Until recently, Tom Jeffery didn’t give a damn about open-source software.
What concerned him was finding 10,000 new cash registers (essentially PCs with cash drawers) for 1,300 KB Toys stores and a new software system to run them because his old vendor was going to stop supporting the system he had.
But then a funny thing happened. "We sent out final [RFPs] to six vendors and narrowed it down to three," he recalls. "The only thing they had in common was they were all written in Java. And ran on Linux."
To Jeffery, vice president of IT for the Pittsfield, Mass.-based toy retailer, it didn’t matter what OS the new system used. What mattered was having a simple user interface, the ability to integrate with multiple systems inside KB Toys and the flexibility to modify the systems without relying on a vendor to do the job. The only registers that had all of that used GNU/Linux, the operating system built piecemeal over the Internet by a community of volunteer developers.
Jeffery was vaguely aware of the roots of this community, how it began in 1984 when a cantankerous software programmer named Richard Stallman wrote some brilliant software designed as an alternative to the Unix operating system. It was software that anyone could use and change and distribute?as long as he promised to share any changes he made with everyone else. In 1991, a Finnish college student named Linus Torvalds added a complex kernel to Stallman’s and others’ programs to instruct them to act as the unified operating system that most have come to associate with Torvalds’ pet name for the project, Linux.
Jeffery didn’t start caring about any of this until 2001, when he was forced to.
He didn’t care because for years open source has been dismissed as pie-in-the-sky, a toy for geeks. But today open source is undergoing a business revolution.
In a November 2002 CIO survey of 375 information executives, 54 percent said that within five years open source would be their dominant server platform. Today, major enterprises are running mission-critical functions on open source, big vendors have lined up to support it, and reliable applications have emerged.
And CIOs who have implemented it report huge total-cost-of-ownership (TCO) reductions.
It’s now clear that within five years, open source will transform how software is developed, sold and supported.
When CIOs need help with their systems and software, they don’t have to depend on vendors with their own agendas because when an open-source app doesn’t work, administrators can look at the source code, figure out why and write a fix themselves. If they’re having trouble, help is just a newsgroup away.
So far, the community that has grown up around popular open-source applications such as Linux have proven to be highly disciplined, ethical and extremely competitive, with pecking orders that exclude?sometimes brutally and profanely?all but the best contributors. (For more on this community, see "Who Are Those Guys?" Page 57.)
"Heroism in these communities means proposing an interesting improvement and getting everyone to acknowledge it," says John Sarsgard, vice president of Linux sales programs at IBM in Armonk, N.Y. "That’s the way these guys get their strokes?everyone recognizes that their way of doing it is the best way." When bugs are revealed in Linux or Apache, for example, the community begins posting fixes on the Internet within hours. Their work is good, and it’s free.
Free is good. CIOs who don’t come to terms with this revolution in 2003 will be paying too much for IT in 2004.
Software as a Commodity: The Apache Story
The reason they will be paying too much is that in effect they will be buying the vendor’s research and sales and marketing expenses when they don’t have to. They will be paying for support that others will be getting gratis. They will be paying for hardware that’s overpriced because it uses an arcane proprietary operating system. They will be paying for bows and ribbon?for packaging?when what’s inside the competing packages is essentially the same.
Open source is helping turn significant chunks of the IT infrastructure into commodities by offering alternatives to proprietary software. (See "Enterprise Ready," Page 56, for a list of these tested open-source applications.) This is software as corn or wheat. As the products become indistinguishable, buyers will choose the cheapest, most reliable supplier they can find?and it’s hard to beat open source on price.
This commodification is happening fastest at the lowest level of the infrastructure, the level that most businesspeople never see, like server operating systems and application servers (middleware). This is not an accident: Fifty-eight percent of the open-source community is made up of professional IT administrators and programmers (with 11 years of professional experience, on average) who use open source to fix problems they encounter in their jobs, according to a recent survey by the Boston Consulting Group.
Apache, the webpage server that now runs 60 percent of the world’s websites, began this way. In 1994, there were no commercially available software packages for serving up webpages. Randy Terbush was one among many IT people casting about the Internet for solutions. He found seven others willing to work on the problem with him. "We said, Let’s start a mailing list and work together," says Terbush, who is CEO and president of The Tribal Knowledge Group, an Alta, Wyo., infrastructure technology consultancy. He was a founding member of the nonprofit Apache Software Foundation, which develops and distributes the Apache HTTP server.
Apache’s release in 1996 wasn’t accompanied by a million-dollar ad campaign. Analysts and the press didn’t track sales because you didn’t buy Apache, you downloaded it. And you could download it once, tweak it, burn it on a CD, and install your own version on as many servers as you wanted without telling anybody and without spending a dime.
