Saturday, April 14, 2012

Why Open Source Is the Key to Cloud Innovation

By Thor Olavsrud

In the 25 years since Richard Stallman wrote the GNU General Public License, free and open source software (FOSS) have become pervasive in computing: Linux, Apache HTTP Server, MySQL and more can be found in large numbers of enterprises across the globe. And open source is now increasingly undergirding cloud computing as well.

"Open source is certainly at the foundation in terms of building out cloud technologies," says Byran Che, senior director of product management at Red Hat and responsible for its cloud operations offerings, management software and Red Hat Enterprise MRG, (Red Hat's Messaging, Real-time and Grid platform). "If you take a look at market share in the server space, as you look at traditional data centers, about 70 percent are running on the Windows platform and about 30 percent are running Linux. As you take a look at what operating systems people are choosing to build applications on in the cloud, the ratio flips completely."

The reasoning is simple, Che says: With a fresh start, you get to build a whole new architecture from the ground up, and open source gives you the best value.

"You can't get to the Amazon scale or the Google scale and pay the license fees," he says.

Cost isn't the only thing giving the open source model an edge in the cloud space. Che also points to the capability to create a community around a project and thus drive rapid innovation.

"That's what open source is really good at," he says. "Amazon, Google, Facebook, all the people building out all these cloud applications, infrastructure and services, they're all doing it on open source. The fact that they're using open source software is the only way they can innovate at the pace they need to. They can't wait for their vendors to go through the development cycle."

Does SaaS Violate Free Software Principles

But what exactly is open source doing in the cloud? Stallman, for whom free software is intensely political (he disdains the term open source), claims that cloud computing—specifically Software as a Service (SaaS)—cannot be free by definition.

"SaaS and proprietary software lead to similar harmful results, but the causal mechanisms are different," Stallman wrote in an article published by the Boston Review in 2010. "With proprietary software, the cause is that you have and use a copy which is difficult or illegal to change. With SaaS, the cause is that you use a copy you don't have."

"Many free software supporters assume that the problem of SaaS will be solved by developing free software for servers," he adds. "For the server operator's sake, the programs on the server had better be free; if they are proprietary, their owners have power over the server. That's unfair to the operator, and doesn't help you at all. But if the programs on the server are free, that doesn't protect you as the server's user from the effects of SaaS. They give freedom to the operator, but not to you."

Stallman's contention has its roots in the philosophical divide between free software and open source software. The open source movement, Stallman says, is a development methodology with a practical focus on making the source code available. The free software movement, on the other hand, promotes an ethical stance on how users should be able to interact with their software.

For Stallman, free software must provide users with four essential freedoms:


  1. The freedom to run the program as you wish

  2. The freedom to study and change the source code so it does what you wish

  3. The freedom to redistribute exact copies

  4. The freedom to redistribute copies of your modified versions

While the open source definition and the free software definition are nearly identical, they seem to come apart at the seams when it comes to cloud.

"Releasing the server software source code does benefit the community: Suitably skilled users can set up similar servers, perhaps changing the software," Stallman wrote. "But none of these servers would give you control over computing you do on it, unless it's your server. The rest would all be SaaS. SaaS always subjects you to the power of the server operator, and the only remedy is, Don't use SaaS!. Don't use someone else's server to do your own computing on data provided by you."

Meanwhile, the open source world is working feverishly across the cloud stack—Infrastructure as a Service (IaaS), Platform as a Service (PaaS), SaaS, Data Storage as a Service (DaaS)—and in cloud management.

The Properties of Open Cloud

Che says Red Hat believes in the open cloud, which he says has seven defining properties:


  1. It's open source. "That's the foundation upon which you build," Che says.

  2. It's based on collaborative development. "There's got to be a viable, independent community around the project," he says. "That dynamic has to be there, otherwise it's just a proprietary company releasing its source code."

  3. It's based on open standards and open formats that are not tied into proprietary technology.

  4. It gives you the freedom to use your intellectual property.

  5. It gives users a choice of infrastructure. They get to choose their infrastructure provider and cloud provider.

  6. It has open APIs. "It's got to be pluggable and extensible," Che says. "It can't be restricted by what you got out of the box."

