Eddie Aronovich blog

From the bazaar to the online shop

2009-05-25T11:35:00.000-07:00

One of the open source pillars is the Cathedral and the Bazaar by Eric Raymond. I do believe the open source is one of the best models for software development.

Now, 12 years later is is still relevant ?

In one word the answer is "yes" and obviously the long answer is "yes but in an other way". The "services" instead of software, makes some of the open source basics irrelevant.

On one hand, the services are the ultimate stands in the Internet bazaar. You can use it, add capabilities and services, but usually one can not modify them or really see how they work. In this case you do not purchase a product, but hire a service.

If a service is good it would attract many users and will either survive or some derivative will be implemented that will survive or will be improved later. If it is not of interest or badly applied, it will remain useless and be abandoned with time.

Will the X in XaaS will make the open source ex ?
Only time will tell.

The new trends in IT for the recession

2009-03-28T05:15:00.000-07:00

Clearly recession is the time when changes are needed and there is higher probability that th change will happen. Obviously, the first driver is the need to cut expenses, however, there are additional aspects that need to be seen. The IT passed several recession periods and after all of them new technologies appeared. It will probably happen again, but only afterwards one can point out the successful new technologies that appeared.

In this post, I would like to point some of the that I think will be strengthen during the current recession.

Focusing on business targets - The IT looks like it has its own life. I have the feeling that technological companies develop new technologies and then look for needs. This is why probably some CFO's have feeling that the IT is unavoidable expenses rather than good investment.

Switching from capabilities to services - Most of the products today are services. If you can charge back-to-back for what it costs you that is the best model.

Change the IT into self sustained unit - At some point, the IT will have to get its budget (or at least most of it) from other units of the organization or the clients. Some of the services are already build that way, e.g. banking transactions in which the IT can calculate the cost of each transaction. More challenging and therefore later will be tasks like internal systems where the costs are hard to be estimated like applying CRM or ERP systems where the benefit is for all, but who should pay for it. One option is to offshore or outsource this operation and there the cost is clear and the boundaries are well defined. In this case, the management will decide where the budget will come from which is more or less the same.

Offshoring and Outsourcing - This is an ongoing trend for more than a decade and will keep going. There are many benefits like having a small company, focusing, etc. The only drawback that I can see is the fact that some of the knowledge and capabilities are taken out of the company. It is bad, but so many information leaks that it becomes almost impossible to deal with it. If you can not trust your supplier - do not do it !

Last issue that I want to bring up is the service level from enterprise. Some companies give just lousy service ! It makes the operation miserable and poeple that work on it un-happy. So consider to give your feedbacks for you, your family and your co-workers.

Eddie

Cloud - What is new, what is old and what is buzz

2008-12-21T13:24:00.000-08:00

Cloud computing appeared in the mid of 2007 according to Google trends, which obviously is not the pure truth, but we can pretty much agree that during first half of 2007 the term started to be known.
Cloud computing is the name of very old technology that allows getting services from a remote c0mputing centers. In the 60's the computers were attached with punch cards, cards readers and large rooms full of computers, while now it is virtual machine based operation.

Two ideas are new after all and should pretty much be taken in account:
- X-As-A-Service Users need services - So companies should offer the users services and not software. In most of fields we use services while in computers (due to some unclear reason), companies offer software. You do not ask a GSM software for your cellular and you should neither ask for word processor software. You might need a word processor - that is fine, but users do not need the software, but its functionality. X can be one or more of the following: software, platform, infrastructure, operation, etc. that is given as a service.

- Decoupling between business and IT. This is (IMHO) the biggest change since the appearance of the PC. Companies should no longer look at the IT as wired department that do "some computer work that only they understand". The IT will have to look around and see how it can contribute to the business of the company.

Approx 2 month ago, I asked on LinkedIn What is the "right" place of the IT in an organization ? I wanted to get an estimation of how people see the IT now in order to compare it in the future. All the replies talk about the IT as very distanced from the business. This will change in the era of "cloud computing". If a company uses SaaS or PaaS, the IT will have to invent new roles and get into other business. More of the same is not an option. Given that most of the software can already be used on the net as Office (e.g. google docs), CRM (sales.com) and many others, obsoletes the routine installation and upgrade process that some IT departments spend most of the time on updates and alike.
On one hand, the IT workers are skillful in implementing the same routine again and again and they will have to adapt to the new era. This time each IT worker will be required to have some understanging of the business they work for. If an IT worker in a bank will not be a mini-banker, his contribution to the organization will be less efficient.

