HWZ Forums

Login Register FAQ Mark Forums Read

What do you usually setup a Linux server for?

Share This Page
HardwareZone.com on Facebook
Reply
 
LinkBack Thread Tools
Old 03-06-2017, 03:35 PM   #1
Member
 
Join Date: Jul 2009
Posts: 375
What do you usually setup a Linux server for?

Whether for professional work or personal hobby projects.

I am trying to understand the common use cases today for Linux.

Web server LAMP stack?
u0206397 is offline   Reply With Quote
Old 04-06-2017, 02:51 AM   #2
Supremacy Member
 
davidktw's Avatar
 
Join Date: Apr 2010
Posts: 8,360
Whether for professional work or personal hobby projects.

I am trying to understand the common use cases today for Linux.

Web server LAMP stack?
Mostly Professional works

1) Web Server
2) Servlet container
3) Caching system
4) NAT
5) DNS
6) VPN Server
7) Database Server (MySQL, PostgreSQL, Oracle DB, DB2, MongoDB,...)
8) Centralise Logging System
9) Mail System
10) Batch system
11) Development Environment
12) Part of clustering (worker/management node)
13) Jump Host (also known as Bastion)
14) Content Management System
15) LEMP, LAMP stacks
16) Desktop (in the past)
17) Virtualise Guest for compatibility and integration to my works and projects (console only)

Nope I don't use GUI for 99.99% of the time using Linux, I only work with the console portion of it, where Linux truly excel.
davidktw is offline   Reply With Quote
Old 04-06-2017, 12:55 PM   #3
Member
 
Join Date: Jul 2009
Posts: 375
Mostly Professional works
...
Nope I don't use GUI for 99.99% of the time using Linux, I only work with the console portion of it, where Linux truly excel.


4) NAT
Netfilter/IPfilter software firewall/NAT?

5) DNS
BIND?

6) VPN Server
What Linux VPN do you usually use?

Just a side comment, is there good reasons for having a server setup to run firewall/NAT/VPN/DNS in the enterprise/production environment, apart from a testing / development environment to fiddle with?

From my casual observations, many businesses and companies would buy some hardware appliances from SonicWall or Cisco hardware that comes with NAT/VPN/DNS all-in-one, rather than having a Linux/BSD box software firewall/NAT. Simpler and higher performance although more expensive generally.

Is there something that the software firewall/NAT can do that the hardware do not, or do not do as well?

11) Development Environment
Any IDE that runs in the console mode without GNOME or KDE? vi and Emacs are like text editors, kind of too minimalist for me.
u0206397 is offline   Reply With Quote
Old 04-06-2017, 09:59 PM   #4
Supremacy Member
 
davidktw's Avatar
 
Join Date: Apr 2010
Posts: 8,360
Why *nix if it weren't for the console advantages of it. All the text based configurations, all the CLI flexibility and power. Mouse clicking around is just so unproductive and laborious.

Netfilter/IPfilter software firewall/NAT?
The Linux kernel routing and IP filtering components are very powerful. You can achieve quite a fair bit of NAT using its IPTABLE NAT and MANGLE tables, along with route table forwarding with marked packets.


BIND?
DNSMasq too if it suits your use

What Linux VPN do you usually use?
Tried all PPTP, IPSEC, OPENVPN. Unless it is to bridge network, I will choose IPSEC, otherwise OPENVPN get most of the job done and very useful across corporate firewalls due to the fact it does not require GRE and you can easily provide via TCP 443.

Just a side comment, is there good reasons for having a server setup to run firewall/NAT/VPN/DNS in the enterprise/production environment, apart from a testing / development environment to fiddle with?
Cost is one good reason, but it all depends on what you want to achieve and how much technical expertise the company has.

Software provides flexibility and allows you to customise it for custome development integration. Hardware provides better performance and normally stick with industrial features which are not always flexible.

From my casual observations, many businesses and companies would buy some hardware appliances from SonicWall or Cisco hardware that comes with NAT/VPN/DNS all-in-one, rather than having a Linux/BSD box software firewall/NAT. Simpler and higher performance although more expensive generally.
Deiniftely the case, you have to know a lot of these enterprises may have a lot of products certified engineers, but they are not custom development gurus. You want them to hack a system to do something outside of the spec, they will give you warranty, non-standard reasonings, but ultimately the main reason is they either don't know how, or they are not ready to put their job on risks

Is there something that the software firewall/NAT can do that the hardware do not, or do not do as well?
I do not have entire exposure to all brand’s and models of these hardwares, but for what i have came across, they are quite features rich as long as you stick with standards.

However suppose if you want some very special design like, detect the incoming ip connections and apply a certain statistical distribution function, to the backend servers or user profiles that are not based on RADIUS or LDAP but extracted from another system or via some RESTful API, then you will need to either provide a middleware that implements such interface or forgo it.

