DataCenter

Readers weigh in on Sun/Oracle impact

This post was written by News Contributor, Pam Derringer.

A May 5 story on SearchEnterpriseLinux.com about the decline of Sun Microsystems and its recent purchase by Oracle Corp. drew some thoughtful, diverse views from readers. The article concluded that Linux didn’t cause Sun’s downfall, fiscally speaking, but provided a low-cost x86-based OS that offered companies a cheaper hardware/software alternative, indirectly undermining Sun’s overall business.

David Marsh, an IT architect with a custom chip company, said his firm is planning to replace its outdated Solaris systems with cheaper, more powerful x86-based hardware, a decision that has nothing to do with the pending Oracle/Sun merger. Marsh expects to migrate its Oracle e-Business suite from Solaris to Linux at the next upgrade, probably virtualizing some portions of the application, and potentially all of it, on VMware.

Marsh’s firm also uses Sun Solaris instead of Windows to run Citrix XenApp, which functions as the front-end for its designers, who use many Linux-based tools. Marsh would prefer to migrate them from Solaris to Linux because the licensing for the Windows version of XenApp is “triple” the cost on Solaris. However, a Citrix spokeswoman said Citrix currently has “no plans” to add a XenApp version for the Linux platform.

Marsh was dismayed with Citrix’ response and predicted that “quite a few high-end customers will switch to other products,” like X-Windows display software for Windows or free, open source Xming software.

But Rich Rutkowski, whose small firm makes point-of-sale systems for retail outlets, hopes that Oracle will leverage Solaris and Java at Linux’s expense. Rutkowski’s firm was using Linux for development but was disappointed with Red Hat and Novell’s SUSE open source OSes. Red Hat doesn’t support Sun’s application server directly but, instead, refers users to Sun forums, he complained. And SUSE has a complex install process for nVidia drivers and, worse, a SUSE desktop upgrade caused a kernel panic, he said.

“After experimenting with OpenSolaris and the full production Solaris, we realized that everything we added to Linux (Postgres, Java Application Server and Java) came packaged with a full install of Solaris,” Rutkowski said. “Buying from Sun makes sense and the costs were actually cheaper. We will stay with Sun hardware and software and observe Oracle’s actions. There is no reason to go to Linux if Oracle keeps Solaris open.”

Oracle’s $7.4 billion purchase of Sun Microsystems is expected to be finalized this summer.

IBM POWER Systems focuses on Linux

In light of the global economic situation, IBM is putting a greater emphasis on the Linux market. This was an obvious shift that I noticed today while attending the COMMON User Group Annual Meeting and Exposition in Reno, Nev. I sat in on a panel discussion with Ian Jarman, IBM’s Power Systems Software Manager, and he plainly stated this fact. Jarman shared the Linux focus of IBM’s recent announcements, including increased focus on the PowerVM Lx86 product, which was created to help combat x86 server sprawl. PowerVM Lx86 creates an x86 Linux application environment running on POWER processor-based systems by dynamically translating x86 instructions to Power Architecture instructions.

On the exhibit hall floor, Anirban Chatterjee, IBM IT Specialist in the Executive Briefing Centers Systems and Technology Group, demonstrated how the tool works along with the PowerVM Live Partitioning Mobility feature.

Jarman also touched on the fact that IBM offers full support for SUSE 11, a move we have reported previously, with a focus on the cloud computing emphasis.

I’ll be keeping my eye on the Linux on Power activities at IBM throughout the show, and we’ll be following up with some end users who are willing to share their experiences. If you have any questions you want to ask IBM about Linux on POWER, leave a note in the comments below and I’ll work on getting you an answer.

Open source community reacts to Oracle-Sun deal

Yesterday’s news that Oracle had entered an agreement to buy Sun sent a bit of a shock wave through the open source community. After weeks of pondering what an IBM buyout of Sun would mean, the IT community now had an entirely different scenario unfolding.

