It sounds crazy, but our CentOS 6 servers (which run 2.6.32) using CloudLinux 6 ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jasongill on March 29, 2022 \| parent \| context \| favorite \| on: Linux: Vulnerabilities in nf_tables cause privileg... It sounds crazy, but our CentOS 6 servers (which run 2.6.32) using CloudLinux 6 ELS (which provides kernel hot patching for vulnerabilities like this, plus continued security updates for Apache, PHP, MySQL, Glibc, OpenSSL, OpenSSH, etc through 2024) are our most reliable ones. It's given us a couple years more breathing room to let the Alma/Rocky debate settle and work on migrating legacy applications to newer platforms without having to stress about being on an unsupported release.

lanstin on March 29, 2022 [–]

It is ok until new hardware is purchased that won’t run on the older kernels. For pure VM stuff, the 2.6.32 s fine (Go supports it without patches) but the newer kernels have much better scheduler and other cpu optimizations. I saw about a 25% efficiency gain from upgrading to 4 series kernels after specter etc.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact