Open Source: WTH?

Bl8ckr0uter

So the title of this thread is open source: WHERE the hell? I am still somewhat wet behind the ears (less than 6 years of exp) but I have had a few jobs. I can say that every IT manager I have worked with is either afraid of *nix open source or "believes in it"....until a windows solution comes along. Maybe I am crazy but I still see a lot of pushback regarding nix solutions even among IT pros. Is it just me? I have a nix class coming up in the fall (and plan to do Linux+/LPIC-1 some time after that) but besides that particular class, all of my formal education has been based around windows networks. Even now as I am trying to find a suitable radius solutions, I have been advised to look for windows solutions. Is this the way it is for the most part?

I am just curious if nix is a "waste of time" unless it is a secondary os choice not a primary one. What I mean is someone could go without linux and get futher than someone without windows. I know the market share differences and market penetration (as well as various submarkets such as server, super computers, web servers, etc) but I want to know what has been your experience with linux?

cxzar20

Management doesn't like it because they don't understand it. With that being said, Apache running on a *Nix platform is pretty common. Personally I am not a big fan of Linux, I hate getting stuck in dependency hell. It does have its uses but with a pretty steep learning curve. Operational support for Linux is also somewhat limited compared to that from Windows.

Learning Linux from Windows is much different than Juniper from Cisco. OSPF works the same, Linux is completely different.

Bl8ckr0uter

cxzar20 wrote: »

Operational support for Linux is also somewhat limited compared to that from Windows.

Can you expand on this point?

WafflesAndRootbeer

Bl8ckr0uter wrote: »

Can you expand on this point?

It means that finding people who are knowledgeable and skilled in Linux support is very difficult. Microsoft has a software product for just about every server and desktop use of Linux out there and most of the support segment of IT is built around their product lines, so the value of learning Linux is really questionable as far as work-related things go since it isn't widely used outside of specialized applications like hosting and customized data center setups such as what Google has running.

rsutton

cxzar20 wrote: »

Management doesn't like it because they don't understand it.

I disagree with this. The managers I have worked with understand Open Source; the problem is lack of support. You can't run an enterprise/production system that only has forum/email support.

Ahriakin

rsutton wrote: »

I disagree with this. The managers I have worked with understand Open Source; the problem is lack of support. You can't run an enterprise/production system that only has forum/email support.

Agreed, it's not a fear of the platform but of support.

cxzar20

Rsutton, I agree with your second point. That can also be tied into the operational support problem I mentioned previously.

In my (limited) experience working with setting up services management has been much more receptive to Windows because they use and understand it. They font even know what "ls" does which attributes to their lack of confidence in it.

In the spirit of full disclosure though I am almost exclusively a routing and switching guy so the experience of you who do mostly systems administration may differ.

crrussell3

I would have to say most don't use it because of the reasons pointed out:

1. Lack of support
2. Lack of understanding

I have a few things I would like to deploy open source but know I would get resistance from it. I really don't understand Linux but would like to (eventually). Heck, I can't even get the ok to install Server Core (still curious how I got away with bare metal Hyper-V).

Then the big thing in the end is, what if YOU leave, the only person who really understands the product/os? It will be much more difficult for them to find a replacement to have that specialized knowledge, especially if an issue comes up.

Forsaken_GA

Bl8ckr0uter wrote: »

I am just curious if nix is a "waste of time" unless it is a secondary os choice not a primary one. What I mean is someone could go without linux and get futher than someone without windows. I know the market share differences and market penetration (as well as various submarkets such as server, super computers, web servers, etc) but I want to know what has been your experience with linux?

My experience has been quite good. The only windows servers we have are internal ones, for things like Exchange and Sharepoint. All of our production servers, which handle our product, run on linux.

It's all going to depend on the company you want to work for, and what kind of shop they are.