Open Source Goes Big Time
Of course, free doesn’t necessarily mean without costs. Just because you download open-source applications for free doesn’t mean you won’t have a whole host of associated costs such as maintenance, integration and support. Right now, CIOs remain concerned about receiving support for open-source software solely from volunteers?however disciplined and dedicated?over the Internet. They want commercial vendors to sign contracts guaranteeing that the stuff will work. In our November survey of 375 IT executives, 52 percent said a lack of vendor support was open source’s primary weakness.
But in 2001 and 2002, major vendors such as Dell, HP, IBM, Oracle and Sun announced in various ways that they would begin supporting open-source products. IBM is leading the push. "We will guarantee the same [service-level agreements] for Linux that we do for proprietary OSs," says Dan Frye, director of IBM’s Linux Technology Center. "Response times, fix times, uptime?we’ll sign all those same contracts for Linux."
Last summer, Oracle released an open-source version of its database to run on clusters of Linux servers?a popular way for CIOs to transition big, power-hungry applications and databases from expensive hardware like supercomputers and high-end Unix servers to groups of cheap Intel servers running Linux. Even Unix market leader Sun, which has the most to lose from the rise of cheap Intel server replacements for its more expensive Unix machines, now offers a Linux server. The only major vendor that continues to resist the march of open source is Microsoft, though company officials have stopped calling open source "a cancer," as they did a few years ago, and now acknowledge Linux as a viable competitor. (See "Showdown at the 6.0 Corral," Page 62.)
Vendors that have embraced open source haven’t suddenly gone all soft and fuzzy. They see it as an opportunity to sell software that works with open source, as well as consulting, integration and support services. This is a major shift from a few years ago, when most vendors viewed open source as inconsequential. Now they see it as a loss leader for profitable services.
The strategy shift by the big vendors has opened the eyes of big company CIOs. "The way [open source] has been accepted and embraced by the IBMs and Suns has put it on our radar screen," says Judith Campbell, senior vice president and CIO of New York Life Insurance. "I like what I’m seeing because however this shakes out, it represents a flight to quality in software."
"My operations group is really very positive about using [open source]," says Sue Unger, senior vice president and CIO of Stuttgart, Germany-based DaimlerChrysler AG. "It requires less time to manage than [proprietary software]. Answers become apparent a lot easier, and they don’t seem to need as many management tools as they’ve needed with other environments."
All the CIOs we spoke to for this story who use open source say they’ve seen savings over proprietary software, even when accounting for the extra integration work required to bring open source into their architectures. CIO’s survey respondents seem convinced too: 59 percent said a lower TCO is open source’s primary strength.
Even if open source seems too risky to become part of your strategic plan, you should be experimenting with it, if for no other reason than to use it as a stick to keep your vendors honest. "Even if you decide you don’t ever want anything to do with open source, go out and get some and show it to your vendors when they come to call," says Jonathan Eunice, principal analyst at Nashua, N.H.-based research company Illuminata.
The question for CIOs now is not whether they should be using open source but where and how they should be using it. Open source will not replace proprietary software in the next few years (there aren’t, for example, enough volunteer developers with a passion for, say, financial derivatives to replace Wall Street applications today, if ever), so CIOs have to make educated decisions about where to apply open source and where to wait.
What’s your plan for 2003?
Start with the Web
The Internet is the wellspring of open source and the focus of many of its applications. So if you’re looking to get your feet wet, it makes sense to start there.
Pete Sattler’s company, SPX, a Charlotte, N.C., valve and motor manufacturer, is highly decentralized, with divisions and plants spread around the country. Its websites grew like weeds during the ’90s?mostly small, low-transaction sites, each with its own Windows server. The servers and websites propagated to the point where the annual maintenance bill started to add up.
"We figured the websites would be a low-risk way to bring Linux and Apache in," says SPX’s chief e-business officer and CIO. "There aren’t a lot of hits or activity on these websites, and it gave us a chance to work with open source and see how it operates in a production mode." Sattler consolidated 75 websites and went from 40 Windows servers down to four Linux servers. He hired a Linux expert to lead the project and develop an enterprise architecture for the Linux system. Sattler’s expert tweaked Linux to fit SPX’s needs, creating a master version of the software that Sattler can install on as many servers as he wants. For free. "I’ll be able to replicate that image onto new servers as I add them," he says.
The image will help as Sattler experiments with open source in the next level of the infrastructure: the network. Open-source tools exist at varying levels of maturity for network-centric functions like management, intrusion detection, middleware and databases. "These are commodity activities," says Sattler. "I want the infrastructure to be cheap, standard, reliable and provide good performance. Linux is helping me swap out more costly components of my infrastructure, drive down my costs and increase my reliability. You want this stuff to be like an electric utility. It just runs and you don’t think about it." That is, Sattler doesn’t want to think about his network in tactical terms (such as bringing crashed servers back up); he wants to focus on infrastructure strategically.