Not everything can be moved to cloud. I some cases it is due to technical problems (as the organizations can not allow all their information to be external) and in some cases the IT workers will make huge efforts to prevent it. In either cases, this cloud buzz will force them to learn new practicies. In the future, it might happen that someone will suggest to move the main compute power from the serivce centers to the users. It will not be a desktop but rahter some lite weight device (maybe the cellular successor) and the computers marker will continue to make money out of those transitions.

What missing in the gird world ? - Applications!

2008-07-22T13:19:00.000-07:00

If one wonders why the grid is not widely used, the answer is trivial - A p p l i c a t i o n s!
Obvious - not ?

Well not so obvious. There are many other issues that cause the application to be not present.

First is the parallel thinking, most of us think serial, or at least not really parallel. It causes both, the application development and the user understanding more complicated. So it should be covered with a lot of abstraction layers that will give good feelig for the user.

Developers, QA, trainers, etc. need to change the way they think. It is not easy to make this major change mainly since there is no methodologies and best practices. The lack of tools can be seen as great opportunity. There is much knowledge in this area, but it is concentrated within the universities and research institutes. Those organizaitons do not understand the industry needs nor the business models.

What about the need?
It is clear that more compute power can be used and contribute to any company, on the other side it is not clear what is the marginal contrubution. The right question qould be not what we gain from doing it but rather what we loose if we do not do it. That is the exact problem of the grid applications. There are many killer apps, but none of them was found yet....

Developing the business model for grid application will probably make a difference. In the past, search engines did not had a common incoming model. Then came Google and the rest is history. SaaS, cloud, etc. are nice ideas, but they are not the business model that you will crash on.

We wait very much for the Google of the Grid world.

Middle-ware - the glue between companies

2008-07-04T15:06:00.000-07:00

Now it is clear, the computer resources are relatively cheap when using it as part of the Terra-computing. If Amazon can offer storage and CPU time lower then the cost of disks and retail computer price while it includes installation and maintenance (for storage it probalby includes backup too), the "Cloud computing" is here.

This architecture changes some of the concepts as can be see here. This time, I want to focus on the meaning of the "middleware" and its role in this environment. According to Wikipedia, it can be seen as "services that allow multiple processes running on one or more machines to interact across a network". So in this case the middleware will connect between resources that are located in different autonomous systems. Wait a moment....that is one of the grid definitions. So do we expect the middleware to connect storage from S3 at Amazon with Google-App-Engine ?

It is simple - YES !

The middleware would need to allow creating collaboration over outsourced resources! In the future we might see the cloud computer providers as telephone companies. Huge companies that offer services cheap. But still the middleware will create different clouds for the programmers and will allow focusing on the business intelligence rather than on the maintenance.

Will it be free ? - I hope not always!

Since the commercial companies (and other users) might need a legal contract (that states privacy), this service should not be always free. On the other hand, and as always, new models will come up. Today the most ubiquitous model includes commercials. As in Hotmail. Gmail. etc. - you do not pay money, but you see our commercials. IMHO more models would be seen.

How to count computers (or what is a modern computer) ?

2007-12-24T09:12:00.000-08:00

This emerging technology that is called Grid Computing allows (as I mentioned before) anyone to call his computer(s) grid. No one is restricted, in naming (thanks god), but it is confusing. "What do you mean when you say GRID?"

A lot of Grid projects and software exists. Some of it SOA based and some not. This industry gives jobs to a lot of people, so it is probably a good thing. If grid is the up-to-date version of the MF computer, then Greg Matter was right - THE WORLD NEEDS ONLY FIVE COMPUTERS but somehow, I feel there are other ways to see things. If the famous Alice and Bob have an apple each they one can say "they have 2 apples", but one can imagine 3 groups that each one has apples:
(1) Alice
(2) Bob
(3) "Alice and Bob".
This example can be presented "intro to combinatorics" under grad course.