Forsaken_GA

rsutton wrote: »

I disagree with this. The managers I have worked with understand Open Source; the problem is lack of support. You can't run an enterprise/production system that only has forum/email support.

Depends on what it is, and how critical. We have open source solutions in place without commercial support, but we have enough talent on staff to not need it. Other things, we do have commercial support for (mysql, red hat, etc). Our core product is a bunch of custom code, so obviously, no one's going to provide commercial support for that, in those cases *we* are the commercial support that the customer is expecting, and we can't pass the responsibility up the chain.

The risk you run by implementing such solutions is that you won't have people capable of properly utilizing them or repairing them, so the more complex and intricate the solution is, the less comfortable management is implementing it without commercial support.

it_consultant

Lets not forget that some people may have had serious problems or bad experiences with open source implementations that were done poorly. Especially if they were ever sold the expectation that "moving to linux will save you money" and all the sudden file shares are a pain to deal with, print servers don't work anymore, etc. Some people have tried using open office and thunderbird as their productivity solutions which quickly turned disastrous.

Most clients I support don't even realize they are running linux because we shield that from them. Their EHR runs apache but it was installed by the manufacturer and it works properly. Their firewall runs a linux core with a web interface, it runs like clockwork. Professional support and development maturity are critical when running any enterprise system. It just so happens that Windows, MSQL, and Exchange are all professionally supported and mature.

Bl8ckr0uter

Interesting responses. So I guess the majority of people here would say that it is an issue of support both internally and externally. Have any of your had to "champion" an OSS/NIX solution in an all windows shop? How did you sell it? Did you use have to use credentials to sale your support?




(I now just need to figure out how to persuade my boss into allowing rancid and free radius lol).

Forsaken_GA

Bl8ckr0uter wrote: »

Interesting responses. So I guess the majority of people here would say that it is an issue of support both internally and externally. Have any of your had to "champion" an OSS/NIX solution in an all windows shop? How did you sell it? Did you use have to use credentials to sale your support?

(I now just need to figure out how to persuade my boss into allowing rancid and free radius lol).

Radius is one of those funky solutions. Freeradius can be a real pain in the ass to get working properly, and I honestly wouldn't have a problem if someone insisted on using something like ACS or IAS for radius, particularly if those solutions were already implemented for other reasons. At that point you'd be leveraging existing infrastructure instead of creating new.

rancid, otoh, should be a no-brainer.

What it boils down to is that the solution has to make sense. Getting religion where software is concerned isn't always a good idea. The important thing is to *have* a solution. If you feel the open source solution is better than your current one, or the commercial one you're planning to buy, you have to do your homework. You need to compare and contrast, and account for things like scalability. You could find the best open source solution on the planet, but if your company plans to grow, and it can't accommodate that growth, then it's a bad solution.

In the case of rancid, I'd explain it like this -

Configuration management for the network gear is absolutely necessary. Some changes don't have their impact felt until later down the road. When troubleshooting, it is beneficial to know exactly when a change was made. If you need to revert, the differences are already centrally stored, so it's simple to do so. If you need to compare the changes between two different configurations, this is also trivial using the builtin tools of whatever versioning system you decide to go with.

Additional benefits - the ability to email a list when changes are made. So if a junior engineer makes an unauthorized change, when the email goes out to all interested parties, everyone is made aware of it. This keeps people honest, as they know their changes will be seen by others in a relatively short amount of time. It can also have a security benefit. Your router got compromised and someone fudged with some routing table entries or ACL's? You get email about it. In addition, the emails can provide another point of correlation if you need to establish a timeline for changes as mentioned above.