The network is about as high as most CIOs are willing to go with open source right now. Even at the network level, the transition will be gradual as tools continue to mature. But Sattler says that the lowest rung on the ladder, the Web, is a lock to be turned over to open source. "We just had a security and penetration audit last month, and the only systems the auditors weren’t able to penetrate were the Linux systems," he says. (Of course, now that more people are using Linux, hackers are getting better at hacking it. Everyone agrees, however, that good software is safer than bad software.)
Take Back Your Infrastructure
Open source forces you to get reacquainted with your IT infrastructure. It’s the kit car of IT. You buy the frame and customize to your heart’s content, putting, say, a Bentley grill on your VW Bug.
"Acceptance of open source depends on the CIO’s personal style as much as anything," says Bob Wolf, operational director of the Strategy Practice Initiative for The Boston Consulting Group. If you don’t like your people fiddling with stuff, he says, you will probably wait on open source until it’s plug-and-play.
"You have to own open source," says Ed Wojciechowski, vice president and CIO of Menasha, a Neenah, Wis.-based packaging and plastic products manufacturer. Wojciechowski did what most CIOs would only consider doing as a contestant on Fear Factor: From 2000 to 2001, he switched his SAP ERP system from Unix machines over to Linux on Intel servers. SAP had only just ported its applications over to Linux for public consumption during that time.
CIOs at Fortune 500 companies worry about moving their ERP applications over to Intel servers because they rely on huge databases that need lots of processing power. Unix workhorses can accommodate many more processors in each box than Intel servers running Windows or Linux. But the performance gap is narrowing, says Manfred Stein, product manager of LinuxLab and Unix Platforms for Walldorf, Germany-based SAP, the biggest ERP vendor. "The number of systems where Intel would not provide sufficient resources to run the database is very small, less than 1 percent of our installed base," he says. For that 1 percent, SAP is evaluating Oracle’s RAC clustering system for Linux so that customers can simply add more Intel boxes as the databases grow, says Stein.
Wojciechowski had an ace up his sleeve for his SAP switchover: a brilliant college kid contributing code to the Linux kernel in his spare time. He started designing Wojciechowski’s Linux ERP architecture as a part-time employee during the summer of 1999. Now he’s out of college and working for Menasha full-time. Wojciechowski won’t give his name, much less offer him up for an interview. "The whole world would come after him," he laughs.
Not that the issues in making open source work are all that esoteric. "There is nothing that gets delivered that just plugs in and everything is beautiful," says Josh Levine, chief technology officer of E-Trade Financial in Menlo Park, Calif. "So you need people who know the technology." Like Wojciechowski’s prodigy.
"There’s a little more onus on your IT people to reach out and provide answers rather than going back to a vendor and asking for a patch," says Harry Roberts, senior vice president and CIO of Reading, Pa.-based retailer Boscov’s, which moved a legacy invoice processing app to Linux on its IBM mainframe. "But they like the new way," Roberts continues. "They don’t want to wait weeks or months for solutions to come from the vendor. They want to get things done quickly."
Indeed, Roberts says his staff ported the old invoice processing app over to Linux in 45 days. Not bad, he says, considering that "it had a lot of functions and touchpoints with other systems like ERP and a rigorous online and batch cycle. We said, If we can make this work, we can make anything else work." Roberts ran the new application in a parallel environment with the mainframe system to work out bugs for four months before going live. "That was six months ago," he says, "and we haven’t had a failure yet."
Design Your Own Desktop
David Chugg had a dream. He wanted to remove the Internet Explorer icon from the Windows desktop.
Chugg’s not a Justice Department lawyer, nor does he have a particular beef with Microsoft. It’s just that he didn’t want reservations agents at the 6,600 hotels that are franchises of his company, New York City-based Cendant, to be surfing the Internet when they should be taking care of guests.
But, of course, everyone knows Windows won’t work without Explorer.
That’s why Chugg likes Linux. "It’s a loosely coupled system, so you can rip out the stuff you don’t want without harming the rest of it," says Cendant’s IT senior director of hotel solutions. "Don’t want the Internet?" Chugg says. "Just rip it out."
Linux is supposed to be DOA on the desktop?too scattered, too feature poor to compete with Windows. But not in Chugg’s world, the world of the locked-down or embedded operating system, where limited is good. This is where Linux excels. It’s reliable, easily tweaked to perform specific tasks, and cheap. Indeed, when you’re talking about 6,600 hotel reservation screens, the cost of putting a licensed version of Windows on each begins to add up. And Microsoft’s new licensing program is adding fuel to the fire, especially among retailers that typically want to devote only 1 percent to 2 percent of revenue to IT.
Chugg, meanwhile, is upgrading his system to provide live connections into all the hotels from Cendant’s headquarters, and he likes what’s happened to his hotel’s desktops since he first installed Linux: nothing.
