Linux usage in a domain/workspace
Posted by Plantatious@reddit | sysadmin | View on Reddit | 48 comments
Linux sysadmins, what are some of the most common uses of Linux-based servers you encounter?
I'm a Windows sysadmin and I'm looking to learn about Linux environments. There's plenty of good resources on Linux administration, but not many examples of what they're used for (LAMP servers I'm aware of, I'm thinking of any more creative uses). Any real world examples would be much appreciated.
04_996_C2@reddit
Graylog as my log server and enricher
Wazuh as my SEIM
LibreNMS snmp monitoring
Bookstack for central documentation
Snipe-It for asset management
GoPhish for employee security training
All the above were absolutely critical for my employer achieving ISO certification
WenKroYs@reddit
How has GoPhish been working for you? We've been using BullPhish ID for all our phishing needs, and its have been very effective.
04_996_C2@reddit
We are still customizing it. Like many FOSS solutions, it has just as many - if not more - options as a paid solution but requires a steep learning curve and a lot of customization to get up and running.
Plantatious@reddit (OP)
I used to run Kubuntu on my workstation, and I loved it. When I changed jobs, my laptop was hooked up to InTune/Endpoint, so I wasn't allowed to change the OS.
spidireen@reddit
We use Windows for domain controllers and to host vendor-specific applications that are Windows-only. Pretty much everything else you can think of is Linux: DNS, DHCP, web servers, logging and monitoring, email, file servers, and so on. If service doesn’t require Windows, then it runs Linux.
ESXI8@reddit
What are you guys using for DHCP / DNS?
AntranigV@reddit
We don't even use Linux. All of our infra is based on FreeBSD and illumos/OmniOS. We use both so if one of them has a zero-day type issue, we can rely on the other.
DHCP, DNS, syslog, NTP, File Server, (T)FTP server, iPXE server, web applications, chat servers, LDAP/Samba-AD, document sharing, dashboards, virtualization, containers, monitoring, build pipelines, Git server and I'm pretty sure I missed a thing or two.
Usually I'm much happier when I'm as far away from Microsoft as possible.
Linux was nice, but most common distros change things every 2-4 years, and these changes happen without even a notice. My only options for proper Linux these days is Alpine, Gentoo and Void.
I'm sure we also have OpenBSD/NetBSD on a system somewhere.
Hotshot55@reddit
Lmao what are you even talking about? Both RHEL and Ubuntu LTS have 10-year life cycles and any changes are communicated very clearly.
Fighter_M@reddit
AD, file servers, Veeam backup repos, SQL Server hosts with our custom DB, build servers, VPN, you name it…
Plantatious@reddit (OP)
What's the Linux version of AD?
Hotshot55@reddit
FreeIPA or if you wanted a paid version there's RedHat's IdM.
You can also run Samba as an AD DC but it's not amazing.
slugshead@reddit
I do run a mix, mainly due to the hypervisors specs being rather lacklustre.
Things I would normally do on a windows server VM and throw a bunch of resources at, I've had to find linux alternatives. Bitnami helped a tonne in making this is a lot easier to do rather than learning linux from the beginning.
Virtual appliances are also usually linux
lightmatter501@reddit
southceltic@reddit
I’m heavily dependent on file shares based on Windows because a) clients are all Windows machines (Windows 11 or Windows Server 2022 RDs) and b) NTFS permissions are based on Active Directory users and groups. Do you think I could have improvements in terms of speed without losing ease of maintenance and reliability (I’m thinking about disruptions caused by incompatibilities due to system updates )?
jaskij@reddit
Re: filesystem. This is also important for software development. Build times are quite sensitive to IOPS, and the same build on the same machine will be faster if you use Linux. This goes for both workstations and CI.
lightmatter501@reddit
Yes, there is a night and day difference. Some of it is because the types of operations needed to compile code incrementally like checking for last modified times are cheap on *nix but expensive on Windows.
pdp10@reddit
We avoid ARM platforms for the most part, and use quite a few x86_64 microservers for situations where a cluster VM isn't a good choice. Can you outline which x86_64 server configuration you were comparing against?
lightmatter501@reddit
Ampere’s bigger chips were up to 256 cores in a dual socket server way before x86. The cores are a bit weaker but most developers aren’t making intelligent use of them anyway, so it’s not a big performance loss.
forcemcc@reddit
Everything. The real question is what is windows being used for? Most environments I consult for only use windows for SQL server, and they all have plans to move those workloads to something else.
