Where does Linux Work?
There is still much uncertainty about the viability of Linux
in the enterprise. But here are some guidelines for evaluating this open source
operating system. by Don MacVittie
Chances are there's a lot more Linux running around you than
you think, with the extensive list of hardware and appliances that run on penguin
power, it's hard to find an enterprise today that doesn't have some version
of the Linux kernel supporting core systems.
But having a Linux-run router is a whole different ball game from choosing to
support the operating system in your data centre. With hardware, your reasons
for buying the box probably were stability and cost. The operating system under
the hood was secondary.
There's a plethora of misinformation about where Linux is
useful and where it's not. Some of it stems from fear, uncertainty and doubt
generated by companies that have lots to lose if Linux becomes a standard alternative.
Some comes from zealots who would have us use Linux for everything under the
It's not wise to deploy Linux just for the sake of deploying
it. Although it still needs work in some areas, Linux can be regularly and successfully
used in others. Armed with this information and a business plan, you can determine
whether Linux has a role in your organization.
While we could have delved into all the areas where Linux
has a presence, we've analysed only those application areas that support core
business processes. You can find information on utility items, such as file
and print sharing, and security applications, like intrusion-detection systems
and firewalls, at the site, Linux Pipeline (www.linuxpipeline.com).
This is where Linux is strongest. Every major Web serverwith the notable
exception of Microsoft's Internet Information Server
supports Linux. Whether you're a Fortune 500 running an entire rack of SunOne
Web servers or a local distributor with a single Apache box, you could be running
on Linux. If you're an IIS shop, one benefit of moving your Web servers over
to Linux right now is that all the knowledge your developers had for ASP is
more applicable to PHP than it is to ASP.Net.
Because PHP was developed for Linux Web servers first and ported to IIS later,
it makes sense to run it on Linux.
As for management, most commercial Web servers for Linux,
including Sun's SunOne and Zeus Technology's Zeus, have excellent management
interfaces that let you control all facets of your Web server through a user
interface. Apache has some similar tools, but they're not as refined. If you're
willing to learn the Apache 2 config file formats, you can easily administer
things, but you might be better off, dollars-wise, talking with your vendor
about the value its management console brings to your Web servers.
If you enjoy Apache and just want help managing it and other common open source
products, check out Covalent Technologies' CAM (Covalent Application Manager).
It manages Apache, the OS, several application-server pieces, and MySQL from
a central interface.
If your organisation wants IM that works internally and can
interface to any major IM program, a Jabber-compliant IM server is something
you could use (a list of Jabber-compliant servers is maintained at the Jabber
Web site, www.jabber.org).
Since Jabber was developed on Linux and ported to Windows, this is another excellent
place for Linux. And because IM servers are most safely deployed as semi-stand-alone
servers with interfaces to only a very few other systems, like some form of
ID-management server, running Linux on your IM servers won't have a huge impact
on the rest of the servers in your data centre.
Jabber can be a little difficult to configure correctly, but helpful documentation
is available, and if you purchase a commercial product, you'll have support
while setting up your system. Commercial Jabber-compliant servers are available
from Antepo, FaceTime Communications, Jabber, Jive Software and Rhombus IM,
among others. Note that a simple internal or Jabber-only configuration is much
more manageable than a full deployment that supports AIM, ICQ, MSN, and Yahoo.
That's because each connector to a service must be configured separately.
Why do we push Jabber compliance? A Jabber-compliant server
will serve up IM locally in a normal fashion, like all IM servers do, and it
will let you install "connectors" that will give your users access
to international IM services. If you wish (or are required by law) to log traffic,
there are tools, like the open source Bandersnatch project, that will let you
log all this traffic. And, assuming the simplified bandwidth management built
into Jabber doesn't suit your needs, tools such as FaceTime's IM Director can
help you regulate the amount of bandwidth IM may consume.
All the major application servers have long supported Linux. If you go with
a commercial vendor, such as BEA Systems, Borland Software, IBM, Oracle, or
Sybase, you'll get support for your Linux installation.
One word of caution, however, before you start your installation, determine
the level of support your vendor offers. If you run into an OS issue, will the
vendor walk you through it? Not everyone will. Oracle's "We Make Linux
Unbreakable" marketing campaign is aimed at supporting users of Oracle
on Linux, no matter whether their problems are with the OS or Oracle's products.
On the opposite end of the spectrum, commercial licensees of Borland's Enterprise
Server are encouraged to use available open source resources to resolve OS issues.
This difference is reflected in price, and both are good models for different
If you're looking for an inexpensive solution, several open
source application servers are being used in enterprises on Linux successfully;
be sure you know what you're getting into. Setting up Apache, the Tomcat Application
Server and some form of a database is a daunting task if you don't have resources
available, in person or online, to get you through problems. This is where a
lower-priced bundle, consisting primarily of open source software with value-added
packaging and support, is useful. For example, Borland's Enterprise Server starts
at $399 and includes enhanced versions of Apache Axis, Apache Web servers and
the Tomcat Application Server.
