Slashdot Mirror
Large Scale Management - Linux vs Solaris?
A not-so anonymous, Anonymous Coward asks: "I work for a college that offers undergraduate computer science classes, and the school would like to add a new lab with about a hundred computers for students to use, for various class projects. After some non-trivial effort, we convinced the school to set up a Unix lab rather than a Windows one. However, we can't decide whether to go for Solaris or Linux. Regardless of the cost of hardware, I couldn't get agreed with my colleagues about the amount of efforts required to manage a hundred of Linux PCs vs. a hundred Sparc boxes. I believe that there are many Slashdot readers are actual managers for labs like this if not in large scales. What are your experiences of managing Linux PCs versus traditional Solaris boxes?"
"My detailed questions are:
1. Compared between these two different systems, how easy to maintain the software for all these machines (including re-installation, patching, and updating)? What software do you use to make these management jobs easier?
2. Are there any fundamental differences between managing a large group of linux PCs and managing a large group of Solaris boxes?"
And with Knoppix. Just burn new CD's when new releases come out. No need for hard drives. Students that use the computers can get portable USB drives.
Here at WVU the CS department went and put Linux on all the Sparcs (and the NT boxes as well). The Sparcs were running Solaris for the 3 previous years I've been here, plus for who knows how long before that, so take that for what you will.
"I think that when you become a Republican, you don't get to score any more." -- Butt-head
As far as how we manage our clusters, the answer is the same for Solaris, Linux, and for the matter Mac OS X: radmind. Check it out. It integrates tripwire and filesystem management. We use it for installation, patching, and updating.
:w
The Michigan State University Computer Science department has managed both. I do not personally know how the admins found the machines to be, so you'd have to contact them. I do know they had two Linux labs and cut it back down to one, but I don't know the reasoning (or if it's still that way). I'll refrain from speculating because I don't think that would help any.
Hint hint to all the budding Linux advocates who have no experience managing labs of any machines, let alone these two specifically... speculation isn't really useful and this is a really specific use case. With computer science users you have to assume both "knowlegable" idiots, and some quite knowlegable malicious attacks.
For a specific latter of the former, we'd do OS projects that involved using the operating system support for semaphores. In Solaris (at the time we were doing this, I don't know about now), there were a very specific number of semaphores that could exist, and since certain parts of the operating system also used them, a single poorly-written program involving semaphores could easily consume them all. "Knowlegable idiots." (I didn't actually do this, but only because I caught my error while I was compiling it... if I'd run the resulting executable I'm about 80% certain I too would have DOS'ed the machine... definately a "do it early" assignment! This class, IIRC, was eventually allocated the aforementioned Linux lab because they kept hosing all the other class's homeworks, which were typically all due at midnight on various Mondays.)
As for the latter, I'm sure you are all aware of the number of security vulnerabilities in things that involve having console access or other otherwise "legitimate" access to the system.
SCO owns all *nix (or so they say).
Pay them $699 per box before mid October.
But only if they can provide the best *nix with full technical support.
Before you sign do due diligence to verify that their lawyer to techie ratio is less than 30 to 1.
134340: I am not a number. I am a free planet!
^^^^^
goatse troll.
...Linux largely wins. The Solaris kernel is much more mature than Linux (instantly earning me a boatload of kneejerk flames on slashdot), but their userspace tools are crap. The desktops shipped with Solaris are ugly and awkward to use, and getting KDE or Gnome to build and run properly can be an exercise in frustration if you're not familiar with Sun's way of doing things.
On the flip side, installing a hundred Solaris boxes is trivial using their JumpStart programs. A new client system RARPs an IP address from the server, downloads a small kernel from the server, NFS mounts a copy of the installation packages from the server, and does a hands-free install. It's extremely flexible and has been ion production use for years. For Linux you're stuck with walking around with CDs, or using some kludge from sourceforge, or a less-well-tested solution like whatever redhat uses.
Along the same lines, Sun's patching utility is designed with remote-boot or diskless clients in mind. You apply the patch once to the directory tree being used, and you're done. Something similar can be done with diskful clients. Linux binary packages mostly assume that the machine is on its own, so each box will want to download from a remote site and store a local copy, leading to atrocious workarounds like an NFS-shared /var/cache.
