Why I’m ditching Centos for Ubuntu

I’ve recently made the leap from Centos to Ubuntu. The biggest reason for the move is a change from a distribution such as Centos 7 upgrading to Centos 8 Stream. It’s characterized as a rolling collection of changes that will be coming to Red Hat Linux. For more on the changes, there is a really good article here.

Setting aside the slipstream of changes coming, the primary reason for moving to Ubuntu is the version of OpenSSL included in it. I’m currently doing some research on different DNSSEC signing algorithms and OpenSSL 1.0.x doesn’t support Ed 25519 (algorithm 15). Centos 7 installs the OpenSSL 1.0.x train of code, which would require upgrading OpenSSL on the whole system. Since it’s so intimately interconnected with all of the operating system, the risk of breakage for the entire install is too much of a risk.

Ubuntu (I’m working with 20.04 on AWS Graviton processors, ARM under the hood) deploys the 1.1.x release train as an integral part of the OS (1.1.1f as of this writing). This supports the algorithms I need.

More importantly, it moves away from the constantly changing code base of Centos 8, which is a good thing.