When would you NOT use OpenBSD?

classic Classic list List threaded Threaded
50 messages Options
123
Reply | Threaded
Open this post in threaded view
|

When would you NOT use OpenBSD?

Miles Keaton
This is a serious question, for heavy users of OpenBSD in
big/production/heavy-traffic situations.

For years, our small company used OpenBSD for *EVERYTHING* because I
personally prefer it.   (We run a pretty popular database-driven
website.)

All mail servers, web servers, database servers, were all OpenBSD.

But then some threads-issue with MySQL on OpenBSD made us switch to
FreeBSD for our database server, in an emergency.  The increasing load
on the server was making OpenBSD buckle, and switching to FreeBSD (on
the same hardware!) was a 100x speed improvement.  Unfortunately, we
switched other servers to FreeBSD, too, to standardize, and have been
almost entirely FreeBSD, since.

Ah, but this was back in 2001 or so.  I know things in OpenBSD are
better now.  SMP.  Etc.

Things at our company have grown enough so that we finally have
load-balanced servers, so not all traffic needs to be whomping a
single server.

We're setting up some new hardware, and I want us to take a look at
OpenBSD again for things like webservers and database servers.  (Not
too happy with the SMP in FreeBSD.)  Maybe even get back to our old
situation of being 100% OpenBSD for everything.

Which leads me to my real question for you heavy users of OpenBSD in
big/production/heavy-traffic situations:

When would you NOT use OpenBSD?

When would you choose one of the other *nix over OpenBSD?

Is OpenBSD appropriate for a busy webserver or super-loaded database server?

I've seen old "O.S. shootouts" benchmarks comparing O.S.'s and often
showing Linux or FreeBSD excelling at webserving or
database-performance, but I don't know if that's just old data or the
benchmarkers didn't have OpenBSD tweaked right.

As you can tell I'd *like* to go back to OpenBSD-everywhere but
thought it would be wise to ask the misc@ gang about this first.

Thanks!

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Lars Hansson
On Wednesday 05 April 2006 06:25, Miles Keaton wrote:
> When would you NOT use OpenBSD?

When you run applications that *REALLY* needs SMP, not that there are a lot of
those.
Or when your application simply do not run on OpenBSD for some reason.

> When would you choose one of the other *nix over OpenBSD?

When they're more suitable for the task. Not that it has ever been the case
for me.

> Is OpenBSD appropriate for a busy webserver or super-loaded database
> server?

Webserver yes. "Super-loaded" MySql server? Dunno, depends on how much MySql
sucks these days.

> I've seen old "O.S. shootouts" benchmarks comparing O.S.'s and often
> showing Linux or FreeBSD excelling at webserving or
> database-performance, but I don't know if that's just old data or the
> benchmarkers didn't have OpenBSD tweaked right.

Benchmarks are like assholes, everyone has one but you're better off only
minding your own.

----
Lars Hansson

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Chris-117
Lars Hansson wrote:

> On Wednesday 05 April 2006 06:25, Miles Keaton wrote:
>  
>> When would you NOT use OpenBSD?
>>    
>
> When you run applications that *REALLY* needs SMP, not that there are a lot of
> those.
> Or when your application simply do not run on OpenBSD for some reason.
>
>  
>> When would you choose one of the other *nix over OpenBSD?
>>    
>
> When they're more suitable for the task. Not that it has ever been the case
> for me.
>
>  
>> Is OpenBSD appropriate for a busy webserver or super-loaded database
>> server?
>>    
>
> Webserver yes. "Super-loaded" MySql server? Dunno, depends on how much MySql
> sucks these days.
>
>  
>> I've seen old "O.S. shootouts" benchmarks comparing O.S.'s and often
>> showing Linux or FreeBSD excelling at webserving or
>> database-performance, but I don't know if that's just old data or the
>> benchmarkers didn't have OpenBSD tweaked right.
>>    
>
> Benchmarks are like assholes, everyone has one but you're better off only
> minding your own.
>
> ----
> Lars Hansson
>
>
>  
Loved the last one so I wanna add that I m comming from a Linux
background, used freebsd for years,
I m gonna never regret I found OpenBsd in the way.
My Last  Linux box (Suse) was the day I found my router in my office
with a kernel panic message after 1 year working fine patched up as
always. In the same box without any hardware changes I run now an
Openbsd Webserver from then till now
holding more than 30 domain names some with lot of traffic  almost
unpatched and unupdated (3.2 stable). I bet if I left it there unpatched
for the next 5 years I will not wake up one morning and find it down if
will be no hardware problem.

