A Case for Linux in the Corporation

_UnderTow_ writes: "Saw this over at Anandtech. It's a pretty descriptive account of a reasonably large corporation (7000+ employees) transitioning their network infrastructure over to Red Hat Linux. Has details of the company's initial move to NT, and their eventual move to Linux as the cost of licensing gets out of control."

Thousand linux cases here...

[joestar]

There are thousand cases of Linux uses in corporates (large and smaller ones as well) on MandrakeBizCases.com. Worth a look.

7000 email accounts on a single pentium box

The server may have been a little taxed, handling 7,000 e-mail accounts on a single pentium box may stress it a little, but other than e-mail taking a little longer to send the end users won't notice

I don't thing the box would've been taxed that badly... I once worked for a company that had 3500 email accounts on a single cpu, Pentium Pro 150Mhz machine with only 64MB ram and running FreeBSD and it did just fine. We typically had 1800-2000 concurrent users getting their mail via POP3 from that box at any given time during the business day. I can imagine a modern P-III or Xeon box pushing close to a GHz speed and hundreds of MB's of today's cheap memory with fast Ultra160SCSI disks running Linux or FreeBSD could handle thousands of simultaneous IMAP/POP users with ease.

Re:I'm not a great NT admin, but...

[ostiguy]

1. Any shop with over 5 identical machines should have Ghost or Drive image. You install the OS, apps, etc. Make an image via a network boot disk. Put boot disks in machines, boot to them, blow image on. Change SID, rename machine, reboot. Add to domain. Done. All the big cloning software packages support multicast as well. MS also provides some tools

2. As the tech lead here, I am responsible for licensing. Yeah, its not fun. But most enterprise software isn't fun either. Recently I spent some time trying to figure out what getting Solaris 7 would cost us if we acquired a machine that could run it - remember, Solaris 8 is free and downloadable - 7 isn't.

3. Terminal services are viable for NT/2k. You can run apps centrally. It requires serious horsepower at the server side, but people are doing it. That is another way people do app installs and licensing - if you have 50 offices, and 50 comptrollers around the country, make the client binary accessible via terminal services. Centralize the server, and just install terminal services client for those 50 people. Upgrades are a non issue after that.

4. Application installs - login scripts, as well as all kinds of software packages. MS SMS is a serious package you can do inventory, software pushes/distribution, etc with.

Office and OS licensing could be MS's downfall. Basically, you need a quick to install xclient that would allow complete office functionality through it. Its gettting to the point where OS + office + client access licenses cost as much as the client pc. If you can offer a (not really, centralized computing aint new) new paradigm that allows the existing machines to sit as they are, without cutover costs, you have a winner. I don't think network computers will really take off because the price differential between them and real pc's keeps getting worse.

ostiguy

Re:I'm not a great NT admin, but...

[sheldon]

"What if I had to do 700 of these things? "

You would automate it, either with Ghost or sysprep or RIS, etc.

"Imagine a Linux network where applications are all stored on central file servers. "

Yes you can do that, but you'll have to upgrade your network to 100baseT to the desktop, switched to gigabit in the closet with each closet having a file/print server that did nothing but provide the read-only executable content to the clients.

I don't need to imagine because we used to do things this way. As the computers became faster, this way of doing things became less and less efficient. Actually it became less efficient about the time Pentium's first came out in '94.

"What would an enterprise level apt-get look like? "

That's the RedHat Network. Their service they charge $20/month per desktop for.

"We, on the other hand, can deploy a desktop that will download our diagram program on the fly when someone clicks on the file icon. "

I assume you are speaking of Windows 2000 here, as that is the way it can operate using Windows Installer Services.

Re:I'm not a great NT admin, but...

[SuiteSisterMary]

But aren't individual machines supposed to have their own license numbers? With their new activation technology, isn't MS going to start making it impossible to slide on this?