"They look pretty much like we left them two years ago," he says. "We used to have to go in and clean off games and all kinds of things from the Windows machines before we could upgrade them."
The first time he went with Linux, it was because his hotel management system vendor didn’t offer the software on any other system. This time, the vendor offers other operating systems, but Chugg is sticking with his original Linux system from UnitedLinux vendor The SCO Group?by choice.
Get Leverage! Kill Off Your Expensive (Proprietary) Hardware
For years, Josh Levine had to settle for boring meetings with his Unix vendor, Sun Microsystems. Sure, there were some exciting times there at the beginning?back in 1998, when E-Trade was first shopping for Unix computers to run its custom online trading system. Levine could pit Sun against the other Unix vendors like IBM and HP. But once E-Trade decided to go with 60 Sun boxes at $240,000 a pop and a $25,000 yearly maintenance fee on each, the fun?and Levine’s leverage?was gone. All Unix vendors have their own versions of Unix designed to run solely on their hardware. "All their strategies are based on proprietary operating systems. Once you buy the hardware, you can’t move," Levine says.
Now, when Levine wants to buy some new hardware, he can have a party and invite everybody. That’s because he replaced those 60 Sun boxes with 80 $4,000 Intel servers (which became commodities long ago; they’re virtually identical no matter who you buy them from) and a commodity operating system, Linux, which is supported by all the major Intel hardware vendors. The Intel boxes are less powerful than their Unix counterparts, so Levine just bought more of them. And since Linux is based on Unix, his support people easily made the transition.
The fun is back in Levine’s procurement life.
"We get to manage the vendor as opposed to the vendor managing us," he says. "Now they compete on performance and price; they can’t hide behind an operating system. And we’ve cut out the maintenance fees we had to pay on the Unix machines. That’s huge. That’s a sea change.
"Linux is about leveling the playing field across all the hardware vendors," he says.
Levine moved to Linux cautiously. He looked over the possible savings (which he estimates at $13 million in the first year) for a few years before leaping. Though Levine has an IT staff of 650, including 350 developers, he bought full support contracts from Raleigh, N.C.-based Linux distributor Red Hat and IBM. "It’s possible that open source is supportable without a major vendor," he says. "But our feeling has been that without major vendor support, we’re gambling, and there’s no use gambling. So we held off until HP, IBM and Sun stepped forward and said they were going to support it vigorously."
Even with that support, Levine tested the Linux system in parallel with his old Unix system for six months before switching over in March 2002. It’s run with just a couple of minor hitches since then, he reports.
At DaimlerChrysler, CIO Unger deployed Linux to kill the three supercomputers that the company uses to run crash simulations. She turned the three into 108 Intel servers running Linux, all whirring away on the crash dummies’ misfortunes.
"We expected cost savings, but we were surprised at how big they were: 40 percent for hardware, software and service combined," she says. But then Unger saw something she didn’t expect: an application performance improvement of 20 percent. "Everyone thinks you just do this because of cost reduction, but we’re seeing other factors." Besides improved performance, the machines are simpler to manage. Based on the U.S. experience, Unger did the same thing to DaimlerChrysler’s Mercedes crash simulation center in Germany, with the same results.
Free at Last...Well, Not Yet
If there’s a roadblock to universal open-source adoption, it’s the lack of industrial-strength enterprise applications to run on Linux, things like CRM and ERP. But the difference in 2003 is that CIOs are demanding to know what the vendors are planning to do about that. They didn’t much care before.
"In the last year, interest in Linux has taken off like a rocket," says SAP’s Stein. "We just passed 1,000 customer installations on Linux [out of 13,000], and we expect about 5 percent of new deployments to be on Linux."
SAP was the first major ERP vendor to offer its software on Linux, and all the others have now pledged to do the same. As always, pledges are one thing, delivery another. But with continuing pressure from customers to lower implementation costs, all major software vendors had better start coming through.
For CIOs, this is the year to start figuring out what to do with open source?even if it is nothing. Don Bullock, vice president of IT at Eaton, the Cleveland-based diversified industrial manufacturer, had his advanced technology group do two pilots with Linux last year: one on the mainframe platform and one to use Linux as a locked-down operating system for a voice recognition application on an Intel platform. He decided the incremental expenses of establishing a new OS (retraining IT staff and users, buying and integrating new hardware) was too great?for now. "But we’re going to keep looking at it," he says.
Art Huffman, CIO at Halliburton, a Dallas-based oil field services company, has also looked at Linux, and he came to a different conclusion. He plans to move 13,000 users of his company’s SAP system over to Linux in the next two years.
"We’re looking to move to a clustered Linux/Intel platform to run the Oracle database," he says, "and we think the technology will be there. It isn’t today. But it looks like the pieces are coming together."
Huffman has an open-source plan.