Adventures in systems land

Over on the Mainframe Executive blog, there is an open letter to the US Federal Reserve Bank, questioning the Fed’s apparent desire to move or switch their systems away from mainframes to distributed systems. Well you would expect less from the Mainframe Executive blog. I have a different take on why the Fed should not only keep their mainframe, but why they might want to move more work to it.

I worked on many of the early mainframe Internet applications. I did the high level design and oversaw the implementation of an Internet Banking Solution that the bank, Sun Microsystems and Microsoft had all failed to get to scale. Our design went from 3k users to I believe at the end of 2-years in production, close to 990k users without an upgrade, and without a system outage. It was built off two mainframe systems outside the firewall, running as a Sysplex. I also did a design review for a bank that had lost close to $60k from four accounts, the back end on the mainframe the mid-tiers and Internet servers distributed.

The point of this post though isn’t to gloat about my success, isn’t being a ‘mainframe bigot’ or even saying the Fed should use the mainframe. In the Mainframe Executive they raise the usual specter of security, yes security is a big deal for banks, even more so for the Fed. So yes, make a big deal of it.

However, the single most important thing to understand about building trusted computing systems, isn’t that you provide a 100% secure environment, in which applications aka business transactions, run. It is that you can show who did what, when, and how. Auditing is much more important than security. If you believe you have a 100% secure system and you lose some money but can’t audit it, what do you do, shrug your shoulders and say “oh well never mind”?

Auditing isn’t about just seeing that you have procedures in place. It is the ability to pick apart a debit transaction on a system that was executed at 4:05pm along with 30,000 others, show how that transaction was invoked, where from, under what security context, what ID, and the originating network address and more. That might require looging through logs of 7-10 distributed systems.

If like the bank I did the design review for, you can’t show the correlation of events leading up to the execution of the transaction, and you don’t know for certain where the user eneterd the network, what ID they used, and how that security context was passed from one system to another, then you don’t have security, no matter what they say.

When you are looking after the nation’s money, and despite the obvious current finicial position of the US, budgets not withstanding, I’d say that was pretty important. What does the Fed say?

I say “Show me the audit, show me the audit, show me the audit…” (repeat ad infinitum)

One of the things I pushed for when I first joined Power Systems(then System p) was for the IBM redbooks to focus more on software stacks, and to relate how the Power Systems hardware can be exploited to deliver a more extensive, and easier to use and more efficient hardware stack than many scale out solutions.

Scott Vetter, ITSO Austin project lead, who I first worked with back in probably 1992 in Poughkeepsie, and the Austin based ITSO team, including Monte Poppe from our System Test team, who has recently been focusing on SAP configurations, have just published a new IBM Redbook.

The Redbook, Power Systems and SOA Synergy, SG24-7607, is available free for download from the redbooks abstract page here.

The book was written by systems people, and will be useful to systems people. It contains as useful summary and overview of SOA applications, ESB’s, WebSphere etc. as well as some examples of how and what you can use Power Systems for, including things like WPARs in AIX.

I must admit I’ve been a bit pre-occupied lately to post much in the way of meaningful content. For a frame of reference, I’m off looking at I/O Virtualization, NIC, FBA, Switch integration and optimization, as well as next generation data center fabrics. It’s a fascinating area, ripe for some invention and there are some great ideas out there. Hopefully more on this later.

I’ve also been looking at why we’d want to create a set of extensible interfaces that would allow virtual partitions to be used to extend the Power platform function, I have to say, the more I think about this the more interesting it is. I’d be interested in your feedback on the idea of creating a set of published interfaces to Power VM to allow you to add function running in a logical partition, or a virtual service partition to add or replace function that we provide. So, for example, maybe you want to add a monitor or accounting agent to function where we do not provide source code. We’d document the interface, provide a standard calling mechanism, a shared memory interface and so on. Then, you’d implement your function in an LPAR, probably using Linux on Power, or any other way you want.

Then, based on an event in an OS, Middleware, business application running in an LPAR under AIX, IBM i or Linux on Power generates a call to the OS, Hypervisor, or VIOS, instead of us providing the function, the hypervisor or VIOS would check to see if a Virtual Service Partition had been registered for that function, if so the call and event handling would be directed there instead of to the normal destination.

In this way we could also provide a structured way to extend the platform, where we currently would like to provide function, or customers have asked for it, but it hasn’t made our development list. Any comments? Good idea, bad idea, something else ?

@epredator came up with a great idea, to create a tag cloud from your CV using wordle. The output wasn’t perfect the first run as it didn’t match Mainframe with mainframe, or IBM with IBM’s, but after doing a few global changes, here is what I got. Pretty good summary.