And yes thats not the proper way to go as an administrator but thats
what I like on Openbsd.
Very glad for the $10000 from mozzila I hope We can do that too one day.

-Chris.

PS. Yes When I want to play Fancy Games and just kill my time I have no
prob using Windows.
I had even a Game Server in Openbsd and it wasn t never down.

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Anton Karpov-2
In reply to this post by Miles Keaton
> When would you NOT use OpenBSD?
>
> When would you choose one of the other *nix over OpenBSD?



I'm NOT using OpenBSD on my laptop, it's powered by FreeBSD instead.
Basically this is due to lack of acpi and bluetooth support in OpenBSD.

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Joachim Schipper
In reply to this post by Miles Keaton
On Tue, Apr 04, 2006 at 03:25:24PM -0700, Miles Keaton wrote:

> This is a serious question, for heavy users of OpenBSD in
> big/production/heavy-traffic situations.
>
> For years, our small company used OpenBSD for *EVERYTHING* because I
> personally prefer it.   (We run a pretty popular database-driven
> website.)
>
> All mail servers, web servers, database servers, were all OpenBSD.
>
> But then some threads-issue with MySQL on OpenBSD made us switch to
> FreeBSD for our database server, in an emergency.  The increasing load
> on the server was making OpenBSD buckle, and switching to FreeBSD (on
> the same hardware!) was a 100x speed improvement.  Unfortunately, we
> switched other servers to FreeBSD, too, to standardize, and have been
> almost entirely FreeBSD, since.
>
> Ah, but this was back in 2001 or so.  I know things in OpenBSD are
> better now.  SMP.  Etc.
>
> Things at our company have grown enough so that we finally have
> load-balanced servers, so not all traffic needs to be whomping a
> single server.
>
> We're setting up some new hardware, and I want us to take a look at
> OpenBSD again for things like webservers and database servers.  (Not
> too happy with the SMP in FreeBSD.)  Maybe even get back to our old
> situation of being 100% OpenBSD for everything.
>
> Which leads me to my real question for you heavy users of OpenBSD in
> big/production/heavy-traffic situations:
>
> When would you NOT use OpenBSD?
>
> When would you choose one of the other *nix over OpenBSD?
>
> Is OpenBSD appropriate for a busy webserver or super-loaded database server?
>
> I've seen old "O.S. shootouts" benchmarks comparing O.S.'s and often
> showing Linux or FreeBSD excelling at webserving or
> database-performance, but I don't know if that's just old data or the
> benchmarkers didn't have OpenBSD tweaked right.
>
> As you can tell I'd *like* to go back to OpenBSD-everywhere but
> thought it would be wise to ask the misc@ gang about this first.

OpenBSD just isn't the fastest around (partly due to the abundance of
crypto, and partly due to the fact that it just isn't that much of a
priority). It also does not have the best multiprocessing or threading
support around.

Additionally, hardware support is not as good as from, say, Linux. Or
even FreeBSD. And if the hardware is not supported, an OpenBSD box
doesn't do a whole lot of good.

Finally, some programs are written in a sufficiently Linux-centric
fashion that porting them is rather difficult. Some have been
succesfully ported, but there are not quite as many packages for OpenBSD
as for, say, Linux. Or even FreeBSD. (Seeing a pattern here?)

SMP is supported, but some other OSes do a better job. If you are
sitting on a 16-way UltraSPARC box with many gigabytes of memory, you'd
probably be better off putting Solaris on it - that's what it's for. (Do
put an OpenBSD firewall in front, though.)

Also, OpenBSD excels at security and code correctness. If you do not
connect to the internet and do not develop OS-level software, neither
count for much. A gaming box in the basement, without internet
connection, would not see that much benefit from OpenBSD - dump Windows
on it. And live with the occasional BSOD.

Pretty much the same is true for some webserver/database server
situations where the last few percents of performance are really
necessary.

However, I do think most of the really inefficient stuff has been
improved sufficiently that the differences are not likely to be that
big. But the userspace thread implementation still has its limitations.

                Joachim

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Toni Mueller-10
In reply to this post by Chris-117
Hello Chris,

On Wed, 05.04.2006 at 04:55:39 +0200, Chris Alatakis <[hidden email]> wrote:
> holding more than 30 domain names some with lot of traffic  almost

what is "a lot of traffic"?

> unpatched and unupdated (3.2 stable). I bet if I left it there unpatched
> for the next 5 years I will not wake up one morning and find it down if
> will be no hardware problem.

