Back last fall, when I first heard about Caldera’s new Volution product — it was going into beta — I have to admit that it didn’t register. « Comprehensive Linux Managment Solution » buffers a meaningful phrase — Linux Management — between two words that are pure verbal camouflage. The other modifiers it attracted in press coverage — « revolutionary, » « new, » « comprehensive, » « significant » — came across to me as equally generic PR braggage.
But the concept of « Linux Management » was sufficiently oxymoronic to stick in the back of my mind. The enterprise model of a network is a collection of services: directory, security, management, messaging, Web, print, and so on. As more enterprises build on Linux infrastructure, they’ll need the network service called management.
The kind of management we’re talking about here isn’t just about control. It’s about bringing efficiency and knowhow to bear on many systems at once:
- Installing and removing RPMs
- Distributing and installing software
- Taking inventory of directory contents and following changes
- Setting policies and monitoring the health of systems
- Profiling hardware and software and setting conditional profiles for various events (like software installs)
Customers in this market want network services that become more valuable as they scale up both in size and rates of change. A management system like Volution only gets more valuable as number of computers, device drivers, operating systems, software packages, and people are added to the network.
Network management is old hat for companies like IBM, HP, Computer Associates and Intel, which all have network management offerings (IBM through Tivoli). But it’s new for Linux — and new for Linux in the established enterprise environment.
As I began to look into Volution, I suspected it might be the first enterprise product with the potential to elevate Linux into position as serious — i.e. marketable — enterprise infrastructure. Volution competes directly with the offerings of all the established vendors. An there’s nothing exclusive about it, at least where other Linux distributions are concerned. It works with all of them. Caldera also plans to make it work with SCO’s UnixWare (decended from the original AT&T UNIX), which Caldera purchased last year.
This scope is due partly to Volution’s use of SLP (Service Location Protocol ) a standard Internet (RFC2165) protocol that allows discovery, location and configuration of network services such as mail, print and Web hosting. Caldera has developed a version of SLP, called OpenSLP, that it has contributed to the open source community (www.openslp.org). With OpenSLP, services make their presence known to Volution’s management agent without needing to go through any kind of setup, cofiguration or other modification.
The management console is an ordinary Web browser. And the system is enabled by an LDAP (Lightweight Directory Access Protocol) directory. A single client can manage any number of servers with LDAP V3 directories.
As with other enterprise offerings from major Linux vendors (e.g. Red Hat Network Services, SuSE’s Email Server II), the product strategy is to close the source — and to close marketing mouths about that fact.
To make more sense of what Caldera is doing with Volution, I called on Craig Burton, who is perhaps the world’s leading authority on network services (a topic he did much to define both at Novell in the Eighties and The Burton Group in the Nineties). In late January I called on Craig to help make sense of what Caldera is doing with Volution. Normally a curmudgeon about vendor’s new products and claims, he makes an exception in the case of Volution. I asked him why.
Doc Searls: What’s so special about Volution?
Craig Burton: Two aspects: architecture and strategy.
Doc Searls: Then let’s start with architecture.
As management systems go, the Volution architecture is elegant, well thought out, and usable.
First, it’s directory-enabled. Volution is a great example of what power and elegance infrastructure can have based on the concept of using a general-purpose directory service for systems design. As such Volution is an example of the way network infrastructure should be built — using the constructs of a general-purpose directory and security service to manage the location, identity and state of network objects over space and time.
Second, it uses standards-based infrastructure where possible to do really difficult things, and it does them in a non-intrusive manner. For example, it’s hard to discover and create a manageable network without a lot of administrative work and change to the configuration of the very system you are trying to manage. Volution uses OpenSLP to locate and connect to services. this protocol is very cool for creating a manageable environment while causing minimal potential for other problems.
Doc Searls: For example?
