CentOS releases are famous for their particularly long life cycles. However, every Linux distro inevitably reaches EOL (end of life). EOL means that the Linux community will no longer release security patches. As a consequence, your kernels can be easily compromised by unknown vulnerabilities.
While it is obvious that using CentOS 6 after its EOL will result in major security risks, you nevertheless may still not be ready to migrate to a newer supported version of СentOS.
Five reasons to continue using CentOS 6:
- Migration to a newer release may simply be not the priority for your organization at the moment – be that a question of financial and time resources or a peremptory decision by the management.
- You personally may fully realize the scale of the overall nightmare that this move will bring to your work, especially if you have thousands of servers that need to be updated.
- It’s not a secret that CentOS 7 will become EOL in four years, and you refuse to put servers’ migration under your regular responsibilities.
- Of course, you could upgrade to CentOS 8, but let’s face it: it is neither popular nor stable enough, so it is therefore not worth the trouble.
- Finally, your old servers may simply refuse to keep up with an upgraded OS.
What will happen to your servers after November 2020?
Although you have your valid reasons for sticking with CentOS 6, the future is inevitable. On November 30, 2020, there will be no more automatic security patches or bug fixes. In order to keep your servers updated, you will need to monitor special repositories for updates and install them manually. This sounds like a plausible solution, but you have to consider two significant drawbacks:
- You will have to do it manually, which adds a burden to your workload.
- Do not expect prompt releases of new patches. Whilst they are in the making, your kernels remain open to all darknet threats imaginable, e.g. stolen data and lost business opportunities.
CentOS 6 Extended Lifecycle Support and KernelCare Bundle
How can you change these bleak scenarios? You can turn to third-party vendors and buy Extended Live Support (ELS). After that, all you have to do is run one command to add a new repository file, and just like that, you will get kernel security updates for CentOS 6 through June of 2024. CloudLinux ELS, in particular, will provide you with updates to cPanel and other packages critical for web hosting, for example, Apache, PHP, MySQL, glibc, OpenSSL, OpenSSH, Zlib.
What will KernelCare do to keep CentOS 6 servers protected against vulnerabilities?
You can get extensive security support that addresses all current and emerging CVEs with KernelCare. Plus, it includes up-to-date kernel patches if you opt for the CentOS 6 ELS + KernelCare Bundle. The integrated KernelCare patch system will automatically detect, download, and deploy hotfixes to all servers, saving administrators’ time.
More importantly, KernelCare will do it live without the need to reboot. KernelCare is self-sufficient on its own, but also compatible with all DevOps certified patching tools you may already use, like Ansible, Puppet, SaltStack, Chef, Spacewalk, and Yum. You can deploy KernelCare through them for immediate installation on all servers or distribution with no internet access.
Sticking to CentOS 6 after its EOL is a sound decision, but it requires extra precautions on your part. KernelCare + ELS for CentOS 6 Bundle will help you keep production Linux systems updated and secure, plus it will address every currently emerging CVE. This Bundle will prolong and advance the security of your Linux systems.
To get Extended Lifecycle Support for CentOS® 6 that includes KernelCare, fill in the form on this page or simply contact the KernelCare team at [email protected]. A dedicated manager will get back to you to talk about your organization’s particular needs for post-end-of-life CentOS® 6 security.
*The CentOS Project has not endorsed and is not affiliated with KernelCare or the Extended Lifecycle Support for CentOS® 6. CentOS® is a registered trademark of Red Hat, Inc.