Red Hat Meets Eclipse

Here's an interesting example of major open source projects meeting to produce a highly-targeted commercial product:

Red Hat Developer Studio is a set of eclipse-based development tools that are pre-configured for JBoss Enterprise Middleware Platforms and Red Hat Enterprise Linux. Developers are not required to use Red Hat Developer Studio to develop on JBoss Enterprise Middleware and/or Red Hat Linux. But, many find these pre-configured tools offer significant time-savings and value, making them more productive and speeding time to deployment.

The (Open) Source of Red Hat's Success

Continuing his great series of interviews with key people in the world of business open source, Matt Asay (does this man never sleep?) talks to Matthew Szulik, CEO of Red Hat. I wrote a lot about Red Hat in the early days, but I've not followed it so closely recently (bad boy), so it was fascinating to get an update on what is arguably the most successful and most important open source company. In particular, I found this revealing:

In sum, our belief is that the best management is the peer process, just as in open source. If you measure up to your peers at Red Hat, you thrive. If you don't, you either change or self-select out. When you find people that can do things in an "honest way," without a mercenary view of their assignment, you win. A lot of people don't like this approach, and they leave.

In other words, the best way to run an open source company is to use the open source methodology. Imagine that.

Interview with Fedora's Max Spevack

Following the recent launch of Fedora 7, I spoke to Max Spevack, Fedora Project Leader, about how Fedora and Red Hat work together, and what lies ahead.

Glyn Moody: What's the nature of the relationship between Fedora and Red Hat?

Max Spevack: It's very symbiotic, obviously, because Red Hat offers significant financial support to the Fedora Project. I really believe that the Fedora Project represents sort of the soul of Red Hat. It's the place where, as a company, Red Hat devotes its effort to truly working with and embracing the larger open source community, and giving power and access to the distribution, to the engineers and programmers and contributors who are not a part of Red Hat.

At the same time, Fedora represents, from an engineer's perspective, an upstream for all of Red Hat's other products; like, for example, Red Hat Enterprise Linux, which is built about every two years. Fedora is a distribution that we try to release twice a year, and we try to always focus on the things that are important to the larger Fedora community, while at the same time allowing Fedora to be a place where things that Red Hat engineering groups are working on can also make their way into the distribution.

Glyn Moody: What about the day-to-day dynamics: to what extent do people at Red Hat say, "Gosh, we'd really like this particular feature at some point. How about working on it?"

Max Spevack: When we try to sit down and plan out what a version of Fedora is going to look like and start to make a feature list of thing we'd like to get into any given version of Fedora, one of the groups that we go and talk to is the Red Hat Enterprise Linux product guys and engineering managers. And we say, "Well, what are the things that your teams are working on that you would like us to include in, say, Fedora 6 or Fedora 7 or Fedora 8, based on when you think certain things are going to be ready?" And so that is one person that we talk to.

And then, at the same time, we go out to the larger Fedora community and we say, on our public mailing lists and on our wiki: "We want to try to put together a release of Fedora that'll come out five months from now. What are some of the features that you guys think are important? Or what are some of the places that you think need more work?"

And we get that whole list, and then we can kind of build out and say, "Well, all right, here's the thing that Red Hat wanted to work on. And, well, Red Hat's got five guys working on it, so that's taken care of. The community was asking for X, Y, and Z. And, well, there's a programmer in the community who has volunteered to lead the development of that feature, and so it's going to happen."

"This other feature is something that everyone thinks would be great, but there isn't really anyone with free time to work on it, so let's go and talk to the Red Hat management and see if we can maybe find an engineer who can get some of their time to spend working on that feature."

Glyn Moody: Is there ever a tension between what Red Hat wants to do and what your community wants to do.

Max Spevack: Well, it comes in cycles. I would say 90 percent of what's in Fedora 7 is all stuff that's really, really important to the Fedora community. Part of the reason why that was possible for Fedora 7 is because RHEL 5 was just released a few months ago, and so there isn't really any new RHEL kind of stuff ready to go yet, because that's a two-year release cycle.

If you back up, though, six months, to when we were finishing Fedora Core 6, Fedora Core 6 was the last version of Fedora that was coming out before a Red Hat Enterprise Linux release. RHEL 5 was based very significantly off of the Fedora Core 6 upstream, and so if you look at the development cycle leading up to Fedora Core 6, I would say that it was slightly less community-focused and slightly more Red Hat-focused.