Honestly, it doesn't make much difference. You'll be writing wrapper scripts and custom solutions either way. The difference will be in other factors, like cost of hardware or price of support or political games with the rest of the organization. Having managed groups of both kinds of systems in a production environment for years, I would probably recommend Linux to someone who is asking for recommendations. Not because it's inherently superior, but because you seem more comfortable with it.
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
That's the way I do it at work, all the machines boot off the network and pull their entire filesystem down from the server with rsync.
Makes the machines very very easy to keep updated (via chroot on the master image server) and practically indestructible.
The increase in my workload when going from supporting it on around 250 machines to around 400 machines was approximately zero.
Ah, I too have experienced this dilemma. A bird in the hand is better than two in the bush. Call her back, caress the soft nape of her neck with a gentle brush of your lips, slide the back of your fingers lightly down the side of her smooth tan stomach. Plus, if nothing else, just cut the lights and pretend she's the other girl you lust for.
Patching on solaris sucks, userspace programs suck, CDE sucks. Plus, it's more expensive.
Use linux. It's free, has several excellent desktops out of the box, and it just plain more "academically interesting."
Someone mentioned radmind for managing it, it works well. You could also do some fancy work with shell scripting and ssh, I've used this to manage large mail clusters.
Need Free Juniper/NetScreen Support? JuniperForum
But a hand in the bush is better than two in a bird.
Apple's prices for higher education are quite reasonable, especially compared to low end Sun-Solaris-Sparc. What say you?
--Paul
My college uses 64 Sun Ray's attached to a E450. It works flawlessly. They system is able to handle the loads just fine. Haveing a Sun Ray environment enables them to have a central point in which they can upgrade and patch rather than having numerous machines in which to admin.
"I couldn't get agreed with my colleagues"
You may work at a college, but did you actually bother to attend one?!
-psy
Stanford has Unix cluster with 105 machines in one room, plus a few smaller sized clusters. I'm sure there's plenty of documentation if you search for "Sweet Hall".
list of machines
In my opinion, go with Linux. You'll generally get more bang for your buck than with Solaris workstations. Unless you've already invested a great deal in classes based on Solaris, I strongly recommend Linux.
I actually run a much smaller lab of 12 workstations of Sun Ultra 5's, and we're running Aurora Linux (link). In my opinion, we'd be much more happy with Intel hardware running Linux, it's more upgradeable (our lab was set up in 2000 and the computers are already too slow to run applications like Mozilla). The main reason that we're running Aurora is that we know and like RedHat Linux, and nobody ever liked working on CDE.
Perhaps things have changed since Solaris 8, but I truly think that Linux is the way to go for a situation like this. Perhaps you could compromise go with Sun boxes for your fileservers and other servers that you set up in the future.
My blog
I agree with you. Using either kickstart or sysimager to dole out custom Linux installs with all machines running autorpm to a local update mirror. That way you can simply put all the new rpm's that you'd like to have on all machines and let em pick it up in the morning.
Can I get an eye poke?
Dog House Forum
I'd honestly prefer linux. Three reasons:
1) Home Use: It's something you could give people to use on their own computer. The knowledge they learn using Linux in the lab won't be lost. They can go home and install whatever distro you choose if they wish. Whether they do their project in the lab or in the dorm room, they can have exactly the same setup -- if they so choose.
2) Better user interface. Sure you can install Gnome on solaris but most people hoenestly don't.
3) Better Performance/Price ratio: Price is always a factor and is correlated with performance. I couldn't stand the way matlab ran on some solaris blades which weren't updated due to cost. I eventually sucked it up and installed it on my own machine because I couldn't stand waiting literally five minutes for the machine to tell I made a syntax error. (And to all you profs out there: please, PLEASE, test your projects. My class was assigned a project using an (O) N^N algorithm. He hadn't attempted implementing the method, but it would've taken well over 3 months on a 20 proc Sun machine to run our assigned data set.)
-- Political fascism requires a Fuhrer.
I don't know if it means a whole lot to you, but the computer labs at UC Berkeley use Solaris and Sun Rays (little dumb terminals.)
The package has worked very well for me as a student, and I would think/hope that Sun Rays are cost effective and an easy boxed dumb terminal solution. (Since I've never had such a demand, I don't know how much they cost and such.)
Our web site also runs on Solaris.
I find it rather ironic, but I somewhat thought how appropriate it would be that we'd use a BSD of some sort. Speaking of which, you should really look at BSD as an option -- it isn't nearly as edgy as Linux, and when you're hacking away on the common file server you do NOT want the thing to crash on a few hundred rabid CS undergraduate students close to deadline.