Click the thumbnail for a larger version, or try your own via wordle.net

I’ve really not been keeping up with what Microsoft are doing in UI design, although as the owner of an HTC Windows Mobile PDA/Phone thingy, I have a passing interest. I also sometimes look longingly on at iPhone users who swish their fingers around and do funky things, while on my HTC phone, apart from the contacts application, my finger basically just replaces the mouse. Still, I have my work calendar, address book, journal/notes, task list and more syncronised on my HTC phone!

In my post of the other day, I bemoaned the fact that creating slides and moving objects around even in the latest PowerPoint, really hasn’t changed much since Freelance under DOS, and even it had some neat features not found in todays PowerPoint for selecting, moving, duplicating and aligning objects.

It was with some interest then that I just spotted Robin Bloors commentary via his twitter stream, on Bill Gates latest claim that Touchscreen will kill the mouse. Robin is probably more right than Bill, but either way, hopefully creating objects, grouping them, moving the around on the screen and aligning them will get much easier. I’m all for that.

The chances of me still using Microsoft products by then, remote.

[Update] I’ve been giving some more thought to Robins argument, I do think he is right. However, I also think there is a reasonable alternative, at least one I could use. At home I use a draftsmans table as a desk. You know, one of those ones that sits up at an angle. Using my laptop on it, with a large external monitor for the extended desktop contain mostly the windows I’m not currently working on, IM clients, my calendar etc. works out ergonomically quite good.

I could see replacing the laptops sit up screen with a touch sensitive display of somesort, along with either a visual touch keyboard, perhaps projected onto the desktop; or a standard keyboard. I think that would work out fine, no mouse.

However, on a traditional flat desk it would be no use at all. Rather than having to hold your arms up all the time, you’d spend the day with your chin on your chest, not ideal for the neck. Still, I’m sure someone could resolve that, ergonomic touch screen stand anyone ?

I’ve been working on slides this afternoon for a couple of projects, and wondering why producing slides hasn’t really gotten any easier in 20-years since Freelance under DOS? Why is it I’ve got a 22 flatscreen monitor as an extended desktop, and I’m using a trackpoint and mouse to move things around, and waiting for Windows to move pixel by pixel…

Anyway, I clicked on the LIBSyn link for the RedMonk IT Management Podcast #10 from back in April for some background noise. In the first 20-mins or so, Cote and John get into some interesting discussion about Power Systems, especially in relation to some projects Johns’ working on. As they joke and laugh their way through an easy discussion, they get a bit confused about naming and training.

First, the servers are called IBM Power Systems, or Power. The servers span from blades to high-end scalable monster servers. They all use the Power PC architecture, instruction set RISC chip. Formally there had been two versions of the same servers, System p and System i.

Three operating systems can run natively on Power Systems, AIX, IBM i (formally i5/OS and OS/400) and Linux. You can run these concurrently in any combination using the native virtualization, PowerVM. Amongst the features of PowerVM is the ability to create Logical Partitions. These are a hardware implementation and hardware protected Type-1 Hypervisor. So, it’s like VMware but not at all. You can get more on this in this white paper. For a longer read, see the IBM Systems Software Information Center.

John then discussed the need for training and the complexity of setting up a Power System. Sure, if you want to run a highly flexible, dynamically configurable, highly virtualized server, then you need to do training. Look at the massive market for Microsoft Windows, VMware and Cisco Networking certifications. Is there any question that running complex systems would require similar skills and training?

Of course, John would say that though, as someone who makes a living doing training and consulting, and obviously has a great deal of experience monitoring and managing systems.

However, many of our customers don’t have such a need, they do trust the tools and will configure and run systems without 4-6 months of training. Our autonomic computing may not have achieved everything we envisaged, but it has made a significant difference. You can use the System Config tool at order time, either alone, with your business partner or IBMer, and do the definition for the system, have it installed and provisioned and up and running within half a day.

When I first started in Power Systems, I didn’t take any classes, was not proficient in AIX or anything else Power related. I was able to get a server up and running from scratch and get WebSphere running business applications having read a couple of redbooks. Monitoring and debugging would have taken more time, another book. Clearly becoming an expert always takes longer, see the wikipedia definition of expert.

ps. John, if you drop out of the sky from 25k ft, it doesn’t matter if the flight was a mile or a thousand miles… you’ll hit the ground at the same speed

pps. Cote I assume your exciting editing session on episode 11, wasn’t so exiciting…

ppps. 15-minutes on travel on Episode #11, time for RedmOnk Travel Podcast

I posted this as a response to some of the very short sighted comments and rant going on over on PoguesPosts, the latest in Technology from NY Times reporter/columnist David Pogue. The topic was about replacing a broken screen on an iPhone and the $245 cost.