The software is free. It's script based, using commonly available binaries and libraries, so portability is not a concern, and it's unlikely to be broken due to syntax changes, as the open source guys do try and account for backward compatibility. It's resource consumption is minimal, with the biggest issue being hard drive space that logs will eat up over time if not properly tended. Scalability is limited solely by the amount of machines it needs to monitor, and therefore, it's run time. Scalability issues are generally solved by increasing the amount of time between runs (it runs out of cron), if you have enough devices that it won't finish it's processing run before the next run is scheduled to begin.It doesn't directly interact with any other services, so it's impact and ability to interfere with other infrastructure is limited, however, it can be interfered with by other infrastructure (authentication server going down, network links going down, etc. The important point is that it can't break anything)

For human resource consumption, I estimate it would take about 4 hours to install, configure, and properly validate the solution as working (this is, of course, up to your interpretation, but I like to pad time estimates in my favor in case something goes horribly wrong, and it makes you look good when you can finish your projects ahead of schedule)


That's how I would go about presenting it.

UnixGuy

Ok, as far as support goes, there's an EXCELLENT support. For Linux, you can get support if you use Red Hat or SuSSE. For UNIX, almost all flavors have excellent support: Solaris ==> Oracle, HP-UX==> HP, AIX ==> IBM. The support is excellent, and you get something like 300+ days of uptime (if not more).


The market is HUGE for servers (not for desktop though), you will find Linux based solutions usually for distributed light (web) applications like webservers ( HINT: Yahoo and Google servers ?? most webservers are hosted on Linux) , where you will usually find UNIX based solutions for High-end database (banks, financial services, HR applications, ...etc).

The market is big, and getting even bigger. Just go to monster or dice and search for UNIX jobs, you will find plenty.


Manager ? They don't need to be Unix gurus, they just call service providers or business partners and sales people can explain everything But it really depends on the applications. Microsoft solutions are doing well for Email servers (exchange) and Active directory. SQL server is good for small to medium sizes solutions. For bigger solutions (Oracle/Unix) is your best bet. For Web based solutions, then Linux/apache/MySQL(LAMP) is the most famous ones.

I hope this helps

the_Grinch

I have to agree with what a lot of people had already said, support is often the killer for Open Source software. At one school district I worked for, I did get them to the point where they were considering Untangle as a backup web filtering solution. But at my current company, open source is almost a curse word. Years ago when our CTO was still doing tech work, they setup a linux box and never touched it again (no updates, etc). Of course the box was on the public side of the network and was compromised. Thus the CTO feels that Linux isn't secure anymore. Currently, I am trying to get approval for a CMS using Drupal and making some headway, but hitting road blocks. I tend to feel that I am being trapped when offering open source solutions. Management will say, "Find software that will do the following". I'll look and say, "There is xyz open source solution and it's free (my company doesn't like to spend money)". Then I get "oh, CTO says that isn't secure and there's no support." I reply that we could buy the commercial product from xyz open source company, but get then we'll just go with the full blown paid solution for Windows. Ultimately they don't buy anything and we continue without

it_consultant

The choice for big applications usually depends on the application itself. There are plenty of MSSQL and IIS servers out there handling tons of traffic. If you are running epic hyperspace (a popular hospital EMR/EHR/PM) or SAP you do what they tell you do do. I have seen HUGE SAP implementations buttoned down with Windows servers, once the bugs were worked out they ran like clockwork. IBM sold the company that solution and that was what was implemented.

You should always wonder to yourself "What will play with my existing infrastructure nicely"? If you are using Linux tools for OOB management then fine, no issue at all. But if you are launching a huge line of business application on a different OS then your servers, think about that for a second. How are you backing them up? How are they supported by the vendor?

Bl8ckr0uter

So IT are you saying that you would take a potentially inferior product based on the fact that it is easily support? I am just curious.

erpadmin

Bl8ckr0uter wrote: »

So IT are you saying that you would take a potentially inferior product based on the fact that it is easily support? I am just curious.

There are multitudes of software that require regulatory support from a vendor on a certified platform. If that software is installed on a platform that isn't certified, then the vendor will not give regulatory support. For example, updates that have to be installed so that when Ohio makes a change in their payroll tax, it can be put in. It was tested on a Red Hat, but not on Ubuntu. Meanwhile you're an Ubuntu shop and the vendor will not work with you to implement this mandatory update on your Ubuntu shop, so a workaround will be needed for perhaps 100s of many hours at your shop to develop that workaround.)

