When the Australian Institute of Health and Welfare’s (AIHW) IT manager Justin Dorman faced ongoing security and integration issues with proprietary infrastructure software, he made a decision to adopt a selection of open source tools which he said get the job done with a good level of support.
Dorman, an early adopter of Linux and open source personally, said he has influenced a number of migrations from proprietary to open source software.
“We initially adopted things like Samba which allows Unix to be used as a Windows file server,” Dorman said. “We did have a proprietary Sun product but cost was an issue and Samba is much better.”
As the country’s national health and welfare statistician, the AIHW uses Oracle on Sun as its primary database for more than 90 percent of usage in data warehousing and analysis.
“Most of our servers are running Solaris, including the MySQL database,” Dorman said. “We’re more than happy to run open source software on Solaris and have been doing so for six years. For example, by using GCC (an open source compiler) on Solaris we can almost guarantee any open source application will compile.”
In addition to being an early adopter of open source software on its proprietary Unix systems, the AIHW also deployed Linux on a number of systems at the edge for mail, and proxy services.
For Web serving, the institute replaced Oracle’s own HTTP server with the standard open source Apache.
“We stopped using Oracle’s HTTP server because Oracle didn’t maintain its patches and it is basically just Apache,” Dorman said. “The Oracle server became an issue for us due to the lack of updates to new features that we wanted and it lacked the ability for us to build code into it. Since we’re also running Cold Fusion we need flexibility.”
The AIHW supports Apache internally and most of its open source software is downloaded and compiled from source.
“We mostly leave the code clean but on occasion we modify it for our needs which is mainly integration purposes,” he said. “The community support is great which is where we get all our security features. The main benefit with open source is its integration ability, which gives more of an opportunity to use different software. Proprietary software is harder to integrate.” Unlike many enterprises that feel open source databases are not ready for production, the AIHW uses both MySQL and PostgreSQL - two popular Web databases.
“MySQL is used for running part of AIHW’s intranet and is used in conjunction with Apache and PHP, and we are using e-mail list manager software that uses a PostgreSQL database,” he said. “We also have a MySQL-based, IT helpdesk application which is used by six people in IT.
“For Web content, AIHW has been using the open source PHP scripting language for the past two years with all development being done in-house,” Dorman said. “PHP is used a fair bit internally for our intranet plus a couple of internal apps. And sometimes third-party tools are available for PHP for free.”
The AIHW also uses the open source Nagios network monitoring tool, but is reluctant to adopt open source software for its core server platform or on the desktop.
“If someone could guarantee to me that Linux on Intel hardware was just as reliable as Sun we would look at it. I wouldn’t go with Dell as a Sun replacement as Sun is cost-effective these days,” he said. “We trialled OpenOffice.org on a number of systems, but it’s easier with Microsoft Office as staff are used to the software and it’s hard to justify retraining.”
Overall, Dorman’s message is to adopt open source software where it complements your business requirements and in-house skills.
“Open source is good enough to get the job done. It’s mostly stable and secure, and there are good products and support,” he said. “We will look at moving more to open source but need to see if it’s cost effective. Trying to justify costs with open source really depends on what issues you have. If there is a suitable application, I would certainly recommend going with open source but redesigning existing applications might be a nightmare.”
If you have no Linux skills it will be hard to change but if you do have Unix, go with open source, he said.
OpenOffice.org marketing project lead Jacqueline McNally said OpenOffice.org feedback and case studies show that regular users of MS Office experience “little difficulty” migrating to use OpenOffice.org as their regular office suite.
“If staff have previously been trained in a particular product, then some re-training may be required,” McNally said. “But people have commented that the unfamiliarity of the current OpenOffice.org user interface is not somewhat different to upgrading from an earlier version of Microsoft Office.”
McNally said the most appropriate place within the enterprise to deploy OpenOffice.org is where users do not require or use the full functionality of their current office suite.
“Most organisations are migrating the majority of their staff to OpenOffice.org, with only few computers remaining for specific functionality that is not yet in OpenOffice.org,” she said.
Open source databases
Open source software may be more popular at the edge of the enterprise, but according to PostgreSQL core team member Josh Berkus, many users are adopting open source databases which rival the functionality of their commercial counterparts.
“Favourably,” Berkus said when asked how PostgreSQL compares with commercial databases. “Oracle is still ahead of us on raw performance for large databases but I'm not sure anyone else is, except in specific cases such as SQL Server's specialized OLAP tools.
Berkus said that aside from a few very high-end features like server clustering, PostgreSQL is more “feature complete” than most commercial RDBMSs.
“One of the drawbacks to our ‘strings-free’ licensing is that many of our biggest commercial users don't want to be public about what they use in their server rooms,” he said. “They have that right, but it is frustrating sometimes. For example, there are three Fortune 500 companies and two major government agencies using PostgreSQL extensively but none of them are ready to be public.”
Berkus said PostgreSQL’s TCO compared with proprietary databases really depends on the application.
“Just based on the database itself, we're much cheaper than anyone, including MySQL,” he said. “For the user, though, we're still waiting for many applications to be ported to PostgreSQL. Like PeopleSoft, I'd like to see that; we could support it. So, like Linux on the desktop, our TCO really depends on the existing application support, which is mediocre but growing.”
