November, 2007

Oracle VM and the Linux virtualization revolution

A few weeks ago, Oracle unveiled its new virtual machine (VM) product, Oracle VM, based on the Xen hypervisor. But why is Oracle introducing its own VM when it already has the Xen VM that comes with the Red Hat code? For an answer, we turn to SearchEnterpriseLinux.com expert Don Rosenberg, who fills us in on what Oracle VM means for users, the competition and for Linux in the enterprise.

Oracle VM
Red Hat ships the Xen VM with Red Hat Enterprise Linux (RHEL), with the same Red Hat source code that Oracle uses to build its Unbreakable Linux operating system.

But Oracle chose to go directly to Xen.org to download the source code for its own Oracle VM. While Red Hat runs Xen from within an operating system, Oracle runs its VM on a server. From here the Oracle VM deploys agents or images to computers without an operating system on them, creating virtual servers.

Oracle describes its VM as a console for the management of Xen, complete with a built-in operating system, making it a software appliance. The appliance has paravirtualized drivers for RHEL 4 and 5 but currently runs Windows without paravirtualization, resulting in sluggish Windows performance. Oracle claims its VM is three times more efficient than the leading VM (presumably VMware), but this comparison does not refer to speed so much as to the use of resources on a box. On a box that needs an OS and VMware installed, running via VMware would take up roughly three times the resources; Oracle’s software appliance saves space.

Oracle’s virtualization strategy
The Oracle VM is free to download and use; those wanting support will have to sign up for a paid plan. But Oracle says that its virtualization solution is still cheaper than Red Hat’s. RHEL supports some virtualization (at no extra cost), but full-blown implementation requires an additional product: Red Hat Enterprise Linux Advanced Platform.

The Red Hat solution calls for Red Hat-certified products from third parties, but an Oracle VM will run only Oracle databases, middleware and applications. By releasing its own VM, Oracle avoids third-party complications (such as software dependencies and support finger-pointing) and third-party payments. It also ends up controlling the software stack from top to bottom, including virtualization.

One can presumably find Oracle VM customers among the 1,500 that Oracle says already pay for Unbreakable Linux support (Dell, Stanford University, McKesson and Mitsubishi, among others). The unknown number of customers already running Oracle on VMware now have to decide whether to accept Oracle support (along with the Oracle VM) or continue to run on the competitor’s product with support from Oracle. Oracle customers who already run on Xen will find the switch to Oracle VM easier, of course.

Oracle says it has 9,000 developers at work on its software products, including Linux, and points out that Red Hat’s total employees amount to only 2,000. Oracle needs all its software skills to track Red Hat as closely as possible. Red Hat is upping the ante by announcing that in 2008 it will offer software vendors the Red Hat Appliance Operating System. Applications can be written to this layer to produce a software appliance that will run on any Red Hat system, physical or virtual, no matter where it is located.

Linux has accelerated virtualization
The Age of Virtualization is upon us, and I don’t believe we would have gotten this far this fast without open source software. Virtualization and VMware originated on mainframes, and when IBM finally “got it,” it used Linux to revive a company that was sinking slowly into the past. By adopting Linux, it came up with an OS that could be used on all of its hardware. And by applying its mainframe know-how, it came up with such marvels as the mainframe that could configure itself to be multiple-server instances by day, then turn back into a mainframe at night (for order taking and order batch-processing, respectively) or any combination of mainframe and servers). Moving client/server over to mainframe virtualization eventually gave way to cloud computing. Combined with grid computing, servers and applications are now thought of as “somewhere out there” in a virtual space. Because IBM made these improvements to Linux, the code was fed back into the Linux kernel, which was meanwhile being improved from the other direction (such as hundreds of servers being linked to form a mainframe). The invisible hand of the free market supplied a wealth of code that could be freely downloaded and reworked for anyone’s use.

All this happened in a world in which the dominant computer systems in businesses were desktops that eventually (with the help of open source BSD code) managed to form networks. They used one type of processor design (Intel) and one brand of operating system (Windows). VMware caught the eye of open source developers not only because it allowed network technicians to design, build and test networks while using only a single box, but because it took on the problem of how to use both Linux and Windows on a single box without rebooting.