I wouldn't bet on that. Afair there were ssh problems on the way, and
even something in the network stack that better should be patched.

I also occasionally have OpenBSD boxen locked up in a way that they
prevent SSH logins and require a reboot. But that's occasionally, eg.
1x in some five years accumulated computer uptime (over several
systems), maybe less, although I'd still love to see it fixed.


Best,
--Toni++

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Antonios Anastasiadis
In reply to this post by Joachim Schipper
well, If you are not happy with the SMP performance in FreeBSD you
won't be in OpenBSD either.
Also, MySQL performance is worse in OpenBSD due to the threading
library used, I would suggest to wait at least until rthreads are
complete and stable if you must make the switch nevertheless.

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Henning Brauer
In reply to this post by Joachim Schipper
* Joachim Schipper <[hidden email]> [2006-04-05 10:44]:
> OpenBSD just isn't the fastest around

actually, we are.
for quite some stuff.
we're not for some other stuff.

--
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Tor Houghton
On Wed, Apr 05, 2006 at 12:11:49PM +0200, Henning Brauer wrote:
>
> actually, we are.
> for quite some stuff.
>

the install for one. i love the install. 8-)

tor

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Joachim Schipper
In reply to this post by Henning Brauer
On Wed, Apr 05, 2006 at 12:11:49PM +0200, Henning Brauer wrote:
> * Joachim Schipper <[hidden email]> [2006-04-05 10:44]:
> > OpenBSD just isn't the fastest around
>
> actually, we are.
> for quite some stuff.
> we're not for some other stuff.

Okay, that's true. Good correction.

Still, for MySQL and the like, OpenBSD is unlikely to be the best
performer.

                Joachim

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Henning Brauer
* Joachim Schipper <[hidden email]> [2006-04-05 13:22]:

> On Wed, Apr 05, 2006 at 12:11:49PM +0200, Henning Brauer wrote:
> > * Joachim Schipper <[hidden email]> [2006-04-05 10:44]:
> > > OpenBSD just isn't the fastest around
> >
> > actually, we are.
> > for quite some stuff.
> > we're not for some other stuff.
>
> Okay, that's true. Good correction.
>
> Still, for MySQL and the like, OpenBSD is unlikely to be the best
> performer.

no, not "and the like". for mysql with a specific (not THAT uncommon,
apparently) use pattern, yes.

I'm sick and tired of this "OpenBSD doesn't perform well" FUD. It is
nothing but FUD or over-generalization.

--
BS Web Services, http://www.bsws.de/
OpenBSD-based Webhosting, Mail Services, Managed Servers, ...
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Marco Peereboom
In reply to this post by Joachim Schipper
> Additionally, hardware support is not as good as from, say, Linux. Or
> even FreeBSD. And if the hardware is not supported, an OpenBSD box
> doesn't do a whole lot of good.

Really?

So having a crappy or blobbed driver is better than having nothing?
I disagree vehemently .

Give me something that works or nothing at all.  I prefer to not be
surprised by "it sort of works for the developer of the driver".

I find this statement rather misleading and wonder why people keep
parroting it.

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

fuzzyping
On Apr 5, 2006, at 8:04 AM, Marco Peereboom wrote:

>> Additionally, hardware support is not as good as from, say, Linux. Or
>> even FreeBSD. And if the hardware is not supported, an OpenBSD box
>> doesn't do a whole lot of good.
>
> Really?
>
> So having a crappy or blobbed driver is better than having nothing?
> I disagree vehemently .
>
> Give me something that works or nothing at all.  I prefer to not be  
> surprised by "it sort of works for the developer of the driver".
>
> I find this statement rather misleading and wonder why people keep  
> parroting it.

Agreed.  More folks should hang out on the Dell/Linux mailing list  
and take note of the pain these people endure with binary and poorly-
written drivers.  Sensors and hardware RAID are particularly ugly.


--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Joachim Schipper
In reply to this post by Marco Peereboom
On Wed, Apr 05, 2006 at 07:04:45AM -0500, Marco Peereboom wrote:

> >Additionally, hardware support is not as good as from, say, Linux. Or
> >even FreeBSD. And if the hardware is not supported, an OpenBSD box
> >doesn't do a whole lot of good.
>
> Really?
>
> So having a crappy or blobbed driver is better than having nothing?
> I disagree vehemently .
>
> Give me something that works or nothing at all.  I prefer to not be
> surprised by "it sort of works for the developer of the driver".
>
> I find this statement rather misleading and wonder why people keep
> parroting it.