Craig Burton: While you still have to install the Volution client on a Linux operating system in order to make it manageable, with OpenSLP, you can do it without having to change any of the configuration files on the target Linux OS. This is because with OpenSLP, services — the management server — and the client — the managed workstation — can find each other and rhen exchange information about each other on the network. And they can do it independent of the configuration of the Linux OS on either side. This is a triple whammy. First, Linux doesn’t have a native location protocol; and second, every protocol that anyone else uses, Linux or not, is much more intrusive and complicated. Finally, OpenSLP is the only service location protocol that has reached RFC status. Nobody else even comes close to doing that, or having and architecture that lets you do that. Novell is the only vendor that really uses OpenSLP with their management products. This is because Novell had to have a way to convert their service location protocol (Service Advertising Protocol [SAP]) to something that was TCP/IP-based and preferably an RFC. Sun says they are going to use it but isn’t doing much yet. I don’t think this is an issue either way; but it is a simple functional protocol with RFC status that does the job and then some.
Doc Searls: What about Red Hat? Aren’t they doing something here?
Craig Burton: Red Hat’s management system is a good example of an intrusive system. The Red Hat system uses Novell’s NDS — it’s called eDirectory when it’s used with Linux — and is therefore directory-enabled. They run the directory — they don’t really give the customer a choice — and they embed their agent so it goes in and makes system changes, and it’s Red Hat 7 only. A much better approach to management is to keep the stuff doing the management separate from the stuff being managed. They’re also running a service business here. It’s not implementing management or directory as discrete network services.
Doc Searls: What else about the architecture?
Craig Burton: Object oriented design is another thing. All of the benefits of object-oriented design come in to play as a result such as reusability, inheritance, simplicity, and consistency. Basically, Volution creates objects that represent what the network looks like and puts them in the directory. For example, if something goes wrong—a machine quits working—the management system can look at the object representation of the system (in the directory), check the differences between it and the real system, and fix what has been broken. Or at least make them match and do a best attempt to bring things back to where they were when things were known to be working. The only down side of their object oriented strategy is that they created their own object model. Fortunately they did it in a directory-enabled way, so they should be able to transition to a more long-term solution at a later point.
Another is XML-based encoding. Volution uses XML to communicate between the client and server. This is good for all of the obvious reasons; text-based, extensible, self-discovering and all the same reasons Jabber, for example, uses XML.
Doc Searls: There’s the browser interface.
Craig Burton: The interface to the service is through a Web-server. They like Apache. This means the management server talks to any web-based client. This means administration and management can be done from anything that can run a browser. That’s good use of infrastructure and is the way things should work.
Doc Searls: Is it a good enough first effort, or is it missing some things that might hurt its acceptance?
Craig Burton: While Volution is still a long ways from being a finished management system —i t doesn’t actually provide the full-blown applications that use the services — it provides a significant leap forward for the Linux community and does it with what I consider great foundational management architecture: the kind of infrastructure I would recommend and design. It’s good for customers, partners, developers and anybody else that wants what it offers.
Doc Searls: That’s an unusually strong endorsement. I haven’t heard you gush about too many things before.
Craig Burton: I thought about this a lot and I tried to come up with a reason to be more negative, and I couldn’t. I think Volution is well thought out. They have a veteran team here. When I was briefed by some of the same guys when they were at Novell doing this work, they were loving it because they were able to build the basic infrastructure building blocks for this system in a fraction of the time it took them to do it for ZEN Works. Those are probably the two reasons why this is so good. It is the second go around for the architects, and it is based on a general purpose operating system and tools. Nice stuff.
Doc Searls: What about strategy?
Craig Burton: Linux is a commodity. It is also truly becoming critical infrastructure. So how does a linux distro vendor bring value to the table? Service? There’s no way a distro vendor can scale enought to bing in the service level the cuistomer needs. That’s not a long-lasting way to cause shareholder value. What they need to do is field the next generation of Internet services that run on Linux. Caldera is doing that with management services, and doing it in a distribution-agnostic way.
Doc Searls: So they scale with a product that provides an Internet service, rather than try to run a service business.
Craig Burton: Right. They’ve come up with a product that builds infrastructure that supports the commoditization of Linux in a way that is significantly more advanced and architecuturally sound than what anybody else is doing. They’re raising the stakes of what a distro vendor needs to do.
