gpoul's Out Of Memory Blog

“When the Internet Is My Hard Drive, Should I Trust Third Parties?”, by Bruce Schneier.

Please don’t tell me anyone still has their switch ports on auto-negotiate.

Yes, this also goes for ethernet ports on your servers and has already caused too many problems to still keep someone up at night.

Bruce Schneier writes about the open wireless network in his house and why he thinks it’s not a big deal or even “basic politeness”.

In contrast to Bruce I am concerned about other people using my connectivity. Not because I’ll get sued, but because I don’t like to share my connection with everyone. I don’t like debugging why my connection is slow just to find out someone is downloading stuff through my connection.

I configure my network with a WPA2 key that I can provide to guests. Most computers will store this key and remember it next time, so this is kind of a first-time-guest thing. No big deal I guess, but in case I’d run a public venue like a coffee shop, I’d definitely keep the access point open, because that’s the whole point and everything else would just be a support headache. In addition, people will start to complain if they paid for it and it’s not working, so it’s probably cheaper to not charge and have a less reliable solution.

The mobile team at Google released Google Calendar for your iPhone.

Try it. now. :)

Silver:Mobile ist da. (lt. derStandard als reseller von t-mobile) [via derStandard]

derStandard printed an interview today with Rudolf Fischer and two questions Ms Ungerboeck asked really amazed me:

Standard: Wer soll das (Infrastructure parts of eTel) kaufen? Es gibt in Österreich eigentlich nur einen möglichen Käufer.

Fischer: Nein, es gibt einige Alternativanbieter. Tele2UTA, Colt, Verizon oder Inode könnten es in ihren Bereich einbinden. Das ist natürlich auch eine Frage des Preises.

Did we really arrive at a consolidation in Austria where only one company could buy eTel’s infrastructure assets? I was not aware that this is the degree of consolidation we reached, but we might not be far from it.

The infrastructure we’re talking about probably includes assets from eTel+EUnet(+KPNQwest)+ATnet. We’ll see if this is an interesting deal for someone like UPC or Tele2UTA, but I don’t think there are many other telcos out there who have the means to buy these assets and have a strategy where integration would make sense.

FYI: Inode is only a brand at this point and is owned by UPC, but from a brand perspective it is much closer to eTel than to UPC in terms of business-offerings.

Standard: Sie sitzen im Aufsichtsrat von ÖBB und Asfinag und werden immer wieder für den ÖBB-Vorstand gehandelt. Ist Ihnen fad?

Fischer: Dass ich in die ÖBB gehe, ist ein völliger Schwachsinn. Es ist ja nicht so, dass diese Aufsichtsratsfunktionen 50 Prozent meiner Zeit in Anspruch nehmen. Infrastruktur, das ist etwas anderes, das ist spannend, interessiert mich.

When did it become OK to ask a senior executive on-the-record if he was bored and plans to move into a new job? How did anyone think this was even worth including in print even if it was asked during the interview?

You can find the complete interview online.

Commodity Computing with Amazon’s S3 and EC2 by Simson Garfinkel. [via AWS Blog]

Over on the (mt) blog the system administrators posted about their experience of hosting a large number of MySQL web applications on their “GRID” system.

This is about the third time that I hear about the concept of a “quarantine server” and it makes me wonder. A few days ago I wrote that large and medium-sized clients have the same problems as hosting companies because of the continued server consolidation and I believe this will become more significant over the next few years.

Moving misbehaving applications to a quarantine server because they had a negative impact on other applications makes sense if you want to protect your infrastructure from “bad” applications, but this is not improving the relationship between IT operations and developers and is not a healthy process because you only move to the quarantine server after having a major outage on your production system.

It would be a better idea to first host new applications on a monitored production environment before putting them onto the stable production servers after it has been proven that the new application won’t have a negative impact.

The important feature on the monitored production environment is that all kinds of tracing and monitoring can be enabled by default to see if the application qualifies to be moved to the stable production servers. If a reason is found not to move to the stable production environment operations can generate a report of SQL statements or specific requests that were misbehaving and give the developers a chance to improve the next version without impacting the stable production servers.

It would also be a positive sign to application developers showing that operations wants to help them improve their applications, even though it’s an additional step in getting an application deployed. On the other hand, users can already use the application and it can be transferred to the stable production servers without affecting end-users.

If an application has already been moved to the stable production servers and an update has a negative effect it can be put into degraded operations on the monitored production environment and go through review again.

The reason I’m not suggesting to use the monitored production servers as a staging environment is the production impact this causes for the application’s end-users and decrease in stability for a currently stable application. I also assume that as soon as the application has been moved to the stable production servers there will be enough tests available to catch potential problems during SVT and PT.

This rollout procedure makes the stable production server much less affected by misbehaving applications and would reduce the impact of extensive monitoring that is useful to keep an eye on the new or misbehaving applications, but would only have a negative impact on the applications already in stable production.

This kind of rollout is actually pretty easy to script with WebSphere Application Server and might be a nice feature to be introduced in WebSphere XD and ITCAM one day. The bigger challenge would be to implement this for the database, but with a small downtime it might not be a huge undertaking to automatically move an application’s database from one database server to another one over a SAN. That way you could migrate an application from the monitored production servers to the stable production servers over night.

Disclaimer: To everyone who hasn’t noticed yet while reading my blog, or who is new to this blog: I work for one of the major hosting companies mentioned in this post.

From time to time I wonder about the current state of Java EE hosting and go off on the web to look for experiences and offerings that sound interesting.

This time I found an interesting overview of Java hosting offerings that are available for hosting small sites, but also found posts of bad experiences with several hosts, where Java services were apparently less of a priority.

There isn’t much that has changed in the last year or so. There are a few offerings for large and medium-sized clients that are operated by the major hosting companies, but no real “commodity” offerings for small companies or personal web sites as they’re available for PHP.

Why is that? Is it because Java has no good mechanism to separate different applications from each other? Is it because we’re not able to scale Java to many concurrent applications?

Large clients often have the same problems that hosting companies face when consolidating applications. Even from one company, applications may not always play nice together when hosted in the same JVM or may even require different security settings that make it impossible to even run applications on the same cell.

At the moment the most technically feasible way would be to give users the choice of what container components of Java EE they want and have them pay by memory and bandwidth consumed. This also scales easily by forking multiple similar virtual machines throughout the infrastructure to handle additional load and enables hosting providers to provide the appropriate service level to each of its clients.

A complete concept for metering a hosting offering would also take processing time and storage into consideration, but this is not specific to Java EE hosting.

Joe Walker’s post about how Google might implement Java hosting is very interesting and touches on JSR284. In the future I think we’ll see a further increase in virtualization of the JVM and I hope this will be integrated into products like WebSphere XD.

I think that the current state of products is an opportunity for hosting providers and application server vendors to distinguish their offerings by making deployments as easy as possible and to provide a transparent service to their clients, whatever the scale of their applications might be.

We have an infrastructure today that was financed by users of the network and usage is growing; there are some doubts about how to finance further growth, but what seems to be forgotten in this discussion is that content providers indeed are users of the network and pay for getting connected. Bandwidth is not free today.

Carriers need to make money on network access, but there is no reason to distinguish between services provided. Net neutrality means that all participants in a network are equal and each byte is treated equally, at least as far as the endpoints are concerned.

Isn’t the business of a carrier to transport data packets from A to B as fast as possible with high reliability no matter what’s inside?

If you’re interested in this topic I also encourage you to read Rudolf Fischer’s post about net neutrality in addition to Google’s guide to net neutrality.