My vote:
-Solaris for a paid for good dumb-terminal option (Comes with the benefits of cost/having to maintain one server, and the obvious downsides of the server failure...which shouldn't be too hard to prevent if there is good supporting staff for that one machine)
-*BSD is more solid/mature overall but may require some more screwing around with and doesn't offer a nice, out of the box, trouble free dumb terminal solution as Sun Rays do.
-Linux is fine, lots of people use it personally and we have many Linux support groups, but for the big servers that have to be solid more than perform at the bleeding edge, I would put a cautious vote against this vs. the other two options above.
Lastly, thank you for fighting and not selling another CS lab to Windows. Students I think will be better prepared at large when exposed to a non-toy operating system and are forced to use it to at least some productive degree. I myself log in via SSH from an XP box and run Exceed (X Windows server), start up emacs, and between that, a GDB buffer, and the terminal, I may as well be sitting at a lab computer. (with lag, as would be expected but not bad at all)
Personally, I'm replacing all my decent Linux systems with FreeBSD now.
I find it way easier to maintain and keep uptodate - and that without losing stability.
For system updates, you recompile it on one box, let the other systems mount the src folder via NFS and install the files.
Same is true for the ports (i.e. all the additional software). The portupgrade(1) tools make software management *very* easy.
If you don't want to reinstall from scratch once a year, you are on the good side with BSD: the system interfaces rarely change much, and upgrading even works fine between major versions.
Apart from that, BSD has
- way better NFS support than Linux, especially when it comes down to stability
- a great community. People on the mailinglists are both very helpful and inspiring.
- a long history regarding universities.
HTH.
-- I love the smell of Blue Screens in the morning.
On the other hand, there's no reason you have to run Linux on Intel. You could get Macs, as one person suggested, or even load Linux on Solaris. Of course, if you get Macs, why not run OSX? Frankly, I think OSX is the nicest UNIX variant out at the moment, it runs everything you'd expect UNIX to run, AND it has two important bonuses for your purposes: (1) Microsoft Office available and (2) the NextStep programming environment (Cocoa), which is widely regarded as one of the finest ever made. It is also very managable, includes good and robust Java support, and Apple does a good job with updates and the like.
"He who would learn astronomy, and other recondite arts, let him go elsewhere. " -- John Calvin, commenting on Genesis 1
this guy might be a crude bastard, but he has a few valid points
You're going to read justifications from both sides of the fence, then all kinds of reports to discount assertions made by each side, plus random alternative advocacy for favourites like MacOS X. Your problem isn't picking "the best" option; it's that your team can't (or won't) stop arguing about it and while this drags on, the people you convinced to go with Unix over Windows will wonder if they couldn't have had a W2K network in the same time.
Face it, when you pick one then you'll have to make it work in a consistent, reliable and centralised fashion because you won't be going back. And you can do that with either Linux or Solaris because the solutions you want exist for both; in many cases, it's the same (Unix) software, like Cfengine. Don't spend too long worrying about which is easier or harder to set up and manage; once you've learned how with either OS, which you're going to have to do anyway, then it will be "easy".
Ade_
/
Big Bubbles (no troubles) - what sucks, who sucks and you suck
You see if the computers are simple desktops for the students to do office style work on then go with the cheapest solution. Lintel :)
If the computers are to be running specialised apps, maybe an IDE for development, research software then go with the platform that has the software you need. Obvious perhaps but it is a bit annoying when the software you use to teach doesn't actually run on the computers the students have.
However if these computers are to be used to teach student ABOUT computers then the only true solution is to have it ALL. Solaris, linux, windows (ewh) and of course Mac. Throw in the odd HP-unix and aix machine for good measure and just let the students get used to working on different machines. They will then be able to learn how to admin computers, not how to admin operating sytem X version Z.y.w
Remember mono-culture is bad. Of course saying this will get you fired :)
But really isn't high class education supposed to be teaching principles not actual techniques? I know that university level programming classes don't focus an a specific language but on the princicples of programming. Why should computer skill be any different?
As for ease of admin. Well images can be used to easily recover any fubared machine.
Sure the admin will be more complex, but can't you sell this higher cost with argument that your students will be ready to work in any enviroment they are put in?
Oh and if you are even considering solaris then I presume cost is not that much of an issue.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Non-geeks should be a non-issue.
