Thursday, May 26, 2011

The long term effect of short term returns

Another day another rant about Oracle.

bullying
- the act of intimidating a weaker person to make them do something.

Business decisions might not make sense to everyone but they typically serve a specific purpose. A company might tell employees that they must bring a coffee mug instead of using the disposable cups if they wish to drink the coffee in the break room. To some employees this decision is terrible because they now have to get a mug and bring it to work just to enjoy the coffee that they drink every day. On top of that they have to clean the mug instead of just throwing the cup away. The employee might see this as an inconvenience but to the business they are now able to save a little money that they were previously spending on disposable cups.

As time goes on more and more of these decisions are made by business leaders. The true impact of these choices might not be fully realized until a much later time. The short term results of a decision could prove to be desirable because the long term impact has not manifested.

After taking over Sun Microsystems the Oracle corporation has been tasked with making all kinds of decisions. Oracle CEO Larry Ellison is considered by many to be a very savvy business man. Others however might instead regard him as a bully who will do anything to squeeze every last possible cent out of his customer base. Doing whatever it takes regardless of what happens to anyone else just as long as the profit returns continue increasing. This type of activity has been going on in mass ever since the SUN acquisition was completed.

One of the first decisions was not widely published but had a large impact. Solaris 10 will now require service agreements if you wish to continue using the operating system. This decision was definitely aimed at increasing revenue. To use Solaris 10 you must now pay for a support contract which will entitle you to receive the operating system patches which were previously free under SUN. There were a few problems with this choice. First, the way which the message was communicated was atrocious. The support agreement fine print was modified to reflect these changes. Second, now if you are running Solaris 10 you are paying Oracle or you are out of compliance and owe them money. Also, this new policy made it where Solaris 10 could no longer compete directly against Linux in the "free" server install base. This effectively reduced the Solaris 10 installation numbers that SUN worked so hard to create by giving the product away for free.

SUN was very community oriented as a company. They worked closely with various groups of developers in a structured manner where information sharing thrived. Oracle takes the exact opposite approach to development and marketing. They do not want any pesky users trying to tell them what they should or should not do and everyone needs to pay Oracle. This philosophy change at the top of the corporate structure resulted in the systematic elimination of groups like the Open Solaris Governing Board. The OpenOffice project was forked into LibreOffice by the developers who hoped to avoid being controlled by Oracle. A dispute over the name OpenOffice began between Oracle and the new LibreOffice team. Oracle refused to give up the OpenOffice name rights to the new group which is why they renamed the project to LibreOffice.

The business decision by Oracle was to starve out all of these user communities until they ceased to exist. This tactic proved to be quite effective and allowed them to remove any outside influence that might try to oppose the future direction that Oracle was proposing. The Java Community Process was abused and manipulated in such a way that long term members such as the Apache software foundation quit being participants. They were bullied into quitting the JCP through manipulative behavior and request refusals by the Oracle corporation. These decisions were very strategic and put Oracle in the drivers seat of projects that were previously driven by community input along with corporate cooperation.

Prior to the SUN purchase Oracle had been partners with Hewlett Packard. The two companies teamed up to create a world class database setup known as exadata. The exadata system was being touted as the best in the world and contained HP servers running Oracle software. When the SUN deal was announced Oracle took the stance that it's business as usual and even though SUN sells hardware, they would still be just as invested in HP. After the SUN deal was completed however, Oracle proceeded to poach an HP executive along with announcing that exadata would no longer be an HP product. They have continued the bully tactics by announcing the discontinuation of Oracle database products on the HP Itanium platform. This decision forces people running HP hardware with Oracle software to change platforms. Oracle is most likely looking to pick up those margins in the server market by forcing people off a competitors platform. Every business decision made by the Oracle corporation is designed to gain money or increase their control.