Since each computer can be used for different tasks at the same time, it can be certainly be used for different projects. And if one can use the same computers for several tasks, the computer will be counted in several different projects. So the same as when we counted apples. There are as many as the number of sub-gorups and the same goes for computers.

Long time ago computers had CPU(s), memory and peripherals. A modern computer is composed of network and interaction device (keyboard, mouse, screen). Thats it !

The processor, memory, storage are not part of the modern computer. Neither are the applications, and the peripherals. They or their functionality can be found out there. Most of the resources are free but cost a lot (I will explain it later). Network, applications, compute power and storage can be found for free by resource providers. "blogger.com" is an example of application provider and so does second life (that offers interactive TV for the first time in history). One can broadcast to (almost) all the world (NBC, BBC, CNN - be aware!). And the same when my computer is connected to youtube, I am part of the international cross boundary cinema.

"But waht about business - they keep their computers restricted. You can never know what happens inside..." - Wrong again. When your application, calls Amazon to order books and software, they do some work for you.
As a matter of fact, Grid and SOA is all about outsource your IT !

"Does it mean fire my IT people in the long run ?" - Not at all. They will work on a different environment and provide different services. Any internet shop runs on part of Amazon, Google, Yahoo, etc. The business process (at last) is the main issue of the IT. No more self sustained systems.

So how much it costs ?
It costs in privacy! Visa probably knows better than the CEO of Internet based company how looks their cache flow! So does your telephony, electricity companies and your ISP. The post office and shipping companies knows almost everything about your business activity if you sell goods. They know when your business becomes bigger, when you have trouble, they even know when your company is on vacation (and only a few people left).

So we pay with privacy to have an unlimited compute power, storage, network, etc. and have almost infinite computers to run your small business on.

Is it for real ?

IPS/IDS and grid

2007-03-05T05:35:00.001-08:00

Last week I sent an e-mail to one of the mailing lists that I am on about IPS and IDS systems. The difference is clear, IPS can prevent events that IDS detects. Those systems are in use for long time now. If I may add - unsuccessfully since after you have those systems installed you are not more secure.

You can get information about some threats - but what is is good for ? Probably for some cases where you can get the info about an attacker. Actually you can get more information but it still does not make you or your site more secure.

The problem is that they are not reliable. It is not due to programmer fault. It is the way those system works and the way of thinking! Up until now, the security personnel usually come from networking back ground. Since most of security threats come through the net, it is reasonably to ask the net people to take care of it.
There are (2) problems that I find in this concept:

- Network is only the medium and not the problem and if one agree to this statement, the medium can help to solve the problem but the problem should be found in an other place.

- No reasonable solution can be found without understanding the application protocol. Since a crook does not look like one, and if he does, it would have been easy to detect them. This exactly the same here. The information that goes from one point to an other looks legitimate. There are just a few cases (usually they are already exist in various formats for FW) where one can define an exact format of an intrusion packet.

IPS/IDS and grids

Since the grid is based on external users that use local resources, access from the net is natural. But - Is there a way identify intrusion process ?

Well - I think the answer is YES. It should be "Application based IPS/IDS". We are familiar with application firewalls which can (partially) analyze application data and block abnormal behaviour.

For grids we will need a firewall that can check grid abnormalities. It will probably monitor the following components:

- Compute Element - to check that the jobs submitted are valid. We may soon find out that a wrapper is needed protect the system.

- WMS (or RB) - the components that are looking for best matching sites for a job to run in and submit it to that site. There are additional functionality like "rewriting" jdl (which is the general job description language to the local batch queue system). In those cases it can start with a wrapper that can check that no harm will be caused.

Now it is time to design such system....

What makes a Grid ?

2007-02-25T12:36:00.000-08:00

Once in a while, the question of what is a grid is raised. One attitude is that if you can sell it as grid - then it is a grid. This is done by some of the software companies. In fact, it does not matter at all what is a grid.
But since mathematicians (and computer scientists) need definitions, I prefer to use Ian Fosters definition taken from What is the Grid ? :

(1) Coordinates resources that are not subject to centralized control
(2) Using standard, open, general-purpose protocols and interfaces
(3) Delivers nontrivial qualities of service

This definition actually requests a group of clusters that each belong to an other sys-admin (that are not under the same management to achieve non centralized control) that share resources based on open-standard protocols (as Open Grid Forum).