The news was the first thing I noticed when I logged onto Twitter, and I saw that SearchDataCenter.com was working on the story. I “retweeted” Executive Editor Matt Stansberry’s play for feedback and heard back from Tom Howard, who said “IBM missed its chance. I want to know what Oracle’s commitment to Open Office and Solaris are, personally.”

But the bigger fear was from the MySQL folks. Satoshi Nagayasu, an open source database engineer from Tokyo, Japan, asked “Should we say goodbye to MySQL?” He then pointed to a blog from 2005 that was a reaction to Oracle’s purchase of Innobase, and said “Josh’s article gave me some insights why we use community-based open source [PostgreSQL].”

One of the more fun and mood-illustrating reactions was from tartansolutions: “Oracle now owns MySQL?! In related news, the Rebel Alliance has been acquired by Darth Vader for three wookies and a tantan :(“

John Engates, CTO at Rackspace, said “Seems like there’s a lot of concern about Oracle screwing up MySQL. People may look to PostgreSQL as a ‘safe’ open source DB.” He linked to a blog post by Om Malik, providing the GigaOM perspective on the purchase. Of the things Om said, the central point in the concern could be summarized by this paragraph:

At this price, it looks like Oracle found itself yet another bargain and in one fell swoop became a worthy competitor to IBM. It allows Oracle to become a player in the cloud computing business. More importantly, the company ends up acquiring MySQL, the upstart database that has been viewed as Oracle’s Achilles’ heel. In one fell swoop, it has taken out its No. 1 competitor.

Not all in the open source community was doom and gloom though. Jim Zemlin, Executive Director of the Linux Foundation, in his blog post in reaction to the deal looked for a silver lining. Zemlin pointed out that Oracle is strategically aligned with Linux in its position as a Linux distributor, and all its products are developed and run on Linux.

“Oracle is a key supporter of open standards such as ODF and we believe this only strengthens that stance,” said Zemlin. “This acquisition could prove fruitful for Open Office and ODF support in the enterprise.”

I was on the phone for the Canonical Ubuntu 9.04 release press conference, and one of the participants asked Canonical CEO, Mark Shuttleworth, what his reaction was, specifically regarding Java support.

“It is far too early to tell,” said Shuttleworth. “Java has been open, it tends to be a one-way trip – once you’ve made that commitment it makes sense to have it as highly available as possible.”

Shuttleworth also saw the move as a bit of further evidence of the worth of open source in the enterprise software industry.

“This really cements that free software and open source is the driving force today,” he said. “All of the major forces today are either free software or powered by free software — Java, Google, and onward. The software marketplace is consolidating at an extraordinary pace. Part of the reason for that is that open source is dominating the innovation pipeline. The fact that one of those five has just announced a $7 billion acquisition of a company that describes itself as the world’s biggest free and opens source software company proves that open source is the big game in town.”

Lastly, analyst Dana Gardener painted what I feel is the most level-headed picture of what the whole deal means.

Suffice to say that whatever momentum Sun had behind open source everywhere will be muted to open source some times as a ramp to other Oracle stuff, or to grow the community and keep developers happy. If nothing else, Oracle has been pragmatic on open source, not religious.

What do you think this means for open source? Are you considering moving to PostgreSQL if you weren’t already? Are you a programmer worried about Java support? Share your thoughts in the comments

More analysis from TechTarget:
Oracle-Sun combo: What does it mean for enterprise Java?

Will Sun help Oracle eclipse IBM?

VARs turn wary eye on Sun-Oracle combo

Oracle-Sun: A threat to VMware?

Ubuntu gains another win in major server certification quest

The little distribution that could, Ubuntu Linux Server Edition supported by Canonical Ltd., announced that it was on its way to achieving certification on Hewlett-Packard’s ProLiant x86 servers. According to Canonical’s blog post on the topic:

The certification means HP will list Ubuntu as a supported operating system and verify the work undertaken by Canonical to ensure full certified compatibility. Furthermore both companies are fully co-operating at the engineering level to provide full underlying confidence for HP customers using the certified servers.

