Since I started studying linux in my graduation, It has been the basic and only choice for me when talking about setting up network services, even though I prefer to use Windows as my personal computer operating system. Linux has the advantage of being open and free, you can set your system as any way you want, make changes as required and has a large community for support. On the other side, Windows has a team managing and upgrading every detail, it’s a lot easier to setup and manage, doesn’t require too much knowledge of the under-the-hood workings of the system for you to perform the tasks you need.
For a long time, I had the though of “why would I pay for something I can make with a free option?”. The reason stroke me like a lightning when I was about to leave my current job for another oportunity, and basically most of my team doesn’t have any idea on how to operate the services it took me years to build up on the servers, even though they have at least minimun knowledge of the Linux system administration, and even though I’m leaving a 14 pages Google Doc explaining how to manage each of the services and how the servers were built. During a talk with IFSP’s current Infrastructure director, he told me about his experience at a huge health assurance company from Brazil as a network administrator, and how a new IT manager would simply talk him out to change everything he had done in Linux to a Windows Server-based network. Even with all the resistence, that was the first time he could go on vacation without being called or having to worry about work.
About Linux servers
Nowadays, there’s plenty of distributions that could be used for Linux network servers: I think Ubuntu server is one of the most common and well maintaned out there, but there’s also plenty of space occupied by CentOS and RedHat Enterprise Linux (RHEL), OpenSuse and even Debian. The main idea here is: take all that’s unnecessary out and leave just what’s basically useful for an OS to operate without consuming too much resources. For example, it doesn’t make any sense to set up a Graphical User Interface (GUI) for administrating a machine that’s focused in running services. With the Cloud computing paradigm, the more lightweight and the more portable and scalable your solution is, the better, so try to min out all that’s unnecessary.
You can roll up services in basically 3 ways: (1) bare-metal, where you install your operating system directly to the hardware and there you install your services; (2) Virtual Machines, where you have a Host OS to run your virtual machines with guest OSes that’ll have your services installed; or (3) Containerized, where you’ll set up a thin bare-metal OS (like CoreOS) to run your containers with your services. If you’ve read my post about containerizing applications, you’ll already know that the third option is the most suitable for the Cloud Paradigm, but it doesn’t solve everything, so you’ll probably still need some VMs or bare-metal systems running in your topology.
There’s also other paradigms on how to deploy your servers from your infrastructure: If you think you’ll be spending too much money on keeping your systems up against power-failures, network failures, thermal failures or other adversaries to your system’s availability, then you can consider using a Colocation service provided by a nearby Datacenter: you’ll pay a monthly fee to keep your server running there with the minimal accesses required for you to administrate it, but with all of the availabilty requirements covered by the Datacenter infrastructure, even from other risks like security policy, natural disasters and theft. Of course, thinking on a higher abstraction level, you can also have the Iaas, Paas and Saas options from public cloud providers to use in your solutions. The most important think is: analyze the cost of all options before choosing one. A lot of companies are migrating their servers back to their headquarters, because they found out it makes more sense and is less expensive to have then on-premises with them handling all the availability risks, than in a Cloud Provider.
About Linux services
When you think about managing a whole administrative domain, there’s plenty of services required to enforce your policy and administrative tasks: You’ll need to handle users, shares, permissions, network resources, computers, usage and security policies, authentication methods, and several other things. Windows just gives you out-of-shelf solution for everything: Microsoft’s Active Directory, that deals with all these things for you with an easily manageable GUI for you to administrate everything. Linux has a “close” solution for that: it’s called the Samba server. “Samba”‘s name comes from the protocol Server Message Block (SMB) used by Windows in it’s earliers versions (Server 2003 and behind) to handle network access to shared resources.
Both Samba and AD is actually an implementation from serveral network technologies: it uses LDAP as a backend database for network resources; uses Kerberos as an authentication and authorization solution for users and resources, even encryption key management; Uses RADIUS as a AAA broker for services (like Wi-Fi authentication) and audit; Uses the SMB protocol for network shares and uses the DNS protocol for domain services and resources naming. Both implements the GPO (Group Policy Object) technology to enforce system policies in the domain’s workstations and users. They also have some clusterizing technology for multiple domain-controllers in a network to share state and high availability. And since Samba version 4 is compatible with the AD infrastructure, it can also be mostly administrated with the Remote Server Administration Tools (RSAT) maintained by Microsoft.
There’s also other services that usually has to be deployed in a company network, like the Dynamic Host Configuration Protocol (DHCP) deployed in Windows Server natively and on Linux through the most common ISC DHCP Server (Internet Systems Consortium), for dynamic host configuration; the Web Server available in Windows through the IIS (Internet Information Services) or on Linux through (several) implementations like the Apache WebServer, the NGINX web server or other minimal HTTP(S)’s server implementations. Database, depending the kind of data you’ll be storing (like relation, non-relation, key=value cache, and others) can have a lot of different implementations, like MySQL/MariaDB, PostgreSQL, MongoDB, Redis, MemCached, Cassandra, etc.
As a network administrator, you’ll need to find what best suites your needs and deploy your solutions to attend your administrative policy needs or your users’ needs. The most important thing is: always study what you’ll be deploying, always keep yourself updated to the most recent technologies, have no fear of trying new solutions and the most important of all: document everything you do. You’re not alone in your company, you’re probably not the first to be in this role and probably won’t be the last. So keep it documented!
That’s all for now, folks!
I now I’ve not been using images in my topics. They’re usually just coming out of my head and I can’t spend much time in drawing the diagrams and models to make my explanation easier. For now, just hope you’re enjoying the content and please, share your opinions in the comments session below!