Doc Searls: It’s not open source. How is that strategic?
Craig Burton: The reality is that not all of Volution is open source. But it is open-source based,and it’s a real strategy. Red hat’s service strategy isn’t open source either. It’s based on Novell’s eDirectory, which is NDS running on platforms other than Netware. You pay a monthly fee to Red Hat and they’ll manage your directory. eDirectory is not an open source product. I don’t see how Red Hat can make it one. Meanwhile they’re providing service only for companies using their latest distribution version. What good is something no other Linux vendor can work with? It’s the same as not being open source.
Doc Searls: But it’s still strategic to the degree that they offer something.
Craig Burton: Their goal is to be THE Linux. If they want to maintain the kind of majority share they have now, they need to differentiate. This is one way. Whether they realize that it’s also a lock-in strategy is an open question.
Doc Searls: So you’re saying Caldera is more strategic because they’re offering a different network service, and doing it in the form of a product — a strategy that scales.
Craig Burton: Yes. And I’m saying bravo. This is a bold move. In chess terms, it’s a Bobby Fischer-grade opening. It’s preposterous to think that a Linux distribution vendor can an industry impact on network management, but I think that’s exactly what Caldera has laid out here. This architecture is strong enough, and well-thought-out enough, that it really is an industry-leading move. If it weren’t Linux and if it weren’t Caldera, a lot more people would be calling it hot stuff. And it may just be that Linux is hot enough, and Caldera is strategic enough, that it really is hot stuff. If it doesn’t pan out, it’s still what network management is going to be like. Whoever solves the problem of management is going to take this kind of approach, whether it’s Linux or not. It’s a very cool move on Caldera’s part.
Doc Searls: What about security?
Craig Burton: Security is inherent in this. Security and directory are related services. This goes back to the network services model, which says that directory and security are the services on which all the other services have to be based. And right here Caldera has a directory-based secure management infrastructure. That’s really strong.
Doc Searls: In that it’s independent of any Linux system.
Craig Burton: Right. But it’s still only Linux. It only runs on Linux and only manages Linux systems. But it embraces all Linux distributions, and that’s very significant.
Doc Searls: How about IBM, which is selling a lot of Linux and declaring itself a Linux Company?
Craig Burton: Their solution is Tivoli, which isn’t anywhere near as clean as this. IBM bought Tivoli a while back. They’re an object oriented network management solution. They have a lot more stuff than Caldera does in Volution, but Caldera has a more elegant solution because it fosters infrastructure.
Doc Searls: How about companies like Egenera, which are building data centers around Linux (or planning to)? These centers might include Linux and other platforms. They should be looking at this kind of thing, no?
Craig Burton: They should be jumping all over it. Anyone doing widespread Linux implementation should be looking at this as infrastructure. Because there isn’t anything better for Linux. Again, unfortunately, it’s still only Linux. That’s not enough in the larger scheme of things, but it’s a huge start.
Doc Searls: Is there anything about Linux that makes it inherently more or less manageable?
Craig Burton: There is no infrastructure in Linux to discover a configuration. So Caldera built one that goes in there and does a hard-wired discovery of the Linux architecture, so it can point back what’s there in terms of devices, device drivers and systems. Volution uses that. It’s the way they do discovery to populate the virtualization of management. It’s tied in with OpenLinux, which is open source. But the agent that does this isn’t. At least not yet. Right now they’re trying to get out there in front of the curve by providing real management services. This is a valid strength.
Doc Searls: What would be the next steps?
Craig Burton: There are several questions that come up. Who’s going to build the Caldera Volution client for other platforms besides Linux? That’s one question. And which Linux distributions are going to bundle the Volution client? If it was included with TurboLinux, Volution would automatically find it and begin securely managing it.
Doc Searls: Isn’t the client a browser?