The SUN deal took a long time to finally get approved. During this time of uncertainty a lot of customers were jumping off SUN hardware and switching over to IBM or HP based on the deeply discounted offerings when trading in SUN hardware. The response from Oracle has now turned in to "Applications to Disk" and focusing on engineering complete solutions. They have changed their focus to go after very large customers where profit margins will be the highest. They trimmed back the low end server offerings and started chasing the big bucks. Another business decision that maximizes profits while minimizing effort. It's easier to support one large customer site opposed to 20 small customer locations considering the money would be the same for both scenarios.

The situations described above sound like great business right? Well, some people might say yes those choices were very business savvy and put the company in a position to dominate for years to come. Others such as myself would like to bring reality back.

The bundling of hardware, operating system, and database software allow customers to deal with a single source for all their support needs. However, you are now locked in for a long ride. People who are running the database software on platforms besides Oracle will most likely be picked off a few at a time. The first was HP Itanium users which is most likely one of the largest Oracle database installation platforms. Going forward watch for Oracle to make similar decisions that directly impact competitors negatively in an effort to gain a few customers here or there. Although it is possible, don't expect to see any financial incentives for using Oracle hardware instead of other competitors. Once you switch to their complete solution you are then locked in and will have to pay whatever they decide you need to pay.

In the mean time, companies who have developed systems which rely upon SUN hardware and Oracle software are feeling the pain. The increased support costs for compliance when running Solaris are being passed along to their customers through rate increases. The third party companies have to charge customers more just to cover the additional revenue that Oracle has to be paid. The rate increases will force customers to look for alternatives because times are hard everywhere and each dollar counts. This pattern continues until the 3rd party company is forced to change platforms, sell themselves to another larger company, or simply go out of business. The decisions made by Oracle will trickle down to the 3rd party companies who will feel the financial impact. End users will receive the inflated costs until they terminate the services of the 3rd party company. This results in a revenue loss for not only the 3rd party company but also Oracle in the long run.

The cost of Oracle database licenses is almost laughable. The extremely high cost has gotten to the point of forcing customers to choose an alternative database engine because they simply cannot afford to keep paying the rising premiums. While the continuous raising in price might result in annual revenue increases to the bottom line, long term they will start to shed customers. As a result the remaining customers will have to make up the difference until they too decide to choose an alternative platform. The single company large installations will be the main customers of the Oracle corporation. They provide the highest margins with the smallest amount of effort. Some customers will have no choice but to accept the terms Oracle dictates to them.

The people who might have considered using Solaris 10 instead of Linux seem to be long gone. The customers who enjoyed the freedom of choosing their hardware platform to run Oracle software should be extremely concerned because their days are numbered most likely. Open source projects that have fallen under the control of Oracle will be forked or boycotted. Oracle has earned a reputation of being cut throat and should not be trusted. This reputation will create resentment which will in turn make people more actively seek out alternatives. The resentment will only continue to grow as Oracle systematically blasts everyone with sales calls and emails attempting to upsell you products for needs which you don't currently have.

Although Oracle will most likely not disappear from the market any time soon, they might disappear at your company. Do not be surprised when they begin to be phased out. Oracle's outrageous pricing and reputation will cause them to start losing customers as they move forward. Eventually they might be forced to stop focusing on the complete stack solution and go back to chasing database customers everywhere. Otherwise Oracle will find themselves like the 5 star hotel that nobody wants to stay at. Why pay so much for a place to sleep when I can find another place to sleep for much cheaper, and although it's not as nice as the 5 star hotel, it fits my needs just fine.

Solaris 11 Lunch and Learn Review

Recently I was able to attend a presentation regarding Solaris 11 and it's new features. It was a lunch and learn event that was designed to get attendees familiar with the changes that are coming down the Solaris product line. Having been well versed in Solaris 9 and Solaris 10 I was interested in seeing what changes were on the way. When I was trying to wrap my mind around the SMF and other modifications from Solaris 10 I was told that SUN was forced to keep some of the changes out of 10 because nobody would even recognize it if they didn't.