Hey, me too. But I've heard more than once, here and elsewhere, that
people don't want to use OpenBSD because some piece of hardware they
have is not supported.

That said, *I* agree with you. Still, if given a box that did not run
OpenBSD for some reason - like an unsupported RAID card and a true need
for RAID - and no means to replace it, there would be little other
recourse than to 'not run OpenBSD', which is what the title is all
about.

I'm not saying that having a blobbed driver in-tree would be an
improvement - however, a machine that runs is likely to be an
improvement over one that doesn't, at least for a while (because, as
pointed out, bugs like blobs).

                Joachim

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

David T Harris
In reply to this post by Miles Keaton
Actually, I agree.  I originally had OpenBSD 3.6
installed on an i386 AT box with a SoundBlaster sound card.
The sound quality was rather soft, until I pumped the audio
to max (and I'm not hard of hearing).

However, the dvd drive worked perfectly under mplayer.

Having, never tried slackware, I installed that on the machine
and now the dvd drive can't play one of the dvd's that was able
to play under OpenBSD.  Plus I keep getting input/output errors
on the box.  I never had these errors in OpenBSD 3.6.  Not to
mention the pain that is ALSA - golly configuring sound
in linux is a pain.  Why do I still use it?  Well because
you can hand compile (./configure; make;make install) pretty
much anything.  You can't do that on OpenBSD (as far as I know)
if the package depends on anything major (like qt).  Xine,
djvu, etc...  I need djvu in order to read books on netlibrary.com
hence Linux.  

Hence basically if I want to be able to compile as many packages
as possible I'll use Linux.  
If I want security and ease of configuration (for most non-networking tools)
I'll use OpenBSD.  Not to mention that OpenBSD doesn't necessitate
loading modules or any of that hassel.  

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Marco Peereboom
In reply to this post by Joachim Schipper
> I'm not saying that having a blobbed driver in-tree would be an
> improvement - however, a machine that runs is likely to be an
> improvement over one that doesn't, at least for a while (because, as
> pointed out, bugs like blobs).

bzzzt *wrong*

There is a whole market out there for this.  It's called proprietary operating
systems.  These systems do a fine job at whatever they are doing.  You are
reversing the argument from what it should be.

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Chris 'Xenon' Hanson
In reply to this post by Miles Keaton
   I run OpenBSD for almost anything that is exposed to insecure digital spaces, like the
Internet, that needs to be seriously hardened. I run and Linux (or god forbid, Windows) on
servers that can be a little "soft" because they are only exposed to "trusted" access.

   My company's main websites are run on hosted servers that we don't directly control the
OS of. I believe they are running on Debian 3.1 GNU/Linux systems, and I am satisfied with
the expertise of those responsible for running them, so it's not my issue.

   My router/firewall/VPN box is OpenBSD. It is the gateway to all the "soft" bits on my
intranet. The intranet server runs Linux (Slackware), for multiple reasons. Generally you
have a wider applications base and possibly easier access to more modern versions of
tools, and more people who have expertise to draw upon. Also, there are some performance
reasons, it being an SMP machine.

   There are two exceptions to the hard/soft rule. There are two tunnels through the
hardened OBSD gateway into "soft" Linux servers: Mail and DMZ HTTP.

   For architectural reasons, my SMTP server runs on the "soft" Linux intranet server.
However, I run qmail, a piece of software written by someone who is equally concerned
about code quality and security as the OpenBSD team themselves. I am generally confident
that exposing access to qmail on a "soft" Linux system is not a point of failure. If an
exploit were found in qmail, I would need to move quickly to resolve it since Linux does
not have nearly as much exploit-prevention architecture as OpenBSD.

   The second soft hole is access to a Linux-based low-load webserver running in my
network DMZ. I chose Linux here to have wider access to more modern webserver software and
applications. Due to the higher potential for exploitation, this machine is walled off
into a DMZ with no access to the Intranet. It is remotely backed up by a revision tracking
system on a daily basis so that it can be rebuilt or rolled back to a known good state if
it is compromised.

   There are a couple of Windows remote-desktop machines and an ancient Windows fax server
lurking in the intranet zone, but they aren't allowed to speak to the outside world except
via secure VPN connections established and controlled by the OpenBSD gateway.


   Use systems of trusted security (OpenBSD and/or qmail) whenever compromise would be
expensive. Allow less hardened systems only where compromise is not likely (intranet), or
not costly (DMZ).