Craig Burton: This is where the term « client » gets confusing. There is a Volution management server that is accessible from a browser. In this sense the browser is the « administration » client for Volution. The administration client is used to do things like setup, configuration, and maintenance of Volution. Then there is the actual « management » client. This is a piece of software that enables Volution to manage a Linux platform. The management client is loaded and sits in the background of the Linux system doing its management job. The management client looks for problems, communicates with the server, and executes management functions. Both client functions are secure and require passwords to do things.
Doc Searls: What about LDAP? Will it look at any LDAP directory?
Craig Burton: They’re using an LDAP v3 directory, which has a security model. It’s far enough along to justify their claim that if you’ve got a V3 LDAP infrastructure in place you can use Volution. The problem is that what V3 does not define is replication. What’s missing with LDAP directory is, one, dealing with the naming problem, and two, that LDAP servers talk to each other.
Doc Searls: LDAP is a protocol. So why, if there’s a protocol in place —
Craig Burton: LDAP defines only how a client talks to a server. Not how a server talks to a server.
Doc Searls: Critical difference. Can we diagram what’s possible and what’s not here? If you’ve got a Volution console, and you’re looking at multiple directories, you can do that, because you’re a client talking to a server. But —
Craig Burton: — But there are going to be pockets of disparate LDAP solutions out there — even though it is assumed that this is not something you want to do, because it isn’t manageable. What happens is you’re busy thinking that’s not what you’re going to do, but it happens anyway. Let’s say you’ve got a company with two geographic implementations of lots of linux distributions with one LDAP directory per location. The one in California uses mostly Red Hat, but also some other Linux distributions, and uses Netscape as its LDAP directory infrastructure. Now let’s say the one in Utah has bought off on eDirectory, which is Novell’s LDAP directory infrastructure. These two systems can’t be integrated as a single managed entity.
Doc Searls: Not yet.
Craig Burton: Not for a long time. Because these servers don’t talk to each other.
Doc Searls: You need metadirectory for that.
Craig Burton: That’s right. You can’t do it without metadirectory. But that’s still way downstream.
Doc Searls: But there are metadirectory products out there.
Craig Burton: Sun’s iPlanet metadirectory, which used to be Netscape’s, tries to figure out how to reconcile the vendors that bought their own different LDAP directories. How do you integrate those different name spaces? They have to talk to each other, even though they have different schemas and naming practices. They don’t match. Between them you have breakdown. The problem is the same as if one directory wasn’t LDAP.
Doc Searls: So LDAP is necessary but insufficient.
Craig Burton: Yeah. See, I can look, though LDAP, at two different islands, but I can’t look at them together. Any LDAP client can look at any LDAP directory on any LDAP server, but each creates its own island. The servers are not integrated.
Doc Searls: So for now it can’t be done.
Craig Burton: Sure it can be done. Go buy Microsoft’s metadirectory. It does exactly that.
Doc Searls: This is Zoomit’s VIA, which Microsoft bought a few years ago, and which had as its charter a policy of including all directories regardless of vendor, naming convention, schema or anything else.
Craig Burton: Right.
Doc Searls: So if I have a multi-platform shop already running Windows 2000 server, I can buy VIA, put it on the server and combine multiple LDAP directories.
Craig Burton: Right. But if you’re a customer who’s trying to follow orthodox Linux policies, you can’t.
Doc Searls: But if you’re all open source, you’re not even running Volution.
Craig Burton: That’s right. If you’re in an all open source environment, you’re hosed for management. There is no management infrastructure in an all-open-source solution today. Certainly nothing like Volution.
Doc Searls: But Volution may be politically acceptable because it comes from a company that’s committed to opening everything it believed it can, and still stay in business.
Craig Burton: Right. Look: people have always been paying for software. Companies — vendors and customers alike — need to have an open source strategy because only open source is going to create ubiquitous infrastructure. The question isn’t just, What should be open and what shouldn’t?, but, How do we generate both ubiquity and shareholder value? Caldera has a strategy for that. So does Red Hat. They’re players. You have to have an open source strategy to play today. That has become a very clear reality. What remains fantasy is the idea that everything has to be open source. But that’s an absolute idea that has no opposite. Open source advocates have done a very good job of selling the value of open source. But there isn’t enough pudding in the commercial space to prove it, and there never will be. Caldera is living with this problem right now, and doing a very careful job of moving everything it can into the open source space, which creates ubiquity, while they come out with products like Volution, which drive shareholder value and happen to be closed source.
