Lack of competent Linux admins leads companies back to Windows

I was reading on ZDnet about some companies who migrated to Linux from Windows, and some of them migrated back to Windows! I’m not kidding. I was hoping to pull some deep insight from this set of stories about experiences in different data centers, the kinds of logistical problems that crept up, services deployed that just don’t offer the requisite functionality yet…. whatever. In short, I realize Linux isn’t all things to all people at this stage in the game, but it would be really great to hear some nuts and bolts answers to the questions of “why” and “where is it falling short”.

What I got from this set of stories was, basically, that there is a severe lack of competent Linux administrators in the world.

Austereo
One company, Austerio, summed up the move to little things that became annoying enough over time to reconsider Microsoft, including “inability to use BlackBerry handheld e-mail devices, poor identity management, administration difficulties, and a few too many irretrievable e-mails”.

Well, this sounded goofy to me. Yes, BlackBerry devices require an Exchange server. However, nothing says that you then have to migrate your entire mail infrastructure to Exchange. We have Exchange running on a PC right now (actually, we have for a few years now), and it gets email destined for BlackBerry devices handed to it by Sendmail, and nothing else. If it’s not going to a BB, it’s not going through Exchange. Period.

The “poor identity management” thing is a little vague, not knowing what the requirements were, but identity management is generally not a problem that is related to platform, unless you want to use something like Hesiod, which I’m not sure exists for Windows (but I don’t really know, either). Identity management is about defining a policy and implementing that policy. How you implement the policy will differ from platform to platform, because the tools are different — but there are tools for both platforms, so something has to give there. For the record, defining policy and the issue of identity management in general is non-trivial no matter what direction you move in. However, if by “identity management” they really mean “authorization/authentication”, and their problem was really stuff like file/printer sharing or heterogenous authentication, then they just missed the whole LDAP /CUPS/Samba movement, which is really a shame.

I can really only guess that “administration difficulties” probably relates directly to the abilities of the administrator. If the goal of the administrator is, as they say, to “automate yourself out of a job”, then what’s the argument that Windows is a better platform for this? Installing new Linux hosts in my environment can be done by someone with zero Linux training. I can write three lines on a pad of paper, send my mother down to a lab, and have her install, reinstall, or upgrade every machine in the lab in under 30 minutes. The three lines would read “Power on, hit F12, walk away”. The lab machines support network booting, so I just make sure some symlinks are in the right places, send Mom down there, and if I’ve done my job (which took all of 3 minutes), she’s back in 30 minutes and either everything worked or didn’t. When this doesn’t work, it’s usually a hardware issue. If I wanted to, I could even have the installation set up a VNC connection to my workstation so I can see what’s going on.

Updating machines (either to upgrade or add new packages) is no problem either. I happen to use nothing but open source, free tools for this. Whether it’s a lab, a server farm, or a beowulf cluster, I use “dsh”, which will perform commands on any number of hosts all at the same time. That’s me. I’m aware that there are also commercial solutions available to do “more robust” provisioning and maintenance, but from what I can tell, a lot of this is just wrapping a GUI around what I already do.

The bit about “a few too many irretrievable emails” is baffling. There is no email server that has a “make irretrievable” flag that I’ve ever seen, which would seem to make this point back either to the mail admin, DNS admin, network admin, or the end user, or potentially all of the above (but probably not the end user in this case). A problem with email alone doesn’t really justify a platform move. It justifies a reshuffling of your admin staff.

Coffey

This was the one that made me really wonder if ZDnet is partially owned by Microsoft or something. Basically, what happened was they had been running on Mandrake since 1999. A new CIO comes in with a mandate to revisit their “ailing architecture” at a time when they’re experiencing rapid, rapid growth, and had been for some time. He gets in to find that in spite of the growth in employees, they still have the same exact number of systems guys… 4 guys… supporting 1600 employees, and 72 offices throughout the country.

I’m not saying that this is impossible, because with the right skillsets in-house, and a budget for hardware/software and things like power, it can certainly be done. However, it’s not an ideal situation, and it’s not likely that a 4-man crew used to supporting 500 users in, say, 10 offices is going to know how to scale their own environment, because chances are the PHBs never let them into the meetings where they forecasted the company’s growth in the first place, so they may never have seen it coming.

They said another problem was sharing data. If you weren’t in the office that housed the data, you couldn’t get at it. This is a major problem that is as unrelated to platform as the color socks you’re currently wearing. If they want to say “there were so many issues due to the rapid growth that it was just easier to rip out everything and start from scorched earth”, fine. It’s a complete and total cop out, but whatever. However, I sincerely doubt that this crew is going to see any improvement by moving to Windows. In fact, they don’t say this is a Linux problem, they say the problem was that, “the way they set up their linux-based infrastructure had promoted the silo mentality”. So, rather than identifying that as the problem and dealing with it using existing technologies and skillsets, their thought was to instead take on a complete platform migration.