This isn't always the case though.
I've certainly come across places where they've needed to make sure that the comptuer labs are useable as general-purpiose computer rooms as well as specialist labs.
TiggsTiggs
"120 chars should be enough for everyone..."
Single Vendor Support.
...
Hardware, software, servers. All one phone number.
It matters. Anyone who says it doesn't has too much free time on their hands.
A Sun system breaks, great, you call Sun, they come out and fix it. Then, if it was the HD that failed, you type "boot net - install", come back in an hour, and you have a fully working machine.
Besides this, if done right, a Sun lab is a "WOW!" factor.
When I attended Montclair State University, most labs were PC & Mac. We had one SPARC lab -- SPARCstation 5's & 20's.
That was the "WOW" lab. Whenever the Dean needed to take someone on a tour, that was the lab they stopped in.
And I have to tell you, as an undergraduate, it was DAMNED cool to work on Sun workstations
Forget that KDE/GNOME/whatever bullshit argument. CS students will use whatever they have. It's *GOOD* for them to get exposed to other environments, whether it be OpenWindows/CDE (as it was in my day... Solaris 2.5.1) or CDE/GNOME or whatever.
A desktop is a desktop. Forget this "it's familiar" or "it's easy" bullshit.
What difference does the desktop interface make to people who are majoring in CS?
If it does, they should reexamine why they're there.
If you are concerned with the educational value. I would suggest that you use both. Half Sun and Half Linux. Using Both platforms helps teach the students the difference and similarities between the two platforms. As well any programming differences. But the two platforms are similar enough to install the same set of GNU tools. You want your students to go into the market place with a good verity of platform knowledge. Plus if a class needs all Suns or all Linuxes they can just SSH to each other and open a remote X display for any GUI tools that they need. This helps encourage good platform independent programming.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
I am a former comp sci lab admin, and am currently a unix admin at a largish facility.
:)
1) How easy are they to maintain?
I've found them to be roughly equivalent on the software side of things. There are tools with each that makes it fairly easy. I think the linux tools are a bit more...widespread, perhaps. I've had extensive experience iwth redhat and their tools are pretty good. Debian also has a nice set, but my experience has been limited to fink running on os x (at least, my experience with apt). Reinstallation of linux pc's, from my experience tends to be faster by a fair margin, as well as patching. I use kickstart from redhat, and apt for rpms.
That having been said about redhat, I might think twice about them in the future. They are making it difficult for me to continue using them, since they changed their maintenance cycle. yes, I work at a big facility and we have a fair chunk of cash. No, we don't need to pay enough for another person just for new patches. Per year. We'll roll our own at that point. We'll see what comes out of the fedora project (fedora.redhat.com) and if we can use that. Otherwise, I think the next on our list is knoppix.
2) No real fundamental differences on the software side. On the hardware side, pc hardware is cheap, but then again, you can go to a local vendor and pick up parts.
Two ideas stick out from the discussion that I should like to mention. One, the idea of dumb terminals. For a computer lab, i really like it. There are linux mechanisms to do it (k-12 linux terminal server project being one specifically designed for schools) as well as the aforementioned sunrays. In either event, I like it a lot. It makes management easy, it prevents a lot of problems that you will run into with smart kids doing bad things
The other is knoppix. Not necessarily running in the machine (although that is an option) but rather going with a knoppix/debian at the lab (perhaps even on the terminals) and then being able to give a cd to the folks in the lab and saying "this is what we run, you can run it at home, and don't have to delete anything"
Ok, a third idea comes out as well. I like os x a lot. I've grown to like it as much or more than linux. I'd seriously consider that route. They do give some serious education discounts. The tools are there on os x as well. It's a good system.
-- Who is the bigger fool? The fool or the fool who follows him? --
...that you would be better served in a lab environment by using Linux over Sun. Here are the issues:
1. Cost - Obvious: Lintel hardware and software costs are _MUCH_ lower.
2. Maintenance - Lintel is again cheaper and easier to manage overall in a lab environment.
3. Tools - This is the major determining factor in my opinion. The tools available on Solaris are outdated and generally suck. In my past experience with Solaris, I found myself replacing the Sun tools with GNU tools and other open source software to the point that it was faster just to do a complete Linux install on a PC than to putz around with Solaris for days getting one box setup. This even though the base Solaris installs were being done with jumpstart. Replacing all those crappy Solaris tools with good GNU tools and other free software took some serious time.