  7. It has to be portable to other clouds. It can't lock you in to a particular vendor.

"One of the areas where we need an open cloud is to give you the ability to have interoperability and portability across different clouds," Che says. "I should be able to manage a hybrid cloud that spans across all these different technologies."

Open Source Cloud to Avoid Vendor Lock-in

One big step in that interoperability and portability direction is Apache Deltacloud, a project initiated by Red Hat in 2009 and then contributed to the Apache Software Foundation, where it gained Top-Level Project (TLP) status in 2010. With Deltacloud, the Apache Software Foundation is attempting to provide an answer to a problem that hasn't much reared its head yet, but is likely to become pressing in coming years: cloud lock-in.

"The biggest challenge is that there's so much happening in the cloud that users are so busy figuring out how best to use cloud that lock-in is still not a big concern for them," says David Lutterkort, principal software engineer at Red Hat and chair of the Apache Deltacloud project. "It's not that high on peoples' lists yet."

Deltacloud is an API that abstracts differences between clouds, enabling management of resources in different IaaS clouds using a single API. It can essentially be implemented as a wrapper around a large number of clouds, freeing users of cloud computing from dealing with the particulars of each cloud's API.

Standards bodies have also coalesced to create open and interoperable standards. In 2009, leading standards development organizations (SDOs) to form Cloud Standards Coordination, intended to coordinate the work of the various SDOs developing cloud standards. Members include the Cloud Security Alliance, Cloud Standards Customer Council, Distributed Management Task Force (DMTF), the European Telecommunications Standards Institute (ETSI), the National Institute of Standards and Technology (NIST), Open Grid Forum (OGF), Object Management Group (OMG), Open Cloud Consortium (OCC), Organization for the Advancement of Structured Information and Standards (OASIS), Storage Networking Industry Association (SNIA), The Open Group, Association for Retail Technology Standards (ARTS) and TM Forum.

Lutterkort is also a board member of the DMTF, which, among other things, is working on a standard called the Cloud Infrastructure Management Interface (CIMI), which would create a standard API that any cloud could use.

Project Aeolus is another forward-looking open source project, driven by Red Hat, that essentially seeks to build an open source cloud broker. A stand-alone project, Aeolus offers a single, consistent set of tools to build and manage organized groups of virtual machines across clouds. It consists of the following:


  • Aeolus Conductor, which offers a way to provide cloud resources to users, manage users' access to and use of those resources and control users' instances in clouds

  • Aeolus Composer, which provides a way to build cloud-specific images from generic templates so users can choose clouds freely using compatible images
  • Aeolus Orchestrator, which provides a way to manage clumps of instances in an organized way, giving users the ability to automatically bring up a set of different instances on a single cloud or spanning multiple clouds, configure them and tell them about each other

  • Aeolus HA Manager, which provides a way to make instances or clumps of instances in the cloud highly available

Red Hat is far from alone in contributing to the open cloud. Rackspace Cloud and NASA have made waves with the OpenStack IaaS cloud computing project, also made available through the Apache Software Foundation. The OpenStack project's mission is to give any organization the capability to create and offer cloud computing services running on standard hardware.

(Sources - http://www.cio.com)

Sistem Pengkalan Data Ahli UMNO diceroboh Penggodam - Semua Maklumat Ahli UMNO dicuri


Pentadbir sistem bagi parti-parti politik samada Barisan Nasional atau Pakatan Rakyat digesa untuk memastikan sistem yang diselenggara oleh mereka sentiasa selamat dengan memantapkan keselamatan laman web masing-masing. Pengodam yang mengelarkan dirinya sebagai 'politikus' dilaporkan oleh blog kenahack berjaya menceroboh pengkalan data keahlian UMNO. Semua data yang bersaiz hampir 30GB berjaya dicuri oleh pengodam tersebut termasuk maklumat keahlian UMNO Perdana Menteri. Difahamkan 'politikus' akan cuba untuk mengodam semua laman web parti-parti politik dan mencuri maklumat keahlian parti-parti tersebut tanpa mengira BN atau PR. Justeru, pentadbir sistem bagi parti-parti politik yang menggunakan windows sebagai operating system untuk sistem mereka perlu memastikan semua patches penting dikemaskini sebagaimana yang dicadangkan oleh microsoft.

Maklumat lanjut boleh diperolehi melalui blog http://www.kenahack.com