Doc Searls: That’s why they put OpenSLP out there as a protocol.
Craig Burton: Right. That creates ubiquity because it’s something everybody can use tomorrow. Microsoft did the same thing with SOAP.
Doc Searls: Which they created with other companies.
Craig Burton: Sure. But it’s still an open source strategy.
Doc Searls: And we’re still new to all this.
Craig Burton: It’s still a new world. What’s ubiquitous about that world is full of open source stuff. But it also has to be a world where business can thrive. Can you do that entirely with closed source software? Not if companies are going to make money at it.
Doc Searls: If we look at what Richard Stallman wrote in the GNU Manifesto, one business idea behind a free operating system was « remove operating system software from the realm of competition. » He says, « You and they will compete in other areas, while benefiting mutually in this one…. GNU can save you from being pushed into the expensive business of selling operating systems. » Maybe managing multiple operating systems is one of those areas.
Craig Burton: Let’s go at it from this direction. There are those who think that Linux’ role is to take over the client, and be big contender there. God bless ’em. That’s not what I’m talking about. The fact is, Linux already is a contender as a platform for infrastructure. No, it’s beyond that: it is infrastructure. Period. Today. However, it’s an infrastructure commodity. So those who are in the business of supplying that commodity need to put a stake in the ground about the next piece of infrastructure they’re going to provide that’s based on Linux. We have exactly two vendors in the Linux community who have driven those stakes: Red Hat with service and Caldera with management. Red Hat offers exclusive service based on eDirectory which is a form of NDS: a directory from Novell. Caldera offers Volution, which is an agnostic management system that works with all kinds of Linux systems, including Red Hat’s. Now: which one is more strategic, more long-term and better for the industry and an evolutionary leap? It sould be Caldera.
Doc Searls: Isn’t Red Hat just doing what it can until it figures out something better?
Craig Burton: Sure. But in doing service, they are trying to figure out how to do standards-based, directory-enabled service. Not services. That’s it right there. Huge difference.
Doc Searls: This has all been very much on the positive side for Caldera. What’s the down side? Is there anything wrong with Volution as it now stands?
Craig Burton: The Volution object model is homegrown and not a long-term approach. I think they should use The Desktop Management Task Force’s (DMTF) Common Information Model (CIM). The Linux community is very resistant to CIM because Microsoft is fully committed to it. The community wishes there was an alternative, I don’t see one. Trying to force another object model into play is a waste of time. But politics are still likely to muck this up. I also think they need to support other platforms besides Linux, either themselves, or through partnerships. This product calls into question whether Caldera intends to be in the infrastructure busienss or in the management business. It’s one thing to provide infrastructure on which everyone builds or to put applications on infrastructure. Sooner or later they’ll have to choose. I think they should stay in the infrastructure business.
Doc Searls: Doesn’t Volution put them in both?
Craig Burton: It’s mostly infrastructure with a a start on management applications: inventory and application distribution, hardware and software inventory, health monitoring, Linux printer configuration and management. These are separate applications that come with Volution. There’s no help desk, no trouble ticket. The question is, are they going to partner with somebody to create those things or do it themselves? I think they should partner.
Doc Searls: Why shouldn’t they add more value to what is clearly a product?
Craig Burton: It’s not that they shouldn’t. It’s what works best both for them and for the industry they’re serving. The infrastructure strategy is in alignment with their roots. It’s not a big leap going from Linux to management infrastucture. It is a big leap to go from Linux to managment applications. It’s a very different business. They’ll probably need to walk a fine line here. A Linux vendor selling network management to the enterprise is a new concept and they’re pushing the envelope with it.