And so the give and take happens based on where we are in relation to a Fedora Release and a RHEL release, and how their two-year release cycle and our six-month release cycle overlap with each other.

Glyn Moody: What kind of developer wants to work on Fedora rather than on one of the other distros?

Max Spevack: What Fedora offers that I think a lot of other folks don't at this point in time is the complete transparency into the entire build process. What I mean by that is everything, from you writing your code and checking it into CVS, through your code going into the build system and producing an RPM, to a compose tool taking a whole collection of RPMs from various repositories and turning those into an actual CD or installable tree - every step along that path is completely free software, is completely external and community-based. And anybody in the world can use that same toolchain, or work from it, to build a version of Fedora that is completely customized to their environment.

[For] the older versions of Fedora, the Fedora code was in two different repository. One repository was the one that was owned by the community, and the other repository was the one that was owned by Red Hat, and we didn't like that. And we have blown that whole idea up, in Fedora 7, and turned it all into one community-owned repository, which is what has allowed us to then also make sure that all the tools that build the distribution out of that repository are also completely community-owned.

Glyn Moody: It sounds to me, to paraphrase a little bit what you're saying, that you've moved towards the Debian model and taken, in many ways, the best bits of their approach. But you have the advantage, which perhaps they don't have, in having a company with reasonably deep pockets behind you, as well. Would that be fair?

Max Spevack: I think that is a pretty good way to look at it. Certainly, having Red Hat as a big corporate sponsor of what we do with Fedora doesn't hurt, because it helps us make sure we have the ability to hire the best contributors to Fedora every now and then.

Over the last year or so, we've hired probably three or four of some of the leading community contributors to Fedora, and we've said, "By the way, we've noticed that over the last two years you've spent 30 hours a week - somehow, in your spare time, when you're not doing your actual job - working on Fedora. What do you say we give you a paycheck and let you spend 50 hours a week doing it just for us?”

Glyn Moody: Looking forward a little, how do you see Fedora evolving?

Max Spevack: There's a few things that I see happening in the next nine or 12 months. All of the change that we have put in the last six months into the Fedora is going to need a little time to let the dust settle on it. As people start to use some of these tools more frequently, there's going to be complaints, and we're going to make them better.

I think there is a lot of potential in the live CD arena. One of the things we have got working for Fedora 7 is the live USB key, where you can put the whole distro on a USB key and boot it up. I think that there's a lot of work to be done there to make that feel a little more like a full product - making sure that the extra space on that USB key can be encrypted, making it really easy to upgrade.

Glyn Moody: What about things like support? Outside Red Hat, what structures do you have in place for directly supporting your users?

Max Spevack: The main way of getting support for Fedora is the Fedora community. It's the Fedora mailing lists; FedoraForum.org, which gets tons and tons of traffic; Fedora IRC. It's a very grassroots kind of support structure right now.

I think there is definitely a space there to offer a more formalized support of Fedora. And when I make my own personal list of goals that aren't engineering related, for Fedora, that's certainly one of the ones that I have been spending a lot of time thinking about. Is there a way that we - meaning Red Hat or the Fedora Project - can offer a more formal kind of support around Fedora? Even if it's like five bucks a month, is there a way we can see if there's people out there who would like a more formalized support of Fedora? And if there's a market for it, we can figure out a way to offer it.

Red Hat's Stack Attack

I've commented on Red Hat Exchange before, but now there's something to see: essentially, a roll-call of the leading open source enterprise apps - and the next frontier for free software.

Red Hat Exchange: Apotheosis of the Stack

I've written several times on this blog and elsewhere about the rise of the open source enterprise stack. Its appearance signals both the increasing acceptance of a wide range of open source solutions in business, as well as the growing maturity of those different parts. Essentially, the rise of the stack represents part of a broader move to create an interdependent free software ecosystem.

Red Hat has been active in this area, notably through the acquisition of JBoss, but now it has gone even further with the announcement of its Red Hat Exchange:

Red Hat has worked with customers and partners to develop Red Hat Exchange (RHX), which provides pre-integrated business application software stacks including infrastructure software from Red Hat and business application software from Red Hat partners.

