How do you setup Windows and Linux servers in enterprise?
Posted by sec_admin@reddit | sysadmin | View on Reddit | 6 comments
From a networking perspective, you have a pretty intuitive architecture - putting it simply, you start with the core switch, branch of to WAN, DMZ with firewalls, LAN etc. Of course complexity increases as you move forward. You can look at network diagrams to make sense of stuff.
What is the equivalent for server architecture? For Windows you start with a DC/AD and then build from there while separating Prod/Dev? How about for Linux? How do you plan/design storage?
I'm trying to look at an overall picture of how servers are arranged and planned in an MNC enterprise sysadmin point of view. I tried looking at system designs but these are more involved about application architecture.
Kuipyr@reddit
GPO for Windows, Ansible for Linux. Honestly not a fan of joining Linux to AD. I use local accounts with ssh keys stored on Yubikeys that are pushed out with kickstart
Original-Reaction40@reddit
Why not use ansible for both linux and windows?
pdp10@reddit
It's simple; you may be overthinking it, especially if you're looking at things from an academic point of view.
screampuff@reddit
Linux is more commonly ansible and IaC. You 'deploy' servers by spinning up a fresh and base image, then start loading your configuration. Apps install with things like apt-get or yum, then you push configuration files which is usually text, unlike say Windows where it's a mix of registry, app data, gpo, program files, environment variables, services, etc....
When something goes wrong, you just push the button and it redeploys from scratch. You back up your data that houses documents, your configs, databases and that sort of thing.
Specialist_Cow6468@reddit
Please, tell me more about how simple and intuitive you find modern datacenter network architecture. Do you prefer to run your VTEPs on your switches or directly on the hypervisors?
enterprisedatalead@reddit
depends on the environment, but in most cases it ends up being a hybrid setup
windows servers usually handle things like AD, identity, and anything that depends on microsoft stack, while linux runs apps, databases, web services etc. trying to force everything into one side usually causes more pain than it solves
we’ve done this by keeping identity centralized in AD and integrating linux where it actually makes sense. joining linux to AD (via sssd/realmd) worked well for shared access and reduced account sprawl, but we didn’t do it for every box, only where needed
automation matters a lot more than the OS choice. once you start using something like ansible, managing both becomes way easier
also worth deciding early which systems actually need to talk to each other vs stay isolated, otherwise it gets messy fast
how big is the setup you’re planning, more lab or something production-like?