He made the mistake of echoing IDCs market-share factoids for operating systems on servers. Unfortunately for him readers were aware that many servers are obtained without an OS and cloned by the thousands with GNU/Linux. Read the comments. It goes on for pages.

IDC does mention units with each OS but conveniently neglects re-purposing or naked servers… Oops. 91% of the Top500 HPC systems and Google come to mind. That other OS may be useful on a server for running the difficult-to-manage OS on clients but compensating for inadequacy by adding more inadequacy is not merit.

I am, essentially, running GNU/Linux on a medium sized roll-out with no server except database and file services. I can sit down at any GNU/Linux machine in the building and manage the whole network from router to thick clients and thin without AD or similar tool. I will likely add LDAP at some point but for the moment there is no need. There are three keys to my management:

• OpenSSH, which allows me to control any PC from any PC as if I were there.
• apt-cacher-ng, a caching proxy server for packages, which distributes packages using the
• APT package manager.

OpenSSH rides on each client PC and apt-cacher-ng is one of a dozen services run on a single file server. Apt-cacher-ng serves a similar purpose to WSUS on that other OS but it handles all packages from the repository, not simply the operating system of a subset of the applications on the clients. APT handles dependencies rather well. I can usually install one package and everything needed to make it works comes down. The backup for most of my software are the system of mirrors out on the web. Apt-cacher-ng keeps a local copy of recently installed packages. It is blazingly fast because there is no authentication except checking a digital signature. I do not have to install anything special to use it except to inform the client of the presence of the proxy server. From the client, the package management is absolutely normal. I can update any and all clients running GNU/Linux this way in seconds without leaving my chair. I have used WSUS and AD. This is way faster. I can be done a complex transaction before that other OS lets an admin login.

For example, suppose, in the middle of the day with people at work, a teacher asks me for an application that does X. I can sit down at any GNU/Linux PC and run apt-cache search X and find a suitable package, Y. Then I can login remotely to a place where I store my scripts and execute a script to run the command apt-get install Y on all relevant machines. For convenience with BASH scripting, I usually keep directories with names or IP addresses of machines in various categories. For example:

apt-cache search multipli
gmult – figure out which letters are which numbers
libghc6-type-level-dev – A Haskell library for type-level programming
libghc6-type-level-doc – Documentation for type-level programming in Haskell
libghc6-type-level-prof – Profiling libraries for type-level programming in Haskell
last-align – genome-scale comparison of biological sequences
libcoro-perl – Perl framework implementing coroutines
libfont-afm-perl – Font::AFM – Interface to Adobe Font Metrics files
libjgrapht0.6-java – mathematical graph theory library for Java
libm4ri-0.0.20080521 – Method of the Four Russians Inversion library, shared library
libm4ri-dev – Method of the Four Russians Inversion library, development files
libmath-calc-units-perl – Human-readable unit-aware calculator
libmath-nocarry-perl – Perl extension for no carry arithmetic
libtommath-dev – multiple-precision integer library [development files]
libtommath-docs – multiple-precision integer library [documentation]
libtommath0 – multiple-precision integer library [runtime]
mathwar – A flash card game designed to teach simple maths
libcreal-ocaml-dev – O’Caml library that implements exact real arithmetic
octave-benchmark – code to benchmark speed of Octave
pconsole – parallel console shell for administering clusters
scilab-ann – Scilab module for artificial neural networks
units – converts between different systems of units
yorick-soy – sparse matrix operations for the Yorick language
yorick-yeti – utility plugin for the Yorick language
apt-get install mathwar
…
test the package
…
ssh homeserver
./all students “apt-get install mathwar”
exit
exit

“all” might look like this:

To do the passwordless logins I need to distribute the root user’s key (/root/.ssh/id_rsa.pub) to all clients (/root/.ssh/authorized_keys) at installation or cloning. I can also distribute the host key to /root/.ssh/known_hosts, but for this size network I do not bother and just say “yes” once to each machine the first time around. I have SSH check for changes of IP address and used fixed-ip addresses in DHCP. It is a bit of work to set up but I only have to do it once and I get lightning-fast logins.

tree scripts
scripts
└── servers
├── dual
└── xeon
time ./all servers date

real 0m0.002s
user 0m0.000s
sys 0m0.000s
root@tc-amd64-3:~# visiting dual
Sun Jun 6 09:26:04 CDT 2010
visiting xeon
Sun Jun 6 09:26:03 CDT 2010

time ./all servers “uptime;free -m|grep Swap”

real 0m0.002s
user 0m0.000s
sys 0m0.000s
root@tc-amd64-3:~# visiting dual
09:30:40 up 21:25, 1 user, load average: 0.00, 0.00, 0.00
Swap: 6283 0 6283
visiting xeon
09:30:40 up 5 days, 2:16, 5 users, load average: 0.00, 0.00, 0.00
Swap: 1913 0 1913

How’s that for speed? A millisecond a visit per machines and they inform me of their status within a second! That other OS has nothing to offer me for managing servers and I can use the same tool for clients. Why would I make extra work for myself adding their OS to a server and get worse performance? My last experience with Lose 2003 was abysmal. The GUI would freeze occasionally on remote logins, and there would be some long pauses in services up to 30s for no apparent reason. My employer had installed seven servers running that other OS in a vain attempt to lighten the load on each one but that did not help. It only gave me seven times as much work to do. WSUS worked sometimes… When they released zero-day patches, we were often naked for days while WSUS tried to keep up. Many machines took days before they could connect to a local WSUS server. Compare that to milliseconds. What am I going to choose?