Evaluating Linux

Where does Linux Work?

There is still much uncertainty about the viability of Linux in the enterprise. But here are some guidelines for evaluating this open source operating system. by Don MacVittie

Chances are there's a lot more Linux running around you than you think, with the extensive list of hardware and appliances that run on penguin power, it's hard to find an enterprise today that doesn't have some version of the Linux kernel supporting core systems.

But having a Linux-run router is a whole different ball game from choosing to support the operating system in your data centre. With hardware, your reasons for buying the box probably were stability and cost. The operating system under the hood was secondary.

There's a plethora of misinformation about where Linux is useful and where it's not. Some of it stems from fear, uncertainty and doubt generated by companies that have lots to lose if Linux becomes a standard alternative. Some comes from zealots who would have us use Linux for everything under the sun.

It's not wise to deploy Linux just for the sake of deploying it. Although it still needs work in some areas, Linux can be regularly and successfully used in others. Armed with this information and a business plan, you can determine whether Linux has a role in your organization.

Where's Tux?

While we could have delved into all the areas where Linux has a presence, we've analysed only those application areas that support core business processes. You can find information on utility items, such as file and print sharing, and security applications, like intrusion-detection systems and firewalls, at the site, Linux Pipeline (www.linuxpipeline.com).

Web Services

This is where Linux is strongest. Every major Web server—with the notable exception of Microsoft's Internet Information Server—

supports Linux. Whether you're a Fortune 500 running an entire rack of SunOne Web servers or a local distributor with a single Apache box, you could be running on Linux. If you're an IIS shop, one benefit of moving your Web servers over to Linux right now is that all the knowledge your developers had for ASP is more applicable to PHP than it is to ASP.Net.

Because PHP was developed for Linux Web servers first and ported to IIS later, it makes sense to run it on Linux.

As for management, most commercial Web servers for Linux, including Sun's SunOne and Zeus Technology's Zeus, have excellent management interfaces that let you control all facets of your Web server through a user interface. Apache has some similar tools, but they're not as refined. If you're willing to learn the Apache 2 config file formats, you can easily administer things, but you might be better off, dollars-wise, talking with your vendor about the value its management console brings to your Web servers.

If you enjoy Apache and just want help managing it and other common open source products, check out Covalent Technologies' CAM (Covalent Application Manager). It manages Apache, the OS, several application-server pieces, and MySQL from a central interface.

Instant Messaging

If your organisation wants IM that works internally and can interface to any major IM program, a Jabber-compliant IM server is something you could use (a list of Jabber-compliant servers is maintained at the Jabber Web site, www.jabber.org).

Since Jabber was developed on Linux and ported to Windows, this is another excellent place for Linux. And because IM servers are most safely deployed as semi-stand-alone servers with interfaces to only a very few other systems, like some form of ID-management server, running Linux on your IM servers won't have a huge impact on the rest of the servers in your data centre.

Jabber can be a little difficult to configure correctly, but helpful documentation is available, and if you purchase a commercial product, you'll have support while setting up your system. Commercial Jabber-compliant servers are available from Antepo, FaceTime Communications, Jabber, Jive Software and Rhombus IM, among others. Note that a simple internal or Jabber-only configuration is much more manageable than a full deployment that supports AIM, ICQ, MSN, and Yahoo. That's because each ‘connector’ to a service must be configured separately.

Why do we push Jabber compliance? A Jabber-compliant server will serve up IM locally in a normal fashion, like all IM servers do, and it will let you install "connectors" that will give your users access to international IM services. If you wish (or are required by law) to log traffic, there are tools, like the open source Bandersnatch project, that will let you log all this traffic. And, assuming the simplified bandwidth management built into Jabber doesn't suit your needs, tools such as FaceTime's IM Director can help you regulate the amount of bandwidth IM may consume.

Application Servers

All the major application servers have long supported Linux. If you go with a commercial vendor, such as BEA Systems, Borland Software, IBM, Oracle, or Sybase, you'll get support for your Linux installation.

One word of caution, however, before you start your installation, determine the level of support your vendor offers. If you run into an OS issue, will the vendor walk you through it? Not everyone will. Oracle's "We Make Linux Unbreakable" marketing campaign is aimed at supporting users of Oracle on Linux, no matter whether their problems are with the OS or Oracle's products. On the opposite end of the spectrum, commercial licensees of Borland's Enterprise Server are encouraged to use available open source resources to resolve OS issues. This difference is reflected in price, and both are good models for different markets.

