A lot of very interesting stuff was learned at this year’s Brainshare. Several things we learned will be immediately applied to what we’re doing, and some things are going to send us into the lab. I got asked to co-author a white paper about using Novell Linux Desktop in a thin-client environment, because I’ve built something like that before. We also got to talk to some vendors, and learn some new stuff that way.
Judging from the attendees, Novell CNEs are getting younger, as the crowd seemed a bit younger on average than last year. Wireless laptops are standard now. I only saw a few sad “have-nots” using the offered wired connections for their laptops, and they did so furtively, attempting to avoid notice by the rest of the technological “haves”. Likewise, it seems that disconnected handheld devices are extremely passe. I saw zero standalone Palms or Pocket PCs. There were a lot of cellular PalmOne Treos, and even more Blackberry devices, but no plain old Palms. I guess the handheld is finally dead, judging by that crowd.
James and I were extremely unimpressed by HP in the vendor pavillion. Of the dozen or so people they had there, very few could answer technical questions on our gear, and many of them showed contempt for our two-year-old servers. They answered our questions regarding problems with some of our servers with responses like “That’s not supported. You should get on a current platform!” That was regarding systems that were only three years old and just off warranty.
On the other hand, IBM was very impressive. James and I both got HP and IBM to give us full tours of their blade offerings and pizza-boxes. IBM’s stuff is twice the product of HPs, particularly in the blade area. IBM blades are fully self contained, have all internal wiring, power and cooling, including fibre and gigabit ethernet and redundant power supplies. HPs blade rack requires so much external equipment and has such a wiring hack required to interconnect the back side that they wouldn’t even let us see the back of their floor model. IBM also offers 3 year warranty across the whole line of stuff, including SATA drives. HP SATA drives are only warranted for a year, and we already had one fail in the first three months of owning our HP MSA20 SATA array.
The other big difference between HP and IBM at Brainshare was that HP had almost no Novell expertise at the show (at least among the people that I spoke to). It seems like their Linux support is an afterthought compared to Windows, and their NetWare support is an afterthought compared to Linux. IBM on the other hand, had people there who knew their capabilities inside and out with respect to both NetWare and Novell’s Linux offerings. I felt way more comfortable with IBM’s knowledge with respect to the platforms that we use than with HP’s.
I’m going to strongly recommend that we look into IBM for our future server purchases.
James had so much fun he kept this look on his face all week.
On a happy side-note, when James and I questioned IBM about their Thinkpads, and what the Lenovo deal means to the laptop line, we were very relieved to hear the response. The Laptop reps said that Lenovo has already been building the latptops for IBM for several years, and the ownership transfer is all about paper, but the people involved in the production of Thinkpads, from senior management down to the factory floor haven’t really changed. We’re true blue Thinkpad fans. Notice mine has a nice NLD logo on it in place of the usual “Made for XP” sticker.
This was a session in which one of the former Ximian engineers got to show off what’s coming up in the desktop. Of course, that’s the Linux desktop. The session included more in-depth demos of some of the stuff Nat demonstrated at Friday’s Keynote, plus a lot more in the desktop space. It’s pretty neat to see desktop productivity stuff in the Linux desktop space that’s ahead of what’s out there on the commercial desktops.
This presentation was about using ZLM to manage Linux workstations and servers running SLES, NLD or OES/Linux. They talked about how to do pattern deployment for various types of user groups, how to use Zenworks imaging to deploy Linux machines, how to do patching using Red Carpet and how to use AutoYast to setup boxes. Autoyast is a tool that lets you manually build a system the way you want it and then create a packaged deployment that duplicates that system using Yast with unattended installs. The “snapshot” tool is part of the Yast module for AutoYast.
One thing they emphasized is that to improve the chances of success for deploying a Linux destkop rollout, you should integrate desktop management into your solution from the very beginning.
Thursday night was “Meet the Experts” night at Brainshare, as it was last year. James and I cruised the floor, talking with Novell engineers about the various products we use, and drinking weak Utah draft beer. I talked a little bit of GroupWise with some of the GroupWise product engineers, talked storage with the NSS people, clustering people, searching people and NetStorage people.
I submitted my pet feature request to the NCP on Linux engineers. When they implemented NCP on Linux, when they are using posix (not-NetWare) filesystems for NCP, they built it so that all files would have user permissions set to rwx. I asked for them not to make all the files have u+x. That’s really annoying, and is the way ncpfs works now. They might add that in for me. We’ll see.