Any IDE that runs in the console mode without GNOME or KDE? vi and Emacs are like text editors, kind of too minimalist for me.
Don't research much into it. Take a look at Java based IDE, I suspect they don't need Gnome libraries. Otherwise you can always try these web based IDE
http://www.hongkiat.com/blog/cloud-ide-developers/
http://codiad.com
davidktw is offline   Reply With Quote
Old 10-06-2017, 06:37 PM   #5
Senior Member
 
Join Date: Apr 2009
Posts: 630
On organisations preference to use enterprise appliances:

I use a lot of Linux (and Solaris too), but also numerous appliances. It's not so much that I (or my team) cannot understand Linux, but we don't have time to self-support a DIY Linux solution. We rather go with appliances that are commercially supported, even if sometimes that might mean it's still Linux inside it. On the flip side, we are sometimes really annoyed about these appliances being presented as blackboxes to us, making troubleshooting more difficult for us to do on our own.

To be clear, "appliances" doesn't always have to be expensive commercial products. E.g. FreeNAS works very nicely for us. I use pfSense at home.

But the "expensive commercial products" often have a variety of performance and reliability advantages. E.g. firewalls that can push 10GbE traffic with no performance deterioration from application level traffic inspection etc, or load balancers with hardware acceleration, SAN boxes with guaranteed IOPS, and others. If a disk starts to show signs of failing, how much more convenient that the vendor calls us to make appointment for hardware replacement, rather than for us to discover the failure ourselves and subsequently to ownself manage the replacement.
__________________
http://zitseng.com/
zitseng is offline   Reply With Quote
Old 12-06-2017, 12:46 PM   #6
Member
 
Join Date: Jul 2009
Posts: 375
On organisations preference to use enterprise appliances:

I use a lot of Linux (and Solaris too), but also numerous appliances. It's not so much that I (or my team) cannot understand Linux, but we don't have time to self-support a DIY Linux solution. We rather go with appliances that are commercially supported, even if sometimes that might mean it's still Linux inside it. On the flip side, we are sometimes really annoyed about these appliances being presented as blackboxes to us, making troubleshooting more difficult for us to do on our own.
My past experience is that sometimes even the "commercial support" is not there when needed. Customers can pay but the support engineers sent by the vendors are also unable to help much to isolate the problem. They talk like help desk guys who can only give standard answers for known/frequent problems. And then the sales guy would continue to charge by the man hours allocated for the "troubleshooting support" even when the problem doesn't get resolved.

To be clear, "appliances" doesn't always have to be expensive commercial products. E.g. FreeNAS works very nicely for us. I use pfSense at home.
Yeah, the term is used widely, from hardware appliance to software appliance. It can mean very different things.

But the "expensive commercial products" often have a variety of performance and reliability advantages. E.g. firewalls that can push 10GbE traffic with no performance deterioration from application level traffic inspection etc, or load balancers with hardware acceleration, SAN boxes with guaranteed IOPS, and others. If a disk starts to show signs of failing, how much more convenient that the vendor calls us to make appointment for hardware replacement, rather than for us to discover the failure ourselves and subsequently to ownself manage the replacement.
I am not sure if hardware appliances are really custom built or specially designed hardware from scratch inside to achieve that performance, or they assemble them from standard Dell/HP rack mount servers but pre-load with their custom software stack solely for deployment convenience only. Just plug in a network cable would do.

As an analogy, it's like Sim Lim Square's DIY PC hardware wise, but with Windows pre-installed. Not sure if they really design custom made motherboard or firmware inside?!
u0206397 is offline   Reply With Quote
Old 19-06-2017, 08:29 PM   #7
Senior Member
 
Join Date: Apr 2009
Posts: 630
My past experience is that sometimes even the "commercial support" is not there when needed. Customers can pay but the support engineers sent by the vendors are also unable to help much to isolate the problem. They talk like help desk guys who can only give standard answers for known/frequent problems. And then the sales guy would continue to charge by the man hours allocated for the "troubleshooting support" even when the problem doesn't get resolved.
That's true. But there are certainly good ones. The lousy ones make the customers do so much work that I wonder why we're paying for the support service.


I am not sure if hardware appliances are really custom built or specially designed hardware from scratch inside to achieve that performance, or they assemble them from standard Dell/HP rack mount servers but pre-load with their custom software stack solely for deployment convenience only. Just plug in a network cable would do.

As an analogy, it's like Sim Lim Square's DIY PC hardware wise, but with Windows pre-installed. Not sure if they really design custom made motherboard or firmware inside?!
I totally agree. Hence, I always make it a point to fully understand what's inside the underlying hardware, so that I can see through marketing crap. I've been impressed, like the same hardware we bought a long time ago, is exactly the same thing still being sold a decade or more later. Of course, one could say that then the hardware must be quite "dated" one decade later, which is true, but it's amazing that it continues to be viable product.
__________________
http://zitseng.com/
zitseng is offline   Reply With Quote
Reply
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.


Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On