Plantatious@reddit (OP)
See, I'm the opposite. The only time I've come across Linux in environments is with Observium. 99.9% of K12 educational institutions out there run Windows environments, so running Windows Server only makes sense. Barely anyone even runs headless Windows because there's this irrational dislike for PowerShell, and the overhead for a GUI is always taken into account when buying hosts or building VMs.
pdp10@reddit
Ironically, Microsoft SQL Server has had a Linux version for quite a few years. Probably the Freemium version doesn't have a Linux version, though.
ABlankwindow@reddit
We are hybdrid, in azure environment, most of our linux are related to SOC. we had more when we were still on prem. When we moved to cloud some things got moved to PAAS\SAAS azure offerings that used to be linux servers. but wherever we can we use linux. cheaper and generally speaking more reliable on up\down time to use linux.
malikto44@reddit
A few things Linux does well:
Spawning containers or VMs. I can use a utility to pop off and provision stuff very easily in Linux. Windows isn't that easy, especially with activation and all that goes with it.
Easy administration. You can (and should, IMHO) do all administration from a SSH or console prompt.
Small footprint. I can carve functional VMs with two gigs of RAM. Windows, you really need 8 gigs minimum.
A lot of tools. If I want to stuff Microsoft SQL Server in a Docker container, I can.
Linux does software RAID extremely well. Linux
md-raid
is bulletproof, and a lot of SANs use that on the backend. ZFS is something that is often used and is hard to kill. If one wants more flexibility, there is UnRAID. If on RHEL, where one doesn't have access to a checksumming filesystem, there is making a RAID stack fromdm-integrity
,md-raid
, LVM, and XFS, perhaps addingkmod-kvdo
and LUKS as well.It is easy to make and image Linux servers, especially if you use LDAP authentication and either use FreeIPA/IdM, LDS with AD, or LDAP with Entra, so you can easily have users federated out, and NFS directories automounted.
pdp10@reddit
We go a lot smaller than that. Your current distro-default 64-bit kernel is going to take up less than 16MiB. Checking a random server, it's got Systemd using 12.3MiB resident and a workload using 74MiB resident, both of which I consider too profligate, but you can see how 256 or 512MiB machines are often very practical when workloads aren't running in JVM/CLR.
illicITparameters@reddit
Not a linux admin, but in mixed environments the most common usage I’ve seen is Syslog, web servers, database servers, and virtual appliances like SIEMs, vCenter, and management appliances.
AtlanteanArcher@reddit
Yea, we have a ruckus controller running in a linux vm.
Braydon64@reddit
Linux servers are used for literally anything that isn’t AD or print servers…
astonishing1@reddit
Linux can be a print server as well.
Braydon64@reddit
True, although I see windows used for that more
astonishing1@reddit
That's because it can get tied into AD and the GP stuff in Windows. If you have a mixed Win/Lin environment, Windows likes to be the boss of everything, and it is bad to have two print servers servicing and queuing the same printer (like crossing the streams in Ghostbusters).
Brufar_308@reddit
Packetfence 802.1x NAC CMDB and helpdesk. And a bunch of things other people have already listed.
UninvestedCuriosity@reddit
One place that has always lead me to find interesting things and pretty decent walkthroughs on setups is howtoforge. That's not where I got started but it was that website which helped me really embrace it. Now my environment is mostly debian with a few windows DC's, file servers, and print servers. Mostly because it's just easier when hooking into windows server proprietary functions or third party driver features.
But there's Linux for everything. Even multicast image deployment through things like fog project. Hypervisors, routers, really everything.
Browse through the guides there under debian and you'll get lots of ideas and most of them offer pretty good linux hygiene as well in terms of doing the normal basic security things.
Just get in there, setup some vm's, try things, follow guides, break things, fix things. I'm actually kind of jealous you have this entire beautiful thing to learn. There's so much less pain than 20 years ago when I got going.