Universally though both David and all 108 posters before me seemed to completely miss is the opportunity to do things better, not to gripe about Apples costs, or the poor or otherwise design of the iPhone. So, here’s my take on it.

“I think the point is that we and the companies that we buy from, HAVE to start being much more responsible with our electronic goods from the point of design.

Is it unreasonable to expect the designers of one of the best gadgets in the last few years to think about how they are serviced, refurbished and disposed of, I think not.

We simply can’t go on forever buying stuff and dumping the old, unwanted broken stuff without regard. The designers have their part to play in this, as do the companies that sell us stuff. Why didn’t the designers expect to see a reasonable amount of broken screens? Why isn’t there a reasonably priced refurbishment program that replaces the outer case, scratched glass etc.

This is an important challenge and one we all need to rise to. It is simply not good enough to just keep dumping old electronic devices with no regard to where the raw materials, components for the next one come from, and where the waste goes from the last one.

Shame on Apple for not making it easier to replace a broken screen, shame on Apple for not providing a more cost effective repair service.”

{Edit: What really made me think of reposting this was because when I read the posted version(uneditable) I realised I’d missed a vital NO in “no regard” in the 2nd from last paragraph.}

I got an email pointing out that I omitted a link to the youtube video of the IBM hydro-cluster. So, here it is.

Towards the end of the video, Jeff Gluck says “hot water can be moved off site”, “to heat your home or cook a family dinner”. In the famed Larry and Brin, “do no evil” context, I guess this is goodness. While I appreciate that there is a very serious side to the “greening” of the datacenter, I couldn’t help but laugh.

Back in the 1970’s on one of the first large scale computer servers, aka mainframes I worked on, we used to store takeaways inside the server for 4-5 hours to keep it warm on evening and night shift. The really scary thing, back in those days microwaves didn’t exist!

The IBM 370/145 was a T-shaped server, laying on its back, the whole back of the T was largely empty, ready in case you wanted to upgrade to a 370/148 or 155(I think). So it became common place to store stuff in there that you wanted to keep warm and dry. Ideal for takeaway and girlie magazines(so I’m told!).

Newtons 3rd law of motion is in essence “for every action, there is an equal and opposite reaction”.

When x86 and rack systems couldn’t scale up to handle the demands of modern computing, they scaled out. Scale out systems are OK to a point, but soon the complexity and cost of scale out becomes a real hurdle and building plumbing isn’t what most businesses want to pay their employees to do.

The IBM reaction to this has been the recent announcement of two super-dense systems. These are server consolidation platforms on steroids. Earlier this month we announced the new POWER6 “Hydro-Cluster” supercomputer, the Power 575, which has upto 448 processor cores per rack. Today see’s the press announcement of the IBM iDataplex server, an x86-based super-dense server.

In case the benefits of a super-dense system are not obvious, the weekends mysterious video has re-appeared on YouTube. iDataplex is currently a custom build offering rather than a product, and can be built with a range of different cores and boards to suit the application from low power, low heat to high function high power.

The press release on iDataplex is here and the video here.

I’ve had a few emails asking me if I was going to write a log entry on this month announcements, and to be honest I wasn’t. They are an impressive list of products, branding and customer announcements. I wasn’t anything to do with them, given I’m no longer asked to do marketing/sales types presentations, I picked that time to go do the Machupichhu/Inca trail trip in Peru.

The April announcements though were a credit to the teamwork across the even more global IBM. Core Processor and server development teams in Austin and Rochester, worked with domain specialists in Poughkeepsie and Boeblingen. On top of this were the software development and test teams in India, China and and ever increasing number of places.

The new UNIX enterprise server, the Power™ 595 is an impressive beast if the charts are anything to go by. I’m hoping to get Nancy to take me across the building to the test bring-up to have an up close and personal look sometime this week. The new POWER6 “Hydro-Cluster” supercomputer, the Power 575, is very impessive using a new super-dense system, with a unique, in-rack, water-cooling system and with 448 processor cores per rack. Apprently it offers users nearly five times the performance and more than three times the energy efficiency of its predecessor, IBM’s POWER5+™ processor running upto a industry busting clock cycle of up to 5 GHz.

These Super-dense systems are starting to become a really interesting value prop. On Friday I got a link to the IBM.COM public website that included a video on our iDATAPLEX offering. It was there Saturday and has gone today, but it was there as this search in the current google index shows. The video doesn’t show any technical details but does give an interesting insight into this x86 based super-dense, Internet scale, behemoth of a server. I was hoping there was other public comment or blog entries I could leach off for discussion points, but the only search results return job postings

Anyone go to the iDATAPLEX session at IMPACT 2008 and want to comment ??