Brian Stevens | Performance boost virtually assured
Interview with Brian Stevens, Red Hat Inc. chief technology officer
- By Joab Jackson
- Dec 07, 2005
Brian Stevens, chief technology officer, Red Hat Inc.
Although Red Hat Inc. is based in Raleigh, N.C., the company runs a sizable office more than 700 miles to the north in Westford, Mass. Why? To tap the considerable pool of talented enterprise engineers living in the area, many of whom moved there years ago to work for Digital Equipment Corp. and other IT firms in the Boston area. The Westford outpost is also an indicator of Red Hat's true direction. The company that helped build credibility for Linux wants to operate not just as an open-source OS company, but as a solution provider of enterprise software.
'Red Hat is a completely different company than it was five years ago,' insisted Brian Stevens, the company's new chief technology officer. Stevens himself is a 14-year DEC veteran who lives in the Boston area. He's been charged with shepherding open-source technologies (not just Linux) toward mission-critical readiness. At DEC, he was an architect for the company's Tru64 Operating System. He also helped develop the X Window System, widely used as the graphical interface for Unix. Stevens stopped by the GCN offices and spoke with associate writer Joab Jackson.GCN: Microsoft has argued that even though open-source operating systems are cheaper, they still have a higher total cost of ownership, once support is factored in. What's your response?
Stevens: Our clients are looking for better TCO, but that is not going to come [from] the price of the OS. What they are really looking for is how quickly they can deploy their applications; how they can better utilize their systems. That next data center will cost $5 million, so [customers] want to avoid building that next data center. We're working with them to see how they can harness their capacity and give them better utilization.
That is where the TCO will be fought'at the architectural level, around massive scalability. It will not be fought over the performance of a single system, or an individual feature. So that is why we are doing virtualization and stateless Linux.GCN: What is going on with virtualization?
Stevens: Virtualization [running a second OS over the main OS] is the next architectural leap for OSes. In the past, virtualization has been left in hardware or in the virtualization [software] of a small number of companies. The deployment of virtualization has not been pervasive at all.
We're seeing the need for virtualization in the data center for better utilization, but the problem is that technologies like VMware [from VMware Inc. of Palo Alto, Calif.] has all these performance issues because the OS isn't aware of them. So we're looking at what Linux could look like if you have native virtualization built in.
If an OS knows it's being virtualized, and it doesn't need resources, they can be given back to the system. A lot of memory and compute capacity can be given back to the shared pool, and can be used for another workload. We're getting performance improvements of like 100 [times] on some workloads.
And that is why we work with some early edge people at the Department of Energy and in the financial services industry. They are really aggressive about virtualization. They can carve out resources and drive up utilization. Before they could get 10 percent utilization, and now they can drive up to 50 percent.GCN: What is stateless Linux?
Stevens: Stateless Linux is removing all the [software] from both servers and clients, so they will be network-centric. So if your laptop fails, it will be a nonevent. You plug in your [new] laptop and your environment is completely restored. Same thing for a server infrastructure; you don't have to worry about a server being highly available any longer.
Today, administrators have an image for every client and every server. They are managing a unique install for each system. We want to move that to just managing the unique data for each system. Your server will basically be a cache of what happens to be running at that time. If you have a failure, and you want to deploy something else, it is as easy as pressing a button.GCN: How is that different than bare-metal provisioning [www.gcn.com, GCN.com/518]?
Stevens: We already have bare-metal provisioning in our platform, but with stateless, you can actually provision what you want a system to look like without having the system in existence yet. So when you plug in a server, we can actually create an image on the fly by uniting the OS with the unique data elements.
With virtualization, you can do that on a virtual level as well. Instead of in-stalling an OS on a bare-metal system, the system could already be running some workloads and you basically [start a virtual machine within that OS], and that virtual machine may run for 10 minutes or may run forever.GCN: Don't Sun Microsystems Inc., Wyse Technology Inc. and others offer something similar through thin-client computing?
Stevens: What they did was take the state away from the client side, but they just moved the state to the server side. So you're still managing 10,000 unique desktops, but you just aren't managing them on the clients. We're talking about just managing that data that supports those systems'the data, the credentials, the profile of what those systems should look like. So now you can [manage] in a much more scalable way.GCN: Red Hat recently unveiled a new security certification, called Red Hat Certified Security Specialist. What does this cert offer?
Stevens: It is really important that the system administrator understand all the security aspects of Linux. Security just begs for a training certificate of its own.
There are multiple areas that the security training provides for. One of the largest is for the work we're doing with [the] National Security Agency with Security Enhanced Linux. There is not a lot of end-user experience on how to deploy mandatory access controls. (Note: MAC is one of the main features of SE Linux in which each process has its own set of permissions.) So we've made it pretty simple.
Instead of turning security on brute force across a system, we've restructured it so that you can turn on security profiles at the application level. We actually ship profiles with certain key applications. Before, you couldn't even install Oracle on SE Linux. Everything had to have a security profile on it. What we've done instead is [eliminate the requirement for] all applications to have a security profile.GCN: How are Linux and Unix different from the Microsoft Windows operating system?
Stevens: When you look at the structure, the major components are still consistent with one another. They have different administration and usage paradigms.
The biggest problem that [Microsoft Windows] NT has is that it is not in a structure that allows good evolution. It was designed as one thing, whereas in Unix, you can swap in and out virtual memory managers, file systems, schedulers. It is a lot more plug-and-play; it allows evolution to happen better at the subsystem level. Linux has four different input/output schedulers, based on the type of workload you're running.GCN: How did you get involved with Linux?
Stevens: I've been involved in Unix since 1984, with Digital Equipment Corp. About 1998, it was really evident to me what was happening with Linux. Digital was a products-oriented company. There really wasn't a place for Linux as a product in the 1990s, even though there was a groundswell [of interest].
What I got excited about was the open-source licensing. It was a catalyst that actually could drive the unification that Unix couldn't have. Unix really promoted competition. HP, IBM and Sun all went down that path of trying to differentiate [their Unix systems]. So you spent all this time with consortiums trying to bring things back together.
I look at Linux as yet another version of Unix, but open source is a path that does not foster differentiation. For all the core projects that make up Linux, there is one [working group] for each one of them, and there is one process to get technology accepted. The whole thing of companies trying to make their Linux different than others'and expecting to sustain that'is not a reality.