4. Fun factor - Linux is considerably more fun to use overall; it's much more flexible, has a greater variety of software and runs on stock, generic PC hardware, thus providing the lab users with many options on what to do and how to do it.
5. Fear factor - Solaris is considerably more "bitchy" than any Linux box I've ever used. Read this to say "less tolerant" if the word bitchy sounds too vague. Also found that the information provided by the Sun tools in the logs was generally less useful (more obscure) and often required much digging through documentation. I often found myself complaining about "dinosaur UNIX" and making comparisons to my sweetly humming Slackware boxen.
I guess that about sums it up: "Dinosaur UNIX" vs. "State-of-the-Art Lintel"
Everything in the Universe sucks: It's the law!
Whatever you use, remember to use something that has been well-tested and is a standard. For Linux, I would suggest RedHat or SuSE, although at home I use slackware... Solaris is even better in that it doesnt change much even across versions and you can use Solaris 7 packages in Solaris 9, and there are plenty of packages, opensourced and commercial to go around.
If you are worried about performance or really low costs, just go with Linux or FreeBSD. However, as much flame-attracting as it may sound, Solaris is more stable than Linux while being less flexible. It suits large-scale deployment better than Linux.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
Or you could just jizz yourself to sleep, as usual.
And they don't have that many people doing sysadmin.
It's more of who is the sysadmin, how much control the sysadmin has over the systems and what the systems are for. And then there's the budget of course.
With Linux and the *BSDs a lot of the tools come free. If you're going Linux pick a distro that you find easy to do mass updates for.
We have a boatload (600+) of them at our school.
Good Things:
- Terminals are cheap (less than $400 a piece).
- Easy to administrate.
- Homogenous all over campus.
- Flashy smartcard so you can bring your session anywhere.
Bad Things:- Crappy, crappy CDE windowmanager. Yes, you can have Gnome, but apperently our admins haven't discovered that yet.
- SLOW under load. We're talking a full half second response time in matlab here, folks.
- Nowhere to stick CD's/floppys (but who needs those anyway?).
- People don't like them after a while, and thinks that everything UNIX is equally bad.
BoAs far as administration in general, RH has a few nice GUI tools if you like that but so does Sun. Both are good. The big difference is hardware cost unless you go with Sun on intel then hardware costs are the same. To get rhnd running on all your boxes you either have to register which could be costly (not sure) or do like I do and fill out their surveys every month. Have you thought about FreeBSD or one of the other BSD's? They are just as good as Linux and if the goal is to learn UNIX, the BSD's would require more learning IMHO than RH or Suse Linux.
Only 'flamers' flame!
Does slashdot hate my posts?
Better support and easier to use for real users than a Unix system.
> "boot net - install"
RedHat's KickStart utility does the same thing; we've got about 170 rack-mounted machines that can be cleanly installed from a KickStart file and RPMs mounted on an NFS share. Takes about 5 minutes (on a 100MB switched LAN) if you're only doing one machine.
The Army reading list
Here at Virginia Tech most, if not all, of the Unix labs are Linux. While this works well for classes, here in the multimedia lab (yes, really) we've had good experiences with FreeBSD. I'll be modded down endlessly for this, but the robustness of the operating system has proved itself far above Linux, where on some systems with oddish hardware basic functionality (like ps and ifconfig) crashes out of the box -- without ever touching the network, so a big fat "no" to those who will claim it was h4xored.
The ports system is really what I wanna talk about here. It makes system installation and maintenance super-easy for those with fingers and maybe a stick to type "make install clean" to install just about anything in our 9000-and-strong ports tree.
Also, the way that BSD is a "whole system" makes the issue that Linux is *technically* only a Kernel a non-issue; that is to say, you don't have to worry about say, gcc not being on a system, and if it's in the release, it'll play nice with everything else in the release.
As for straight facts:
1. People come in with their Student IDs which have a standard magstripe on the back. We have a little USB reader that acts as a keyboard device, so when you scan it in, it just types the student number, no special hardware required.
2. Our signin database (to keep track of which computers are being used) is just a PHP page linked into a MySql database that keeps tracks of what people are using stuff for -- more funding for great justice.
3. When we've checked them in, the page gives us an OPIE password that we give to them (these are regenerated weekly by the lab admin). OPIE keeps our systems secure (i.e., without one universal password) and allows us to control who gets to what, and when.