No. Take any Microsoft product of recent; say, anything from office2000 up. Probably even earlier, but I can't say. Drop to a cmd prompt, and navigate to the setup program. Then do a 'setup /a' and watch, as in beautiful majesty, the software makes what is called an 'administrative install' which preconfigures the license key, company name, and all that stuff. Then it installs it to a designated location, such as a network share. Then, go to microsoft.com, find the Resource Kit page for your software, lets say Office 2000 again, and download the core tools. You'll likely find something called 'custom install wizard' which you run against this administrative install. This will then take you through from 1 to 40 wizard pages where you customize anything and everything about the install. When it's done, you get an MST, or Microsoft Setup Transform file. Then, using a command such as

\\myfileserver\myinstalls\office2000\setup TRANSFORMS=mytransformfile.mst /qa-

you'll get an install, preconfigured, no user input. Just progress bars. Then, using something like SMS, Zenworks, Tivoli, whatever, you automate the installation of these.

Re:I'm not a great NT admin, but...

[MikeRepass]

This draws from my experience administering WinNT 4 and 2k so I might miss lots of things (please flame away), but there are a variety of options for remote installation and management of machines in a Win2k environment.

First, there's the RIS system, which allows you to set up a server with a custom CD image (the normal Win 2k Pro image works fine but you can also slipstream service packs and updates as needed). Then, you create boot floppies. So long as you make a machine acount with the proper MAC (captured in the GUID) address of the machine you want to build, you simply boot from the floppy, it finds the RIS server, and builds itself. You can set up scripts to install/customize applications once the machine build is complete.

After that, the Active Directory can be used to advertise policies, which can inclue software updates, service packs, and a variety of things. I don't have much experience there, so maybe somebody else can offer info.

Finally, the big end-all of Microsoft distributed network management is SMS, this behemoth (which is as difficult to administer as Exchange) not only provides a huge SQL DB of all inventory information, but you can use it to distribute and control practically any possible software update necessary, such as remotely instructing a machine to upgrade itself from Win98 to Windows2000 at 4:00 am (or after the user logs off if someone is logged on at that time).

In short, and its difficult to say, and I'm in no way a fan of Microsoft (running Debian for two years now), but Win2k does actually provide a robust and featureful means of remotely managing computers. And quite naturally, there are components for license management. The problem is, it's all so complex. In my group, we looked long and hard at SMS, and even licensed a copy of BackOffice, but we soon realized it was just beyond our scope to implement. It's hard to make the senior guys understand that in order to keep the machines up to date, you need to hire as many additional people as you do for email (Exchange). They say "but what did we hire you for?" The tools Microsoft provides are very powerful, more powerful than I think a lot of people realize, but they're just so complex that I don't think they offer much to the worked-his-way-up-from-tech-support-admin. It takes months of planning and education to successfully implement and maximize any of these options, and I don't think many organizations can spare their top admins for that long.

This is where I think GNU/Linux (specifically Debian) has a great chance, one I'm aggressively trying to push in my organization. All one has to do is set up a server with the debian mirror scripts, run an in house mirror that updates nightly (be sure to make a reasonable contribution if you're gonna be downloading a lot). Then, using simple bootfloppies with some scripts, you can boot and build machines with minimal configuration, which then download and install everything from your local mirror. All you have to do is set up the appropriate servers, once again easy with debian, have each machine mount /home off of a share somewhere, and you're good to go, a robust and nightly updated (simple cron jobs) system.

To me, apt-get is a next generation tool that significantly alters the paradigm of computer usage. Once you make the switch to apt, you never go back. It completely alters how one looks at building, managing, and upgrading PC's, and I think it, along with samba, are the two best selling points to Linux in corporate IT world.

Wow, sorry to have gone off a bit here, but it's Friday and I'm bored. As always, these are just my opinions, and your mileage may very. Feel free to flame away, I'm interested to hear what people have to say.

Mike

Author's comment about the company named in the ar

[ctid]

Just in case nobody has posted this yet, the author of the article at Anandtech explains that there's an NDA in force. It'll be eighteen months before he can reveal the name of the company. You'll have to search for "Paul Sullivan" to see his comment.

Failure is its own reward.