HP won’t be shipping servers with Ubuntu preloaded. But, as Canonical marketing manager Gerry Carr explained to me, the certification will provide HP customers with assurance that if they sideload Ubuntu, it will work with specific information regarding performance. This news follows Canonical’s announcement of user survey results that revealed an uptick in adoption of the server-based operating system in a variety of mission-critical Web and database applications. The surveyed Ubuntu users shared that they mostly use the OS on assembled servers and tower and desktop PCs.

However, Carr explained that “It appears to be that HP ProLiant is the second most popular [server] brand behind Dell PowerEdge servers. I expect that is consistent across the unknown Ubuntu users out there.”

For an example of who is using Ubuntu, Canonical shared the story of a Chicago-based finance house that runs entirely on Ubuntu server and runs their open and proprietary stack on primarily HP machines, with some Dell in the mix.

In his blog post regarding the announcement, Joe Panettieri of WorksWithU, an Ubuntu dedicated news website, explained the history of Canonical’s Ubuntu Server edition initiative. He shared that a recent site reader survey revealed growing momentum for Ubuntu in the enterprise market. However, the big players (Windows Server, Red Hat Enterprise Linux and Novell SUSE Linux) continue to lead the way in both mind and market share.

Al Gillen, VP in charge of system software research with IDC, echoed this perspective in a statement to Ed Scannell of Information Week:

“In terms of noise level, Ubuntu has been hot lately. But the ecosystem simply isn’t as mature for Ubuntu as it is for Red Hat and SUSE Linux. They do not have the level of application support and data base support, and some other things that you need to be enterprise ready.”

Ubuntu achieved certification on Sun’s x64 servers in early 2008, around the time Canonical released Ubuntu 8.04 LTS.

Carr shared that Canonical is working to see Ubuntu certified on all the major manufacturer servers in the next few years. The timing of certification on HP’s servers is unclear, but is underway and Carr expects to see it “sometime soon.”

SE-Postgres tightens SQL security

This post was contributed by Joshua Kramer. For more information about Kramer, go to the EnterpriseLinuxLog About the Editors page.

In the theater of IT operations, security has moved to center stage. Attacks have become more complex, and legislative bodies have passed laws that require data protection. In just the past year, Nevada and Massachusetts introduced legislation requiring that consumer data be protected. 

 In 2006, Oracle introduced its Audit Vault, which purported to restrict access to data even from database management administrators. This kind of tool is extremely valuable in the fight against those trying to steal personal information.  

In early 2009, another player will offer a similar — and perhaps more secure — way to restrict data access As part of its yearly feature update, the PostgreSQL group plans to implement a module called SE-Postgres in the database core. This module inherits security rules and contexts from the SELinux rule set of the host OS to control access to tables, individual rows of data and even individual columns. Currently SE-Postgres is available as a patch to the Postgres 8.3 database (for those who don’t mind compiling source code). 

This inheritance of rules applies to all facets of SELinux and therefore gives you power beyond simply restricting access by role. When SE-Postgres is configured properly, a client’s SELinux context is propagated to all data it touches. For example, rows inserted by a subject with SystemHigh privileges will carry the Secret label. A query submitted by a subject with user_t privileges will not return rows that have such a label. For the most part, referential integrity is preserved; a table join will fail if one of the objects required in a table is disallowed by SELinux context. There are a few minor exceptions, but those will be closed as the project progresses.

Red Hat tight-lipped on breach, but risk appears small

Red Hat Inc. has declined to provide additional details on last week’s security breach on some Fedora servers that were illegally accessed. Although Red Hat said it did not believe that the package-signing key used to gain access to Fedora operating systems was compromised, the Raleigh, N.C.-based company issued a new Fedora signing key as a precaution. Fedora is Red Hat’s free operating system where innovations are introduced and tested before they are incorporated into production-ready Red Hat Enterprise Linux (RHEL).

Related to the Fedora intrusion, Red Hat also announced a breach into a few Open Secure Shell (SSH) security encryption packages for some versions of RHEL 4 and RHEL 5 that are not under the umbrella of a Red Hat network management system. As a precaution, Red Hat issued an updated version of the affected RHEL Open SSH security packages.

