What is it like working on an open source project? A lot of people wonder how does it differ. The nightly builds, the open nature of communication and involvement, the external contributors and the community managers like Ludo Poitou make it a very dynamic environment. The best way to understand it is to watch this great video that Ludo put together that represents the last three years of activity.
I must confess that I am an optimist. Although, recently I think we all have been tempted to take trip over to the dark side even if only for a moment. Two recent blog posts have pulled me back to the proper side and to see the Glass Half-Full again. One, by Jonathon Schwartz who in his extremely eloquent and illustrative style reminded everyone why Sun is more relevant than ever. Two, Daniel Raskin, who posted an interesting blog on Oracle's fortunes during the downturn. I encourage you to read both.
Each explains why Open Source software like OpenDS, OpenSSO, Glassfish and ZFS (btw...great podcast on ZFS with FLOSS Weeklyhere) are more relevant in this market than ever before. As developers around the globe search for a platform of innovation they choose based on capability and price of acquisition. They have more time than money. In the economic downturn that we are all suffering through globally may have impacted trade balances, balance sheets and salaries but it has not impacted people's inclination to innovate. This is why Sun and Open Source are more relevant than ever. As Jonathon points out in his overview of Finance 101:
Not to dip into finance 101, when the net present value
of a lifetime revenue cycle exceeds the value of a one time purchase, a
product or service that initiates the payment stream is either freely
distributed (if it has no marginal cost, like software), or subsidized
(if it has a hard cost). That's why you see so many free credit cards,
free checking account, free mobile phones, free month's rent, free
social networking, etc. In the technology world, free is the new black.
Juxtapose this with the news from Daniel Raskin's blog about the current fortunes of Oracle and you wonder who has the right competitive advantage for this current economic environment.
As I travel and talk to customers about Identity, I have heard similar stories from customers. One comes to mind where a customer shared that he had an intern that he asked to investigate OpenDS. Instead of coming back with a slide deck containing a cost benefit analysis and a feature comparison he came back at the end of the week with a working prototype. After showing it to key stakeholders, the decision was not about whether it was the right technical choice, rather it was about when to put it in production and how could they get budget to pay for support. The value of open source is breaking down barriers to innovation.
This is why I see the Glass Half Full. People in tough times don't stop innovating. They just choose different problems and different platforms to innovate upon.
There is a great webinar being offered on Wednesday, Jan. 21 which you may have missed the announcement because of all the excitement about the Inauguration and Martin Luther King Holiday in the US. Daniel Raskin, Product Line Manager OpenSSO, and Jamie Nelson, Director of Engineering for OpenSSO, will be talking about the current release as well as the plans for the next release of OpenSSO Express. There are already 200 registrants and there is a cap at 250 so register now so you don't get left out!
The Directory crowd should be interested as well, because OpenDS is bundled with OpenSSO and is used as OpenSSO's policy store and can be leveraged as a user store as well. Here are the details:
Sun Software Webinar: See how Sun's OpenSSO Enterprise provides a single solution for Web access management, federation, and Web services security.
Join Sun for a live webinar on one of today's most exciting aspects of identity management! During this session, we will discuss OpenSSO innovation and how it pushes access management, federation, and secure Web services capabilities to a new level. Learn how to solve challenges around these capabilities with a single solution.
This webinar will be presented by Sun's OpenSSO experts: Daniel Raskin, the senior product line manager, and Jamie Nelson, the director of engineering. We hope that you can join us!
If you have any questions or feedback, please send a message to SWI_Webinar_Inquiries@sun.com.
Gary Williams, a staff engineer and the QA lead of OpenDS,
published a great article with Marina Sum on the topic of how working
on an open source software project has improved quality in product
development. The process is without challenges which he outlines in
the article as well. However, he also gives great detail about the
test harness that is used, the amount of automation and community
involvement to address the challenges and get high quality product in
community hands more frequently. The full article is available on the Sun Developer Network here.
These
are the types of processes that quality open source projects do as a
part of the project development process. Indira Thangasamy, produced a similar
article on how they approach QA within the OpenSSO project.
As companies evaluate other open source projects, especially in these
challenging economic times where cost reduction provide stronger
rational's to consider starting projects using open source software.
The quality approach of communities becomes an important differntiator
as companies use open source in production and customer facing systems.
