Who's Your Data?

A customer asked me yesterday what I thought of VMWare. I do not get paid for smart aleck answers, unless you count this blog and my work on radio for whosyourdata.

My official answer was “it is a very nice product, with very good capabilities depending on your needs”. I hated that answer and so did the customer. My real answer is…actually I will tell you later. The customer’s query prompted me to search on the AGWWW for news about VMWare. Egad. You would have thought that mankind had entered a whole new plane of metaphysical existence.

My unscientific survey suggests that VMWare is currently tied for the most hyped technology on the planet with…I don’t know, but the answer is in some ridiculously expensive report entitled Gartner Identifies Most Hyped Technologies. Anyway, it’s hyped.

VMWare is a sort of virtual machine. It emulates an Intel-based PC in much the same way there are emulators for other machines. It passes instructions straight to the CPU for execution with no intervening translation, so it is a little bit faster. We use it in our lab at DLT. We use it for training and simulating complex network environments.

So, what’s my real answer…what is the real skinny on VMWare? Are you sitting down? Here it goes. Do you like snapshots?

VMWare has a pretty cool snapshot feature. You can setup your virtual machine the way you want to and take a snapshot of the setup. That’s great except us data management types have been doing that for years with Symantec, Network Appliance and others. I like the emulation features, but I am not ready to crown VMWare as product of the year just yet. It is a very nice product, with very good capabilities depending on your needs. Wink, wink, nudge, nudge. Say no more, say no more.

Posted by Matt Hamilton at 02:19 PM | | Permalink | Comments (9501) | TrackBacks (0)

This blog is about a religious conversion. A few weeks ago I experienced the wonders of Second Life @ www.secondlife.com. I would now like to be the first blogger in the universe to comment on the experience (trust me; no one has blogged this yet).

Second Life is a web browser in 3D. You go online, for free and create an Avatar. You can spend 10 minutes or 10 hours creating your Avatar. I am opting for the gradual approach…changing a hairline here, elongating the finger nails there…you can go crazy with your Avatar. Some participants have opted for the chicken look. Once you have created your Avatar you enter the humongous world of Second Life. It is best to start out in the beginner’s land and learn to navigate around.

I got the hang of it in short order and was soon teleporting to nightclubs, parks and most interestingly of all…islands created and run by some of the top tech companies in the world. We’re talking Cisco, IBM, Sun and lots more. The Geek Squad has an area. Sears has a store. Why in the world would IBM create multiple sites on Second Life? My extensive lack of research suggests the following reasons: they want to anticipate the next myspace, facebook or youtube. There are now 6 million people (and chickens) signed up for Second Life. It is already a vastly superior experience to today’s boring Power Point driven webinar. Go to Sun Microsystems island and sit in on a presentation. You can interact directly with other attendees.

You can buy land on Second Life. I own 512 square meters of land. You can buy an entire island. It’s cheap. You convert real world money into Linden Dollars, named after the creators at Linden Labs.

Yes, there is some rough stuff on Second Life. There are R rated areas. If you go into it with the understanding that you are working with a web browser…it shouldn’t surprise you that there are a variety of experiences on Second Life. There are a variety of experiences all over the world wide web.

I have no idea where this thing is going. It could flame out in a few years or grow like crazy. I am impressed with the roster of corporations that already have a significant presence on Second Life. I have seen the lite.

Posted by Matt Hamilton at 04:59 PM | | Permalink | Comments (8717) | TrackBacks (0)

I have had the opportunity to work in several different types of environments in my career. I started out working for the U.S. Congress at a support agency called the Office of Technology Assessment, or OTA for short. And have since worked for a Wall Street bank, for a small con-sulting company at a multinational technology company and at Emu Software, the corporate sponsor of the open source system console project, NetDirector, that I Co-Founded in 2003. This diversity provides me with a perspective on the degree of “opinionatedness” that people have in different industries. No where, in my experience, are people even half as opinionated as they are in open source.

In open source, I’ve found that people tend to be *very* opinionated about just about *everything.* From which license is best (GPL, MPL, CDDL, Apache,...), to how much inter-operability with Microsoft is too much, to whether there is any need for Graphical User Inter-faces, or GUIs, to manage open source applications. This last one is very near and dear to my heart, because it is an issue we’ve wrestled with from the get-go at Emu Software. When we set out to deliver an easier, more “enterprise-class” way to manage things like Apache, Samba, NFS, LDAP, Kerberos, etc., especially in bigger networks where you want to configure more than one server at a time, we knew we would face some resistance from the “command line bigots.”

