Original URL: http://www.theregister.co.uk/2009/12/07/novell_intelligent_workload/

Novell to mashup management tools

No tea making facilities as yet, though

By Timothy Prickett Morgan

Posted in Software, 7th December 2009 13:39 GMT

It seems that most of the IT industry is trying to figure out how to make money by vertically integrating some aspects of the data centre and selling a complete solution that addresses the whole stack. Novell - known predominantly for its NetWare and SUSE Linux operating systems - is no exception.

Having shelled out big bucks - well, at least compared to its size and cash pile - for a number of systems management tool makers, Novell is unveiling the product line and strategy it will bring to market in 2010 to deliver what it calls "intelligent workload management".

This will start with its SUSE Appliance online software packaging tool, which went beta in February and into production in July. Then it will stir in a whole bunch of code from its ZENworks system management tools, the PlateSpin virtual server management tools and the ManagedObjects business service management tools. Finally, add in Identity Manager for access control and security, before mashing the whole thing up in a pot and selling it as an integrated toolset for managing infrastructure and the applications that ride on top of it.

You've probably heard this many times before, most recently - as in last week - from an outfit called rPath and its Project Javelin. With that project, rPath, which was founded by some of the top ex-techies from Red Hat, is seeking to go beyond a repository-driven software appliance tool that rode atop a homegrown version of Linux.

It wants to be a kind of version control system for operating system, middleware and application software deployed in both development and production environments. In this case, Project Javelin is supporting Red Hat Enterprise Linux, Ubuntu, CentOS, and Novell's SLES and will from next year support Microsoft's Windows.

Like Novell's intelligent workload management effort - which does not have a code-name even though its components do - rPath's Project Javelin is a roadmap that will lead to a product set, rather than a single product that is currently ready for delivery.

According to Justin Steinman, vice president of solution and product marketing at Novell, one of the key differences between the two approaches is that Novell has the tools and the expertise in coping with security and access control at the operating system and application level. It has acquired and built the code that will allow it to do role-based access and control on software stacks that span physical servers, virtual machines, and cloud-style infrastructure.

"We think that CIOs are looking for tools to manage three pools of infrastructure - physical, virtual, and cloud," explains Steinman. "Decades ago, security meant locking a mainframe in the basement. But that is not going to work today. We've offered identity solutions, appliance tools, management solutions, but not in a tightly integrated fashion. Now we will." As for rPath, Steinman says that Novell is not all that worried. "The lack of security and identity management in rPath will really hamstring them," Steinman says.

Novell's intelligent workload management toolset - and man, does it ever need a better name - has eight core components. Some are kickers to currently shipping products, while others are based on code borrowed from different tools and mixed in new ways, and still others that have brand new code. The tools are grouped into four major functional groups, which are used to build, secure, manage, and measure the software stacks deployed internally on physical or virtual servers, or out on virtualized cloud infrastructure.

The workload build tools include the online SUSE Appliance Toolkit, which Steinman says will be ready for prime-time in the first quarter of 2010. The thing that needed to be added to the appliance service, which for now only builds appliances for Novell's SUSE Linux distro, is the ability to embed access and security settings, including per-user and role-based access, into the application stack. This way, as workloads move from physical to virtual to cloud infrastructure, the access and security settings can travel with the stacks.

Novell is being a bit cagey about exactly how it is going to make the security and access settings portable, but says that it is taking bits of its Sentinel log manager and event manager tools and embedding them in an agent that can travel with physical and virtual infrastructure. The creation and embedding of these security and access settings will not be done with the SUSE Appliance Toolkit, but rather with another tool code-named "Workshop," which is not expected to be delivered until the fourth quarter of 2010.

Now, considering that this is a key differentiator for what Novell is doing to try to make money, Novell just asked everyone to wait a year. For shops that want to mix Linux and Windows workloads and to have a single set of tools to manage their "intelligent workloads," this could work in the long run. But what Novell just told everyone is that it really isn't close to shipping a complete product set. This gives rPath and others plenty of time to jump into the fray if this is something that people really want to do.

Steinman says that Novell is only now sorting out what versions of Windows it will support and would not commit to supporting both Windows Server 2003 and Windows Server 2008. As for the Linuxes that will be supported with the IWM tools, the fully integrated set will support only SUSE Linux, either raw through a SLES license or as generated as an appliance through the SUSE Appliance Toolkit. As for other Linuxes, Steinman says "that's not currently in the roadmap."

On the security front, Novell's Identity Manager will get major update to Version 4 from the current Version 3.6 in the second quarter of 2010, adding role-based access to the current user-based access control. The update will also allow for real-time provisioning of access based on individual user identity or roles within the organization, rather than changes to access being done in a batch mode, as they are now. Two other Novell security tools, Sentinel and Compliance Management Platform, will be updated so they understand how to teleport security information around.

Finally, Novell will wrap up pieces of Identity Manager and Access Manager tools and Sentinel monitoring tools with a bunch of new cloudy code - based on programs that have resulted in 80 patents for Novell in recent months. It will sell this to cloud infrastructure providers so that they can have IWM features on their clouds that match the IWM capabilities that Novell will offer for SUSE Linux and Windows. Novell will sell these cloud IWM tools as the Cloud Security Service, and it will be available in the second quarter of 2010.

The manager part of the IWM feature set comes through a rejigging of the existing PlateSpin and ZENworks. There are three components planned. One is a PlateSpin-branded product that is being developed under the code-name "Atlantic," which is a virtual infrastructure provisioning tool based on the current PlateSpin Migrate and Recon tools and a judicious chunk of ManagedObjects technology.

While PlateSpin tools have only been aimed at provisioning and managing virtual servers, a future PlateSpin product code-named "Bluestar" will do provisioning and configuration change management for physical servers. Oddly enough, a whole bunch of the code for this project will come from Novell's ZENworks management tools.

The third IWM management tool project, based on ZENworks as well, is code-named "Workbench" and will be a master repository and change control system for the SLES and Windows workload stacks. All three of these IWM management tools are expected to be delivered in the third quarter.

On the measurement front, the Business Service Manager tools - including myCMDB, which came to Novell by virtue of its ManagedObjects acquisition - and Sentinel will get cloudy extensions and IWM features. The IWM stack itself will get a new tool called Compliance Automation, which will take Sentinel security and event management code and mix it up with the ManagedObjects BSM software to create a single, unified product - presumably at a bundled price. This will also be available in the third quarter of 2010. ®