That's why (responsible) management will typically not implement solutions that, while free, may have unintended and unnecessary costs. They will want a solution that can be easily added to their current infrastructure and that will be certified on their preferred platform (whether that's HP-UX, Windows, whatever flavor Linux, etc.)

undomiel

Bl8ckr0uter wrote: »

So IT are you saying that you would take a potentially inferior product based on the fact that it is easily support? I am just curious.

I think the onus would be on you to prove that is more than just "potentially" inferior. If you can't make a sound argument for its superiority AND business need then why take the support risks?

Forsaken_GA

Bl8ckr0uter wrote: »

So IT are you saying that you would take a potentially inferior product based on the fact that it is easily support? I am just curious.

There's more that factors into it.

If you've got a brilliant guy who puts together an open source solution that costs the company nothing but hardware, and it's the best possible solution on the planet, and there's like maybe 5 guys in the world that can understand how it's put together, what do you do when the guy gets hit by a bus? Or gets a better offer and quits?

long term ability to support is something that needs to be considered, especially for critical deployment technologies. As a manager/exec/money person, you have to be wary in the face of excited nerds, because we just want to play with some cool stuff, or we want to make our lives easier. We're not always considering what's best for the company overall. I was always amused by GAD's (Network Warrior author) rule when it came to technology deployments - If it's cool, you can't have it. It took me awhile to understand the why of it.

Actually, I believe you have a copy of Network Warrior, no? If so, you might want to go ahead and read through the Avoiding Frustration chapter. That should be required reading for every IT professional, IMHO. It has a section in there specifically about selling your ideas to management.

Bl8ckr0uter

Oh no wait guys I am not mad at all (I am getting paid ) and I didn't mean for it to come off at an attack. I just wanted to know if support for the products holds more priority than product performance (in his opinion). I mean I know the way it is (I've work for 2 fortune 500s, one of them was a fortune 100). But if there is a solution out there that's free and all you have to do is pay for hardware and your employees are willing to set it up, you should do it. It is probably to train your people up than to buy a more costly solution.

EDIT: But I guess that in turn would be an investment that the company might not want. This is why I would not be a good policy man because I feel that having a not having a better product than not being able to support it. There is always someone who can figure something out.

Chris:/*

WafflesAndRootbeer wrote: »

It means that finding people who are knowledgeable and skilled in Linux support is very difficult. Microsoft has a software product for just about every server and desktop use of Linux out there and most of the support segment of IT is built around their product lines, so the value of learning Linux is really questionable as far as work-related things go since it isn't widely used outside of specialized applications like hosting and customized data center setups such as what Google has running.

I am sorry this is just plain wrong. There is an enormous support segment out there for Linux they are just not from a closed source developer. Now there is a different learning curve with Linux than Windows because people typically grow up with Windows not Linux.

It is very common to see large corporations that deploy their entire server farm with Linux. When it comes to administration of OS in large deployments Linux is infinitely easier than Windows. Now it does require an Administrator to learn multiple tools (such as sed & awk, Bash, Perl...) not just a point and click solution pushed by a closed source developer that does not meet all needs. Though learning those tools allows an Administrator to do very small things on thousands of servers very quickly or very big things just as fast.

Now all that being said Linux is not the solution for all locations. Medium sized business who farm out a lot of their specialized services will usually use Linux. If the Administrators of the corporation are nothing more than Active Directory user account monkeys, Linux is not needed.

If a corporation requires highly available server farms that push the hardware to the brink Linux is the way to go. If the servers are not pushed to the limit run a hypervisor and virtualize what you need.