This achievement rattled the windows in the Wintel offices. A few years earlier, Netscape boasted prematurely about its plans to build a platform that would be OS-independent and died as a result. And IT departments, tired of having to do separate installs for each Windows box, admired the way Linux could be shot over the wire to an unconfigured machine. This was an early virtualization concept that looked ahead to a world we may yet enter, one where the end user’s processor and software may be something other than Wintel. Porting apps would be less necessary if they were written to a layer high enough above the operating system(s).

Long ago, IBM and Apple had a joint venture to develop such a layer. The plan was to use layers to effectively virtualize operating systems and processors. Taligent collapsed from the weight of its own ambitious plans, but we are a lot closer to its goal. Now even Microsoft is getting into virtualization, competing with Red Hat and Oracle to build virtual data centers that most effectively use resources in real time.

Now that the open source Xen project has taken on some of the functions of VMware, what will become of this proprietary product that had so much to do with the current virtualization surge? It is difficult in an expanding market to say that VMware’s sales will drop, for it is already giving away the low-end server version of their product. Because it handles many more operating systems and does more things than Xen, VMware will survive in a specialized marketplace. The question is, will Xen push down VMware prices? Or, as with the move from CentOS to RHEL, will Xen’s position at the low end of the market serve to support a high price for VMware?

Red Hat, Novell issue back-to-back announcements

In the past 24 hours, the Red Hat Enterprise Linux (RHEL) beta became available through Amazon’s Elastic Compute Cloud (EC2) service. While RHEL has been available in limited beta for a few weeks, this public beta announcement came on the heels of Novell’s launch of SUSE Linux Enterprise Real Time 10, its latest enterprise OS offering.

Red Hat executives made the announcement of their partnership with Amazon a few weeks ago. Now users of Amazon’s Web service can participate in the testing of Red Hat’s latest enterprise-level Linux offering with AMIs (Amazon Machine Images) within the Amazon EC2 environment with email-based support for the public beta, according to the the Red Hat Online Services Team. The decision to take RHEL into the cloud is part of a larger company deployment strategy.

The launch of SUSE Linux Enterprise Real Time 10 is arguably the bigger announcement. Novell’s new SUSE is a real time operating system, which allows critical processes to take priority over processor tasks. The new release gets many of its bells and whistles (e.g. sleeping spinlocks, interrupt threads and high-resolution timers) from real-time patches developed by the Linux community.

Among Novell’s Real Time partners is Sun Microsystems, whose open source Java will benefit from the collaboration — and from competition between Novell and Red Hat. In light of Red Hat’s new strategy and the announcement that Red Hat would also be collaborating with Sun on Java, I wouldn’t be surprised if Red Hat were trying to create more Java developers on their end. What do you think? Email me or leave us a comment.

Ubuntu server momentum builds toward ‘critical mass’

At CIO.com today, Canonical CEO Mark Shuttleworth gives a nice year-ending top ten list on a topic he’s surely familiar with on the most intimate of levels: Ubuntu.

More specifically, Shuttleworth talks about the Top Ten Reasons Why Ubuntu Is Best for Enterprise Use. In the list Shuttleworth runs down the usual laundry list of pro-Linux items, including flexibility, cost, support chops and its strong security track record; and addressed a few new ones as well like application selection. “There are more than 20,000 packages immediately available to Ubuntu users. These include the largest selection of open-source tools and a growing list of proprietary applications,” he said.

Normally, a CEO waxing positively about his own product is nothing new, but this year has been a roller coaster ride for Ubuntu and I can’t help but think this column is a harbinger of things to come for the OS.

First, there were two substantial releases for Ubuntu this year. In April Feisty Fawn (7.04) launched, and Canonical was again beating the server drum full-force to get users to notice that this free little distro had matured over the past two years. Deploying it on the server was now an option said Jane Silber, Canonical’s director of operations. “On the server side, we have increased support for virtualization, and Ubuntu now supports a number of virtualization technologies. We have been working with VMware on some performance testing with Ubuntu as a guest operating system and as the host OS. We have seen very good performance numbers there. We also have Xen in the universe repository, and we’ve added [Kernel-based Virtual Machine] support,” she said.

I had already written about this a few times over the past year and I was looking for something beyond what Canonical was already saying about what was being put into Ubuntu’s code.

