CentOS 6 EOLSaša Zgrabljić
As you already might know, CentOS releases are known to have very long life cycles (usually up to 10 years). However, they are bound to come to their EOL at some point, as is the case with their oldest currently supported release, CentOS 6.
CentOS 6 is scheduled to reach EOL on November 30th 2020.
If you’re using CentOS 6 on your machines, there are several options available to help you resolve this issue, which we’ll be covering further down this article. But let’s start from the beginning.
What is EOL and why does it happen?
Writing new software is no easy task. Helping customers shift to a new setup is also not easy, as you have to take a lot of details into account (such as compatibility, business impact, licences, etc.). Naturally, developers and development companies are quite keen on keeping their software and software versions alive and supported for as long as possible, releasing patches and fixing updates along the way. However, at some point, all software reaches a point where it’s no longer feasible, as efforts need to be shifted to more practical tasks such as providing security updates and developing new releases. And that’s when a release or software version reaches its EOL.
EOL (End of Life) means that a particular piece of software reached the point where it will no longer be supported. When we say supported, we mean the software won’t receive support services from that point onward, including new development, security patches, bug fixes, updates, or any other type of technical support.
But what happens if you use an unsupported version?
Risks of Using Unsupported Technologies
As mentioned earlier, CentOS 6 will reach EOL on 30th of November 2020. In practice, this means that any new bug or vulnerability found on CentOS 6 won’t be addressed. As a result, issues will accumulate over time, making the OS on your server less stable prone to vulnerability exploits. So what are the risks you might be facing if you continue using CentOS 6?
EOL technologies won’t receive any security patches from the providers, meaning they are left vulnerable to security breaches. According to Verizon’s Data Breach Investigations Report, 20% of analyzed web application attacks in 2020 were caused by exploiting software vulnerabilities (while the remaining 80% were caused by stolen or brute-forced credentials, which is also something everyone should pay attention to!).
Security breaches can cause many problems, such as downtime, data loss and in turn, financial repercussions, and must be avoided at all costs.
Even though this is very much connected to the security section, we believe it requires a special mention due to the gravity of potential consequences resulting from a security breach.
Considering EU companies (and non-EU companies doing business with EU companies)have to pay special attention to their customers’ data due to GDPR and HIPAA regulations, legal liability resulting from a data breach can be catastrophic. The inspection and investigation process is time-consuming, and the fines are usually very hefty, meaning such a breach can cause lasting damage to a company. Not to mention the possibility of further lawsuits, depending on the severity of the breach.
Running applications on an outdated operating system can be problematic, as most new software requires an equally new OS behind it. Most modern technologies rely on interoperability to achieve operational efficiency, which might not be possible when using an unsupported operating system.
What can you do?
At this point, we’re sure we’ve convinced you that running EOL software isn’t the best idea. So what can you do about it?
Migrate to a newer version of CentOS
The only recommended thing to do at this point is to migrate to a newer version of CentOS.
If you have limited resources available, or your application requires a lot of alteration to migrate to a newer OS version, we recommend CentOS 7. The transition will be smoother, and you’ll still get the benefits of having a supported OS for a while longer, as CentOS 7 will be supported until June 2024.
However, if possible, it’s better to upgrade straight to CentOS 8. CentOS 8 offers better security and other technical enhancements compared to its predecessor and will prove a better option in the long run. CentOS 8 will also remain fully supported until the end of May 2029.
CloudLinux OS 6
Another alternative, albeit we cannot recommend it as we haven’t personally tested the extended support for EOL, is to look into CloudLinux OS 6.
CloudLinux will continue offering extended lifecycle support for CloudLinux OS 6 through 2024, which gives customers more than enough time to prepare for a migration to a newer OS. For more details, look into the CloudLinux extended support website.
Considering CentOS 6 is near its EOL, it’s time to look for alternatives. As we’ve explained in this article, keeping unsupported software is never a good idea, and we recommend upgrading to a newer CentOS version.
Think of it as an excellent opportunity to refresh your infrastructure and get something better for your buck. Considering we’re quite experienced with such situations, we’ll be happy to help – feel free to get in touch with our specialists, and we can help you migrate your infrastructure or help you design a brand new one.