Forsaken_GA

Bl8ckr0uter wrote: »

Oh no wait guys I am not mad at all (I am getting paid ) and I didn't mean for it to come off at an attack. I just wanted to know if support for the products holds more priority than product performance (in his opinion). I mean I know the way it is (I've work for 2 fortune 500s, one of them was a fortune 100). But if there is a solution out there that's free and all you have to do is pay for hardware and your employees are willing to set it up, you should do it. It is probably to train your people up than to buy a more costly solution.

Again, it all depends. Free software saves you on purchasing costs, and probably licensing costs as well, but the tradeoff is in the support costs, and usually an increase in complexity.

If you can deploy a solution that's easy for the average guy to maintain, but pay $10,000 a year for a support contract for when stuff breaks, that may be more beneficial than deploying an equivalent open source solution which requires you to hire a guy making somewhere in the range of $40k-80k to maintain it. This is where the appeal of cloud services comes in for alot of companies, it's easier on their bottom line to pay a small per seat fee than it is to maintain the infrastructure and staff to support it. There have to be real and actual benefits to deploying a software solution, and given what you need, sometimes a commercial option is better than a free one.

Let's take a common scenario - email. If you're a small business, you probably don't want to pay for a guy to maintain your email, or for the server to keep it up. You're not in the mail server business, so you don't want to invest in that kind of infrastructure. It's fairly trivial for the average unix geek to setup a mail server for a company using entirely free software, but what happens when it breaks? Who do you call? Is it worth hiring the guy full time to maintain the mail server?

Now, if you continue to grow, at a certain point, it'll be more cost effective to bring the solution in house, but it needs to reach a point where the cost of the infrastructure and the staff to support it costs less than the hosted solution (we'll ignore the concept of data security for the moment, but for the most part, the cost of a data breach vs. the likelyhood of it happening does have a say in whether or not the bottom line makes it cheaper to bring it in house and hire a professional, than it is to leave it in the cloud)

These are the kinds of things that managers/execs/money people have to think about. Most nerds don't think about them, they just want to do cool stuff, or to do stuff they consider 'easy' and get paid for it. Once a nerd gains a little bit of business sense, their outlook tends to change

erpadmin

Bl8ckr0uter wrote: »

This is why I would not be a good policy man because I feel that having a not having a better product than not being able to support it. There is always someone who can figure something out.

No one says that one day that can't be you.....

Remember, there will come a point in your life where what you are doing now will get old. You will have one or two choices: keep doing what you're doing, or grow to the next level.

Not for nothing, there isn't anything wrong with either choice. But it isn't a choice you're going to make today...no matter what you may feel about it now.

Forsaken_GA

Bl8ckr0uter wrote: »

EDIT: But I guess that in turn would be an investment that the company might not want. This is why I would not be a good policy man because I feel that having a not having a better product than not being able to support it. There is always someone who can figure something out.

Well, put yourself in their shoes. Look at the average thread on these forums, and the variety of opinions that people can express on any topic.

Now imagine you're the one who has to settle the question.And it's your job on the line if you choose wrong.

Daunting, isn't it?

That's why there's that old saying about a good compromise leaves everyone pissed off And that's why I refuse to get religion about software. Flexibility is an amazingly marketable asset.

it_consultant

Bl8ckr0uter wrote: »

Oh no wait guys I am not mad at all (I am getting paid ) and I didn't mean for it to come off at an attack. I just wanted to know if support for the products holds more priority than product performance (in his opinion). I mean I know the way it is (I've work for 2 fortune 500s, one of them was a fortune 100). But if there is a solution out there that's free and all you have to do is pay for hardware and your employees are willing to set it up, you should do it. It is probably to train your people up than to buy a more costly solution.

EDIT: But I guess that in turn would be an investment that the company might not want. This is why I would not be a good policy man because I feel that having a not having a better product than not being able to support it. There is always someone who can figure something out.