We go that response in May, and it was a small landslide victory for Canonical. In a joint statement released May 3, Dell Inc.. and Canonical announced that Dell would offer laptops and desktop computers pre-installed with Ubuntu Linux 7.04. Dell CEO Michael Dell acquired a Precision M90 mobile workstation and loaded it with Ubuntu 7.04 and a host of open source applications just to cap the whole announcement off. At the time, Raven Zachary, a senior analyst with New York-based 451 Group, said the news also meant users could expect an Ubuntu server offering from Dell in the near future. “I think you will find Dell, over time, also offering Ubuntu across its server product line as Ubuntu grows in popularity in the data center,” he said.

Nice segue, Raven, because what happened next was right up that alley. During a qucik call with Canonical’s marketing director Gerry Carr in August, he and I started talking about hardware vendors and which among them might be ideal candidates for pre-installed Ubuntu. “[Pre-installed Ubuntu on the server] is something we would like to do, and we’ve made no secret about it,” Carr said. “Customers have asked for this, and if people want to see Ubuntu pre-installed on Dell servers, then they should go to [Dell] IdeaStorm and continue to ask for it.” The Dell/Ubuntu program was expanded to encompass Europe in August, and observers at the time said it was yet another indicator of Ubuntu’s building momentum.

Carr said that while the deal will “hopefully be with Dell,” Canonical is also considering server vendors other than Dell, and at a later date the company will reveal the results of those talks. “This doesn’t mean a deal is imminent, but those who want and require Ubuntu on the server will have something available reasonably soon,” he said.

Which leads us to the present. Last week, at Linux-Watch.com, Rick Becker, Dell Product Group’s vice president of applications, said Dell is currently in the process of certifying Ubuntu for all its server lines. “But we are still several months away from announcing a certification. I’d say it’ll be announced in Q1 next year,” he said.

The Ubuntu firehose is now open, but there are still a few obstacles to address before the prerequisite “touchdown” articles are written (how’s that for a mixed metaphor?) How big is the demand, you ask? Dell IdeaStorm received more than 130,000 requests for pre-installed desktop Ubuntu in early 2007, but that number is a pin drop compared to the number of Red Hat and Novell instances in the enterprise today. And that number pales in comparison to the number of Microsoft Windows deployments worldwide. There’s also the recently raised concerns about Ubuntu’s documentation to address as well.

Regardless, the momentum is building around Ubuntu on both the desktop and the server. Whether or not it reaches critical mass is something we’ll have to dig into now, won’t we?

Google’s Linux-based Android takes on Ma Bell

When Google launched Android earlier this month, many people assumed that because it was an open, Linux-based mobile operating system, the target was Microsoft. Throughout the relatively brief history of Linux, the first competition was with legacy Unix systems and Microsoft Windows. Closed versus open, proprietary versus open source. It’s David versus Goliath in a Tron-like world (ok, maybe not that cheesey). Add to that the fact that today many mobiles run a Microsoft operating system, and the table appeared set for another Linux vs. Windows rumble in the data center jungle.

And while we don’t typically cover mobile Linux on SearchEnterpriseLinux.com or even here on the quirky Enterprise Linux Log, I couldn’t resist a quick link to a Slate article that discussed Google’s plan to take over the world. Here’s a free Pro Tip: Microsoft is but a small rival in the overall big picture. This isn’t so much a battle between technologies as it is a battle between ideologies.

Google’s truest and most formidable foes are much older and more powerful. Today we call them Verizon and AT&T, but their real name is the Bell system. Their ideology, which today governs the cell phone world, is called “Vailism,” and it can be traced back to 1907 and the origins of AT&T’s domination of American telephony. The Bells’ philosophy, as promulgated by AT&T’s greatest president, Theodore Vail, is based on closed systems, centralized power, and as much control as possible over every part of the network. Vailism is the antithesis, in short, of everything Google stands for. It is this—conquering the business culture of the telephone, as opposed to the computer—that is Google’s great challenge.

Do no evil? You tell me. I, for one, welcome openness not only in my software, but in my Internet and my wireless as well. But that iPhone sure is tempting…

Ubuntu JeOS available today

It arrived a tad later than expected, but today the Ubuntu mailing list announced that Ubuntu JeOS (pronounced “juice”) is available for download.

Ubuntu JeOS is a variant of Ubuntu configured specifically for virtual appliances. As we reported back in September, with JeOS Canonical has ripped out several software packages to streamline Ubuntu for virtualization purposes. The subtractions include the open source database MySQL; the Common Unix Printing Layer, or CUPS; email; and LDAP functionality.

