> They had secureboot working during the launch by borrowing it from CloudLinux

Rocky intentionally wanted to have a secure boot certificate held by the RESF rather than a corporate backer.

> they made ELevate

ELevate is just the already existing open source project LEAPP with a migration dataset provided by Oracle. Alma really didn't do anything original other than obtain that dataset from Oracle.

> they had version 9 out very quickly while rockylinux seems to be on 8.6 still

There's no real urgency to release 9, EL8 is still supported until May 2029 and no system administrator worth their salt would deploy a .0 release to production anyway. .0 releases are for planning / testing / validation.

> So I do not know how these are counted, is there a machine ID, IP, both?

This is explained in the link in the article https://pagure.io/mirrors-countme. There is no identifier (though there is a private dataset with IPs so the Fedora folks can check for erroneous data), the systems simply add countme parameters to one transaction a week. The data is reviewed by Fedora folks to prevent influence from misconfiguration or intentional manipulation.

> so this might indicate that smaller entities are relying on it more

I'd expect an similar ratio of smaller entities would also be using Alma, I don't think this explains the differences.

What happened at the end of November and again in April to cause so many RHEL users to leave?

What happened in February to cause so many users to try and, for the most part, stay on RHEL alternates? Even Oracle Linux got a nice influx of new users fleeing from Red Hat, though it looks like at the end of April or start of May some of them went back to Red Hat.

Also, larger deployments certainly rely on local mirrors, same for higher security deployments, so this might indicate that smaller entities are relying on it more. Could also be related to a migration from some other distribution at least as a test deployment, the latest Ubuntu debacles come to mind in this regard.

That really surprices me since as far as I have seen AlmaLinux is doing a better job. They had secureboot working during the launch by borrowing it from CloudLinux, they made ELevate, and they had version 9 out very quickly while rockylinux seems to be on 8.6 still.

So I do not know how these are counted, is there a machine ID, IP, both? Because its entirely possible some of these are generated by the same user and it would be interesting to know how reliable the data is or if it could be a case of misconfiguration by a user for example.