Open source pays off in app development lab
Using open source Red Hat Linux also provides several advantages on the development side. Because of the low-cost hardware and software PayPal uses on its production system, it can almost replicate the state of its entire live site in the application development lab. This lets PayPal coders write new versions of the PayPal production applications, which can then be switched on live with minimal disruptions.
"When you have developers testing a system on the exact same environment that you have in production, the probability for weird things happening is a lot lower. That's really key," Mengerink says. "Open source clearly makes this a lot more cost effective as well, since you don't have the same licensing costs that would be associated" with duplicating a live site in the lab.
This model also helps PayPal developers frequently churn out new versions of the Web site's main applications, which can be both a positive and negative thing.
"The one struggle we have is a classic struggle, is our decision to align development and the live site," Mengerink says. "Developers are radical. They would be on the beta version of the newest latest and greatest all the time, with some kernel patch they found from some college Web site," he says. "The people in operations are a little more conservative than that. Their take is, no feelings would be hurt if we just used the most stable, known versions of things."
This approach PayPal developers take in molding the Linux kernel and other open source code they use helps to make the overall system more secure, Mengerink says.
Linux servers in PayPal's data center run Red Hat kernels with custom tweaks that add extra layers of security to the systems. As a basic step, superfluous services, packages and other software are stripped out.
"The combination of Linux and open source allows us to do the modifications we need to scale and have that extreme rigidity of security," Mengerink says.
Security policies and code also are added to the machines -- Mengerink would not give specifics -- which creates a built-in layer of mistrust among machines on the data-center network. Each box is configured as if it were operating in an untrusted network. "So there is no such thing as a sitewide compromise," he say. "You'd have to go box by box and fight your way."
So far, the mix of distributed Linux and open source software and rapid application development of open source code have been a success, Mengerink says. And it certainly keeps work interesting.
"Sometimes we feel a little schizophrenic," he says. "We're a Web company; we're a real-time payment system -- oh, dear. So doing both is very hard."