- The Art of Game Design | Jesse Schell
- New Apple iPhone 5 Camera Ad - Peter Kafka - Media - AllThingsD - "I have no idea if it will help Tim Cook sell a single extra handset. But it is a wonderful piece of moviemaking."
- ‘Pippin,’ Directed by Diane Paulus, at the Music Box Theater - NYTimes.com
- Broadway review: Pippin at the Music Box Theatre - Chicago Tribune - Yeah. Saw Pippin at ART in Cambridge. It was remarkable.
- OpenStack Summit Spring 2013 - Brian Stevens - RT @addvin: Ptr to my #OpenStack keynote:
- Grace Hopper - Wikiquote - RT @monkchips: "It's easier to ask forgiveness than it is to get permission" - that was grace hopper too? no way. #c…
- A VC: Return and Ridicule - "This notion also plays into Clayton Christensen's framework for disruptive innovation. Many of the most disruptive technologies started out as what Clay calls "toys". The PC is a great example of that."
- Red Hat | Red Hat Completes FIPS 140-2 Certifications - RHEL gets FIPS 140-2 certifications:
Monday, April 29, 2013
Thursday, April 25, 2013
Listen to MP3 (0:13:17)
Listen to OGG (0:13:17)
Gunnar Hellekson: Thanks Gordon, it's great to be here.
Gordon: One of the ways I look at platform as a service, OpenShift, is this really nice abstraction layer, in that it keeps the stuff the developers care about separate from the things that the operations, the architects, arguably even the procurement people care about. That kind of, I don't know, firewall or level of abstraction or the wall between those can sometimes be very useful.
Gordon: In a way I think this is a little bit funny, of course, because a lot of the early talk around PaaS, particularly the online services, were around this whole idea of DevOps and you didn't need to separate the responsibilities. You look at something like Netflix and you don't really have much in the way of dedicated, separate operations staff. Here we are with PaaS and the government really being used because it can, if you want it to, on an on‑premises solution like OpenShift Enterprise, really can actually enforce those differences in layers.
Gordon: Maybe you could tell our listeners about some of the new things that Red Hat's doing, or they're coming down the pike?
Gunnar: Yeah, so this is actually exciting news. A lot of people, at least folks in the government space know about this. We are huge supporters of the FIPS process, this is the Federal Information Processing Standard. There's one standard in particular, FIPS 140‑2, which tells everyone how they are supposed to implement cryptography. If I'm trying to keep something secret on a machine, I can't just write any software I want. I have to take that software and have it scrutinized by a third party and make sure that when I say I'm using the SHA‑2 256 algorithm that that's in fact the algorithm that I'm using.
Gordon: That's great, Gunnar. Anything else you'd like to share with our audience?
Gunnar: No, no, this is great. I think that maybe the last thing I'll leave you with is, back in 2008 there was a lot of talk about open government. When the Obama administration came in everyone was talking about open government and how open source could help open government. People were skeptical about it, maybe, and just this week we got two proof points for folks to let them know how successful open source has been in government.
Gunnar: Well thank you Gordon.
Wednesday, April 24, 2013
- Is It Journalism, or Just a Repackaged Press Release? Here's a Tool to Help You Find Out - Rebecca J. Rosen - The Atlantic
- New York City subways over time
- Open Data ≠ Open Source - Monktoberfest 2012
- The 2013 Future of Open Source Survey Results
- Why developers are turning to API services - Feature - Techworld.com
- The rise and fall of AMD: How an underdog stuck it to Intel | Ars Technica
- Baserunning adventures of Milwaukee Brewers shortstop Jean Segura - ESPN - RT @jyarmis: Stealing first base? Actually happened this weekend, @berkson0 ” << priceless!