Interestingly, most multi-platform application servers are Java-based. The upshot
is that you can't swap out your existing application server infrastructure with
any one we mention here without consulting your application development staff.
LDAP has been around a long time. Most application server, Enterprise Application
Integration (EAI) and portal vendors support it. There are some excellent products,
most notably Novell's eDirectory, that implement LDAP on Linux.
But there's a problem with setting up a pure LDAP server: many applications
require Active Directory Services. Some support both, but anything from Microsoft
will require ADS or a Primary Domain Controller (PDC); products from vendors
that support only Microsoft will be the same. There are even products that run
on non-Windows platforms but require ADS to work!
Although LDAP has been characterised as difficult to set
up, many commercial versions have useful interfaces to make configuration easier.
Because of its roots, if you have Novell staff in-house, LDAP will feel more
like home to them given a decent user interface. There's a lot of support for
LDAP in the open source world as well, but the user interfaces for configuration
and the import/export toolsets just don't measure up to those offered as value
adds by some vendors.
You can do the job with a purely open source product, but again, make certain
your staff are prepared for the work involved. That said, don't let us scare
you off. Open source projects like OpenLDAP have come a long way in the past
couple of years.
Although many e-mail servers run on Linux, things could be better in this area.
Maybe it's a marketing failure on the part of vendors, or maybe it's a support
issue, but there just aren't many e-mail servers that can be managed by mere
mortals. But there are commercial ones like Lotus, Novell, Stalker and Sun Microsystems
that work well on Linux too.
However, if you're looking for an inexpensive, non-commercial
solution, we have some bad news. Most popular open source e-mail servers are
devilishly difficult to configureso difficult that people with computer
science degrees combined with years of e-mail and Linux experience have walked
away from them. Modifying rules in both Sendmail and Qmail, arguably the two
most popular open source alternatives, are tricky, and anyone who has delved
into sendmail.cf can tell you it's not where your average IT person wants to
be. We've heard of people spending weeks trying to modify rules for filtering
On the other hand, we spoke with one Fortune 1000 company
that's using Sendmail on an IBM AIX machine to filter out e-mail viruses and
worms before mail touches a Windows computer. Judging by the slew of Windows-specific
attacks over the past few years, this is a good plan, but check with your spam-filtering
vendors about support and pricing before you commit to it. If you configure
your own Linux-filtering machine, ensure that at your volume, you wouldn't be
better off purchasing a service like Postini or SingleFin to do this for you.
Once again, we have to start with the statement: "All major vendors except
Microsoft support Linux." Add the "Unbreakable Linux" pledge
from Oracle, and you get quite the Linux hotspot. All vendors that sell Linux
versions of their databases offer decent Linux support, but Oracle has gone
so far as to say: "If you run into a problem, we'll help you fix it."
That's a huge commitment. Moreover, the vendors that support Linux own more
than 50 percent of the database market among them, by any measure. That's reassuring
in the long run.
But it's not all roses. Although these vendors will help get their databases
up and running, and will even offer you support for getting ODBC started, generic
ODBC support is still lacking. This is problematic because most applications
designed to access databases use ODBC.
Sure, you can get IBM DB2 ODBC support, for example, and IBM will even help
you configure it so your Windows applications have access.
But that's just for DB2. If ever you decide to leave IBM, you must work through
the whole ODBC issue with another vendor before the move can take place. This
is a serious problem for those who want to run databases from multiple vendors,
and it throws a wrench in the strategic plan to move to Linux as a way to provide
an exit strategy in case vendors don't live up to their support claims.
In the open source space, some very good databases are availableMaxDB,
mSQL, MySQL, Postgres and many others. Most of these also support ODBC in each
particular database. But again, we face the issue of separate configuration
and maintenance for each. If you have the chops to set up and configure FreeTDS,
you'll get some ODBC functionality out of your database, but it's not nearly
as complete as that offered by vendors.
Again, remember that if your organisation has a preferred database vendor, the
ODBC issue probably won't affect you. If your vendor supports Linux, it's a
safe bet that it supports ODBC for Linux-hosted databases. This support was
lacking in MySQL, but the integration of MaxDB is addressing this issue.
The product areas listed here are just a sample of what's available to you on
Linux. Plenty of viable Linux-based software is out there to support your needs,
and now that you know where the OS' strengths and weaknesses lie, you can choose
with confidence. The question then becomes: Is your IT staff ready to support
Linux? If not, you should address that in your training budget soon.
Courtsey: CMP Business Media