The Solaris 9 to Solaris 10 changes were quite vast. Things such as the SMF created dependencies within services and would automatically keep services running. This was great and all but you now have to learn to use svccfg and figure out how to create and xml file that has the ability to handle your daemons. I really did not like this change at first but over time as I migrated the Solaris 9 systems up to Solaris 10 it became second nature. Other changes such as the fault management subsystem along with RBAC, ZFS, and most of all Containers, made Solaris 10 the defacto standard for the Solaris bloodline.

OpenSolaris was a community project that was basically the testing ground for new features that would be integrated into Solaris 11. Things like ZFS boot were just a revision away and the sky was the limit. Oracle proceeded to kill the OpenSolaris community through neglect and deception. That is why I was a little shocked when I heard the mention of Solaris 11 express being referred to as having a community. I guess they meant it used to have a community but I couldn't bring myself to derail the show with my snarky comments.

One of the touted features in Solaris 11 is the IPS (Image Packaging System). This is designed to make patching your systems much easier because now instead of downloading and installing a patch, you will download and install a patched version of the package. Not only that but any dependencies that need to be resolved will get resolved automatically and the extra packages needed to meet prerequisites will be pulled down and installed also. That sounds great right? The command to perform these actions is pkg. You can do things like pkg install apache or pkg uninstall apache or pkg update (which will fetch your updates and install them for you). This does sound quite an appealing feature for Solaris because now instead of using blastwave to fetch and install applications, the operating system now has this functionality natively.

Although they call it the Image Packaging System, in reality, this is nothing more than apt-get. The apt suite has been available in debian for years and years. Well now this feature has finally made it to Solaris in version 11. Not only do you have an apt-get equivalent but you will have the ability to choose boot environments during startup. If you install a kernel level package that requires a restart, then this package is tagged with a special boot flag which instructs zfs to automatically snapshot the system and create a menu entry for both the old and new revisions of the kernel. Then during boot you will be presented a menu to choose from. How cool is that! It's also nothing more than grub/lilo ported to Solaris for version 11. Don't get me wrong, I never used the live update features because they were just way too cumbersome and had the potential for more harm then good. At least those lu commands are no longer needed. I guess these "features" are good for Solaris but linux has been doing that for years.

Moving along I found myself feeling disappointed. I found out that Solaris 11 express is basically OpenSolaris and works the same way. One of the huge complaints that I had with OpenSolaris was that when installing a zone you were forced to have a network connection. Sure it's 2011 so all computers and servers have an internet connection. This might not be a hangup for you but to me that is just poor design. There are numerous reasons why I might not be able to access the internet but still need to install a zone pronto. The zone installation forces you to fetch a pkg file from Oracle's website every time you install a zone. In Solaris 10 this was not the case at all, zones were installed based off the global zones package set. There was not an internet requirement. This was a big step backward in both OpenSolaris and now Solaris 11 express. Another shortcoming was the lack of sparse root zones. All zones are now whole root zones.

A cool feature that was touted was the Crossbow network virtualization project. With Crossbow you can use dladm create vnic to create virtual network cards. This allows you to hand a virtual network card into a local zone and let it operate as though it was a physical card. To elaborate, one shortcoming in Solaris 10 was that your network cards inside of the local zones were not able to be fully controlled unless you released it from the global zone and set ip type=exclusive. The exclusive network card would then be handed into the local zone and along with it came an entire ip stack. With this new network virtualization strategy it allows you to create 892 virtual network cards out of 1 physical network card. The virtual network cards will have independent network stacks. This means that your virtual nics can be setup for different ipfilter rule sets, mac addresses, and best of all, independent routing tables.
A major complaint I had with Solaris 10 was that when sharing the network card between the global and a local zone, there was only one routing table, and it resided in the global zone. You could not successfully put a local zone in a different subnet without adding a route for that subnet into the global routing table. The virtual networking scenarios started to get out of hand with splitting up 4 e1000g cards into 4 parts each creating 16 and then bonding one virtual interface from each physical interface for load balancing traffic across all 4 cards. Also there was some talk about QoS on the virtual networking interfaces and possibly even ratio balancing with a mechanism that sounded like the Fair Share Scheduler for networking.