- Photo by ghaff • Instagram - Hills above Los Gatos CA
- (403) http://www.yelp.com/biz/nicks-next-door-los-gatos?pt=check_in&ref=twitter&v=4b - In Los Gatos. Back home tomorrow. (@ Nick's Next Door) on #Yelp
- Twitter / ghaff: Hakone Gardens http://t.co/WH6cIrwjdF - Hakone Gardens
- Why Don't More Social Scientists Share Their Data? - The Daily Beast - Nice piece by @asymmetricinfo on problems of/reasons for closed data in social sciences
Thursday, April 18, 2013
Debate continues over the relative merits of private, public, and community clouds for enterprises. The debate (thankfully) has mostly shifted from dogma to deeper discussions around factors such as costs, bridging of legacy application types, data gravity, and service levels. And, in general, there's a widespread (if not quite universal) recognition that cloud and IT broadly will be hybrid in one or more respects.
By contrast, many of us who have been following and working in the cloud space for a number of years haven't ever expended a whole lot of cycles mulling if and how cloud computing (in the sense of public cloud services—mostly SaaS) would be adopted by smaller businesses, SMB.
The case seems compelling. For myself, I find it almost a ritual when writing about SMB to preface any comments with the observation that most SMB (with the caveat that there's no single definition and it covers a broad range) have relatively little in the way of dedicated, much less specialized, IT people and therefore they value simplicity and integration over functionality. Which is why SMB has been a traditional area of Microsoft strength, for example.
Public cloud services seem tailor-made for these types of organizations. We can debate the relative costs of a large bank operating its own servers versus letting Amazon Web Services do it. We can reasonably ask whether an organization with a five or six figure-sized sales force might not be better off running their own CRM system rather than using Salesforce. A 200 person services firm? Not so much.
Therefore, it's a bit surprising that the data doesn't really back up these assumptions.
Consider first, a presentation by Chris Chute and Ray Boggs of IDC at this year's Directions 2013 conference. Entitled "The SMB Cloud Story: An Unexpected Journey" (yes, cute title), it showed off data from IDC's 2012 SMB study that was counterintuitive. Consider these three finding that grabbed my attention:
- Smallest businesses still cautious about public clouds
- Small business even more concerned about security than a year ago
- Micro business, less than 5 employees, are most resisting to BYOD
To (over-)generalize, the smaller a business is—and therefore the less capable it typically is of putting in place systematic policies and procedures around backup, security, and so forth—the less likely it is let someone else take care of those things. One can reasonably argue about how the BYOD finding fits in, but there's no disputing the overall direction of the data. For me, the real money shot is the IDC slide I posted above.
Other data shows similar results. Just this morning, writing on the GigaOm Pro Blog, David Linthicum notes that: "According to Smart Company, an Australian-based publication, cloud computing gives small businesses a 106% productivity boost." So far so good. However, the same study notes that only 16 percent of the businesses surveyed said that they use cloud computing in business. While optimistic about cloud computing use by SMB going forward, Linthicum suggests that "the issues around cloud computing adoption by small businesses include a lack of understanding of cloud technology, and which cloud computing flavors (IaaS, PaaS, or SaaS) are right for them."
IDC's Boggs also noted that lack of knowledge was a problem. He also suggested that small business owners can also be control freaks in some cases and therefore unwilling to relinquish perceived control. From a less psychological perspective, he observed "their industry is where their identity is" and that vendors therefore need to embrace vertical thinking. As someone who worked with many VARs (value-added resellers) in the 1990s, the importance of approaching SMB from an industry perspective rings true to me. And it's not something that's happened systematically in the cloud space to date. Perhaps community clouds and SaaS offerings will shift things more in this direction.
Ultimately, as I wrote in a 2004 research note I wrote about an IBM SMB initiative: "[T]hat market presents a challenge for large IT vendors because its needs are more diverse. It has far fewer financial resources and technical skills, and it proceeds at a less consistent pace in its IT projects than the Fortune 500." It's not a slam dunk to move SMB rapidly to cloud, even if it once seemed that way.
- Multiplayer Game 'Eve Online' Cultivates a Most Devoted Following - Businessweek
- Why I've Left the Media Business - "Instead of inventing a new business model, media companies keep trying to tweak the old one. By that I mean they keep trying to invent new kinds of advertising. It’s a pointless exercise. They’re like blacksmiths who are responding to Henry Ford and his automobile by trying to create a better horseshoe."