We also knew that, for NetDirector to be acceptable in environments with some of these folks present, there had to be a way for them to use NetDirector but still be able to configure manually. For quite some time, we wondered if it was even possible to accommodate both types of users - in one camp, those who are new to Linux and open source and so really want a nice user inter-face and, also in this camp, those who may be comfortable doing things manually, but who’s networks are growing faster (often *much* faster) than is the number of SysAdmins. In the other camp, the folks who, if stranded on a deserted island, would choose death before using a GUI to order a glass of water.

Then it hit us - why not put a button in the NetDirector main configuration screen titled “Edit Config File,” which, when clicked, brings up the flat file for the service the user is managing? The screenshot to the left show’s this for Samba. The nice thing about this compromise is that, once you’ve implemented NetDirector, everyone on the IT team can use one tool that lets them manage their Linux (and Solaris) boxes in the way that’s most comfortable for them - no judg-ments. If you want a point-and-click way to set up a new Samba share across several branch of-fice servers, you got it. If it’s just as fast for you to do it manually and then copy and paste the new config, that works, too. In both cases, NetDirector’s embedded database does the revision control for you, so if something goes wrong, getting back to the previous state is a click away. And, in both cases, you can schedule the change to take effect in the future with the drop down calendar.

With this as background, you’ll understand why when I read Jason Brooks' retrospective on his review of RHEL 5 in eWeek, I just had to pipe up (I guess I’m opinionated, too). Jason de-scribes an exchange with a reader who thinks that Jason’s desire for good GUI tools in RHEL is misplaced. I think Jason does a nice job describing the need for a balance between GUI and CLI - something we put into practice with NetDirector. And so I posted a comment to this effect on Jason's blog. You can read his article and my post here. So, if you’re opinionated, too, why not add your 2 cents?

http://blogs.eweek.com/brooks/content/was_i_too_tough_on_rhel.html#comments

Greg Wallace
EMU Software

Posted by Who’s Your Data? at 11:18 AM | | Permalink | Comments (875) | TrackBacks (0)

This morning a colleague called and asked if I thought the upcoming Symantec Vision conference in Las Vegas was worth attending. I have been to six Vision conferences and I will be at this years as well. I gave my friend a resounding Yes. Symantec has so many products and so much technology on the table the conference is a great way to get up to speed on their offerings.

There have been times when I have been frustrated by the lack of technical details at Vision. A one hour session entitled “How to Administer XYZ” should make a reasonable attempt to teach you how to administer XYZ. It shouldn’t be one long commercial for the product or for a five day training class. Give me some meat. I have been adding that to the Comments section of session surveys at Vision for years and by golly, things have gotten better.

Speaking of tech shows, I used to love Comdex. It was the only general purpose IT show I would go to. The feel of the crowd and the energy in the hall in the 1990’s was phenomenal. The massive displays of the HP’s and IBM’s of the world were interesting, but I used to love to see a crappy booth thrown together by some small Midwestern entrepreneur peddling a new-fangled database. Those were the days.

It would make a great Paul Harvey “Rest of the Story” segment to say that the small Midwestern entrepreneur created a new database that became wildly popular. Most of the time the “Rest of the Story” was crappy booth, crappy software. Great show though.

If you go to the Comdex website there is discussion about re-starting the show. In the meantime the shows owner, CMP, is pushing a bunch of Interop conferences (never been). BTW - Am I the only one that thinks CMP is taking over the world one publication, website and show at a time?

Posted by Matt Hamilton at 02:25 PM | | Permalink | Comments (955) | TrackBacks (0)

I am staying at a Marriott hotel this week and I can’t find my customer loyalty card that earns me free nights and upgrades. What happened to the universal smart card? I went to a seminar in the 1980’s that promised it was just around the corner. I just looked around the corner…it aint there. Was it the civil libertarians who killed the smart card? Maybe I am confusing that with the electric car. Why would a civil libertarian care if there were electric cars? Supposedly the smart card will usher in the dreaded Big Brother Orwell thing. The problem with that argument… 1984 was a book. It’s not real. It never happened. The only freedom we have lost is convenience.

Maybe we don’t have the technology to pull it off. Even as I write that sentence I know how stupid that is. Of course we have the technology to give every man, woman and child in the world a smart card. Doesn’t mean they won’t lose them. That’s a different problem. And yes, there will be giant server farms managing the accounts with giant databases and giant catalogs. Guess what? There are right now.

Maybe nobody wants one. That’s because there is no room in the world’s wallets and purses for another card. My favorite coffee shop has a customer loyalty card. So does my second favorite. My wife has 43 cards in her extended purse and we turn most of the card offers down. These are the essentials. If there was one universal smart card for every transaction, purses and wallets would be non-existent. No Brighton’s, no Coach. Sure, there would be fraud. There is fraud now.

