Today we feature an interview with John Buswell of Spliced Networks. The company announced their first product, AppOS, just today. Learn more about what’s unique about this new Linux server distribution.1. Please explain to us the single killer feature your solution has against Solaris or Red Hat.
John Buswell: If I had to pick a single feature, I think it would probably be ExMI. The
extended management interface. It provides a web interface, and later
SNMP and CLI, that allows application images to extend the OS’s web based management
interface, so it looks like a completely integrated solution.
Companies running Windows now, or new companies looking for an IT
solution, will find ExMI attractive, assuming there is an application
image for what they need. This is where AppOS will win business over
Solaris and Red Hat, although I don’t see too many companies migrating
to Solaris anyway.
With AppOS though its really a complete package, so in the long term,
I think AppOS as a whole could lead to a change in the way server OSes
look, switching towards a router style single image file vs. hundreds
of pacakges. If you look at half the stuff in /bin, and /usr/bin, most
of it you’ve probably never run on most of your production servers, if
you’re honest about it. So it doesn’t really need to be there.
It’ll take some time to catch on, but if/when it does, then Red Hat
and Sun will most likely need to adapt.
2. The application management is done via a web interface. How does this work exactly? Is X installed on the server, or the interface’s web server can be used remotely?
John Buswell: There is no X installed on the server, installing X on servers is
really counter productive, and definately not something I would ever
advocate for a production server. X would just consume valuable
resources, taking them away from what the server is supposed to be
doing. The entire server (appliance) is managed through the web
interface. There is a small light-weight web server that is running on
a seperate physical ethernet interface (management network). You just
point your favourite browser at the management IP, and you have full
control of the system. The web interface manipulates a common
configuration file, which is used by a low-level program to generate
the various configuration files, or change settings in /proc.
3. Please tell us more about the security of the product and how it was architected to be ‘secure by default’.
John Buswell: AppOS uses single filesystem image files, mounted via loopback on a
ramdisk to build the root file system. The image file that is used
uses a filesystem that that is unwritable, such as squashfs. When I
say unwritable, the only way you can write to the filesystem is to
regenerate it. Access to the OS is restricted to the management
network, the only outside way to access the system running AppOS, is
through whatever application image it is running, for example DNS.
These application images are run through a special chroot environment
that is generated by the appliance at runtime, and again, uses the
unwritable filesystem via loopback. If someone were to compromise
bind, they are stuck in the chroot environment, but they cannot write
to the config or the data. So there are very limited in what damage
they can do. This is further compounded by our use of grsecurity,
stack smashing protector, and other standard security features. We’re
currently working on adding extensions to AppOS to enable the user to
select between different security models (say SELinux or grsecurity)
at boot time. Right now, you can do that, but you’d have to switch
images. AppOS includes some parts of OSDL’s Carrier Grade Linux, such
as Resumo, which enables fall back capabilities in Grub (the boot
4. Please tell us more about the company: how many employees it has currently, how it’s funded, and how did you come up with the idea of APPOS in the first place.
John Buswell: Spliced Networks was founded back in 2002, back then, it was just
myself and Frank Boyd. Since then we’ve expanded the company, with 10
employees, some full time and some part time. The company is currently
funded privately, we’ve gone to great lengths to retain full control
of the company, which is why we haven’t gone seeking outside
investment. We utilize a lot of open source solutions, as well as
common sense in the day to day operations. AppOS didn’t really come
from just one idea, its the end result of several years of putting
much smaller and simplier ideas together. If I had to pick one key
moment that really influenced the development of AppOS, it would have
to be hard disk failures in headless linux servers. In my lab, I have
a half dozen Linux servers that don’t have video cards. When those
systems lose a hard disk, or just need to be fsck’d manually, its a
major pain. Which is probably why there are features in LIMBS that
allow for remote network management during the boot process. 🙂
5. How is the company gonna make money? Is the OS or the applications, or the service that will yield profit?
John Buswell: I don’t really see the company making money from the OS, I’m sure
we’ll make money from certification, benchmarking, support and other
services provided to OEMs and VARs, as well as custom Linux solutions.
The big profits will come from combining the OS with strong
application images. The first big test of that idea, will come next
month when we release our SN-2100 series DNS appliance. The appliance
provides all of the capabilities of competing commerical DNS
appliances such as those from Blue Cat Networks and Infoblox. These
companies charge quite a bit for these appliances, between AppOS and
our build system, we can cost effectively offer the same solutions to
customers for a lot less. I think our biggest advantage will be that
we are selling kits that allow customers to upgrade their existing
servers to appliances that match our SN-2100 series DNS appliance.
Many companies like DNS appliances, but they cannot justify the costs,
we’ve reduced the costs signficantly, and allow them to continue to
use their existing servers, with the same cost saving benefits of the
appliance. Now, if we do this in a couple of more areas, I think we
have the potential to win big.
6. I see a port for 64bit platforms and for the embedded systems. What stage the PowerPC port is in?
John Buswell: The PowerPC port is still in early stages. AppOS is based upon the
principle of an open appliance, built from commodity hardware that you
can upgrade and redeploy. PowerPC is still pretty much Apple or IBM
equipment, there are a couple of independent vendors, but not that
many. We did conduct tests of several different appliance images using
a modified Ubuntu PPC Live CD and an iMac G5. A comparable Opteron
system was yielding much better performance results when we threw
simulated production traffic at them in our lab. I’m sure it was more
a result of the PPC solution being under optimized, but if you look at
a price/performance comparison, the AMD stuff is always going to win.
7. Back in the day you were involved with iMacLinux, Nortel and MandrakeSoft. What kind of experience these projects have given you?
John Buswell: MandrakeSoft was a great experience, I got a chance to work with Jean
Loup Gailly, who was CTO of MandrakeSoft when I worked there, along
with some great developers. I’m really glad to see things are taking
off for them, with the recent merger, and their continued growth.
iMacLinux was an interesting deal, it came out of nothing, more a
result of me getting tired of sending the same email out back in 1998
on getting LinuxPPC to work on the original iMac. iMacLinux we did
manage to survive a couple of slashdottings, and we learned really
fast that people like to take information a lot faster than they like
to contribute it. I would like to bring iMacLinux back, however, it
looks like a couple of sites have emerged to replace it, which is
great. iMacLinux really isn’t something thats profitable, however it
did help a lot of people out, so it was a good deal.
Nortel is a great company, with a lot of very very smart people. The
most important thing I have learned from working at Nortel, has
probably been what to expect from larger customers, like Fortune
500s, Financial Institutions and so on. Sustaining engineering is a
faced paced environment, you’re working on many business critical
issues, often requiring quick resolution. You definately learn to
think on your feet, and fast. The nice thing about sustaining
engineering, is that its always interesting. You’re always working on
multiple issues, often covering completely different features of the
product. You never get bored, and typically never have the time to get
8. What do you expect to come out of the launch?
John Buswell: Well, we’ve had LIMBS working in production for over a year now,
and we felt it was about time, that we got some feedback on the
concept and shared it with the rest of the world. We’re hoping that
it’ll start some people thinking, and hopefully lead to some
innovative changes in the server world. A lot of Linux companies have
been focusing on the Desktop a little too much. Obviously, we’re
hoping to grow our partner program dramatically, and sell some more
AppOS based appliances over the coming weeks.