On OES-Linux

By SysAdmin1138 on
OES-Linux, which is separate from SLES in our collective mind-set, will not be seeing production deployment any time soon. SLES is getting some attention from our developers as a platform for Oracle bits that is more developer-friendly than Windows. OES-Linux has nothing special about it that would urge that instead of a similar OES-NW server. Really, the only way we're getting OES-Linux is if it can provide something that either SLES, NetWare, or Windows can't.

OES-Linux represents a brand new operating system to the Windows/NetWare engineers here. We have a few folk managing Solaris and the two (?) SLES boxes we have out there (neither of which are in full production, and are in test modes, if I remember right). OES-Linux presents a union of the two worlds.

The reasons why OES-Linux will be a while in coming:
  1. It represents a brand new operating system. We have had Linux before, but not in our group. We operate under a 'best of breed' methodology, which is why we still have NetWare managing 3.6TB of file-serving storage. We use Windows and Solaris for our application serving, and are assessing Linux for that role as well. A move to OES-Linux has to be assessed against business need and the operating system's strength. So long as OES-NW still has hardware support, we'll be going with that for our file-server. At least until it can be definitively proven that OES-Linux spanks NetWare for file-serving speed, at which point the business-case will have been made.
  2. Adopting it will introduce two authentication domains into the mix. We have an existing Solaris NIS infrastructure. This is synchronized by way of in-house automation processes (which pre-date DirXML, by the way) with eDirectory and Active Directory, so the usual 'multi-domain' penalties don't apply. The decision to have the Unix-people manage the OES-Linux machines or the NW/Win people do it has yet to be made. If the NW/Win people pick it up, it'll mean a third OS to support in a domain where existing expertise already exists. If the Unix people pick it up, it means having them learn all of the Novell widgets and rich rights-management of NSS. If some form of joint committee is formed, there will be a "who gets root" discussion that'll need to happen.
  3. OES-Linux will have to beat out SLES. Before we can start on OES-Linux, we'll have to provide a reason for using that instead of SLES. Again, the business case will have to be proven.
Of course, if Novell out and out states, clearly and distinctly, that NetWare as we know it will be going away, that'll prompt more urgent decision making. As things stand right now, Novell is implicitly giving the impression that NetWare is a dead end. From everything I've heard from actual Novell employees this impression is completely unintentional, so I don't count it as clear. That may change at future Brainshares, we'll see. If it does happen at a keynote, expect booing.

That said, there are a couple of areas that OES-Linux does have potential to take on roles.
  1. Built in eDirectory integration. This can be shimmed into Solaris, SLES, and other Unixes, but it comes stock in OES. This is useful for things like web-serving, or other web-based applications that use the local account domain for authentications.
    1. How the integration works needs to be very well understood by the Unix people before they'll agree to use it
    2. Certain security implications (who can set UID 0 in eDir?) need to be clarified and resolved to satisfaction
  2. NSS-Style permissions. The ACL structure of the Novell file-system is a very rich one. It is granular, transitive, and has decades of history. Something like this would be very nice for multi-access systems.
    1. UNIX-style permissions are equally well understood by the Unix people, and has worked for them for more decades than Novell has been around
    2. Applications on the OES-Linux box running NSS have to be able to work inside such permissions, and the methods and issues surrounding that have to be very well understood
    3. The very few multi-access systems we have running on Unix systems are all mission-critical, so something as relatively new to Unixland as NSS has a very slim chance of getting in
Even though Novell hasn't intentionally given the message that NetWare is dead, tea-leaf reading by people is giving another message. The amount of hardware that has drivers for NetWare will decrease over the next several years, and that'll have a big effect on how long NetWare can survive before behind exiled to Virtual Machine Dreamland. So sometime in the next 5-7 years, our group will be faced with the decision to pick what OS to move our main file-serving cluster. By then I strongly hope Novell has figured out how to make OES-Linux kick Windows butt in benchmarks. But only time will tell.