Berkus said if companies looked at PostgreSQL two years ago without finding something they needed, it's time to come back and look again. MySQL technical writer and trainer Arjen Lentz said the company offers a selection of training courses, ranging from beginner to advanced administrator levels for both the MySQL database and PHP scripting language.
“MySQL support is available, including installation support, and a range of annual support contracts from just $2000,” Lentz said. “The top-level offering includes 24x7 with a 30-minute response time by MySQL developer and support staff. All support levels include a variety of services often not included by other vendors.”
When asked what the enterprise feature road map for MySQL is this year, Lentz said version 4.1 with subqueries, unicode, OpenGIS and prepared statements will reach production stage within a few months.
“MySQL 5.0, which is in development, implements stored procedures according to the SQL:2003 standard, and just this week SQL Views were released,” he said. “The latter is exciting news for MySQL users and onlookers, particularly since the views are implemented as real "windows" into actual tables.”
Lentz, who is based in Brisbane, said work on the SAP R/3 interface layers for MySQL is currently progressing, with various important milestones reached ahead of schedule.
“This code is not yet publicly available,” he said.
Open source security
Before deploying any software, its security credentials must be reviewed, and according to Brisbane-based information security consulting firm BSD Australia’s managing director Brian McKerr the best way to do this with open source software is to look into the past. “Look at track records,” McKerr said.
“OpenBSD has had one remote hole in the default install in more than eight years. So the track record of OpenBSD is second to none.” McKerr said people wrongly go past that and look at software features before security.
“Managers will look at security at a high level. I’m not the type of person to say ‘run open source everywhere’ but if the shoe fits…”
McKerr referred to Netcraft usage statistics for “seeing what the majority of Web and mail servers are running”.
“There is normally a motivation behind a move to open source,” he said. “Some enterprises have teams of upwards of five people dedicated to patching Windows installations. IT managers should be saying ‘how can I get away from this risk’. There is a lot of complacency among IT managers and there may come a time when they fall well behind.”
McKerr said the latest CERT advisory “sums it up”. The advisory reads: “Due to the way code libraries are shared by different components of Microsoft Windows, it is important to patch Outlook Express and Internet Explorer even if you do not directly use those products.”
“For security updates with BSD operating system issues you can get them via CVS,” McKerr said. “With Windows you double-click on an executable so the updates are not as transparent.”
Regardless of which type of software, McKerr recommends that enterprises rely on highly skilled people to manage security.
“Open source security is a mindset rather than a skillset as most security is done at the network level,” he said. “It’s not difficult to get someone familiar with Solaris or Linux to use BSD. Many open source operating systems come with security tools for hardening and monitoring so it just becomes part of your toolkit for doing your job.”
A number of recent announcements by multinational technology vendors have indicated that open source software can be part of an overall business model.
Sun Microsystems’ chief technology evangelist, Simon Phipps, said open source is crucial to the future of the computing industry because many things change when things are massively connected.
“Just because software is ‘libre’ that doesn’t mean it’s free and we have a view for a high-function, low-cost desktop for the enterprise of the future,” Phipps said. “You subscribe to JDS [Java Desktop System], you don’t buy it. If you stopped paying for a subscription you would stop getting updates. Free doesn’t mean getting something at no cost, it means you are free to choose.”
Phipps said an IT manager could employ people to integrate open source components but JDS is more cost effective.
“I suggest they taste and see,” he said. “Try a pilot and see if it meets the need. It should meet a significant slice of people’s needs and is highly manageable. The cost savings are getting too great to ignore.”
Novell’s Australia and New Zealand solutions manager Paul Kangro said the benefits of multiple vendors adopting Linux and open source for customers is an end to lock-in.
“Open source gives power to end users who are given back the freedom of choice,” Kangro said. “Open source software is good but customers need support and can get yearly subscriptions for updates and patches. The overall cost is still less.”
Kangro said Novell is also committed to offering commercial software for Linux while donating code to open source projects like Apache and OpenOffice.org.
“When I talk to CIOs they say they need a flexible architecture,” he said. “Everyone is either deploying it on the desktop now or will be deploying it. And the whole winner is the end user.”
At the infrastructure level, Computer Associates' decision to open source the kernel generalized event management (KGEM) sub-system for Linux and the Ingres database, as well as to form partnerships with the Zope and JBoss projects, will provide a new type of technology stack, according to field marketing director Dominic Schiavello.
“Technology stack combinations are many and varied,” Schiavello said. “This alternative competes well and puts the organization in a position where they don’t have to spend a lot of money to get to it. It will support Web services development at a low price point and have a management system for the whole stack.”
Schiavello said that with open source software, innovation can happen and open new market opportunities which is “great for the industry”.
Red Hat Asia Pacific vice president, Gus Robertson, said the company’s business model includes a subscription-based Linux operating system as well as support, training, and consulting.
“We have an open source architecture with Linux at the core and system administration tools in the Red Hat network,” Robertson said. “We’re seeing the next wave of interest around virtualization of nodes and storage and we’re bringing out development tools based on Linux.”
Robertson said the adoption of Linux and open source is “not quite there” but when end users see where it can take them “we see where it will be”.
Red Hat senior sales engineer Shane Owenby said enterprise adoption will take time but tools like the Ximian Connector for Exchange being rolled into its Linux distribution make it easier.