What lessons learned from Linux define the data center OS?

I came across a recent post from @krishnan (Krish Subramamian) that certainly resonates with me.  Taking the learnings of the Linux ecosystem, considering the Data Center OS or the Application OS as a reference architecture and defining environment for our next major technology platform.  

Krish has (with good reason) identified Kubernetes as his candidate.  I'm not totally convinced. Kubernetes must still take its direction from the likes of Docker and Mesosphere, both of which place usability by the target audience as a key to success.  (Face it, Krish … Kubernetes is still too much a deep tech offering, not the liberation from complexity that characterizes Mesos, for example.)  That said, I am absolutely in agreement with the future history he spins, and the nod he gives to Jonathan Murray's Compsable Enterprise Framework.

Read the post.  You'll enjoy it.  And, here's the teaser:

The momentum around Open Container Project and Kubernetes got me thinking about potential correlation to the other open source movement that completely reshaped enterprise IT, Linux Operating System. Though both belong to different technical categories, we can model the current platform landscape using Linux ecosystem as a “reference architecture” for the Data Center Operating System or Application Infrastructure Operating System (depending on whether you are taking an IaaS+ approach or PaaS approach to application deployment platform).

From:  Kubernetes As The Kernel For Data Center or Application Infrastructure Operating System


FBI and the DHS (Finally) Weigh in on IoT

It's been a long time coming, IMO, but the NCCIC Computer Emergency Readiness Team has released a note "…capturing the urgency of an IC3 alert on Internet of Things devices…" 

An excerpt:

What are the IoT Risks?
Deficient security capabilities and difficulties for patching vulnerabilities in these devices, as well as a lack of consumer security awareness, provide cyber actors with opportunities to exploit these devices. Criminals can use these opportunities to remotely facilitate attacks on other systems, send malicious and spam e-mails, steal personal information, or interfere with physical safety. The main IoT risks include:
  • An exploitation of the Universal Plug and Play protocol (UPnP) to gain access to many IoT devices. The UPnP describes the process when a device remotely connects and communicates on a network automatically without authentication. UPnP is designed to self-configure when attached to an IP address, making it vulnerable to exploitation. Cyber actors can change the configuration, and run commands on the devices, potentially enabling the devices to harvest sensitive information or conduct attacks against homes and businesses, or engage in digital eavesdropping; 
  • An exploitation of default passwords to send malicious and spam e-mails, or steal personally identifiable or credit card information; 
  • Compromising the IoT device to cause physical harm; 
  • Overloading the devices to render the device inoperable; 
  • Interfering with business transactions.

For anyone involved in this arena, this rates a round of polite applause, but also feels (to me) to be far too little, far too light and far too late.  The recommendations included in the document are sensible, practical and fall woefully short of providing guidance to the nature of IoT devices that are managed and administered remotely.   

Thanks to Bob Gourley, who blogged on this in: Time To Spread The Word on Internet of Things Dangers: Read what FBI and DHS Cyber Centers Need Us All To Know -


Avoiding an Internet for (Useless) Things

When I hear about or read about the Internet of Things, I am both intrigued and appalled at the general lack of attention to the Industrial Internet, and an incredible number of what I consider an Internet of Consumer Things … or better put, an Internet for Consumer Things.  For that reason, I resonate completely with Allison Arieff in her NYT Sunday Review Op-Ed entitled: The Internet of Way Too Many Things

Arieff points out the distinctions between the Smart Home and the Smart City initiatives that rely on information and communication technology (ICT) to enhance quality and performance of urban services, to reduce costs and resource consumption and generally to engage more effectively with citizenry and businesses

The move toward the Smart City — programs ranging from 311 to Comstat and sensor-enabled trash collection — is very much about using data to improve efficiency, reduce costs and make better use of resources. This has not carried over to the realm of the Smart Home; instead, the tendency has been to throw excess technological capability at every possible gadget without giving any thought to whether it’s really necessary.

After taking the Smart Home and the Internet of Consumer Things to task, her assessment comes down to this:

The Internet of Things is pitched as good for the consumer. But is it? At this point, it seems exceptionally awesome for those companies working on products for it. The benefit to the average homeowner pales dramatically in relation to the benefit for the companies poised to accumulate infinite amounts of actionable data. You and I benefit by determining whether our dog got enough exercise last Wednesday. Is that a fair tradeoff? Doesn’t feel like it

Agreed.  My advice is, first, that we stop calling this part of the industry the 'Internet of Things' and identify it for what it really is … and Internet for Consumer Things.  But more to the point, the ICT industry's attention should take seriously a charter of Smart Cities, Intelligent Infrastructure, and a true Industrial Internet


IBM v. AWS: Who 'wins' at the Cloud Game?