Is this an article about shortcomings in *linux*, or shortcomings in the methodologies used by people who are supposed to make intelligent decisions?

Conclusion

This article is the reason I tend to stay away from reading tech journalism. The problem is that tech articles are written by…. journalists. They aren’t written (mostly) by technology people. By “technology people” I don’t mean “able to use power point effectively”. These people get paid to write an article, and possibly come up with a headline sensationalistic enough to attract eyeballs to some ads so the publisher gets paid. It’s a real scam.

I’m not saying there could never be a reason to migrate away from Linux. There very well could be (somewhere, maybe) viable business reasons not to run Linux. For example, a startup wants a vendor-supported platform and has little money. Meanwhile, last time I looked, the sticker price of vendor-supported Windows was cheaper than vendor-supported Red Hat. Or maybe your business just absolutely runs on groupware. Integration is essential, and your desktops are all Windows machines. I could imagine someone trying the OpenExchange server, OGo, or some other excuse for a linux-based groupware service, and saying “screw this, back to Windows for us”. Business exists to make money, not to take the ethical or moral high road. They’re going to use what works for them and what they can support.

What I am saying is that this article doesn’t show us any examples of anything but a lack of competent admins to run some services in some environments, and a lack of competent CIOs who are able to identify problems and then work collaboratively to create solutions instead of coming in with a solution and making it fit the problems.

</rant> :-)

My New Personal Analog Assistant

So I have a buddy who is a gadget geek. He got a Sony Clie when they arrived on the scene, he has an iPod or two (or three maybe), one of which does photos. His Clie takes pictures. He got one of the new latest cameras that fit in your pocket and is 5 megapixels and does video, etc. He has the geek car (the Acura) that does bluetooth, and of course his Blackberry is all set up with that. If it has a built-in camera, IR port, bluetooth, WiFi, or some other geek buzzword, chances are he either owns it, or wants to. He is ever ready with a Leatherman, and is just all around the perfect boy scout, ready for anything.

Dig a little deeper though, and you’ll find that one of the things he likes most about gadgets is pointing out where they fall short. They all fall short somewhere. I don’t remember them all from heart, but each gadget has some major shortcoming that, in my eyes, makes it not worthy of spending insane amounts of money on it. With the Clie I think it’s that you can’t access a CF card and use WiFi at the same time, so you can’t copy things over a network to a CF card. With the Blackberry there’s some information that’s there but isn’t presented to you in the car, for no good reason. The iPod pretty much requires iTunes, which has its own limitations, especially where things like migrating music libraries between machines and sharing is concerned.

As for myself, I hate gadgets because I know the technology exists for them to do more than they do, so I view any shortcoming in the technology to be blatant planned obsolescence, and a fleecing of the public. There’s no reason a Blackberry can’t do what a Palm Pilot does, which would make it hands down the most wanted gadget of every human on the face of the Earth. Conversely, there’s no reason Palm Pilots can’t have built in phones and bluetooth and get your email for you, like a Blackberry. But as it stands, it’s impossible to use a Blackberry as any sort of real day planner, and it’s impossible (as far as I know) to use a Palm Pilot for phone and email. I’m required to carry a Blackberry, and it does what it does quite well, but I’m not going to get a several-hundred-dollar Palm to make up for the Blackberry’s shortcomings. What I really want is a Blackberry that replaces the keyboard with a slightly bigger screen and one of those graffiti input areas, and preferably running a PalmOS emulator so I can run real planning software on it.

Since that doesn’t (and isn’t likely to ever) exist, tonight I went out and bought one of those “old-fashioned” Franklin/Covey planners. It’s the devil I know I guess. I used this system religiously from 1997-2001, so I already know how to use it effectively. Even after being away from it for 5 years, I’m immediately comfortable with it again. I don’t have to learn graffiti, I know exactly what to expect of the system, it hasn’t changed in over a decade (my father used the system ages ago), and so won’t be deemed obsolete any time soon, and best of all, it Just Works(tm).

It won’t crash, it won’t freeze up while syncing to my desktop system, I won’t have to fret about losing the stupid stylus, or a drained battery, or failure to boot up, or whatever. If I lose it, it’s like $50 down the drain instead of ~$500. Where exactly is the $450 in the value-add proposition of the Palm anyway? It’s small? Big deal! I carry, at any given time, either a laptop case or book bag anyway.

