Enterprise Initiatives

In Part 1 of this series, I explained my reasoning behind creating an open source strategy. In Part 2, I will discuss our progress. But before I start, here are some predictions from Gartner:

• By 2010, 75 percent of mainstream IT shops will have a formal open source acquisition policy in place.
• By 2008, open source will compete with closed source in every infrastructure market.
• By 2010, mainstream IT shops will consider open source for 80 percent of their infrastructure software needs.
• By 2010, mainstream IT shops will consider open source for 25 percent of their business software needs.

Our first step was to create an inventory of the open source products that we use at my IT shop. We have a few areas within the organization that were early adopters of OSS and have a variety of products in use. When polling the staff for OSS products, I expected to find between 20-30 actively being used. I was shocked to find that we have around 100 different OSS products in our inventory (not including the ones packaged within proprietary closed software products). What an eye opener!

There is a lessoned learned here. Since the company as a whole still has not fully embraced OSS and still looks at OSS as the red headed step child, individuals have gone into stealth mode and started assembling a massive inventory of products that help them get there job done at a very low cost. What I found out is that we have a lot of duplication of products including various different versions. Some of the products are best of breed while others are questionable. If there is ever a need of a strategy, the time is now! Since we rely so heavily on OSS, we must embrace it as a strategic part of our enterprise and put the necessary governance around it. This takes us to step two of our strategy.

Today we spent a couple of hours with Sourcelabs, an open source service provider. This was another eye opening event for me. I knew open source service providers provide support for a wide range of OSS products. But here are a few things they do that I didn't know:

• Stress test and certify OSS products
• Contribute code to numerous OSS products
• Provide a one stop self service portal with information on numerous OSS products, including patches security alerts, product roadmaps, known issues, etc.
• Provide advice and guidance for product evaluations
• Assist in the creation and/or validation of your Open Source Strategy
• Fix product bugs and submit to the product's community for the next patch or release
• Provide certified Java middleware suites
• Provide open source policy and process best practices

All of this from one vendor across a whole suite of tools. This is so much more cost effective then paying 20% maintenance on every single product you buy in the world of proprietary software. We have a use case where we purchased a 20 node cluster of servers from a major vendor. We were required to purchase support for each node. The vendor mandated that we use SUSE Enterprise which more then doubled the cost per node. To make matters worse, the vendor is one to two years behind in the version of SUSE that they support on their hardware. The reality is that these servers just run and we rarely need any support for the operating system. So how cost effective is that model? For this use case, service providers are a no brainer. Not only is it more cost effective, but we can also choose whatever distribution of Linux we want because the service providers do not mandate what software we must use. Suddenly, the overall price of the cluster just dropped in half. Now for the same price (and better support) I can purchase a second cluster and drop it at our disaster recovery site!

So much for the myth that you can't get support for OSS. So to recap where we are with our strategy:

• Step 1 - create an inventory
• Step 2 - educate IT - this started today with our discussion w/Sourcelabs

I will continue this series as we move forward with our strategy. If any of the readers out there have experience with this process I would much appreciate hearing your lessons learned and recommendations.