RHX is a single source for research, purchase, online fullfillment and support of open source and other commercial software business application stacks. Through RHX, customers will be able to acquire pre-integrated open source software solutions incorporating infrastructure software from Red Hat and business application software from Red Hat partners. Red Hat will provide a single point of delivery and support for all elements of the software stacks.

Through RHX, Red Hat seeks to reduce the complexity of deploying business applications and support the development of an active ecosystem of commercial open source business application partners. RHX will be available later this year.

It's obviously too early to tell how exactly this will work, and how much success it will have. But it's nonetheless an important signal that the open source enterprise stack and the associated ecosystem that feeds it are rapidly becoming two of the most vibrant ideas in the free software world.

Red Hat's Balkan Mystery

This sounds wonderfully cloak-and-daggerish:

Serbian minister of science Aleksandar Popović and Red Hat Corporation vice-president Werner Knoblich will sign a letter of intent on January 15, the government said in a statement.

Aha! But intent to do what....?

Red Letter Day for Red Hat

Time to throw those hats in the air, methinks:

Red Hat, Inc. the world's leading provider of open source solutions, today announced financial results for its fiscal year 2007 third quarter.

Total revenue for the quarter was $105.8 million, an increase of 45% from the year-ago quarter and 6% from the prior quarter. Subscription revenue was $88.9 million, up 48% year-over-year and 5% sequentially.

Net income for the quarter was $14.6 million or $0.07 per diluted share compared with $11.0 million or $0.05 per diluted share for the prior quarter. Non-GAAP adjusted net income for the quarter was $29.6 million, or $0.14 per diluted share, after adjusting for stock compensation and tax expense as detailed in the tables below. This compares to non-GAAP adjusted net income of $22.7 million, or $0.11 per diluted share in the third quarter of last fiscal year.

These figures are important for a number of reasons (and no, I don't own any shares - never have, never will.) It shows that Red Hat has been unaffected by all of Larry's Machiavellian machinations; it also indicates the rude health of open source's bellwether. That's good not just for Red Hat, but for the whole free software ecosystem too.

The Real Story Behind Red (and White) Hat's Name

Computerworld has a short piece that has some background on Red Hat's unusual name. Bob Young is quoted as saying:

"When [Red Hat co-founder] Marc [Ewing] was at university he used to name his software projects red hat -- red hat one, red hat two -- just to differentiate them from his friends. So, of course, when he started his Linux project he just named it Red Hat Linux for lack of a better term," said Young, who left Red Hat in 2005 to focus his energies on another company he founded, online independent publishing marketplace Lulu.com.

Well, nearly right Bob. This is the real story, as told to me by Marc Ewing himself some years back:

In college I used to wear my grandfather's lacrosse hat, which was red and white striped. It was my favorite hat, and I lost it somewhere in Philadelphia in my last year. I named the company to memorialize the hat. Of course, Red and White Hat Software wasn't very catchy, so I took a little liberty.

So there you have it: the company should really be called Red and White Hat.

Larry, to (Verb)

An interesting post from Mr Carr, notable as much for its title - "Larrying Wikipedia" - as for the idea it encapsulates:

Why, in other words, hasn’t anyone done to Wikipedia what Larry Ellison last week did to RedHat?

The Integrated Open Source Stack Meme

I noted previously that Red Hat has blessed the idea of the integrated open source stack; now Novell is doing the same, with the support of IBM.

And the meme marched on.

Open Source Enterprise Stack: It's Official

I and several thousand other people have been writing about the open source enterprise stack for a while; now free software's Eminence Rouge has given its benediction:

Red Hat Application Stack is the first fully integrated open source stack. Simplified, delivered, and supported by the open source leader. It includes everything you need to run standards-based Web and enterprise applications. Red Hat Application Stack features Red Hat Enterprise Linux, JBoss Application Server with Tomcat, JBoss Hibernate, and a choice of open source databases: MySQL or PostgreSQL, and Apache Web Server.

On the Marc

This isn't exactly hot news, and it's been blogged elsewhere, but I don't feel a blog called "open..." would be complete without at least a pointer to it.