In theory I see nothing wrong with what you said, honestly, if its free and you can set it up then go right ahead. However, I have seen the result of this and it is normally catastrophe. Either the application is buggy or it doesn't really do what the users need it to do and people end up making unsupportable work arounds. Then business processes start forming around the work arounds themselves. Then I come in some years later and have to untangle this web (because something failed and they are desperate) and often part of my solution is to put a lot of cash money into it to make it work right. Now your free solution has ended up costing a lot of money AND no one really liked using it in the first place.

This is like one of my hotel clients. They had a linux box set up for VPN that one day stopped working. No one knew the root password and the web interface had long since stopped working, probably never really worked right to begin with. Because the VPN basically worked correctly but the guy didn't know how to set up routing properly, he set up a custom route in each of the Windows XP clients that had to use the VPN. The hotel staff didn't understand what was going on so the business process for using the VPN became using the "special" computers to do the one or two tasks and then going back to their own workstations. They thought they had to keep the pc's IN THE SAME PHYSICAL PLACE too. One $700 firewall and an hour of my time would have made almost 5 years of their lives much better.

I just recently changed my philosophy on things like this. I no longer care what things cost. I will not be afraid to tell you that the backup solution will cost 10K, that is the price of business. I went through this change when an accountant just about exploded when I mentioned that the top of the line quickbooks cost $4200. Apparently she was prepared to pay $450. So they bought the lower version, grew a lot in the span of a year, and ended up having to pay the $4200 anyway. By that time she had left because she was the head Doctor's wife and they had noticed the obvious problem with that. She thought I was trying to rip them off, and I thought it was a great price because I have seen what Oracle financials costs. Now if you explode over the price I give. You get a blank non-understanding stare. Its like exploding at the Honda dealer because the Civic is $16,000 and you want to pay $8000.

Now I am just indulging my fun memories in client relations!!!!!!

Forsaken_GA

it_consultant wrote: »

In theory I see nothing wrong with what you said, honestly, if its free and you can set it up then go right ahead. However, I have seen the result of this and it is normally catastrophe. Either the application is buggy or it doesn't really do what the users need it to do and people end up making unsupportable work arounds. Then business processes start forming around the work arounds themselves. Then I come in some years later and have to untangle this web (because something failed and they are desperate) and often part of my solution is to put a lot of cash money into it to make it work right. Now your free solution has ended up costing a lot of money AND no one really liked using it in the first place.

Yup. The issues I've run into with open source software tend to be ones of scalability. Alot of open source projects start as solutions someone did as a hobby, or something they needed for their company and wrote, and then decided to let everyone else play with their toys. Database driven apps are especially guilty of this. The queries aren't always very well written, the database schema not well developed, and they don't take into account things like concurrency, so you get stupid stuff like the solution blocking access to the entire app because one user pulled a report that's locking all the tables.

Solutions which have an honest to goodness team built around them, are usually safe, especially if a user community has formed around it. Standalone projects that involve any complexity, I remain wary of.

I just recently changed my philosophy on things like this. I no longer care what things cost. I will not be afraid to tell you that the backup solution will cost 10K, that is the price of business. I went through this change when an accountant just about exploded when I mentioned that the top of the line quickbooks cost $4200. Apparently she was prepared to pay $450. So they bought the lower version, grew a lot in the span of a year, and ended up having to pay the $4200 anyway. By that time she had left because she was the head Doctor's wife and they had noticed the obvious problem with that. She thought I was trying to rip them off, and I thought it was a great price because I have seen what Oracle financials costs. Now if you explode over the price I give. You get a blank non-understanding stare. Its like exploding at the Honda dealer because the Civic is $16,000 and you want to pay $8000.

Ah yeah, I remember this kind of fun when I was doing work for real estate companies and individual agents. They gave me their requirements, and then gave me their budget, and then got pissy when I explained to them that those two were mutually exclusive, one or the other had to change. This kind of crap is why I go out of my way to not support end users anymore.