- The NYSE Community Cloud Success Story Points to Another Cloud Model @BizTechMagazine - "Community clouds aren’t new; Red Hat cloud evangelist Gordon Haff was praising the model as the future in a CNET article back in 2010. Some people consider community clouds a subset of private or hybrid clouds, but Hollis argues in a post on his blog that the community cloud deserves recognition as its own distinct model of cloud computing, and that other industries should consider a community approach before going solo:"
- Hotel minibars: Minibar blues | The Economist - It would make me happy if hotels scrapped minibars and left empty refrigerators instead.
- When Hell Froze Over---in the Harvard Business Review | Xconomy
- Retargeting in Digital Advertising Can Backfire | MIT Technology Review - "In the rush to use ever-more data about people, Tucker says, ads are too often shown to those who have already decided whether to buy or not buy the product, or who have bought it already. “What we may be doing is wasting a lot of money.”"
- MOOCs: A view from the digital trenches - I'm taking @kwerb's gamification course.
- Rational Survivability » Video Of My ’12 Microsoft Bluehat Talk: Sh*t My Cloud Evangelist Says
- MoMA’s Act of Vandalism by Martin Filler | NYRblog | The New York Review of Books
- Untitled (http://www.amazon.com/Diversity-Complexity-Primers-Complex-ebook/dp/B0058E3K6E/ref=tmm_kin_title_0?ie=UTF8&qid=1366158065&sr=1-2) - @dturkenk The intersection w complex adaptive systems in looks interesting. cc: @jamesurquhart
Wednesday, April 17, 2013
I've frequently said and written that cloud computing isn't about a single point product or solution. It's about delivering capabilities across hybrid infrastructures in open and portable ways. Red Hat's coming at this vision from a number of different angles with a broad portfolio. The downside is that it's a rapidly evolving area and we probably haven't been as good as we could have been at explaining how the various moving parts connect and otherwise interact.
I took the occasion of the OpenStack festivities in Portland, OR this week to put together a fairly long blog post that delves into how the "cloud-specific" parts of our portfolio mesh. (This isn't the whole story; for example, Red Hat Enterprise Linux provides important foundational technologies for our cloud offerings in addition to providing a consistent runtime across a wide range of infrastructure.) I encourage those interested to check out the original post on our press web pages, but I wanted to hit some of the highlights here. I've touched on some of these topics previously but it's time to revisit them as projects, products, and my thinking about their relationships have all evolved.
For our purposes here, I'm going to discuss four basic groups of related capabilities:
- Enterprise virtualization management and Infrastructure-as-a-Service
- Hybrid cloud operations management
- Application lifecycle management
Enterprise virtualization management and Infrastructure-as-a-Service
A huge amount of activity is taking place within this layer as it evolves to supporting hybrid application models spanning both traditional enterprise applications and new-style cloud workloads. Red Hat Enterprise Virtualization is focused on the former. OpenStack is focused on the latter; a massive developer community is helping it become the best platform for stateless, modular, cloud-oriented applications. I'm working on a paper, intended for publication in a couple of months, that discusses these different workload styles in much more detail.
Hybrid cloud operations management
Enterprises also need features like chargeback, policy, orchestration, reporting and automation. And, they don't want OpenStack to become a stand-alone silo, isolated from their existing and future enterprise virtualization platforms and public clouds. Red Hat CloudForms is focused on solving both of these problems.
Consider first the need for cloud operations management tools. CloudForms tools can discover, automate, monitor, measure and govern virtualization and cloud infrastructures. Operations management is fundamentally about service lifecycle management, which provides for provisioning, intelligent workload management, metering, cost transparency and the retirement of resources when they are no longer required. In December 2012, Red Hat acquired ManageIQ with the aim of rapidly bringing these capabilities (shipping in the ManageIQ EVM product today) to the CloudForms platform.
The second need—avoiding new silos—requires hybrid cloud management, which spans heterogeneous platforms, whether on-premise or public clouds, and maintains application portability across those environments. Providing such capabilities was a guiding principle of CloudForms from the beginning: Cut across islands of technology, preserve existing IT investments, and create common resource pools across a broad set of infrastructure.
Our plan is to aggregate this functionality and deliver it within a single product later this year.