Here is a quick overview of the test harness used on OpenDS:
We use open-source, Java platform-based test tools, such as the
following, not only to demonstrate our support for open source but also
to ensure that they are accessible to everyone:
TestNG — For running unit tests, same as in OpenSSO
Checkstyle — For checking code style and rules before commitment
Unit Testing and Automation: "Testing starts in the programming phase with unit tests, which verify
that the code works as intended and which must exist for all features.
Today, we run 30,000 automated unit tests daily on different Java
virtual machines. No code can be integrated without satisfying the
precommit requirements."
Code coverage — With open-source EMMA, we find out the
number of code lines, blocks, methods, and classes that are exposed by
the unit and functional tests. Part of that information pinpoints the
amount of the code tested as a percentage of the total, defining if
we've met the quality criteria. We also define which areas of the code
are not tested, called coverage holes, and create new tests to fill
them.
Feature coverage — OpenDS delivers features that customers
want, that is, customer requirements. Each feature is recorded as an
issue in the Issue Tracker, a tool that monitors defects. This data
tells us the state the features are in and their status: Ready for Test
or Tested.
Documentation coverage — To ensure that the documentation is
reviewed according to the test plan, we adopt a two-phase documentation
review process: a technical review of the content followed by a formal
QA review. Like the product features, the documentation is divided into
categories—books, chapters, and sections—that are recorded in the Issue
tracker. Through this coverage, we measure the percentage of the
documentation reviewed over time and identify the reviewers and review
status.
Defect rates — This is a traditional measure. The goal is to
have no high-priority bugs open at release time. Our Bug Council
constantly studies the defects and assesses the risks to customers. We
also plot simple graph trends to gauge how well the project is
converging.
Thanks to Gary and Marina for publishing this article and allowing the community to learn from your experience.
Gartner Identity and Access Management conference is happening next week, Nov. 10-12 in Orlando, Florida. This is a great event that brings together analysts, customers and vendors to share knowledge and experience on important topics that shape the Identity and Security industry. I will be attending with a few of my notable Identity Product Managers at Sun including: Daniel Raskin, OpenSSO; Nick Crown, Identity and Role Manager; Craig MacDonald, Identity Manager; and our fearless leader John Barco.
Come by and spend some time with your favorite Identity team. On Monday, November 10 we will be watching Monday Night Football and talking identity in the Presidential Suite at the Gaylord Hotel at 9:00pm ET. There will be great food, drinks and music as well as a few discussions about Identity. We hope to see you there.
And, we will be having a few games of Identity Hero. If you want to practice, check it out here.
It has been a busy day. I attended part of the OpenDS Community call. It was a great call with insight into the upcoming inclusion of OpenDS in OpenSolaris. OpenDS can be installed on OpenSolaris today but what is new is that it will be available in the new OpenSolaris application repository. I have blogged before on the importance of user experience in software. This is especially important for infrastructure sotware as it increases adoption, reduces training and maintenance costs and most importantly is "the right thing to do" when building product. The inclusion of OpenDS in the OpenSolaris repository will improve the overall user experience of acquiring and using the software on this important platform for developers and enterprises. Additionally, the team talked about the latest release and inclusion of the new console.
In addition to all of the above, I came across the following review by CS Connell
who was comparing OpenDS to several other LDAP directory solutions.
Although his analysis is not comprehensive, the blog post does a nice
job of illustrating his analysis of several different solutions against
his business and technical requirements. Here are some of the
highlights:
"From an install standpoint, OpenDS seemed quite a bit easier to me, even though I had never seen it before."
"However, one feature that I very much liked (and we need) from OpenDS was virtual attributes, specifically isMemberOf. "
"In the end though, I just felt OpenDS was easier, and would certainly
be more straightforward for someone without much backround in the
technology .. and it had the nifty isMemberOf attribute we wanted"
He also posts some initial performance testing results. Although, I can't confirm or properly comment on his results I will leave conclusions up to you. We will be posting some testing results of our own on OpenDS shortly to give you some additional information.
There are great things happening in the OpenDS project. Last week the team released a major update to the code. The release also contained a great new console to manage schema, edit entries, etc. I will blog more about this later in the week.
Additionally, Ludo is having his monthly call this morning to go over the new release and discuss some upcoming feature's. Hopefully, you can join the call. Here are the details.
Dear OpenDS users and developers,
Please join us on the phone for the next OpenDS monthly public
meeting, Tuesday November 4th, 2008, 9am PST, 6pm CET, 5pm GMT.
