So now what distro are we running for LTS desktops?
Ubuntu has too many problems for me to want to run it. However, it has occurred to me that there aren't a lot of distros that are like the Ubuntu LTS.
Basic requirements for a LTS:
at least 2 years of support
semi recent versions of applications like Chrome and Firefox (might consider flatpak)
a stable experience that isn't buggy
fast security updates
Distros considered:
Debian (stable)
Rocky Linux
openSUSE
Cent OS stream
Fedora
As far as I can tell none of the options listed are quite suitable. They are either to unstable or way to out of date. I like Rocky Linux but it doesn't seem to be desktop focused as far as I can tell. I would use Debian but Debian doesn't have the greatest security defaults. (No selinux profiles out of the box)
Honestly, we (a large Fortune 500 company hosting sites serving between 250m and 500m unique monthly visitors) have standardized on Ubuntu LTS and Rocky Linux. Both have been rock solid. Kubernetes and other things that need regular updates and patches (aka things that directly power forward facing apis/sites) tend to be Ubuntu and the rest Rocky. We do NOT however run any ui’s or browsers or the like on them. I highly recommend against doing so on any server.
If you mean desktop, we tend to not use Linux for desktop apps, instead going with MacOS and Windows with group policies and forced updates. Definitely prefer the stability of MacOS over Windows, but both have their place in the enterprise. When I was running a Linux desktop there, it was Fedora Silverblue. Snaps are not my friend.
Hey just to ptich in my two cents. Our shop is running a very similar setup (Enterprise FinTech, MAU is around 100-200m across all sites), with Ubuntu and Rocky on k8s with all workstations running MacOS and Windows since compliance policies are easy to apply to both. I can vouch for Ubuntu LTS given other options. Doesn't require a support contract, really solid security patch cycles and everything runs without issues.
Also unsure of using Linux as a workstation solution since at the time of setup, all the viable distos required you to either manually roll a compliance solution, or use their specific sometimes built-in solutions (see RHEL). That may have changed in the passed few years though.