The upshot of this? Users will have access to a server OS that’s 215 MB in size (Ubuntu Server is roughly 700 MB). The streamlined OS means users can download virtual appliances faster and run more of them per server.

Ubuntu JeOS will be available via the VMware Technology Network and is currently offered only ISVs and OEMs. The approach is similar to another VMware partner, rPath, which packages Linux-based virtual appliances with ISV-specified applications using its rBuilder, technology.

Another way to get Ubuntu JeOS 7.10 is to point your browser to:

http://cdimage.ubuntu.com/jeos/releases/gutsy/release/

Currently JeOS is available as a 32-bit flavor only.

November means turkey, GPLv3 adoption

When you think turkey and Thanksgiving, you think about open source projects that have adopted the GPLv3, right?

Well, even if you don’t, here’s an update from Palamida about the 50+ OSS projects that have moved to version 3.0 of the GNU Public License over the past two weeks.

Palamida:

Since many people will be off next week, we would like to wish everyone a Happy Thanksgiving early. But onto non-food related issues, as of November 16th 4pm PST, our list has grown to 1151 GPL v3 projects, which is a growth of 56 new GPL v3 projects from last week. Our LGPL v3 count has increased by 1 project, bringing the current count to 95 LGPL v3 projects. The GPL v2 or later list has also passed a large milestone of 6000 GPL v2 or later projects. Over the last week, 76 new GPL v2 or later projects have been added, bringing the count to 6034 GPL v2 or later projects.

This thing keeps on chugging along. Suffice to say, I haven’t heard the same levels of rhetoric and back-and-forth that I heard about the GPLv3 over the summer. Whether that’s just information overload, vacation time, or genuine acceptance remains to be seen.

Security alert: Remote Code Execution in Samba’s nmbd

Samba release manage Jerry Carter once told me that the majority of “bugs” in Samba that get reported by users are actually misconfigurations of that user’s system, or a problem with Microsoft Windows, and are not the fault of Samba.

In one of the rare tips I’ve written for SearchEnterpriseLinux.com, Carter said the next time a user comes knocking on your door with an Access Denied error message and blames it on Samba, tell them to slow down. Most of the time, it’s not Samba’s fault, he said. “Our motto is ‘Bug for bug, feature for feature, we are completely compatible with Microsoft Windows,” Carter said.

However, Carter also said that if there was a legitimate bug, the Samba team had no problem admitting it existed and working post haste to get it resolved. Today, the Samba team reported a security issue with Samba’s code, as well as a patch to fix it.

Description
===========

Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect may only be exploited when the “wins support” parameter has been enabled in smb.conf.

Patch Availability
==================

A patch addressing this defect has been posted to

http://www.samba.org/samba/security/

Additionally, Samba 3.0.27 has been issued as a security release to correct the defect.

Workaround
==========

Samba administrators may avoid this security issue by disabling the “wins support” feature in the hosts smb.conf file.

Credits
=======

This vulnerability was reported to Samba developers by Alin Rad Pop, Secunia Research.

The time line is as follows:

• Oct 30, 2007: Initial report to  Trackback URL

BIND 9.4.2 RC2 is now available

Fresh from the yesterday’s news file, BIND 9.4.2b1 is now available for download. This is a maintenance release candidate for BIND 9.4, but if you are upgrading from BIND 9.4.2rc1 the BIND developer team strongly encourages you to please see the README file before doing anything.

BIND 9.4.2rc2 can be downloaded from:

ftp://ftp.isc.org/isc/bind9/9.4.2rc2/bind-9.4.2rc2.tar.gz

The PGP signature of the distribution is at

ftp://ftp.isc.org/isc/bind9/9.4.2rc2/bind-9.4.2rc2.tar.gz.asc
ftp://ftp.isc.org/isc/bind9/9.4.2rc2/bind-9.4.2rc2.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/bind9/9.4.2rc2/bind-9.4.2rc2.tar.gz.sha512.asc

The signature was generated with the ISC public key, which is available at

http://www.isc.org/about/openpgp/pgpkey2006.txt

A binary kit for Windows 2000, Windows XP and Window 2003 is at:

ftp://ftp.isc.org/isc/bind9/9.4.2rc2/BIND9.4.2rc2.zip
ftp://ftp.isc.org/isc/bind9/9.4.2rc2/BIND9.4.2rc2.debug.zip