We also hung around the mono/ex-Ximian types for a while and I got to shake hands with Miguel de Icaza, which was cool.
All in all, a good evening.
I went to two other Linux-oriented sessions this afternoon: “The Novell Client for Linux”, and “NCP on Linux: How it Works”.
The first one was interesting in that last year, Novell had no plans to produce a Novell Client for Linux, and due to overwhelming customer objections to that policy at Brainshare 2004, they now have one almost done. The client is basically similar in functionality to the win32 client for Novel.
It supports multiple tree authentication, iPrint, NCP, eDirectory, NMAS, RSA, CIFS, NFS, LDAP and other authentication schemes. It works on NLD and SUSE Linux Pro in both KDE and Gnome. It has file manager integration to allow access to NCP properties in the filesystem on the server, like the properties dialogs in Windows. It does background reconnect and has cluster auto-failover support, and >4GB file size support. There are a bunch of commandline utilities similar to nlilst, purge, salvage, ncopy, flag and rights.
The printing support is provided via iPrint. There is no NDPS support. The client is multiple-concurrent-user safe, so if it is used on a system supporting thin-clients, for example, it works properly with user rights separation as expected.
It has login script support in that it parses the login script, executing the logic and commands found within. It supports conditional login script statements and it uses map statements to provide softlinks in the users’ home directories on Linux that point to “drive mappings” on the server, the way the win32 client provides drive letters. I asked during the presentation to have the client be able to let you map the softlinks in a configurable location rather than right in the root of the user’s home directory. They said that they would add that. I’m going to get my own pet feature in the client!
The client can be installed with Yast, RCD and Rug, and via Zenworks Linux Management 7 via both pull and push. With ZLM the client also supports automatic local user provisioning on the Linux client machine. The open beta will be in June.
The NCP on Linux session was interesting in that it basically demonstrated NetWare functionality with respect to shared storage running on Linux. The interesting thing was that the NCP server on Linux provides NetWare-style rights management to NCP-shared storage on Linux OES, even when the underlying filesystem is NOT NSS or Traditional NetWare volumes. The NetWare-style trustee rights work with any Posix-compliant filesystem that the server can host.
Using it is pretty simple. There is a utility on the server side that lets you setup new share points. Once that’s done you use the client as admin, or use iManager or ConsoleOne to configure trustees just like any other NetWare volume.
I had signed up to go to a Brainshare session called “Design, Deploy, and Document Identity Manager solutions with the new Designer for Nsure Identity Manager” but I didn’t go. Instead, I cornered one of the Nsure Identity Manager engineers in the Novell Solutions Lab and got him to show it to me first-hand.
The tool is a pure-java plugin to Eclipse, and I saw it demonstrated on Novell Linux Desktop. It graphically presents your dataflow from Nsure Identity Manager, with a little flow chart that shows a widget for each stage in the process of communications on the publisher and subscriber channels. You can click on any of the widget to get a configuration winodow that lets you set up a rule for that stage. You can then use the built-in simulator to simulate DirXML events and make the tool process the event document through your rule set to see whate happens. It is essentially an offline testing suite in addition to a programming tool.
The tool can also produce detailed documentation in PDF for your project. In all, a very cool toolset that will allow me to decommission my DirXML transform-testing makefiles the next time i have to configure rules in Nsure Identity Manager.
I went to a clustering session today. The new clustering in OES is NCS version 1.8. It supports up to a 32-node cluster, with multiple-CPUs per node. The version in OES is functionally equivalent to the version in SP3 of NetWare 6.5.
They showed in the slideshow an architecture diagram that is fully redundant to the point where the services to end-users have no single point of failure. I have to get the slides so I can see that again.
You can cluster services like NCP-accessible volumes in a mixed NetWare and Linux OES cluster, as long as you have mutually accessible shared storage for the split-brain-detector partition. That way you can migrate NetWare clusters to Linux one node at a time and not have to put your cluster resources out of service for any time. You can migrate all your resources off one node, upgrade it to Linux, and then rejoin the cluster. Then you migrate resources onto the new Linux node and upgrade the next node.
One caveat was that if you have NW6.0-based cluster nodes, you have to upgrade the cluster to NW6.5 before converting any nodes to Linux.
An advantage that clusters on Linux have over those on NetWare is that all clustered resources run in protected memory and have a much lower chance of crashing the kernel if they crash than the equivalent resources on NetWare. You can run stuff in protected memory on NetWare manually, but not everything (including GroupWise’s GWIA) works in protected memory on NetWare.