Compare that with the Dell boxes (such as the 2450's) running mostly Win2k but also Linux. I'm told by my co-worker that over the course of 4 years, we've had 3 disk failures, a SCSI backplane failure, and a fan failure. Between our Windows sysadmin and our desktop support guy, they *constantly* chant the "go Dell" mantra. And between myself and the other Sun/Solaris sysadmin, we're quite disillusioned with Sun's hardware.
From an ease-of-administration point of view, I used to think that Red Hat was a PITA for keeping all the RPMs up to snuff. Yeah, I'm aware of up2date, but have become a full convert of apt-get for RPM (http://freshrpms.net/). Now life is good. :) If you like Solaris, I suppose you can always go to http://www.sunfreeware.com/ and install pkg-get.
As an aside, check out http://www.infrastructures.org/ to get some good ideas on how to administer that size of an environment. And get on the mailing list; it's not too chatty, but when an interesting subject comes up, there's lots of great input.
Food for thought.
The postman hits! The postman hits! You have mail.
Once you've got that done, set up a cronjob to run "apt-get update; apt-get dist-upgrade -dy" every night. Check the output first thing in the morning, and so long as the output doesn't suggest that it's about to do anything silly, run a script to do "apt-get dist-upgrade -y". Now sit back and try not to get a cramp in your face from smiling so hard.
Now chant the mantra baby, chant the mantra: "apt-get is good, apt-get is great, apt-get is good, apt-get is great".... ;)
The postman hits! The postman hits! You have mail.
"I couldn't get agreed with my colleagues about the amount of efforts required to manage a hundred of Linux PCs vs. a hundred Sparc boxes."
OK, first up - Solaris doesn't have to run on Sparc. You can get Solaris for x86. So, that in mind, think - Do you want (to install and then support) x86 boxes *or* SPARC boxes? What does the rest of your infrastructure use? Is there a skills base for looking after SPARC stuff?
Next up - What apps do you want to use? Do they run on Linux, and do they run on Solaris? Do you have a killer app that must run, hence influincing your choice of O/S?
Next, what experience does the team have in supporting these different O/Ses? Having two people on staff who use Linux at home to play Quake and look at porn does not qualify as adequate experience for maintaining a network of Linux-based machines. Same applies for Solaris.
Looks to me like you need to sit down and properly evaluate what you've already got, what you need, how you're going to look after it, and how you're going to get there.
easy now.
Ali Flea.
This is why my current Dream Operating System [Actually Feasible Variant] is "GNU/Solaris" on UltraSPARC hardware. The Solaris kernel with all of its features, the SPARC hardware with all of its coolness, and the GNU userspace tools.
Alternative to the Solaris kernel, I'd like the Linux kernel but with a sane /dev and /proc.
I could tell you about my current Dream Operating System [Complete Science Fiction Variant], but what would be the point? :-)
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
Yes, but you don't have a serial-controlled Open Firmware from whence you can type that "boot net - install" ...
Someone needs to go over to the server and either a) Enable PXE;
b) Drop in a boot floppy.
Either way, it still requires physical access. If you have PXE boot turned on the whole time, you run some serious risks there...
bah. a simple ISA or PCI watchdog card with serial console will do all that in x86 for $100 or so. :
get this one
http://www.realweasel.com/pcivga.html
The advantage of Sun is more consistent and reliable hardware, especially the fact that you get a command line interface on the serial console and can do things like power the machine up/down.
On the Intel side management via serial port is available on many high-end boards, but it is in a state of continous flux and not consistent.
Having said this, as far as the OS goes, having once managed huge numbers of Sun, Linux and FreeBSD machines, I say FreeBSD wins hands down. I am not quite sure what it is about it, it seems that people who write it are the ones who use it primarily on the server side, and so very often when you're thinking of something and ways to do it, you often find that FreeBSD already has a utility for it of some sort.
grisha.org
If you want to go with the most secure, lowest administrative overhead, probably lowest longterm price, go with the Sun Microsystems SunRay "Appliances" against SunRay backend servers. This environment blows away Linux with respect to security and ease of administration (ask the DoD they have close to 400,000 SunRays installed). I used to work for Sun and have used these first hand. These types of appliances are the future!!! Lintel is the only way to go for home use, yet if you have the budget go with a real commercial solution that will be fun, not a pain to run . . . -Redline