We wouldn’t need currency or coins. The savings would be enough to do serious damage to real problems like hunger and disease. So we are back to the Big Brother scenario. It’s the only one I can think of that would resonate with enough people to kill the smart card. The smart card would not be the first step towards a totalitarian society. There have already been lots of totalitarian societies in human history. The smart card would not concentrate power into the hands of the few to oppress the many. That happened a long time ago. We are still here. Meanwhile…I found my Priority Club card for Holiday Inn and my Starwood Preferred Guest card for Westin and an expired $10 off coupon for Carrabba’s Italian Grill, but no Marriott card.

Posted by Matt Hamilton at 02:11 PM | | Permalink | Comments (3246) | TrackBacks (0)

Nature fascinates me. In particular, I think it is amazing how some would-be competitors actually come to rely on each other. Take the example of the sea anemone and the clown fish. Anemones usually eat fish, and fish usually eat plants. However, in the case of the clown fish and certain anemones, they’ve found that they are better off working together. The clown fish gets extra protection by burying itself in the anemone’s tenta-cles and the anemone gobbles up the clown fish’s crumbs. Good deal.

In nature, it takes time for such relationships to form – on the order of a few million years. Fortunately, we humans can apply lessons learned from nature and elsewhere to our own circumstances in far less time. Thus, when it comes to information technology, millions of humanoids, even those whose paychecks come from would-be competitors like HP and IBM, Red Hat and Novell have recognized the benefit of working together on such projects as operating system kernels, web servers, name servers, developer tools, and many many more open source projects.

The same forces propelling Linux to its status as the fastest growing server platform are present and accounted for when it comes to systems management. At a macro level, systems management software has a lot in common with operating systems, with web servers, and with databases. Some of the key things these software categories have in common are:

1. A horizontal nature and, therefore, lots of potential users

Think about popular open source packages - MySQL, Linux, Apache, ISC BIND and DHCP. Now consider this - do a bank’s fundamental operating system, name server or web server requirements vary that much from a hospital’s, from a government agency’s? I’d argue no. Since the open source model NEEDS a lot of users to work, when you find an application where the basic user requirements don’t vary that much by industry, you’ve found yourself a potential good candi-date for open source.

2. Technical users

One reason, I think, that open source has not experienced, and may never see, broad adoption on the desktop is because most desktop users are not tech savvy. They really couldn’t care less how the software running on their machine is licensed, because they have absolutely no desire to customize it. When it comes to desktop and laptop computers, 90 percent or more of users follow the “if it ain’t broke, don’t fix it” rule. In contrast, folks that manage corporate and government agency data centers ARE technical - they do like to look under the hood, tweak this, adjust that, tune this and optimize that. And for these folks, open source is bliss. Indeed, it is these technical types whom the popular open source mantra “closed source software is like buying a car with the hood welded shut” fits to a T. And the car analogy is very apt. For me, my wife, my mother in law, indeed almost everyone I know, our car’s hood might as well be welded shut for all the good we can do with it open. But, try to get a NASCAR team to buy a car with the hood welded shut. Folks in IT operations and data center management are the pit crew of America’s high-performance, technology-driven institutions and they need to be able to look under the hood. But, this is not to say that all enterprise software will necessarily be open source, because points one and two go together. So, while certain business software, like databases, operating systems, web servers, and systems management, are horizontal and so benefit from a huge pool of users, other types of software are much more niche. So, for example, I would not expect a company like Dassault Systems or Misys to face significant open source competition any time soon.

3. An initial market dominated by large incumbent vendors with integrated, proprietary products

This one is pretty obvious, and can be summed up with the truism “No one likes a bully.” And until Linux came along, that’s just how the dominant OS vendors acted, same for databases and same, too, for Systems Management.

Observing these facts, several open source systems management companies and pro-jects got together last year and founded the Open Management Consortium, or OMC, to promote awareness and adoption of open source systems management. These participating organizations leverage the open source model to develop very strong projects that deliver world-class, standards-based systems management capabilities. And users have voted with their mice by downloading Nagios, Webmin, OpenQRM, Puppet, NetDirector, Zenoss, OpenSIMs and many other open source management tools. As importantly, community members are developing extensions, plugins, fixes and modules around these projects, making them richer, more useful and more robust.

OMC is in the process of developing a user survey to solicit open and transparent feed-back on what users like and dislike about open source systems management. The sur-vey will be available on the OMC page by Mid-May.

Greg Wallace
EMU Software

Posted by Who’s Your Data? at 10:36 AM | | Permalink | Comments (15)

Recently I read a novel by Michael Crichton called State of Fear. I’m a big fan of Mr. Crichton as he never fails to simultaneously entertain and educate me. While the general theme of the book takes a firm position against the pressure of the socio-political process on scientific research, specifically in the field of environmental science, there was one portion of the book where Crichton described the history of Yellowstone National Park that struck particularly relevant to me in of all things, the competing necessities of the protection and preservation of our electronic data.