TheDawiWhisperer@reddit
Linux servers are mostly used to increase my dependency on slcohy
dagamore12@reddit
Nessus, there is a free home use licenses for like 10ip'(?), Splunk(no idea if free home use) licensing servers(think IBM Flex) for applications (think matlab and creo). to add on to what others have pointed out.
TecheunTatorTots@reddit
Looks like there was (not sure if it is still true) a free 60 day trial for Splunk, and a free home version that caps at 500 mb per day ingest and lacks a lot of the features that would make it useful, like alerts for instance.
dagamore12@reddit
Yeah i use it at work, not at home, but with a 500mb ingest limit, it would still be good for setting it up and deploying the client for testing/homelabbing.
TecheunTatorTots@reddit
True, yeah for a homeland it should be fine. Not sure that I'd deploy it in a small office with more than five machines, though.
doomygloomytunes@reddit
Databases, containers, web servers, web proxies, dns, running applications and middleware
fitting_pieces@reddit
For my environment, linux is used all the way from Devel boxes to internet-facing production systems.
pdp10@reddit
hostapd
, dnsmasq)Ssakaa@reddit
They can be used to replace almost any service you'd run on Windows, though they don't do a great job replacing AD in a Windows environment, and even worse for SCCM/MECM/WDS, no WSUS equivalent for Windows clients as well. Core network infrastructure is a solid, easy, win if you're not already providing those via an appliance (not requiring CALs for every device on the network for DHCP and DNS is a handy benefit, though you'll still want to reach back to AD's integrated DNS for that layer).
Outside the Windows world, virtualization hosts (XEN/KVM/Proxmox), webservers (external website or internal web interface based services), container hosts (docker/kubernetes/podman), log aggregation/SIEM (Splunk/ELK/Graylog), service and system monitoring/metrics tools (Ichinga/Nagios/Zabbix/Prometheus/Grafana), user directories (LDAP), SSH, SFTP, file servers (SMB, NFS), storage services (Ceph/Gluster/Minio/Longhorn/iSCSI), centralized management (Ansible AWX/Chef/Puppet), vulnerability scanning (Nessus/OpenVAS), databases (Postgres/MariaDB), email (postfix/sendmail/exim). Let alone all manner of network layer services, from DNS, DHCP, etc. through VPNs, virtualized switches, overlay networks, etc.
Out of those, if you're not already providing it on the Windows side, and depending on your scale, centralized log aggregation and system/service monitoring can both be big steps towards improving your ability to be more proactive, but the cheaper up front cost, the more effort you can expect to "get it right" to a point that it's genuinely helping you. Vulnerability scanning can be good too, but will increase your workload until you a) catch up on everything it opens your eyes to and b) sort out the valid and invalid concerns, and get your rulesets sorted.
lectos1977@reddit
Most of mine are securiry and utility appliances. Pihole, Zabbix, openvas, wazuh, email Journaling. The sky is the limit. Wherever you need an open source server to fill in the blanks.
gaveros@reddit
My org uses it for: Oracle Database Clusters Some in house web applications running LAMP Node Red Proxy for AWS from our production network to our global production software Ansible for network switch upgrades
And a few other odds and ends, apart from the one-two servers with samba everything else is domain joined with SSSD
Ezzmon@reddit
They can do pretty much anything. But like you we have a primarily windows environment. The 2 linux VMs that come to mind on our network: 1) a Nessus VM for internal pen testing and 2) a locked down Ubuntu TFTP server that stores switch config backups
obviousboy@reddit
You could poke around here - https://www.linuxfoundation.org/projects
Just random crap off the top of my head
Asterisk - VOIP system
OpenDaylight/OVS - SDN platform on Linux (if your into networking you can read about google and facebooks own networking they built on Linux) facebooks is available publicly - FBOSS
Run your own CICDCD with concourse and spinnaker
Run your own virtualization platform with Openstack
_BoNgRiPPeR_420@reddit
Anything internet-facing in our environment runs Linux. Web servers, SFTP, rsyslog, k8s, etc. Some applications also require it in the Enterprise. Hospitals that run EPIC probably have Linux servers running cache for example.
mr-phillips@reddit
I use mine to run
Zabbix : SNMP Monitoring
Wazuh: SEIM
holiday-42@reddit
Dhcp, DNS, radius,syslog, file servers like samba file server, tftp server, ftp server, nas, plex.