This morning, I encountered an article by Rob Enderle of entitled: Why IBM Will Win the War with Amazon Web Services.

While I don't believe Enderle takes the time to play this out, there's reason for giving this notion some real, serious consideration.  The unstated, but important premise on which Enderle's story depends is: IBM has used the past three years to watch the cloud industry, sees where it's going, and has bought into the 'open technology' aspects of the cloud industry (in a way analogous to the way it embraced TCP/IP-oriented networking and the Linux operating system). 

Having recognized this, my key take-aways are:

  • Premise: IBM's offerings under the SmartCloud Enterprise umbrella have been placeholders and holding actions, which permits IBM to assess the winning technical directions and offerings, assess their maturity, throw significant resources into development and acqisitions, and emerge with a formidable, contemporary and commercially mature set of cloud offerings. 
  • First, IBM has and knows how to establish credibility with those parts of the organization that make technology purchasing decisions.  Few organizations have EVER out-marketed IBM. And, while we've become accustomed to paying the price for IBM's customization and customer-centric support, those aspects of their products DO impact the purchasing and operating decisions of Enterprise and even SMB IT.
  • Second, so long as IBM fields cloud infrastructure and platform that is performant, compliant and adheres to the standards on which the developer and operations communities rely, the battle's outcome is likely to depend most heavily on credibility, positioning, packaging and attendance to the 'customer facing' aspects.

The Unstated Premise.  Unlike, I would have made the premise much more concrete and factual: IBM's initial push to respond to the rapid (... ok, the explosive) growth of cloud infrastructure services was a 'holding action.'  It has been, in great measure, a means by which a large (and entrenched) IT company responds to a market demand that AWS has both created and then served so well.  In this regard, I view IBM's recent activities in revising their cloud computing lineup with a perspective quite different from those who interpret these moves as commercial failure (like Nirvanix), customer abandonment (at worst) or perhaps bait-and-switch. Like Ben Kepes in his post on IBM, I note and am more heartily in alignment with Holger Mueller on the SCE announcements.

IBM is now selectively phasing out their initial offers (offered up under the SmartCloud Enterprise moniker), to be replaced by a 'composed' offering that relies on open cloud infrastructure (both CloudStack and OpenStack) delivered by Softlayer; storage solutions that are in lockstep with the maturity of OpenStack object storage as well as older forms more familiar to those with private SAN or NAS appliances; platform services built on Pivotal's Cloud Foundry and a stated reliance on BOSH as a general purpose utility for deployment of complex, composed applications; and… the list goes on.  

IBM's cloud thought leaders are incredibly active in their support of and contribution to open source cloud.  And, it's not just a marketing and sloganeering effort.  There is a real presence by the IBM cloud technology strategists like Angel Diaz at the Cloud Foundry Conference or Mac Devine's Keynote address recently the LinuxCon + CloudOpen conference. (Check here for the post-keynote panel discussion.)

Disparagement and Derision about Marketing and Packaging.  

As I started to read Enderle's article, I wondered at the likely reaction from the Clouderati who are now mostly engaged in word-wars about mindshare between AWS and OpenStack (with Open CloudStack making a guest appearance), the PaaS competitions which have emerged, and the various flavors of "software defined everything."  I tweeted the link and predicted that the Cloud commentary would be generally negative, derisive reaction.

I'm now going to ask for Clouderati restraint.  (… and if any of you comment about the oxymoronic nature of that concept, bear with me.)  Before throwing brickbats at IBM or at one another, take a moment to consider:

  • If this article were about ANY other major systems or services provider, would you have made the same comments?
  • In the face of a company that has signed up to embrace open source cloud and enhance it with specific added value options for their EXISTING as well as new customers, would you not have lauded the transition as being true to the open source software credo?
  • When you consider companies that have dominated their sectors of the technology market in the recent past - including IBM, Microsoft, Oracle, BEA, Red Hat - to what degree HAS marketing, positioning and attendance to the purchasing customer and the end-user been a major pillar of their strategy and ultimate commercial success?

Now re-read the Enderle article, and drop me a line (or a tweet at @rhm2k).