Real World Linux 2004 Report

Real World Linux 2004 Report

April 13 – April 15 By: David Thornton

Table of Contents

Real World Linux 2004 Report	1
Table of Contents	1
Organizations of note	1
CIPS	1
Government Telecommunications and Informatics Services	1
Novell	1
Ximian	1
SuSe Linux	2
IDC	2
Attended Functions	2
T4 – Linux Cusomizations  - Three Case Studies	2
T8 – Full Cost Accounting Methodologies for IT projects: You Paid What??!	2
204 - Red Hat Enterprise Linux: A Technology Overview	4
208 - Clustering And High Availability For Linux	4
210 - Using Linux as a Web Services Platform	5
211 - Security Enhancements By Red Hat	5
305 - Erp Application On Linux: City Of Bloomington: Case Study	6
309 – Linux Industry Developments & Adoption trends	7

Organizations of Note

CIPS

Canadian Information Processing Society.

http://www.cips.ca

Government Telecommunications and Informatics Services

The IEEE of the IT industry in Canada. These guys promote and formalize professionalism in the IT industry. They present a certification to the industry, the ISP ( Information System Professional ) :designation.

http://www.pwgsc.gc.ca/gtis/text/index-e.html

Novell

http://www.novel.com

in two years turned them selves from fading to fanatic. They have “Eaten Linux” for lunch and now it courses thought their veins.

Ximian

http://www.ximian.com/

The enterprise desktop app a la Openoffice people. Integration, Security, Manageability are their goals.

SuSe Linux

http://www.suse.com

The largest Linux vendor in Europe and closest competitor to Red Hat in North America.

In contrast to Red Hat SuSe has both moved toward refining the server offering AND supporting home and enterprise desktops. (Red Hat is shying away from the desktop.)

IDC

www.idc.com

Your Zellers of Market research, lots of stuff moderately prices (moderate quality). Not Wal-Mart, not Martha Stewart Living.

Attended Functions

T4 – Linux Cusomizations - Three Case Studies

By: Dan Morrill

Tuesday April 13th 2004

This talk went over three different “Customizations” for linux. I thought is was a wash. The three “customizations” were: Linux as Firewall, Linux as Fileserver, and Linux as Arcade console. These three roles for a Linux Computer are quite juvenile. The talk was very “single system” based. It was all about how to get a single machine to do a single job. 80 of the time was on base os and software configuration. The presenter basically just “showcased” his setup at home, complete with a home network diagram. I have given the notes to Ryan Schellenburg , so if anyone wants a copy he’s you man. I expected more from this level of Conference.

T8 – Full Cost Accounting Methodologies for IT projects

You Paid What??!

By: Joseph Potvin ( From GoC Public Works)

Tuesday April 13th 2004

This was by far the best session. It was all about how to account for IT projects and more specifically it pointed out a glaring problem with Opensource projects: The accounting is Hell! Typically when an organization develops a software package they can account for most if not all of the costs of executing the project. With Opensource projects it’s often very difficult to track the cost (let alone the benefits). Joseph had no clear answers, but he did raise some interesting underlying themes in part of the reason why Opensource projects are so timidly approached by big business (including government). What’s so hard about accounting for open source projects?

Human resources:

1. Project members may be around the world.
2. Project members may be volunteers or they may be paid.
3. Project members may belong to many organizations.
4. Project members may NOT belong to any organization.
5. Scheduling for deadlines and rollouts are not reliable.

Benefits:

1. Take up and use can be viral, a project meant to benefit a specific group of people may find itself benefiting unexpected groups of people.
2. The benefits of the project may be felt in perpetuity.

Additionally:

1. Project ownership can shift unexpectedly.
2. Projects as split off and many version can emerge, possibly merging later in the lifetime of the project.

So how do all these factors show up on the ledger of an organization that wants to conduct business planning around Opensource? This is the challenge.