Another advantage of Linux cluster nodes over NetWare, is that the eDirectory only needs to be available when the cluster master starts. Other nodes can safely join and leave the cluster without eDirectory being available, after they have been configured.
There are similar utilities on the Linux cluster nodes to the cluster utilities on the NetWare console. These are discussed in the documentation for OES.
There is a new cluster api that application writers can take advantage of to allow for application-level cluster integration. Sequoia GroupWise agents will feature the use of this api to allow the cluster to know if a particular agent is having problems and fail over the node.
To make cluster scripts easier to port from NetWare to Linux, Novell provides a cluster helper library for your Linux cluster bash scripts that add NetWare-like commands to your scripts, like add_secondary_ipaddress and the like. NCS on Linux OES is configured with Yast and managed with iManager.
One little tidbit that’s useful:
fuser -k /mnt/mountedfs
That command will kill any open filehandles on a filesystem so it can then be unmounted.
I went to a “Birds of the Feather” discussion on Linux on the desktop this morning. The discussion revolved around the business case for Linux on the desktop and barriers to adoption of Linux in enterprise desktops.
There are a lot of questions that need answering to justify Linux desktops. The main ones are to do with cost.
How much does it cost to deploy? That much is fairly easy to answer, because it is a numbers game. How much does training cost? That can be fairly involved depending on the role of your users. Where are my main apps? What about interoperability of OpenOffice.org with MS Office documents?
Another key factor, which I doubt we have a good handle on, is how much does it cost to keep MS crap in our environment? What is the MS Office licence cost we pay? We don’t have upgrade protection on MS operating systems so there’s no ongoing maintenance cost direct to Microsoft. There is, however, a very large cost to patching, virus scanning, spyware removing, and fixing stupid annoynig bugs and flaws in our Windows desktops. These factors could be much less in a Linux deployment, but to know how much less, we would have to come up with some kind of metric to measure our existing costs.
With respect to the interoperability thing, Novell has been down the road of interoperating with Microsoft Office documents from their partners. There are two simple things to notice: The DOC format is very complicated and Word has a few more features than OpenOffice.org’s writer program (none of which are used by our company). That means that OpenOffice.org can’t put stuff in Word documents that is not supported by Word, so going from OOo to Word is pretty seamless. That means if our clients demand documentation in Word, and we write it in OOo and save in DOC format, the result will work fine for our client. The only time problems occur is when you go from Word to OOo, and those problems are fairly minimal now, and reducing with each version.
Novell also dealt with the “elaborate spreadsheet” problem in going from Excel to OOo Calc. According to Novell most stuff from Excel just works, with the exception of elaborate visual basic stuff. For that, there had to be some conversion done. In our operation I expect not many people outside of the automation engineers and techs in our instrumentation and controls groups know how to use Visual Basic. I’m often told I give users too much credit with respect to their capability to learn computer technology, but here I’m giving them NO credit. For the elaborate spreadsheets that Novell really does have, they spent some programming effort to re-implement them in OOo. The most elaborate set of spreadsheets they encountered were used in their accounting department, and what they described was similar to what our accounting people use. They converted them in two weeks. I’d say never having to buy MS Office is worth a couple of weeks of hacking.
It’s been pretty clear for a couple of years that dropping MS Office is the biggest value proposition in open source software for enterprises. If we could switch to OOo, and drop MS Office, and make no other changes, we would save a load of money. Add to that the ability to laugh viruses and spyware and adware in the face by switching to Firefox or even better to Linux on the desktop, and we’d be way ahead of the game.
Don’t forget, our competitors are discovering Linux right about now, too.
Last night was the Brainshare Conference Party. The headliner was Train. The performance was very good. They are one of the few newer bands who actually sound better live than on recordings. I was impressed and I’ll have to go back home and do some heavy-duty Train listening to get more familiar with their stuff.
Two silly things happened at the show. First, Messaging Architects, my least favorite Novell Partner (because their presence is so overbearing and obnoxious) gave out little glow in the dark plastic puck-shaped things. Partway through the concert some wise ass discovered they flew like miniature frisbees, so after that every few seconds one would go sailing over the heads of the crowd.
The other silly thing was that I was trying to order a beer at the Delta Center. I wasn’t familiar with the brands of beer they had, and I must have botched the name of the one I wanted. The server carded me. I thought she was kidding. I’m 36, which where I come from is DOUBLE the drinking age. When she saw my ID, I think she was embarrassed for having asked for it. I felt a little more youthful.