Marc Fleury, founder and head of JBoss, now part of Red Hat, has a blog entitled "Enter the JBoss Matrix". One of his recent posts, "Wall Street, Oracle and Game Theory", is a typically heady mix of peeks into the Red Hat machine, name-dropping and very perceptive analysis. It's long, but I urge you to read it - here's a characteristic sample:

See, nowhere in the GPL is it said that we must distribute the software to you in the first place. Dion Cornett likes saying GPL != Public Domain. In fact, in the case of RHEL, RedHat doesn’t distribute it to anybody, not for free that is.

If you want to have the software, you must subscribe to RedHat Network (RHN) and if you redistribute the patches or RHEL (which you can) you must pay us for every instance, if you don’t, well, we are under no obligation to give you the future patches and upgrades, in other words, we cancel the RHN distribution to you and you are technically /forking/ RHEL.

Open Source, Open Seeds

A nice report on a "knowledge symposium" in New Delhi, organised by Red Hat India. It touched on not only free software, but also the intellectual monopoly issues facing traditional resources like seeds and medicine. A useful reminder that there are many kinds of commons, and of the threats posed by narrow-minded Western viewpoints on ownership.

Hewlett and Packard, Meet Deb and Ian

Things are getting interesting on the enterprise distro front. The two front-runners, Red Hat and SuSE are being joined by a couple of newcomers. Well, Debian is hardly a newcomer, since it was one of the earliest distributions, but it's not well known as an enterprise system. That may change with HP's announcement that it will offer Debian support.

The other one, in case you were wondering, is Ubuntu, which is also coming through strongly, not least thanks to Sun's increasing interest. Via Linux and Open Source Blog.)

More Microsoftie FUD

Another comparative "analysis" of security flaws in Windows and Red Hat. The result: Windows is better - the figures prove it. Well, yes, but let's look at those figures at little more. The giveaway is this paragraph:

Because of the nature of the Open Source model, there seems to be a higher tendency (unscientificly speaking) to just copy a piece of code and reuse it in another components. This means that if a piece of code turns out to be flawed, not only must it be fixed, but also that maintainers must find every place they might've reused that blob of code. A visual inspection showed me that many of these were the multiple vulnerabilities affecting firefox, mozilla and thunderbird. In a typical example, firefox packages were fixed, then mozilla packages were fixed 4 days later, then thunderbird was fixed 4 days after that.

Note that it says "In a typical example, firefox packages were fixed, then mozilla packages were fixed 4 days later". So one reason why Red Hat has more vulnerabilities is that it has far more packages included, many of which duplicate functions - like Firefox and Mozilla. The point is, you wouldn't install both Firefox and Mozilla: you'd choose one. So there's only one vulnerability that should be counted. Not only that, but Red Hat is penalised because it actually offers much more than Windows.

I don't know what the other vulnerabilities were, but I'd guess they involved similar over-counting - either through duplication, or simply because Red Hat offered extra packages. By all means compare Windows and Red Hat, but make it a fair comparison.

Burnished Sun Kisses Pullulating Earth

There are currently two main GNU/Linux distributions for business: Red Hat and SuSE. So it is perhaps no surprise that Sun, which badly needs to start pushing the free operating system if it wants to play in world of open source enterprise stacks, should choose something else entirely - Ubuntu, to be precise.

This makes a lot of sense: in doing so, it guarantees that it will be the senior partner in any enterprise developments, and ensures that it is not drawn into the orbits of IBM (with Red Hat) or Novell (with SuSE).

It also has bags of potential in terms of branding. Ubuntu is famous for its "I am what I am because of who we all are", as well as its tasteful mud-brown colour scheme. Now, imagine an enormous, burnished sun rising majestically over the rich, dark pullulating earth....

Update 1: Interesting interview with Mark Shuttleworth on the enterprise-level Ubuntu.

Update 2: Further confirmation of the alliance: Ubuntu running on Sun's Niagara servers.

Does Larry's Linux Stack Up?

The tantalising story in the FT that Oracle is ruminating upon acquiring one of the main GNU/Linux distributions - well, Novell - is bound to re-ignite speculation about Oracle's intentions and ultimate impact in this sector. An earlier rumour that Oracle was about to buy JBoss - obviously not true - led to a similar spate of comments, for example that Oracle was about to wipe out open source itself.