No big deal? 
Reaction to the breach is muted at best.

Joe Clabby, a principal at Falmouth, Maine-based Clabby Analytics, said that a new signing key install “could be a real hassle” for a large install base without an automated deployment system, but he didn’t think it was a huge problem. “It’s good they found it and made it public so people can fix it and life goes on,” he said.

Charles King, a principal analyst at Hayward, Calif.-based Pund-IT Inc., agreed.

A security breach is “always disquieting,” he noted, but this one is probably of lesser impact, because most data centers do not run Red Hat exclusively. In one sense, the breach could be viewed as an indicator of Red Hat’s growing success. Hackers generally target only commercially successful distros, King said.

Well-known tech blogger Jason Perlow said that the breach is “standard stuff” that will be remedied quickly because the entire open source community will become engaged in developing a remedy, versus a breach with a proprietary vendor, which could take months to solve the problem.

I suspect that most large Red Hat installs run RHEL rather than Fedora, thus reducing the probable risk to businesses. Nevertheless, as an admittedly impatient journalist wired to ask questions and expect answers, Red Hat’s failure to be more forthcoming about the extent of the breach and the potential impact is disappointing. Users aren’t well served by a limited statement and a wall of silence.

Should VMware buy Red Hat?

A recent Business Week article said that Raleigh, N.C.-based Red Hat Inc. is ripe for a takeover bid because its pockets don’t bulge as quickly as those of proprietary vendors and suggested Palo Alto, Calif.-based VMware Inc. as a promising buyer. VMware has a heftier cash flow and doesn’t have an operating system, a gap that Red Hat would fill, the author argues.

But three IT analysts panned the idea for multiple reasons. Richard Jones, the vice president and service director of Burton Group in Midvale, Utah, and Charles King, a principal analyst of Pund-IT Inc. in Hayward, Calif., don’t think Red Hat’s relative flat stock price makes it vulnerable.

“I don’t think it’s a risk,” King said. “The players within the industry and those in investment live in separate realities. If Red Hat can’t be a success as the clear leader in the market, what could VMware do to make it more successful?”

Jones doesn’t think Red Hat is vulnerable either. Red Hat has only its brand to offer (since open source software is free) and the company would be too expensive to buy, he said. Instead of VMware, Jones thinks that Oracle Corp. would be the more likely buyer.

Joe Clabby, principal at Clabby Analytics in Yarmouth, Maine, said a VMware/Red Hat merger doesn’t make sense because the addition of an operating system would put Hopkinton, Mass.-based EMC Corp., VMware’s parent company, in conflict with the other major hardware vendors who distribute VMware.

“I don’t see Red Hat making a ton of money,” Clabby said. “‘But I don’t think anybody’s at risk.”

But Clabby admitted that his crystal ball is sometimes a bit cloudy. “I didn’t think EMC Corp. should have bought VMware. But that acquisition has paid off extremely well.”

Ironically, the Red Hat news alert that initially popped up this week linked to a Computerworld column suggesting that IBM buy Red Hat, while admitting the outcome was quite unlikely. But a closer look revealed that Google erred in listing the “recent” article, which was written in 2002. The author, Nicholas Petreley, a computer consultant in Hayward, Calif., said this week that he was one of the first to urge IBM to buy Red Hat in the mid-’90s but said the acquisition now would simply put it in competition with other distros, similar to Clabby’s argument against a VMware/Red Hat merger. And Petreley’s thoughts were the same as mine: somehow the VMware piece resurrected his IBM column out of the depths of time and presented it as something new.

Well, as we all know, technology doesn’t always work 100% of the time. And this is just one more example.

The bottom line: Red Hat appears not to be a takeover candidate for now. And that’s probably a good thing.

Ubuntu growing its ecosystem of apps, partners, Canonical says

Malcolm Yates, the global independent software vendor (ISV) alliance manager at Canonical Ltd., traveled halfway around the world, flying from London to San Francisco with a message for LinuxWorld: Ubuntu is growing up. No longer just an operating system for geeks, Ubuntu has begun to evolve into a mature ecosystem with a small but growing cache of applications to run on top of an OS and more partners to expand its reach, he said.