This was all kicked off by a talk by Tom Limoncelli I attended. Tom works for Google, coauthored “The Practice of System and Network Administration”, and authored “Time Management for System Administrators”. I have both books. During the talk Tom spoke of a PAA, or “Personal Analog Assistant”, which is exactly what I have now in my new planner. He basically reminded me that a PAA is still an option, which I guess slipped my mind, being that I’m surrounded by technology all day. Even though there isn’t much new to me in his newer title on time management, it’s still a great reaffirmation of time-tested, proven techniques for managing a crazy schedule.

So for anyone who is like me and hates gadgets, don’t forget that, in the end, paper is still your friend.

Berners-Lee Talks Semantic Web

Sir Tim Berners-Lee is the person who invented the world wide web, as well as some of the technologies that make it work. That was years ago, and yet a surprisingly large amount of technology that the web runs on is still in wide use today. See that "http://" up in your address bar? That's Tim's doing. In fact, I just read an interview where he said if he were to do it all over again, he'd remove the "//", because they serve no practical purpose.

So he gave a talk at Princeton University, and I attended the talk. He went far deeper into his 'semantic web" ideas than I thought he would, but I was glad to get a real explanation of it from the source. I'd heard about semantic web before, but never really got it. Now I get it, and I understand a little bit why it's not really taking over how we think about data on the web.

The general idea seems to be that we could have sort of a common, globally linked, machine accessible, distributed database. Well, that's one way to think about it, anyway. One problem this solves is it gets us developers out of screen scraping and dealing with data in the context of "content", and dealing with it as simple data that we can do whatever we want with. The data would be described using agreed upon, standardized rules, and so you also get around the problems arising from trying to develop to someone's (perhaps arcane) notion of what it means to describe data using XML. Theoretically, this does open doors if you think about it long enough.

So in the end, I left the talk not overly impressed with semantic web for a couple of reasons. First, I'm still not certain how this global data is linked. Further, while any particular piece of data is well structured and well defined, the architecture of this global database would seem to be a bit dodgy. OK, so I have a friend-of-a-friend file on someone, and that could link to another website, an email address, and maybe a map that shows where they live, their flickr page, and all that, but now I need some kind of tool to help me to search for all of the people who live in Wyoming and who have links on their del.icio.us page that overlap with some of mine, and who have a GMail account so I can chat with them. The tools, as far as I can tell, aren't there.

"Well, there needs to be a killer app, and that's not here yet, because people don't know about it yet." Well, normally that would probably be valid. Not everyone has a del.icio.us account, a flickr account, a gmail account, or a homepage for that matter, because some people just haven't learned about those things yet. But the big difference here is that, while GMail is something like 2 years old, and flickr is around that age as well, semantic web is something like 10 years old, and they're only just now working on a mechanism for querying all of this wonderful data!

Well, this explains a lot. How, exactly, do you develop tools to work with data when there isn't a well defined way to query the data? And even when that *does* exist, what will I be interfacing with to provide responses to those queries? Who owns that interface?

Another concern is that all of these tools are, as I see it, destined to be focused on a specific task that deals with some subset of the data. Like the FOAF explorer tool, which collects links to FOAF files, which is data about people. You can probably link off to location data about that person, which is nice, but now I'm staring at maps.google.com — another tool that is task specific. So the tools are dealing with some subset of the data, and for each tool that does that, the developer has to get to know the rules for that subset of data. Gee, this is starting to sound a lot like ASN.1, which is the basis for SNMP and LDAP, which are worthy data sources in themselves!

In addition, the assumption that entities want to share data globally doesn't necessarily hold. In many instances, data is controlled by an entity, and is subscribed to by another entity, who can then write applications against this data. The data is described using XML, there's a supplier DTD, so you do a little homework to get to know the data, and then you write code to basically create a web services client, and you're all set.

I'm more than certain that Sir Tim would have perfectly satisfactory answers to all of this, and if anyone else can help me 'get it' I invite your comments.

My yearly Konqueror Browser Test

Well, I’m just trying out using the konqueror browser with blogger to see if it works. Looks like it doesn’t. Even when I tell my browser to identify itself as mozilla it breaks. Some stuff works (I can write a post, for example), but I can only get the source view of things — so I can’t use the wysiwyg HTML editor. Some bits of it seem to show up, but all I can see is the source view of my post.

And so ends my yearly revisit to konqueror. I try to use konqueror for at least one month every year, because konq users are really die hard and religious about using konq it seems, so I figure I have to keep up so that when I bash konq it’s based on some recent usage. I can get it to work with gmail to some degree, and it doesn’t *crash* with blogger, but these are not phrases that I would say constitute a pleasant user experience. It’s kinda like saying “my car got me from point a to point b”, but meanwhile it spewed smoke the entire way, failed to stop on a few occasions, and the doors are held shut using some twine. Sure, it works, but it’s not something you want to habitually use if you can help it.