We also plan on integrating CloudForms with OpenShift Enterprise for operational management of Platform-as-a-Service (PaaS) environments. OpenShift provides secure multi-tenancy within operating system instances using a variety of “container,” security containment (SELinux), resource management (Cgroups), and global namespace technologies. CloudForms can augment these capabilities with the ability to provision, monitor and scale the nodes themselves on OpenStack, Red Hat Enterprise Virtualization and other platforms.
Application lifecycle management
We also intend to continue our work to tightly marry application lifecycle management to other aspects of open hybrid cloud management. Red Hat Network Satellite has a long track record of helping customers manage large-scale Red Hat Enterprise Linux deployments using standard operating environments for efficiency and consistency. As operational management evolves to meet the needs of hybrid cloud infrastructures, the application lifecycle management provided by Satellite will evolve to handle both today's and tomorrow's applications.
I've given you something of a whirlwind tour. Myself and others at Red Hat are working on making this info available in a variety of forms and levels of depth but it's a topic that I get asked about frequently enough that I thought it merited this relatively brief update.
Tuesday, April 16, 2013
I'm developing a theory that you're breaking some sort of union rule if you try to hold a cloud computing event without putting Netflix' Adrian Cockcroft on the agenda. (Though when I mentioned this theory to Adrian, he assured me it was OK so long as he was at least mentioned in a presentation or two.) In any case, he was on stage at the Linux Collaboration Summit in San Francisco this week to talk about "Dystopia as a Service."
Most of Adrian's talks examine various aspects of Netflix' computing architecture. It's an architecture that's both massive and almost entirely based on Amazon Web Services. It also offers a great example of what a cloud architecture should look like. Some specifics are doubtless unique to Amazon. And others unique to Netflix. But it's also true that many of the basic patterns and approaches that Netflix follows are useful study points for any "cloud native" application architecture. (Hence Adrian's ubiquity at cloud events.)
These patterns include things like making master copies of data cloud-resident, dynamically provisioning everything, and making sure that all services are ephemeral. This contrasts with the traditional IT pattern of having mostly heavyweight, monolithic services that you individually protected with all manner of reliability and availability mechanisms from N+1 power supplies to failover clusters. Bill Baker (then at Microsoft) wryly put the contrast between the traditional scale-up IT pattern and the scale-out cloud pattern thusly: “In scale-up, servers are like pets. You name them and when they get sick, you nurse them back to health. In scale-out, servers are like cattle. You number them and when they get sick, you shoot them."
However, for this post, I'm going to focus on one particular point that Adrian raised that hasn't been so widely discussed. That's the tension between efficiency and robustness (or anti-fragility as Adrian called it).
The basic idea is this. Maximizing efficiency typically involves doing things like replicating "the best" as patterns and minimizing variability. You standardize ruthlessly—one operating system variant, unified monitoring, "copy exact" (to use Intel terminology) from one region to another, common configurations, and so forth. The problem is that an environment that has been ruthlessly standardized is also a monoculture. And monocultures can be catastrophically affected by singular events such as security exploits, software bugs triggered by data or a date, and DNS or certificate issues of various kinds.
Although the specifics vary, we see the tradeoffs associated with maximizing efficiency in other domains as well. For example, it's generally recognized that today's highly tuned and lean supply chains are also highly vulnerable to disruption. Writing after the Japanese tsunami, the Chicago Sun Times wrote:
“When you’re running incredibly lean and you’re going global, you become very vulnerable to supply disruptions,” says Stanley Fawcett, a professor of global supply chain management at Brigham Young University.
The risks are higher because so many companies keep inventories low to save money. They can’t sustain production for long without new supplies.
Subaru of America has suspended overtime at its only North American plant, in Lafayette, Ind. Toyota Motor Corp. has canceled overtime and Saturday production at its 13 North American plants. The two companies are trying to conserve their existing supplies.
There are techniques in every field to intelligently reduce the impact of various types of events. However, there remains something of a tradeoff between efficiency on the one hand and robustness on the other, given the need to get away from monocultures as much as possible. Adrian described Netflix as using "automated diversity management" and "diversifying the automation as well" (by using two independent monitoring systems).
