Compatibility Test

If an I.T. shop is a summer barbecue, open-source software still is stuck at the kids' table while commercialized applications sit with the adults at the big table. The CIO behind the grill is trying to make sure the meal comes off as planned and isn't so sure that more than one or two unsupervised open-source applications can be trusted not to squirt mustard on Uncle Ralph.

There's a huge effort under way in the industry, though, to get open-source software ready to join the grown-ups. Unlike in the past, the energy isn't centered on promising individual applications. Instead, startups are sprouting around bundled and supported software stacks in an effort to instill confidence that groups of applications will work well together. Companies such as Hewlett-Packard, IBM, and Novell also recognize that open-source applications won't be adopted in a significant way unless they're supported and well-integrated, and that means with proprietary software, too.

When a company plans to integrate any new software into its environment, IT is on the hook to make sure everything's compatible. Traditionally, vendors take care of compatibility testing for commercial software packages, but "in the open-source community, you're on your own," says David Bauer, Merrill Lynch's head of infrastructure, architecture, and engineering. It's the same with solving problems once software is up and running, Bauer says. With open source, users have been largely left to their own devices.

Hewlett-Packard plans to address these concerns this week at the LinuxWorld conference by disclosing it has certified that more than 200 open-source applications, from the Apache Web server to the Zope app server, will run on HP's Integrity NonStop servers. Novell said last week it would validate that a number of software applications will run in high-performance computing environments on HP BladeSystem servers and offer technical support for users of JBoss Inc.'s open-source Enterprise Middleware System.

Venture-funded startups see an opportunity, too, to create a new class of open-source "aggregators." One, SpikeSource Inc., lets companies build to order for free from its Web site a stack of open-source components that SpikeSource has tested for compatibility. SpikeSource then charges $995 a year per server for ongoing upgrades to those apps. The company also proposed a concept called the Business Readiness Ratings, developed in conjunction with Carnegie Mellon University and Intel, to provide a standardized way for companies to evaluate the maturity of open-source applications (see story, Open Source To Get Rating System).Another startup, SourceLabs Inc., last week introduced support services for a stack of open-source development tools, including Spring Framework, Apache Axis, Apache Struts, and Hibernate, which the company tested to make sure they'll work together. Known collectively as Sash, these tools help programmers write Web-based applications on top of Oracle databases. "Sash helps companies move forward with their open-source strategies," says SourceLabs CEO Byron Sebastian.

Even with the most-established open-source software, such as Linux, IT executives worry about service and support. If they're going to look to newer, emerging apps, the open-source community needs to deliver support and ease integration. At the moment, the answer from vendors is certified stacks: software that has been tested for interoperability, with a set of requirements that partners must adhere to for new developments. The first unofficial open-source stack is Lamp, which arose from the popularity of the Linux operating system, the Apache Web server, the MySQL database, and the PHP/Perl/Python programming languages. The problem isn't only making sure the components can work together but that they continue working together as they're updated and changed over time.

"Open source continues to prove its utility in IT environments, but the rocket science needed to put together these different programs has been a problem," says Luke Lonergan, chief technology officer of Greenplum Corp., maker of Bizgres business-intelligence and data-warehousing tools for open-source databases. To create a business-intelligence environment, Greenplum last week introduced a combination of open-source tools, including Bizgres, JasperSoft's JasperReports reporting tools, and KETL, the extract, transform, and load technology from Kinetic Networks.

IT buyers like choice, and they'd like to see open-source as a more-viable option for big businesses. "This can be used as leverage when working with vendors trying to sell products that are similar to what's available in open source," Merrill Lynch's Bauer says. Merrill Lynch uses open-source primarily to run Linux-based servers for number-crunching, Web pages, and infrastructure needs such as E-mail. It also uses the open-source JBoss application server in some cases.

The trick for these burgeoning open-source startups, aggregators, and certifiers is this: Keep the cost savings that drew companies to open source and still provide the needed service level.Novell in May launched its first stack, an open-source/proprietary blend dubbed the Validated Configuration Program that includes SuSE Linux Enterprise Server 9, JBoss Application Server 4.0, Oracle Database and Real Application Clusters, and HP BladeSystem servers. Last week, it introduced a second, with SuSE Linux and HP BladeSystem servers tested to run a variety of high-performance apps. It plans three more stacks in the next 12 months. And it's in talks with enterprise-resource-planning software makers about offering their products as part of a stack.

Red Hat Inc. is taking a slightly different approach, primarily testing and certifying its products with top hardware and software vendors such as EMC, Oracle, and Veritas. It's not as varied as Novell's stack approach, but Red Hat's success shows how certification can propel business adoption.

What's not to love about a ready-to-run stack of cheap open-source components? Foremost, these stacks haven't proven they can run efficiently in big-business environments. Eastman Chemical Co. CIO Jerry Hale's priority is paring down and simplifying the company's IT investments and the number of vendors it uses. Introducing open-source applications beyond Linux wouldn't fit that strategy. "The real value proposition hasn't been there yet," Hale says. "You have to get maintenance and support from somebody, so it's not free."

Still, the idea of integrated, open-source applications has a lot of merit and likely will have a big impact on business software. Bauer at Merrill Lynch says these latest efforts at support beyond single applications will make open source more competitive against proprietary software. "Support evens the playing field," he says. "This will help with the adoption of open source."

There's a lot of momentum to create and certify software stacks, and if they deliver, there's great potential to bring maturity to swaths of open-source apps much more quickly. But given the skepticism of many IT leaders, better not fold up that kids' card table in the corner of the back yard just yet.0