Another feature that made people sit up a little higher in their seats was the mention of native Active Directory integration and CIFS built in to the operating system at the kernel level. This means that you can now take your ZFS filesets and publish them to windows machines using one command share cifs /mount/point . There was also mention of binding file shares such as these directly to AD for permissions. The command was something such as smbadmin bind domain name1, domain name 2. The ease of setup and potential management power via ZFS make this one of the best features in a lackluster list of changes. Imagine being able to wield the power of ZFS file systems presenting them as file stores for the domain. This would give the flexibility of ZFS with the usability for business environments.

Along with native CIFS and AD connectivity ZFS gets 2 new capabilities. The first of which is dedupe. The de-duplication should help speed up transfers and shrink the storage footprint by eliminating duplication of files. That might not seem like a big deal but imagine the storage savings on a server with 20 zones.

The other new ZFS feature is encryption. This feature will make all the security minded people smile from ear to ear. You can now encrypt your ZFS storage pool and nobody can read it without your permission. But wait, theres more... You can also encrypt at the fileset level which extends this capability even further. Now you can setup ZFS filesets and dedicate them to different zones and allow them to be encrypted individually where even the global zone cannot access them without the proper decryption keys. That means you can ensure privacy between zones that share a system keeping everyone honest, even the global zone administrator.

The last feature that I can remember was the new structure for user account roles. The root user is now just a role on the server and not an actual account. However that works right. The root privileges are then assigned to basic user accounts I'm guessing through an interface similar to RBAC and pfexec in Solaris 10. It's like sudo but you don't have to type sudo. I like the thought of restricting the root user role from a security standpoint but I don't know how people will react to this. Although you can now delegate administration between regular users on a case per case basis, someone has to maintain all these profiles which might turn into a nightmare. It would be cool to allow user1 to administer zones 1 and 2 and let user 2 administer zone 3 but that seems like a lot of RBAC work.

In summary, The Solaris 11 express lunch and learn trip was definitely educational. However, I think that Solaris 11 express overall was not very impressive. Some of the features in Solaris 11 seem to be outright copies of linux. The apt-get package management with the grub menus are quite handy to have but rely too heavily upon fetching files directly from Oracle. The virtual networking features do address some of the shortcomings found in Solaris 10 containers. The root account as a role seems like a good idea but might not be very practical. Someone still has to have the power to assign roles for users to perform root level actions, who does that now? It used to be a job for root but who knows how that will work. Finally the ZFS updates paired with native CIFS and Active Directory capabilities seem great. This feature might be a solution without a problem however. Does the functionality of ZFS justify purchasing Solaris for the corporate environment? That has yet to be seen.

I find myself choosing CentOS over Solaris more and more often these days. The fact that you are forced to have support contracts just to run Solaris on your system kind of knocks it out of contention when it comes to picking the best bang for your buck. Solaris 11 express looks a whole lot like linux except the pricetag. This version of Solaris did not make me think I have to have it the minute it comes out. On the contrary, this version of Solaris had me looking for the exit. Solaris 10 is solid and should have been considered ahead of it's time. Solaris 11 is more like the end of the line.

Finally, I must say that the woman who gave the presentation did an excellent job. She fielded questions from the audience and you could definitely tell she wasn't just another Oracle sales zombie. She knew her stuff and was quite impressive. The presentation was nice but the fact that she was actually running Solaris 11 on the laptop being used to present put her over the top. Although my frustrations with Oracle have to do with a difference in philosophies it was not through any fault of the presenter. She was much like me, a "doer", someone who gets the job done. It was not her fault that Oracle is a terrible company to do business with.

Thanks for reading my rambles.