For governments it’s all about standards. Not simply something a local manager says is “The way it will be done” but something released by an accredited standards organization. Joseph looked to the community for feedback about possible standards about how to do accounting for Opensource projects. Additionally he called upon CMA for guidance. At this time there is no standard. So when any vendor says the ROI is this or that, or that the TCA for some technology is this or that, the method by which they calculated values is ad hoc. Typically we expect that the method any given body releases is skewed to favour that vendor, or puts the vendor in the best light.

At the government of Canada the TBS (Treasury Bureau Secretariat) uses:

1. A CBA (Cost benefit analysis) Guide.
2. a Guide to costing output
3. Accrual accounting

Side note: Good book , read it: “How to lie with statistics.”

Side note: standards used in government: ebXML, xRRML, BRML.

If you are trying to do business with the Government of Canada and the group you are working with says that they won’t do Opensource because that’s not the standard, then you should call Joseph Potvin and get him to “Fix” the problem.

To get an Idea of what the government is doing now with Opensource: All of the security infrastructure is Opensource (proxies, IDS, firewalls).

Geomatics application ( Seismic data collection / analysis)

Health Canada

Atlas.gc.ca

“R” the statistics package that is used internally is Opensource.

FreeWRL is a Opensource VRML viewer created by GoC

From: http://www.oclug.on.ca/topics.php

About the speaker: Joseph Potvin is a team member of the Managers of Enterprise Architecture in the Architecture and Standards Directorate, Government Telecommunications & Informatics Service (GTIS). GTIS is a part of Public Works and Government Services Canada (PWGSC). He is active in engaging the open source business model for GTIS operations, and was coordinator for the May 2002 "Open Source Solutions Showcase" hosted by Innovatec, a part of GTIS. During the summer of 2002, he led a team that created and shared two small government-produced applications on SourceForge ( http://simpleassets.sourceforge.net/ and http://simpletracker.sourceforge.net/ ). In an earlier position at the International Development Research Centre, Mr. Potvin was the architect and product manager of the Canadian Government's first open source software release. OPA (Online Proposal Appraisal / http://www.bellanet.org/opa ) is a full-featured workflow management application released as version 1.0 for ColdFusion in 2000; advanced to version 2.0 in 2001 through contibutions by the World Bank; and re-developed this year in PHP by a Netherlands/Uganda team working for KiNcite. He is the co-ordinator for the currently forming communities-of-practice known as GOSLING (Getting Open Source and Linux INto Governments) and GOOSE (Government Official Open Source Engagement). GOSLING involves people in their individual professional capacities, whereas members of GOOSE collaborate in their official roles. Portals for each of these will be announced soon.

204 - Red Hat Enterprise Linux

A Technology Overview

By: Nick Carr

Wednesday April 14th 2004

Some of the new features in the 2.6 kernel ARE in the RHEL kernel, some of the new features that Red Hat introduced did not Make it into the 2.6 kernel, but ARE in the RHEL kernel.

Certification is the Key

RHEL is working full steam ahead to be certified with all the major ISVs. It’s not just “Does it work on linux” it’s “Is it stable” that what the certification brings.

A note on TPC/C benchmarks:

It not about winning, it’s about being in the game. Any vendor’s latest release will beat the last vendors latest release. Let me repeat myself: It’s about being in the game. So what are they doing in the RHEL kenel:

Native Threads
Means high performance, means high stability, means high portability. This is good for multi threaded apps, and what the big multithreaded app out there: JAVA!

Async I/O
This means you can as kfor some data from a device ( net / disk etc ) then go back to work… when the net or Disk has the data it will let you know.

Extensive Driver Support From Intel NICs to Qlogic high-end enterprise FC HBA drivers.

CPU masks and high performance interrupt handling. Including CPU affinity-> the ability to bind a process to one or many CPUs

O(1) Scheduler. This is an evolutionary lead edge process scheduler. This increases performance overall and specifically in MP environments. Key: Scalability, can you say 64 CPUs? Includes Oprofiler for tuning and debugging

Reverse VM page table - is good for servers

Huge TLBFS page sze goes from 16k to a possible 4 GB ( typically it would be 256 Megs).