On the agenda for this month meeting, we will review the current
status of OpenDS 1.1, do an update on the roadmap and will present in
details the changes that being integrated in OpenDS to be able to
integrate it as part of OpenSolaris. These changes include SVR4
packages, additional features with SASL authentication, SMF support,
separation of binaries and data...
Developing great software requires a clear understanding of customer requirements. One critical advantage of open source software development is that you can have an ongoing and open conversation with your customers. This is one of several reasons why we maintain an IRC chat room for OpenDS. It not only provides valuable access to engineers and support team members for the community but it also provides a channel for communication.
Today, I was in the OpenDS room and I met Dominic an OpenDS customer who was looking for help in deploying OpenDS into production for his product called CDOVaR.net. Ludo, who is the community manager, was able to help Dominic and during the conversation Dominic shared some news about how he is using OpenDS in production to provide a directory service to his customer facing service.
CDOVaR.net is a structured credit pricing and risk platform built upon
industry leading pricing models, market data and reference data. The company provides financial insitutions three basic services: CDOVaR.net Pricing (Provides automatic daily pricing harnessing market leading credit analytics bencharked with consensus market levels and broker quotes), CDOVaR.net Risk (Provides a flexible risk summary based on entity level sensitivies including PV01 and Jump-to-Default Risk) and CDOVaR.net Capital (calculates capital requirements based on comprehensive credit spread and correlation skew scenarios).
As this story evolves, I look forward to bring you more data. Good luck to Dominic and CDOVaR.net.
Lastly, if you want to see how easy it is to install OpenDS check out this video I created and blogged about earlier this week.
And the fun continues! OpenDS announced this week the launch of
OpenDS 1.0. I was speaking with Kevin LeMay who gave me a quick run
down on what OpenDS SE 1.0 is. He said "Sun OpenDS SE 1.0 is a
high-performance, highly-extensible, pure Java directory server that
delivers a fully compliant LDAPv3 server that passes all of the
compliance, interoperability and security tests suites. Furthermore,
Sun OpenDS SE 1.0 implements most of the standard and experimental LDAP
extensions defined in the IETF as RFCs or Internet-Drafts, ensuring
maximum interoperability with LDAP client applications." You can get
more information here on OpenDS SE 1.0
This
matters as product teams have struggled with how to embed configuration
information or policy stores for products that need to manage identity
information. OpenSSO embed's the community version of OpenDS for exactly this purpose. Not
only is it 100% Java but it is very performant and standards based.
OpenSSO uses OpenDS to manage configuration data under the covers it
also allows developers installing for evaluation purposes or to get a
quick POC up and running to use it for an identity store (not an
architecture we support in production). However, it gives developers
and customer's options which is what Open Source is all about.
You can get in-depth information about the architecture of OpenSSO here. In this document, where it refers to the configuration store, we are referring to OpenDS.
Also, as I was researching this piece I found this interesting post at the JBoss Portal Wiki.
It describes the installation and coniguration steps for their portal
using OpenDS as the directory and OpenSSO as the Web Access Management
solution. Looks interesting but I have not tried it myself.
Jonathon was named to the top 15 Open Source leaders list produced by eweek this week. You can read the article and see the illustrious company that he keeps these days here. The MySQL acquisition has been a big part of reminding people that Sun is a leader in the open source software movement. After working on the first release of xVM Ops Center I have moved over to the Identity Management group at Sun and I am working as a Product Manager on Access Manager and Federation Manager. One of the aspects of the job that really was exciting when I joined the team is that they do all of their development in the open via OpenSSO. This makes things so much easier when discussing features and roadmaps with customers. We can point to the project and say "go and try it". We have had a number of companies contact us recently and as we have the discussion about when do you want to start the POC they respond with "we have already downloaded and evaluated the software. How do we get support?".
By the way, if you haven't seen Daniel's blog recently then you should check it out. The FedLet is coming and it sounds like it is going to revolutionize the way people think about access and federation management.
Lastly, I am a space geek and I came across another blogger at Sun who has some great pictures of the recent Discovery Shuttle processing and launch. Thanks Dan for putting these up for people to see. I am probably going to go and see a missile launch at Vandenberg with my son in May. If anyone knows the best spot to see the launch from please let me know?
|
|
|
|
about the current release as well as the plans for the next release of OpenSSO Express. There are already 200 registrants and there is a cap at 250 so register now so you don't get left out!
CDOVaR.net