One of the implementation based on Globus is the EU project named EGEE-II. The project added or designed some of the components different of the original GGf (ancestor of OGF) like Resource Broker (RB) which is the node that gets the job and looks for the most appropriate site to send the job to. After it finds a site, the job is translated for the site queuing system (which is called LRMS).

In order to submit a job, one has to have X.509 certificate approved by a known CA. The user ID is translated in each site according to the local gridmap file (where each certificate DN appears). There is a pool of users that each user is mapped into according to users virtual organization belonging. A dynamic system named Virtual Organization Management System (VOMS) was developed that brings (2) main benefits:
(1) Users can have roles in the VO (opposed to flat mapping in the gridmap file).
(2) same certificate DN can belong to more than one VO. Especially in the academic environment, a user mighr work in more than one project that share different resources.

What makes a new technology ready for implementation ?

2007-02-22T20:05:00.000-08:00

Both technologies that I deal with those days - grids and IPv6 are not young (more than ten years), have clear benefit for the users, are supported and implemented by the major manufactures in that field, but still failed to be adopted in large scale. I wonder what makes a technology "ready to be adopted" and how it can be identified.

There are several aspects of readiness. The first one would be "How it can be done (based on existing tools) ?".
The DoD published the Technology Readiness Assessment (TRA) Deskbook that deals with technology maturity estimation based on analytical measurements of applying those technologies. So if the different components that are needed exist or can be developed with existing technology, that makes it ready. It is probably correct from the technical point of view even though not all connections and dependencies between components can be identified.

Next one would probably be the rentability of a technology. Its actual cost vs. profit it can give. If it costs more than its revenue - no one would implement it, but if it offers significant benefit compared to the cost, then implementing it would contribute to whom adopts the technology. Since the cost and revenue measurements are not global terms (it can give different revenue for different people) same technology might be good for one and not good enough for others.

But I was looking for something else that I might call it "coolness" or the trendiness of a technology. When a technology become trendy ? It is clear that first a technology has to exist, which means it passed the initial vision, brainstorming, planning, etc. stages. Then it has to have some prototype and from this stage it can become a trend if it has a specific property. I am not sure if there is one property or several properties and weather the properties have to exist all together or a sub-set of them are enough.

Assuming there are some properties that are needed, how can a good technology can be given those properties in order to make it happen. What comes first the technology worthiness or the properties that makes it worthy?
On the other hand are there technologies that can not become trendy ? It is clear to me that it is not about being useful, not about being cheap and not about being user friendly it is about something else that I try to find out.

What is that property and how can it be identified ?

First post

2007-02-21T04:26:00.000-08:00

After several people asked me too many times, I decided to do it too - Wrting a blog.

This week was a very interesting week from the professional point of view.

On Sunday, I wasn invited by local branch of MS to see the new Compute Cluster Server (CCS). Since I lead the technical effort of the Grid in Israel, they wanted very much that I will see and express my opinion in that area.

Well - I am happy to see that parallel computing arrived to MS platform at last. It is clear that since there are multi core CPUs that become ubiquitous, it is unavoidable that it will be used by the general public and not only in the exact science dept at Universities. This service is just the first step and I am sure that MS push it to show they are interested in this field. It lacks most of the up-to-date technology as check-pointing, DAG process dependencies, advanced scripting options, etc. It will certainly make this field interesting in the coming years. I hope that it will not produce two parallel universes that never meet.

On Monday I gave a lecture about Grid security in the ISOC-IL annual conference. There were a lot of people there. Most of them were interested in community services. It is about time that the internet activity will be dominated by the people who use it and not by the technical staff that maintain it.

An interesting session was about IPv6. Yes - that old protocol that is still looking for a way to the real world. It is definitely the right direction. For long time a lot of talking and ink was spent on this protocol and now it is time to use it.

More to be followed