Addressing an oft-cited shortcoming, Canonical is in the process of adding numerous key partnerships to expand the desktop and server offerings on top of Ubuntu’s OS and forging pacts with hardware vendors as well, Yates said. Parallels virtualization software and IBM DB2 database software already are downloadable from Canonical’s website and enterprise resource planning and customer relationship management applications in the works, he said. The desktop is beefing up, too, with OBM messaging and collaboration software and IBM groupware are coming soon, he said.

Canonical also has strengthened its development team to nearly a dozen members during the last year and has built a mini-operating system to enable ISVs to develop Ubuntu-based applications quickly and bring them to market, Yates said.

Although he didn’t have solid numbers, Yates estimated that Ubuntu’s share of the open source operating system market has doubled or tripled from IDC’s 9% projection last year, with the number of users opting for paid support rising proportionately. Server and desktop users both are growing but desktops – boosted by a 50,000 deployment by French police – are increasing faster, he said. But the coming addition of IBM groupware to Ubuntu’s desktop should boost Ubuntu’s momentum in the corporate market, both desktops and servers, he said.

Canonical’s goal is to make Ubuntu available via any partner and any business model and deliver it to users on the server as well as the desktop, Yates said.

LinMin adds key API to its automated provisioning tool

LinMin Corp. beefed up automation of its cross-platform bare-metal provisioning tool. The new version 5.2 from the Redwood City, Calif., startup now includes an application programming interface (API) through which a business process can initiate the provisioning of additional servers or desktops. The tool works on physical or virtual servers running Red Hat, Novell, Ubuntu, CentOS, Fedora, Asianux and Microsoft Windows.

Steven Brasen, an IT analyst with Enterprise Management Associates in Boulder, Colo., said the new API makes LinMin more useful because it can link directly into interfaces for other functions such as ticketing.

For example, developers could use the new API to trigger provisioning of a new Web hosting machine directly from an invoice, or the provisioning of desktop for a new hire from a payroll system, said LinMin CEO Laurent Gharda.

LinMin’s technology derives from the now-defunct OpenCountry, the technology assets of which LinMin acquired shortly after its launch last March, said Gharda.

OpenCountry’s system management package won “outstanding reviews” and LinMin has taken its best component and created a standalone provisioning solution, Brasen said. Provisioning is typically available only as part of a high-end systems management package such as Tivoli Software or HP OpenView, compared with which LinMin is a “very inexpensive” alternative, he said.

Ultimately, LinMin will probably be acquired by complementary vendors such as Hyperic or by an original equipment manufacturer, Brasen said.

Until then, the new API will help LinMin users eliminate the need for human intervention in provisioning, Gharda said. Some LinMin customers are testing the product in cloud deployments, he added.

Surveillance tools beat hidden malware at its own game

Just as surveillance tools have flourished in the physical world because they can monitor systems in hiding – think nanny cam – such seemingly invisible monitoring systems have flourished in the digital domain.

Rootkits, a form of malware designed to take control of a system without the authorization or knowledge of an administrator, can wreak havoc on a system and compromise everything it does by infecting code, nestling within it and becoming the malevolent phantom of an OS.

If security plays second fiddle to other system administration duties, your system may be just as much at risk as if you didn’t monitor it at all. But a new crop of rootkit detection tools is designed to detect these malware breaches and, in some cases, beat malware at its own game.

Products such as F-Secure Blacklight and OSSEC help protect system information from being used against you by making it inaccessible to nonadministrators. Unlike traditional antivirus scanners, these tools examine the system at a deep level to detect active rootkits and rout them out. Tools like Blacklight also tout themselves as user-friendly and nontechnical .

The new security tool ProcL goes a step further by hiding information about which version of software a system uses. As a result, malware attempting to gain system access cannot tell whether the system has software from 2008 or 1988 and will likely move on to an easier target.

For more on ProcL, see the Scanit website. And to check out an advanced security “hiding” tactic involving virtualization, click here.