--
      Chris 'Xenon' Hanson | Xenon @ 3D Nature | http://www.3DNature.com/
  "I set the wheels in motion, turn up all the machines, activate the programs,
   and run behind the scenes. I set the clouds in motion, turn up light and sound,
   activate the window, and watch the world go 'round." -Prime Mover, Rush.

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Daniel Ouellet
In reply to this post by Antonios Anastasiadis
Antonios Anastasiadis wrote:
> well, If you are not happy with the SMP performance in FreeBSD you
> won't be in OpenBSD either.
> Also, MySQL performance is worse in OpenBSD due to the threading
> library used, I would suggest to wait at least until rthreads are
> complete and stable if you must make the switch nevertheless.
>

I have been using it for many years and I wouldn't run it on anything
else thank you! many servers (7 MySQL ONLY) at the last count, and if
you have some issues, may be it would be very wise to spend just a
little bit of time to find out why! I did and I can only tell you that
so far, the ONLY place I don't run OpenBSD is on 25 Cobalt boxes because
it doesn't run on a MIPS in that box and these boxes are mostly for fun
anyway, and on some VoIP servers only because the software there is
design to use specific Solaris stuff! All my other servers, many of them
ONLY run OpenBSD for everything, even routers that replace Cisco!

I am of the opinion like many here that use what's for the job, but so
far, other then the above, I found NO reason not to use it yet!

Even performance is great if you just get down to it! If you use a shit
load of web server for example and that's doesn't keep up with it, well
it doesn't, but even that, I use CARP for sleeping well at night just in
case and load sharing between many servers. Need more for traffic, I
just pop in an other servers and keep going with the same array.

I am not telling to use it for everything, use it for what you see fit,
but I can tell you for my business, I only use it for many years now and
NEVER looked back!

Anytime I had any real issue, I send informations for the bug and it got
fix pretty darn fast thank you!

If I had any issue on performance, I check my setup and configuration.
Most likely I didn't think about it properly.

And you know what!

So, far all the issue and performance impact I have seen ARE in many
cases cause by someone not sticking with the ports packages, or what to
install something else on that box like Apache 2.x etc! Just because the
release of any software is the latest one and someone wants to tell his
friends that he runs the latest of what ever doesn't mean it right! Any
yes, all the knobs tuning shit will affect the performance NEGATIVELY.

So, I still as of today didn't see a single case where not using OpenBSD
affect me negatively yet! I tested the first time with 2.7 and then
started to buy CD's as of 2.9 and stick with it ever since.

All servers run OpenBSD here!

Only exceptions to default software are Qmail instead of sendmail and
DJBDNS instead of bind, but that's about it. And I can tell you,
maintaining the updates on software install with the new packages
sysstem is so darn easy too!

I really got a bit upset with the lists of comments that spread FUD on
the subject. Don't use OpenBSD if you don't want to, but that is NOT
because it is not up to the job by no mean!

Signing off!

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Daniel Ouellet
In reply to this post by Marco Peereboom
>I'm not saying that having a blobbed driver in-tree would be an
>improvement - however, a machine that runs is likely to be an
>improvement over one that doesn't, at least for a while (because, as
>pointed out, bugs like blobs).

I prefer looking at what's supported first and asked questions on the
list about it BEFORE getting it and STICKING with supported hardware and
EVEN lately, I go as far as ONLY getting hardware that is friendly to
the project now, meaning providing documentations, etc.

So, if everyone would do the same, I bet chances are that we might see
more documentations available for various project, but hey, that's just me!

The bottom line is I don't get hardware that is not supported by OpenBSD
an by the way, ALL my Adaptec RAID shit is in the trash from last year!

No more Adaptec here.

Reply | Threaded
Open this post in threaded view
|

Re: When would you NOT use OpenBSD?

Donald J. Ankney
In reply to this post by Daniel Ouellet
On Apr 5, 2006, at 11:55 AM, Daniel Ouellet wrote:

>
> I am of the opinion like many here that use what's for the job
>

This is something that can't be stressed enough -- always use the  
tool that's most appropriate for the job.

OpenBSD can do everything other operating systems do. It's where I  
look first for a solution. But as a professional, my employer expects  
me to evaluate all of the available options and chose the most  
appropriate solution for a task. Vendor support is a sometimes criteria.

This is where OpenBSD struggles -- I can't expect commercial support  
for a product if I implement it in OpenBSD. It's not a technical  
issue; it's a market issue.

123