If you're looking for an inexpensive solution, several open source application servers are being used in enterprises on Linux successfully; be sure you know what you're getting into. Setting up Apache, the Tomcat Application Server and some form of a database is a daunting task if you don't have resources available, in person or online, to get you through problems. This is where a lower-priced bundle, consisting primarily of open source software with value-added packaging and support, is useful. For example, Borland's Enterprise Server starts at $399 and includes enhanced versions of Apache Axis, Apache Web servers and the Tomcat Application Server.

Interestingly, most multi-platform application servers are Java-based. The upshot is that you can't swap out your existing application server infrastructure with any one we mention here without consulting your application development staff.

Directory Services

LDAP has been around a long time. Most application server, Enterprise Application Integration (EAI) and portal vendors support it. There are some excellent products, most notably Novell's eDirectory, that implement LDAP on Linux.

But there's a problem with setting up a pure LDAP server: many applications require Active Directory Services. Some support both, but anything from Microsoft will require ADS or a Primary Domain Controller (PDC); products from vendors that support only Microsoft will be the same. There are even products that run on non-Windows platforms but require ADS to work!

Although LDAP has been characterised as difficult to set up, many commercial versions have useful interfaces to make configuration easier. Because of its roots, if you have Novell staff in-house, LDAP will feel more like home to them given a decent user interface. There's a lot of support for LDAP in the open source world as well, but the user interfaces for configuration and the import/export toolsets just don't measure up to those offered as ‘value adds’ by some vendors.

You can do the job with a purely open source product, but again, make certain your staff are prepared for the work involved. That said, don't let us scare you off. Open source projects like OpenLDAP have come a long way in the past couple of years.

E-Mail

Although many e-mail servers run on Linux, things could be better in this area. Maybe it's a marketing failure on the part of vendors, or maybe it's a support issue, but there just aren't many e-mail servers that can be managed by mere mortals. But there are commercial ones like Lotus, Novell, Stalker and Sun Microsystems that work well on Linux too.

However, if you're looking for an inexpensive, non-commercial solution, we have some bad news. Most popular open source e-mail servers are devilishly difficult to configure—so difficult that people with computer science degrees combined with years of e-mail and Linux experience have walked away from them. Modifying rules in both Sendmail and Qmail, arguably the two most popular open source alternatives, are tricky, and anyone who has delved into sendmail.cf can tell you it's not where your average IT person wants to be. We've heard of people spending weeks trying to modify rules for filtering and blocking.

On the other hand, we spoke with one Fortune 1000 company that's using Sendmail on an IBM AIX machine to filter out e-mail viruses and worms before mail touches a Windows computer. Judging by the slew of Windows-specific attacks over the past few years, this is a good plan, but check with your spam-filtering vendors about support and pricing before you commit to it. If you configure your own Linux-filtering machine, ensure that at your volume, you wouldn't be better off purchasing a service like Postini or SingleFin to do this for you.

Databases

Once again, we have to start with the statement: "All major vendors except Microsoft support Linux." Add the "Unbreakable Linux" pledge from Oracle, and you get quite the Linux hotspot. All vendors that sell Linux versions of their databases offer decent Linux support, but Oracle has gone so far as to say: "If you run into a problem, we'll help you fix it." That's a huge commitment. Moreover, the vendors that support Linux own more than 50 percent of the database market among them, by any measure. That's reassuring in the long run.

But it's not all roses. Although these vendors will help get their databases up and running, and will even offer you support for getting ODBC started, generic ODBC support is still lacking. This is problematic because most applications designed to access databases use ODBC.

Sure, you can get IBM DB2 ODBC support, for example, and IBM will even help you configure it so your Windows applications have access.

But that's just for DB2. If ever you decide to leave IBM, you must work through the whole ODBC issue with another vendor before the move can take place. This is a serious problem for those who want to run databases from multiple vendors, and it throws a wrench in the strategic plan to move to Linux as a way to provide an exit strategy in case vendors don't live up to their support claims.

In the open source space, some very good databases are available—MaxDB, mSQL, MySQL, Postgres and many others. Most of these also support ODBC in each particular database. But again, we face the issue of separate configuration and maintenance for each. If you have the chops to set up and configure FreeTDS, you'll get some ODBC functionality out of your database, but it's not nearly as complete as that offered by vendors.

Again, remember that if your organisation has a preferred database vendor, the ODBC issue probably won't affect you. If your vendor supports Linux, it's a safe bet that it supports ODBC for Linux-hosted databases. This support was lacking in MySQL, but the integration of MaxDB is addressing this issue.

In Closing

The product areas listed here are just a sample of what's available to you on Linux. Plenty of viable Linux-based software is out there to support your needs, and now that you know where the OS' strengths and weaknesses lie, you can choose with confidence. The question then becomes: Is your IT staff ready to support Linux? If not, you should address that in your training budget soon.

Courtsey: CMP Business Media