But as I wrote back then, it would seem that Larry Ellison really doesn't get this free software lark if he thinks he can wade in with a cheque-book and walk out with anything perdurable. Basically, the moment he tries to throw his weight around in any newly-acquired open source company, he will find that everything valuable in that company - its coders - will walk out of the door and work somewhere else (like Red Hat or IBM). So the idea he will snaffle up one of these cute little old GNU/Linuxes to complete his collection of netsuke rather misses the point.

What is really interesting about the FT story is that Mr. Ellison says "I’d like to have a complete stack." The stack refers to the complete set of software layers, starting at the bottom with the operating system, moving up through middleware and on to the applications. This shows that he may not quite understand the answer, but at least can articulate the question, which is: what does a software company do when the layers of the stack are commoditised one by one?

Things started even below the operating system, at the level of the network, when TCP/IP became the universal standard. But what many people forget is that once upon a time, there used to be three or four or more competing network standards, including Novell's IPX/SPX: it was Novell's dogged support for its protocols in the face of TCP/IP's ascendancy that nearly destroyed the company.

Similarly, not everyone today realises that once there were alternatives to the now-ubiquitous GNU/Linux operating system, including an older approach from a company called Microsoft, also destroyed by clinging too long to outdated closed-source solutions (this information sponsored by the year 2016).

What Ellison's comments indicate is that there is growing awareness that the free software approach is seeping inexorably up the stack. It will be interesting to see his response when it starts to dampen the application layer, and databases like Oracle's flagship start looking as soggy as IPX/SPX....

Update: There's a good table in this C|net article on how the competing stacks, er, stack up.

Why the GPL Doesn't Need a Test Case

There was an amusing story in Groklaw yesterday, detailing the sorry end of utterly pointless legal action taken against the Free Software Foundation (FSF) on the grounds that

FSF has conspired with International Business Machines Corporation, Red Hat Inc., Novell Inc. and other individuals to “pool and cross license their copyrighted intellectual property in a predatory price fixing scheme.”

It sounded serious, didn't it? Maybe a real threat to free software and hence Civilisation As We Know It? Luckily, as the Groklaw story explains, the judge threw it out in just about every way possible.

However, welcome as this news is, it is important to note that the decision does not provide the long-awaited legal test of the GPL in the US (a court has already ruled favourably on one in Germany). Some people seem to feel that such a test case is needed to establish the legal foundation of the GPL - and with it, most of the free software world. But one person who disagrees, is Eben Moglen, General Counsel for the FSF, and somebody who should know.

As he explained to me a few weeks ago:

The stuff that people do with GPL code – like they modify it, they copy it, they give it to other people – is stuff that under the copyright law you can't do unless you have permission. So if they've got permission, or think they have permission, then the permission they have is the GPL. If they don't have that permission, they have no permission.

So the defendant in a GPL violation situation has always been in an awkward place. I go to him and I say basically, Mr So and So, you're using my client's copyrighted works, without permission, in ways that the copyright law says that you can't do. And if you don't stop, I'm going to go to a judge, and I'm going to say, judge, my copyrighted works, their infringing activity, give me an injunction, give me damages.

At this point, there are two things the defendant can do. He can stand up and say, your honour, he's right, I have no permission at all. But that's not going to lead to a good outcome. Or he can stand up and say, but your honour, I do have permission. My permission is the GPL. At which point, I'm going to say back, well, your honour, that's a nice story, but he's not following the instructions of the GPL, so he doesn't really have the shelter he claims to have.

But note that either way, the one thing he can't say is, your honour, I have this wonderful permission and it's worthless. I have this wonderful permission, and it's invalid, I have this wonderful permission and it's broken.

In other words, there is no situation in which the brokenness or otherwise of the GPL is ever an issue: whichever is true, violators are well and truly stuffed.

(If you're interested in how, against this background, the GPL is enforced in practice, Moglen has written his own lucid explanations.)

(B)looking Back

I wondered earlier whether blogified books were bloks or blooks, and the emerging view seems to be the latter, not least because there is now a Blooker Prize, analogous to the (Man)Booker Prize for dead-tree stuff.

