October 27, 2006
Open source at HP, some closed minds for customers
HP's commitment to the open source font of software is pretty well documented. HP Software Engineer Ragavan Srinivassan told customers at the recent HP Technology Forum they could see that commitment at opensource.hp.com. HP has its own guild for open source and Linux engineers who work at Hewlett-Packard, as well as a structured process to get an engineer approval to spend HP time working on open source solutions.
HP now runs its corporate-wide Enterprise Directory services on an open source solution, one which HP created using "some really high-quality open source tools," according to Srinivassan. Information retrieval, authentication, authorization, group management, messaging and collaboration between HP employees are all made possible through the Directory.
Srinivassan said that HP used a broad range of open source tools to create its directory: RPM package management, OpenSSH, CVS for revision control, rsync to synch up data files between servers, Perl, Postfix as an LDAP-aware mail server, Sudo to delegate root privileges to administrators, Apache as its Web server and something called RRDtool for infrastructure data collection and analysis purposes.
The presentation at the Forum drew some questions from an HP 3000 manager who's on the road to migration, trying to duplicate MPE faculties without spending beyond his budget on third party tools. Srinivassan said HP's decision to use open source made the Enterprise Directory possible.
But another HP talk on the same day at the Forum cast doubts on open source capabilities. Of course, that presentation touted the wonders of an HP-branded net management solution, operating on Linux. What open source set of tools could really compete? "I'm not going to trust my business to some hacker in Denmark who's got a ring in his nose and is awake when I'm asleep and asleep when I'm awake," said HP's David Claypool, Product Manager in Technical Marketing.
This issue of supportability is essential to making open source work; both HP speakers agreed on that. But Srinivassan was uncovering resources and methodologies to make open source as reliable as anything proprietary. He said moving to open source helps HP acquire customers by offering leadership instead of being viewed as a laggard.
He said going with open source required some patience, probing and help with development. that "Seeing as how important this [directory] infrastructure was at HP, it was not an easy decision to make to say we'd go open source. A couple of years ago, OpenLDAP was not ready to be an enterprise-capable directory server."
But HP ended up working with the OpenLDAP community to bring the open source solution up to the capability HP requires. HP ended up contracting with one of the key contributors to OpenLDAP, Howard Chu, who Srinivassan called one of the chief architects of OpenLDAP.
Applying support to open source solutions was among the chief concerns for the 3000 customers in the audience. The issue is the same kind of concern HP raised about open source network management tools: reliability, and what to do when bugs crop up. "Somebody's got to fix it," said one 3000 manager.
Srinivassan agreed, saying, "If anyone tells you there is no cost [to use open source], that obviously is not the case. You get the software for free, but you still have to run it, to have the operational know-how to keep it up and running. Some organizations may choose to self-support, and others may choose to contract with an organization for support."
Which, to me, sounds a lot like the model of the only business HP continues to do with the 3000 community: support. At the risk of creating a circular argument, if HP can contract with a third party to build and support a mission-critical app, non-proprietary in part, then why can't 3000 customers look to do the same thing by contracting with third parties to help support MPE/iX? (It's a rhetorical question, but one that every 3000 shop should consider.)
An organization that wants to use open source software as part of a migration strategy is like any other company looking at open source: you need solid procurement ideas as well as solid "maturity assessment ideas," Srinivassan said.
Customers can get a good start on that maturity assessment at the Open Source Business Readiness Rating Web site. The BRR is in Phase One, a public comment period. BRR supporters such as Intel, O'Reilly Code Zoo, Spike Source and the Carnegie Mellon West Center for Open Source Investigation asking the community to provide feedback and help shape this standard to make it useful to both enterprise adopters and open source developers.
Use our search engine to find 20 years
of HP 3000 news and articles
Sorry it's taken more than a year to respond, but I ran across this accidentally as I was trying to find something else.
I think you took my comments out of context and you missed the point. The important thing is to distinguish between open source TECHNOLOGIES and open source PRODUCTS. There are many brilliant developers working for free that match the stereotype of my cartoon character up there, and brilliant developers who range everywhere to the other, most conservative extreme. They've been responsible for creating technologies, and, yes, even products, that are widely used and accepted.
But when it comes to a bet-your-business decision to adopt a product, no one in their right mind should plan on doing an internet search and download a zero-dot-whatever release of something an individual has crafted. If you're going to rely on something, you need to rely on something behind it, and if not, you need to make sure that more QA than "It seemed to run fine for me on my PC" has been done.
Because of this, adopters of software on a commercial basis don't generally try to create their own Linux/GNU distribution. They rely on organization who provide support, like Red Hat, Novell, Ubuntu, etc (yes, there are many more, and no offense intended if I didn't name your favorite distribution). This extends to applications as well, such as MySQL, jBOSS (now owned by Red Hat) and many others.
I am an advocate of open source. However, my decision to download and run on my personal Linux system something like the Pan newsreader (http://pan.rebelbase.com/) is a much different decision than choosing to visit http://sourceforge.net/projects/xen/ to download and virtualize my enterprise infrastructure. The rational thing to do is to choose something from a commercial company, whether implementations available and supported by a Linux distribution or non-affiliated Xen implementations like those from XenSource, Virtual Iron, and now Oracle (and potentially others I haven't listed).
Certainly, it's possible and may even be prudent for some to download and run the bits from a raw open source project--but it's incumbent upon the adopter to understand the commitment to self-reliance that's being made if it's being used in any operational or revenue-producing capacity.
Posted by: David Claypool | Jan 8, 2008 7:43:46 PM
The comments to this entry are closed.