Remap_file_pages Reduces the amount of kernel memory required to do SHMFS

Tune ups for NFS

ACL Access Control lists. Extends the classical unix permission structure ( Windows and Sun can do this too) One file can have many per user or per group access policies.

208 - Clustering And High Availability For Linux

By: Roger Davis

Wednesday April 14th 2004

Recent developments in the linux world: Increasing performance and reliability Current options: Beowulf cluster (typically for scientific applications) Failover clustering (Aplication clusters work like this)s Federated Clusters ( a-m here , n-z there) Shared reality clusters( Oracle and coldfusion work like this.)

Gigabit Ethernet has limitation as in interconnect for Clustering: things get ugly above 6 nodes.

Fibre Channel is appropriate for OLTP applications with node limits around 40-50.

Fibre channel show good performance with small block sizes (David: I wonder what small means? 4k 400k?)

Intel’s Infiniband show promise at around 40 notes.

FAA ->6 nodes

16 Xeons replaces a cluster of 32 Power4 devices.

“it’s about the I/O”

Single Image systems: -> Oracle RAC

What about the other apps?

Dell although they are targeting “Enterprise" client’s they have halted their architecture at 4 CPUs. Lots of small devices can do the enterprise job.

Latency and Connection times: GigE -> 60 ms Infiniband -> 7 ms (That’s about 10 to 1 )

“The biggest blade server problem is Cooling. ” – dell guy The legacy data centre were just not built to cool like that 210 - Using Linux as a Web Services Platform By: Albert Hsu Wednesday Apil 14th 2004

What’s out there now: Jaxm / Jax-RPC / JAXR / Apache – Axis / Perl Tools: Eclipse (IBM)/ exteNd ( Novel )

Identity services are all the rage: Novell does that!

Process Management.

This talk focused on Novell’s exteNd tool, complete with a demo.

They had a simulated TN320 terminal, and build an app that would talk to it during the talk… It was pretty lame. I mean it’s cool that they couldl do it but doing it as the talk was sort of a waste, you could hardly see the screen and it was just a single function feature.

I think their point was that it is easy to build otherwise difficult apps quickly with the Novell Tool “ExteNd” . 211 - Security Enhancements By Red Hat By: Ulrich Drepper (from Red Hat) Wednesday April 14th 2004

http://people.redhat.com/drepper/ http://people.redhat.com/drepper/nonselsec.pdf

This was a pretty deep talk. I didn’t follow it 100% I think I passed out for at least 10 minutes.

I was going to write about this. But it’s pretty high level programming stuff and as I said I don’t get it all. It makes no sense for me to try and write like I know what they are talking about when I don’t.

For the explicit presentation follow the link above.

Here’s the gist of it:

Red Hat is taking a lot of the advanced programming protection technology and putting into their standard release.

This inclus a bunch of stuff red hat calls Exec-Shield: Stack Randomization , /proc file system access control, Executable stack tracking via new ELF header entry: PT_GNU_STACK, mmap randomization, oh and heap randomization. 305 - Erp Application On Linux: City Of Bloomington: Case Study Track: Government By: Gregory Volan, Venkat Sankaran Thursday April 15th 2004

Bloomington Residents: 70,000 people Cit ystaff: 620 people IT department: 16 people

The first linux server that used used by the city was a fileserver replacement for a novell machine in 1999. Major Apps were on HP-UX: Oracle, Oracle Financials, GIS software

Key reasons why they choose Linux:  “Free” – no licensing.  Open-source architecture.  Stability.  Leading edge technology.  Able to deploy IS infrastructure on cheap intel.  Vendor Certification for Key apps ( Oracle and GenaMap (GIS Software).

The talk present hard numbers on TCO of linux compared to RISC architectures for Internet/Extranet/Intranet apps and Collaboration apps. As well has hard data with respect to the Cost of running Oracle in Linux compared to RISC architectures.

Other key points in the migration:

 Bloomington used Oracle 11i and Red Hat AS 2.1.  The Full migration was tested twice.  The Project had a fixed bid, timeline, and budget.  The project timelines was 5 months.