I was delighted to find that the Blooker is run by Lulu.com, discussed recently by Vic Keegan in the Guardian. Lulu is essentially micro-publishing, or publishing on demand: you send your digital file, they send the physical book - as many or as few copies as you like. You can also create music CDs, video DVDs and music downloads in the same way; Lulu.com handles the business end of things, and takes a cut for its troubles.

Nonetheless, the prices are extremely reasonable - if you live in the US: as Vic points out, the postage costs for books, for example, tend to nullify the attractiveness of this approach for anyone elsewhere in the world, at least from a financial point of view. But I don't think that this will be a problem for long. For Lulu.com is the brainchild of Bob Young, the marketing brains behind Red Hat, still probably the best-known GNU/Linux distribution for corporates.

I emphasise the marketing side, since the technical brains behind the company was Marc Ewing, who also named the company. As he explained to me when I was writing Rebel Code:

In college I used to wear my grandfather's lacrosse hat, which was red and white striped. It was my favourite hat, and I lost it somewhere in Philadelphia in my last year. I named the company to memorialise the hat. Of course, Red and White Hat Software wasn't very catchy, so I took a little liberty.

Young, a Canadian by birth, was the perfect complement to the hacker Ewing. He is the consummate salesmen, constantly on the lookout for opportunities. His method is to get close to his customers, to let them tell him what he should be selling them. The end-result of this hands-on approach was that he found himself in the business of selling a free software product: GNU/Linux. It took him a while to understand this strange, topsy-turvy world he tumbled into, but being a shrewd chap, and a marketeer of genius, he managed it when he finally realised:

that the one unique benefit that was creating this enthusiasm [for GNU/Linux] was not that this stuff was better or faster or cheaper, although many would argue that it is all three of those things. The one unique benefit that the customer gets for the first time is control over the technology he's being asked to invest in.

Arguably it was this early understanding of what exactly he was selling - freedom - that helped him make Red Hat the first big commercial success story of the open source world: on 11 August 1999, the day of its IPO, Red Hat's share went from $14 to $52, valuing the company that sold something free at $3.5 billion.

It also made Young a billionaire or thereabouts. He later left Red Hat, but has not lost the knack for pursuing interesting ideas. Even if Lulu.com isn't much good for those of us on the wrong side of the Atlantic, it can only be a matter of time before Bob listens to us Brit users (to say nothing of everyone else in the world outside the US) and puts some infrastructure in place to handle international business too.

Open Source's Best-Kept Secret

Ajax is short for Asynchronous Javascript + XML; it enables a Web page to be changed in the browser on the fly, without needing to refer back to the original server. This leads to far faster response times, and is behind many of the most interesting developments on the Web today; Gmail is perhaps the most famous example. Essentially it turns the browsers into a lightweight platform able to run small apps independently of the operating system (now where have we heard that before?).

The news of an Open Ajax project that will simplify the creation of such sites is therefore welcome. However, what is most interesting about the announcement is not the luminaries who are lining up behind it - IBM, Oracle, Red Hat and Yahoo amongst others - but the fact that it is yet another Eclipse project.

To which most people would probably say, Who? For Eclipse is open source's best-kept secret. It stands in the same relation to Microsoft's Visual Studio development tools as GNU/Linux does to Windows, and OpenOffice.org to Microsoft Office. Where these address respectively the system software and office suite sectors, Eclipse is aimed at developers. It is another example of IBM's largesse in the wake of its Damascene conversion to open source: the project was created when the company released a large dollop of code under the Eclipse Public License.

What's interesting is how Eclipse has followed a very similar trajectory to GNU/Linux: at first it was ignored by software companies, who preferred to stick with their own proprietary rivals to the Microsoft juggernaut. Later, though, they realised that divided they would certainly fall, and so united around a common open standard. The list of "Strategic Members" and "Add-in Providers" reads like a Who's Who of the world's top software companies (bar one).

This illustrates another huge - and unique - strength of open source: the fact that it represents neutral ground that even rival companies can agree to support together. The mutual benefit derived from doing so outweighs any issues of working with traditional enemies.

Even though Eclipse is relatively little known at the moment, at least in the wider world, it is not a particular bold prediction to see it as becoming the most serious rival to Microsoft's Visual Studio, and the third member of the open source trinity that also includes GNU/Linux and OpenOffice.org.