Of course, every organization will have to decide for themselves just where and how to introduce diversity. (Famously, Netflix is all-in on a single cloud provider—Amazon Web Services—however much they introduce diversity elsewhere and this has contributed to outages at times.)
Some diversity will arise naturally as organization introduce new technologies, such as new virtualization platforms, that they will continue to run alongside existing ones. Similarly, most IT departments today, for better or worse, don't ruthlessly standardize to the degree that cloud providers do. Thus, a certain degree of "organic diversity" comes naturally.
However, it's worth remembering—as organizations increasingly adopt some of the practices in use by public cloud providers—that the ultimate goal isn't necessarily complete standardization even when such is practical. Today, IT is hybrid just because that's the way it evolved. But even as organizations transform into much more of an architected-for-cloud world, it's worth remembering that hybrid IT can also be a good architectural practice for keeping bugs and other shocks from becoming epidemics.
[Graphic by Dominic Alves Flickr/CC http://www.flickr.com/photos/dominicspics/5425951169/]
- Adrian drinking a Total Domination IPA on Untappd - RT @adrianco: I sense a theme... — Drinking a Total Domination IPA by @NinkasiBrewing @ Zeitgeist —
- Red Hat Launching its own Community Distro of OpenStack - Slashdot - RT @TechJournalist: Red Hat Launching its own Community Distro of OpenStack @slashdot
- I was a college newspaper advisor | Jeff Pearlman
- Are small private colleges in trouble? - Magazine - The Boston Globe - "In an analysis of the financial records of 1,700 US colleges and universities, the Boston-based consulting firm Bain & Company estimated that one-third of them were on an unsustainable financial path, with operating costs increasing faster than endowment returns and other revenues could cover them. This is a problem the colleges can no longer solve, as they once did, by simply increasing tuition."
- Movie-Locations.com: film locations guide to filming sites around the world
- Steve Meretzky Proclaims to GDC: "Nobody Knows Anything" | Gamesauce: Global Inspiration for Game Developers
- USGS US Topo and Historical Topographic Map Collection
- Photo by ghaff • Instagram - Tea at Golden Gate Park
- American Dialects : Dialect map of American English
- Octalysis: Complete Gamification Framework | Yu-kai Chou & Gamification
Wednesday, April 10, 2013
- What Makes a Great Open API?
- Big Data Is Not the New Oil - Jer Thorp - Harvard Business Review
- Data is the new oil
- Jesus Christ, Silicon Valley | What Your Profile Picture Says About You (Hint: "You're a Douchebag")
- BSD Unix: Power to the people, from the code - Salon.com
- Color Palette Generator
- Freezer Chicken Pot Pies | The Feed
- PH-82 Paoli / Valley Forge (Diamond Rock) Nike Base
- The Meme Hustler | Evgeny Morozov | The Baffler
- Twitter / BenNunney: We live in a world where even ... - RT @profserious: so much for smart cities RT @BenNunney: We live in a world where even trash cans can kernel panic.
- KeePass Password Safe
- Redirecting... - RT @jason_pontin: There's an interesting debate on my (public) FB page on the influence of @TechCrunch:
- Cloud Connect Is Too Polite, And That’s The Problem With Vendor Conferences | TechCrunch - RT @fredberinger: Cloud Connect Is Too Polite, And That’s The Problem With Vendor Conferences
- Photo by ghaff • Instagram - #ccevent panel. @asheshbadani of #redhat arguing for openness.
- OpenStack Grizzly Release Report, by Bitergia - Analysis of OpenStack Grizzly code contributions
- New Timelapse Video: Comet Dances with Auroras – News Watch
- Office of the CTO | Who feeds Paris? Changing the mindset of IT
- Photo by ghaff • Instagram - Talking PaaS at Red Hat booth %ccevent
Wednesday, April 03, 2013
Links of note:
OpenShift Origin (with lots of pointers)
OpenShift Origin Community Day (April 14, Portland OR)
Podcast with Mark Lamourine: Working with OpenShift Origin
Podcast with Matt Hicks: OpenShift Origin and the Community
Diane on twitter: @pythondj
Listen to MP3 (0:12:00)
Listen to OGG (0:12:00)
I'll be spending the rest of the week at Cloud Connect Santa Clara (at which I'll be speaking on Wednesday and Thursday). Today was devoted to the Deploycon companion event, which Krishnan Subramanian, Principal Analyst at Rishidot Research, and friends kicked off last year in response to their perception that their wasn't enough specific focus on Platform-as-a-Service (PaaS).