When Yellowstone was commissioned by Ulysses S. Grant in 1872, it was the first wilderness to be set aside as a Natural Preserve anywhere in the world. For the first 30 years or so, it was managed as you might expect. It was left well enough alone, unmanaged, as wilderness generally is. In the dawn of the 20th century however, the park service was formed, and was assigned the task of preservation and management of the environment of Yellowstone.

Within the first ten years of their management of the park, the ecology of the park had been forever changed by the well intentioned yet incorrect assertions of the park service on how best to preserve the land. First they believed that the elk were about to become extinct, so they began the process of shooting and poisoning all of the wolves in the reserve, who were the natural predator of the elks. This resulted in an explosion of the elk population and another totally unexpected result. You see, part of the diet of the elk was in fact the trees that the beavers of the park used to make their dams, and the lack of those trees and the resulting dams threw into chaos the water management of the park. The beavers disappeared, the meadows dried up and the otters and trout vanished.

Common patterns of correction, followed corrections of corrections have followed for the last century at the park. Grizzly Bears have been protected, and then killed off, wolves killed off, then brought back, etc., etc. I find Crichton’s summary of the situation through one of the book’s characters particularly interesting,

Things are constantly in flux. Species are winning, losing, taking over, being pushed back…Ours is a changing world and if you want to preserve a piece of land in a particular state, you have to decide what that state is and then actively, and even aggressively, manage it…Any change hurts some plant or animal. It’s inevitable…There is no free lunch. (Crichton, pg. 534-535)

So what could this possibly have to do with your data and how you manage it? I would argue that an extended metaphor could be drawn from Yellowstone to the modern datacenter, in how the park was managed, and in turn how enterprises protect the intellectual property of their organizations.

Your datacenter is not unlike Yellowstone, being in fact a complicated and intertwined ecology of hardware, applications, and information, all of which is greatly and often inexorably interdependent. Not to mention in most cases, like Yellowstone, the landscape was not preplanned, but rose and evolved through necessity. Also in common with Yellowstone is the fact that changes to individual components have effects to the whole and there is absolutely No Free Lunch.

Let’s say that you want to increase availability in the environment. You’re going to need additional copies of your data, in different places. Whether it be though using tape backup or replication or versioning through snapshots, you’ve got to have full detached offline copies, and you need them in a format that is portable. You’re also going to need additional servers to stand in wait for application failover both on-site, and off-site, waiting and ready with the last good copy of the data to pick up where a failed server left off.

Now that you’ve gone and done all of the above, and have by positively impacting the availability of systems and applications created new issues and negative impacts to both security and performance. Additional copies of vital data in the wild is not an ideal scenario from a security perspective and copies mean making two or more writes of everything, not to mention network impact of data transfer and potential application slowdown from the confirmation wait on synchronous replication.

So now you go and plug those holes. You fix security through tight encryption, and you fix performance by improving your network links, and buying more and faster disks. Then the encryption dings your performance, and the pipes and disk you bought (which yanked money out of the budget you planned to spend for Compliancy Solutions) hasn’t resolved your performance issue. Next step is to then get the application component owners (Web, App, Database, Storage, Network) into a room and throw blame around until you come up with an idea of where the issue might be.

Then you go out and fix that problem and on and on etc.

How do you manage the ecology of the datacenter? You have to actively and aggressively manage it. You need tools that can root out the interdependencies that are not immediately apparent, and get a global perspective both on the individual resources and how they function as a whole, and you need it in real time. Whiteboard sessions, scans and audits won’t get the job done. Synthetic transactions won’t get the job done either, you need to get your hands on real production data.

You also need to simplify the equation by cutting down the total number of variables. The easiest and most economical way of doing this is by removing some of the limitations of the hardware regarding how it handles core infrastructure functions through standardization on one set of tools for key functions. One tool for backup, not one for windows and another for open systems, one tool for clustering, not one per OS, one tool for Application performance, not one per application tier, and one storage management tool, not one per storage vendor.

You also need one set tools for the threat analysis of the environment. Not one vendor to handle security from soup to nuts necessarily, but definitely have a solution in order to correlate the mountain of data generated from your perimeter devices as well as your endpoints in order to have perspective on your organization’s security position at any one point in time.

Finally, you need tools to ensure compliance across the enterprise. Not so much to ensure that you are relieving risk pertaining to costs associated with fines due to non-compliance to federal regulations, but more importantly to enforce the internal policies of the enterprise, and ensure that everyone is singing from the same sheet of paper, instead of just reading the sheet and discarding it.

Posted by Tom Tittermary at 09:02 AM | | Permalink | Comments (1) | TrackBacks (0)