn is an excellent recipe for companies that have injured themselves with the scissors with which they walked around.
Something had to come here.
Red Hat stepped in to stabilize the CentOS community by hiring its key contributors. For its part, Red Hat wanted a stable base for higher-level community projects such as OpenStack and OpenShift. Fedora could not provide this base, as it was developing too fast. Of course, Red Hat also wanted companies that operate as free riders to understand that there is no such thing as “free software” in the true sense of the word. To make the change less unpleasant for developers and smaller companies, Red Hat has made a big change to the RHEL Developer Edition to make it much more accessible (read: free!), while RHEL is free for up to 16 servers, so schools and other smaller organizations have a cost-effective way to deploy a tested, certified and supported Linux.
Interesting times in the cloud
All this does not help the providers of managed services, who have to deal with the changes to CentOS. As I have already indicated, it is not so much that these companies are dependent on the support of Red Hat. You have been using CentOS for years without support. But the nature of the Linux you depend on has changed. Dramatic. It’s one thing to use a clone of a well-tested, enterprise-grade Linux. It’s a completely different matter to bet on beta software without any guarantee of security or performance.
This is very reminiscent of the “running with scissors” scenario that Red Hat tried unsuccessfully to apply to CentOS before CentOS Stream. It’s suddenly a silly exercise in “tripping over dollars to save pennies,” considering that the operating system – the foundation of a company’s applications, databases, etc. – is comparatively cheap compared to corporate spending further up the stack.
What to do? An obvious answer is to pay Red Hat for RHEL. For those who are not ready for this, Google has proposed alternatives to CentOS and has partnered with Red Hat to help customers switch to a supported operating system. It is less clear what Microsoft is proposing for its Azure customers. AWS has already switched to Fedora and offers support. Yes, the underlying code is perhaps best described as Alphacode, but AWS engineers will actively contribute to improving the upstream code, and AWS is fully behind it.
At this point it gets a little tricky for the AWS competitors. No one really wants to support another Linux distribution. That’s why we chose RHEL, SUSE and Ubuntu. AWS is the first on the market with its Linux. Because of its market share, it is probably the only vendor large enough to convince ISVs and others to support its non-RHEL-compatible Linux. Now it’s up to Google and Microsoft to figure out how to live in a post-CentOS world without the market share necessary to convince ISVs and others to support their operating system. Remember that Red Hat has conquered the Linux market by creating an ecosystem around its certified operating system. I hear rumors that they could team up for a SUSE compatible offer, but it’s too early to say that.
The only thing that is certain is that Linux is interesting again. This may not be good, because it is supposed to be the quiet base that does not attract attention.
*Matt Asay leads evangelism at MongoDB.