The cost of training was mitigated by leveraging the existing Linux knowledge in the organization.

Major application began their migration to Linux starting 2002. As of now only Oracle Financial remains on HP-UX.

Aspects of migration that were covered included hardware sizing, testing, profiling. Did I mention testing? Important concepts included tight patch management and cross referencing with Vendor documentation for supported configurations.

In the end the project was a success.

 Go live as planned.  Successful Month end closing  Successful Year end closing  Batch process happens 4-6 times faster under new enviroment.  Additionally the whole oracle system was upgraded from 8i to 11i and now process work smoother

I asked about how they did testing for the application. They created a test case customized to their business process.

Summary of migration:  Planning  Sizing  Testing  Production Cut over window  Patching  Right Partner

I asked them if they used any standard processes for the migration… they mention AIM (Assess, Implement , Manage).

Security In A Linux Environment Systems Management - The New Frontier For Linux Linux In The Finance Sector The City Of Calgary: Implementing Linux - A Case Study

309 – Linux Industry Developments & Adoption trends by: Warren Shiau (from IDC) Thursday April 15th 2004

I was quite surprised that Warren actually remembered be from last year and addressed me by name.

So what have we seen in the last year?

The exposition of Distros Then the Implosion of Distros

New backers: IBM/HP/People Soft There’s no VC left for new Linux offerings. It’s no longer about revenue growth. Seems odd, but the point is that the new backers are not making money from Linux itself.

Note by David: Could this be “Linux as Enabler”, that’s the subtitle of my product roadmap.

So where is Linux going? Well where isn’t it now? What doesn’t it have: A complete stack on top of the kernel. Where Windows has this broad layer of apps that sit on the windows platform, Linux is fragmented and incomplete. The IDC guy referred to the Widows platform as a standard.

He nearly got “boos” from the crowd.

So who is working on filling these “Stack” gaps?

SAP is taking a top to bottom approach HP/IBM is taking a bottom to top approach

    Kernel and OS contributions + Management systems

So the big missing link?

  MIDDLE WARE!

So what do users want?

Integration: CRM / Call Centre / Web logic

The result: efficient use of resources.

What the strategy?

Port apps to Linux. Then get to the business critical apps Some other apps that the industry is looking for: Identity Management Resource Management ( ERP ? )

HP/IBM are missing a portal offering.

Red Hat and Novell are not they have a portal offering now.

IDC had done some polling to get the industries opinion of Linux. They found the overall opinion is that Linux has a low cost for implementation and deployment, but that integration and training are high cost.

Additionally he mentioned that there is a looming issue for executive decision making with respect to the IT industry. Everyone calculates TCO differently.

This is an echo of the Joseph Potvin’s Full Cost Accounting talk.

So why are people choosing windows?

Multi vendor integration costs more!

System Management By a guy from SuSe What does SuSe want to be? A neck to choke To put it another way SuSe sells predictability. They have a commitment to stability.

The guy said that “OSS doesn’t support old code”. I called him on it… BIND and Apache are all examples of old code that are support by OSS. Come to think of it I can add a pile of others to the list: mysql, postfix, sendmail, Postgres, ntp.

There are three parts to a contract: Support and Development / Services / Maintenance.

SuSe is working on a framework that will allow any application to expose and interface that will allow the application to be manageable. They didn’t say much more than that.

Upon further questioning: 1. The framework is “Closed at this time” (i.e. NOT open) 2. Will be open when it is released. 3. Is based on CIM (and WBEM) 4. Allows for a standard install process (what is this? another rpm?)

Autobuild ( as feature of the management framework): 1. Strong ties with Software providers ( IBM for DB2 for example) 2. A strong metadata system that includes support for tracking bugs, legal aspect of software, internationalization, configuration. 3. Automated testing to software vendors specs to that certified packages are not just certified by SuSe but by the Software vendor as well, automatically. This translates into quick update and maintenance turn around times, for bug fixes and security patches. 4.