The PGP signature of the binary kit for Windows 2000, Windows XP and Window 2003 is at

  ftp://ftp.isc.org/isc/bind9/9.4.2rc2/BIND9.4.2rc2.zip.sha512.asc
ftp://ftp.isc.org/isc/bind9/9.4.2rc2/BIND9.4.2rc2.debug.zip.asc
ftp://ftp.isc.org/isc/bind9/9.4.2rc2/BIND9.4.2rc2.debug.zip.sha256.asc
ftp://ftp.isc.org/isc/bind9/9.4.2rc2/BIND9.4.2rc2.debug.zip.sha512.asc

There were also a number of bug fixes, which can be dissected and perused at the BIND homepage.

Red Hat Exchange gets appliance, services boost

When the Red Hat Exchange (RHX) launched alongside Red Hat Enterprise Linux 5 (RHEL5) in March and was expanded upon at the Red Hat Summit last May, I’m not sure a lot of people knew exactly what to expect from it.

Red Hat’s vice president of global engineering, Paul Cormier, compared RHX to Amazon, in that both services allow users to comment on and rate the “products” being sold on the site. In RHX’s case, these products were open source applications being offered by companies like Alfresco (content management) and Zimbra (messaging and collaboration), to name a few.

Red Hat’s director of online services, Matt Maddox, compared RHX to an open air market and even showed Summit attendees a digital short of some Red Hat staffers navigating a real life open air market searching for fruits and vegetables.

When the service launched more than six months ago, there were 12 companies. Today there are a few more, but only recently has Red Hat really started to solidify what the real goal of RHX might be. Part of that goal was revealed last week, when the Red Hat Appliance OS became a reality. This “optimized version” of RHEL will be offered to ISVs along with a virtual appliance development kit (VADK) sometime in the first half of 2008.

The way this ties into RHX is that a wide range of software applications on Red Hat Exchange (RHX) are already available for trial and purchase as pre-configured software appliances. With an RHX and AOS combination, Illuminata senior analyst Gordon Haff said Red Hat could streamline the appliance distribution process, but he also stressed it’s too early to give a definitive answer on that front. “We’ll have to see how the integration with ISV updates and so forth gets put into place because that’s an integral piece,” he said. More to come from Red Hat on that point sometime in 2008, I’m sure. Perhaps at next year’s Summit?

Further RHX updates were offered up by Red Hat via their news blog earlier today:

Expanded products and services from red hat partners

• Groundwork Monitor Pro will be available with three levels of support on RHX. Groundwork will also offer installation and training services through RHX.
• JasperSoft will offer JasperAnalysis through RHX with two levels of support. JasperSoft will also offer implementation and training services through RHX.
• Zmanda will offer Zmanda Network for Amanda Enterprise on RHX with back-up clients for Unix and Linux. This offering comes with three levels of support. Zmanda Recovery Manager for MySQL and Zmanda implementation services are available through RHX as well.

Expanded Support Offerings

• RHX will also begin offering significant enhancements to its support offerings with the availability of 12×5 and 24×7 phone and web support.

Or course, there’s also that little point about how RHX could, in all actuality, be a personal incubator for future Red Hat acquisitions, but there’s nothing much to report on that front just yet. Or is there?

Tutorial on Ubuntu 7.10 (Gutsy Gibbon) Samba standalone server with tdbsam back end

From HowtoForge comes a timely tip and tutorial about the installation of a Samba fileserver on Ubuntu 7.10. The tutorial, submitted by Falko Timme, a system developer based in Germany, also lists how to configure files erver to share files over the SMB protocol and how to add users.

“Samba is configured as standalone server, not as a domain controller. For this setup, I will use the Ubuntu Server installation CD but the same installation procedure will work on an Ubuntu desktop as well,” Timme said.

I’d be remiss if I didn’t also pitch SearchEnterpriseLinux.com’s wealth of Samba tips and news, some of which, coincidentally enough, were compiled by yours truly.

But you want more? You can also check out our Exploring Samba and Active Directory integration options landing page that was compiled by site expert Sander van Vugt. In that compilation, van Vugt discusses everything from Samba basics, to installation, to administration and migration. If you have no idea what Samba is, I salute you for reading this far, but I still encourage you to check out Sander’s tips — he defines Samba in the first paragraph
Check it out.