I'm not really going to report on the event in this post. Probably a #deploycon twitter search is the best place to get an overall sense of what went down. Rather, I'd like to hit on a few topics that piqued my interest or that surfaced questions that I'd like to dig into more deeply in the coming weeks or months. Think of these as, not complete thoughts, but as interlocking fragments and threads that could benefit from further examination and teasing apart.
What is PaaS anyway? (Definitions. Shudder. I Know.)
The thought of revisiting PaaS definitions kicked off exasperated consternation among various panelists and audience members. But bear with me.
Without turning things into an academic definitional debate, there are some legitimate questions here. What is a PaaS itself as distinct from APIs being consumed? What of something like Kinvey's "backend-as-a-service" for mobile? Is that a mobile PaaS? What of something like Force.com, which analyst Judith Hurwitz describes as a PaaS anchored to a SaaS environment?
My tentative answer to these questions is that a PaaS is a PaaS—something that provides an abstraction for developers—while services (including backend services) are, well, services that a PaaS application can consume. (That said, I'm open to the idea that PaaS environments might be constructed in ways that are optimized for either specific vertical or horizontal (e.g. mobile) application types.
PaaS doesn't do enough
On the one hand, this was an unsurprisingly PaaS-friendy crowd. And there was little disagreement with the contention that "PaaS is 100% relevant to enterprise IT now," as one person put it.
At the same time (with the caveat that most enterprises aren't really ready to absorb more that today's PaaS today), there's an opportunity to do a lot more. Sinclair Schuller of Apprenda made this point in the vein of making it easier to write cloud-aware applications. Cloud-aware referring to service-oriented, stateless, modular, etc.
An interesting question to me, apropos backend services and so forth, is how to make it easier to write applications that are more fundamentally based on consuming services from all over. Is this a function of the PaaS or of client-side tooling? I bit of both I suspect although the two are not unrelated to each other. (At a minimum, a PaaS needs to support popular client-side and other tooling as Red Hat's OpenShift does with Eclipse, Jenkins, Maven, and so forth.)
So last year. OK. That's a bit flip. But even if the details could be debated, there was no one about to stand up on stage and claim such things don't matter. Every PaaS is trending more multi-language and multi-framework (even if they didn't start that way). See my post about OpenShift and polyglot here. And, to whatever degree a given PaaS is actually open, you're sure to find that work in its marketing literature.
Operational models and visibility
I suspect my recent post about PaaS as an abstraction would have been controversial among some panelists throughout the day. From my perspective, part of the value of PaaS is as black-letter abstraction. What's above the line is yours. What's below the line is ours.
However, to give one example, Carsten Puls of Engine Yard noted that: "At first, customers want to get going. Understanding what's going on under the hood isn't that important. As grows, want more control and go under the hood. Managing that bsalance through lifecycle is important."
I suspect that part of the disconnect is specifying who the "customer" here is. I'd maintain that for most Web/Java developers, the above-the-hood view is fine throughout the lifecycle. But, if you expand "customer" to mean "the IT organization," all you're really saying is that just having a hosted PaaS isn't enough; you need a private or hybrid PaaS that allows ops to get as far under the covers as needed.
How high level can we make things?
Larry Carvalho asked me if PaaS could make it so business users (not IT) could develop useful applications. I'm a bit skeptical; it's an idea with a generally unsuccessful history. (Unless you count spreadsheets.) But, maybe. To the degree that we can make services more easily consumable and more easily interconnected. And to the degree that we can package even higher levels of abstraction. Something like OpenShift's cartridge system could possibly evolve into such a mechanism.
Enough for now
All of these thoughts (and more) need more fleshing out. But those were some of my top-of-mind takeaways from the day.