Open Sourcers Flock to San Francisco for LinuxWorld

• By John K. Waters
• August 14, 2006

The two or three holdouts who remain unconvinced that open-source software is serious business should take a gander at my inbox. I can't remember the last time I was bombarded with so many press releases, event notices, and vendor-interview requests for a tech show. I feel likeDresden, circa 1945!

The tech show generating this furious electronic pelting is, of course, the West Coast edition of the biannual LinuxWorld Conference and Expo, underway this week in San Francisco. More than 10,000 attendees are expected to swarm into the Moscone Center for half a dozen keynotes, 200-plus exhibitor displays, and more than a hundred panels and sessions. Keynoters at this year's event include, among others, Creative Commons founder and Stanford law prof Lawrence Lessig, Intel's GM Richard Wirt, and XenSource CEO Peter Levine. The exhibitor list includes marquee names like IBM, HP, Motorola, Intel, Oracle, SAP, and CA.

I shook a few vendor announcements from the shrapnel in my inbox that are worth a pre-show heads up.

Two pieces of news from Black Duck Software caught my eye: The compliance management solutions provider is expanding the knowledge base of its flagship product, protexIP, with more than 30 million software component signatures (which the company calls ''code prints'') from more than 1,000 software vendors. That's in addition to ''a couple billion'' code prints in the company's knowledge base, Black Duck CEO Doug Levin told me. Even cooler: the company has arranged to include code prints of all of the source and binary code published by Dr. Dobb's Journal going all the way back to 1988.

Black Duck's analytical engine is designed to identify the pedigree of code that's floating around an organization—basically sorting out the homegrown, open-source, and third-party code. It then matches the appropriate OSS licenses and warns of any potential copyright infringements. It also allows companies to ''code print'' their own code, so that they can, among other things, identify instances of their own stuff that has leached out onto the Internet.

Figuring out who owns the code in an organization is a problem that just keeps getting bigger, Levin said, especially in the open-source world. Levin's company currently tracks 600 OSS licenses, many of which (I'm guessing most) are just minor variations on the approved license.

''In the years to come, we're going to see more and more adoption of heterogeneous components that are located on the Internet and integrated into applications,'' he said. ''This is good news. The bad news is, companies can no longer depend on the classic method of visual source code reviews, where engineers sit and review the code.''

BTW: I understand that Levin named his Waltham, MA-based company after a wounded American Black Duck that he found and nursed back to health when he was seven years old. (Okay, I don't really know whether it's true, but it's a cute story.)

I also had a chance to chat with Oracle's ever-enlightening senior director of Linux engineering, Wim Coekaerts, about the latest additions to the Oracle Validated Configurations program. Oracle fired up this program in June with an initial roster of about 10 participants, including IBM, HP, and Dell, among others. The company is set to announce today the addition of Brocade Communications Systems, Cisco Systems, and Pillar Data Systems to that lineup. Also expected: the publication of five new configurations that have been tested by IBM, HP, and Dell.

Oracle Validated Configurations, Coekaerts explained to me, are pre-tested and validated architectures that include software, hardware, storage, and networking components, along with documented best practices for deployment. Oracle and its strategic partners offer and recommend these configurations to end-users, basically as the best way to run the component stacks.

''When we get to the point where our partners have gone through all of this testing, then going to Linux with any of our partners is identical to having any traditional, old-school Unix system. And that's our goal here; we want to make sure that Linux is totally equal to traditional Unix.''

Oracle is no newcomer to open source; the Redwood Shores, CA, database giant introduced a DB that would run on Linux way back in 1998, and it later collaborated with leading Linux distro Red Hat on its ''Unbreakable Enterprise'' initiative. The company continues to maintain a Linux Kernel Group, which works with Linux vendors and open sourcers on fixes and new functionality for the open source OS.

The Oracle Validated Configurations are available now on the Oracle Technology Network.

SpikeSource , though, was ahead of Oracle on the stack management front. The Redwood City, CA-based company's LinuxWorld announcement is worth mentioning, not so much because it's especially earth shaking—two new partners, CRM application vendor Centric CRM and collaboration server project Open-Xchange—but because the company itself has been so interesting to watch. SpikeSource is proving to be something of an industry bellwether, marking with its own evolution the emergence of an OSS trend: the growing demand for enterprise-oriented application support services.

The company provides a platform for deploying certified stacks of open-source applications and ongoing management to enterprises. These are products they don't own, but which they have tested and integrated into a one-click deployment package. Its portfolio of SpikeCertified and SpikeIgnited solutions are delivered with a comprehensive update and support service called Spike Net.

SpikeSource's initial, somewhat vague strategy of providing ''business ready open source'' has come into sharp focus recently around small and medium size enterprises (SMEs), which they serve through value-added resellers (VARs). The company now has close to 50 channel partners, SpikeSource director of product management Corey Williams told me, including the wildly popular SugarCRM and a well-respected Web content management solution called Drupal.

''Under the covers, the proprietary vendors are starting to leverage open source more and more,'' Williams said. ''It's the only way they can begin to scale and compete. But they're still trying to do all of the solution development in-house. But unless you embrace a community that allows features to be built based on merit and community demand, you just don't get the key advantages of open source.''

SpikeSource is in the exhibit hall as part of the Novell MarketStart pavilion. And the company's CEO, Kim Polese, is participating in a panel discussion with Centric CRM prez David Richards and others on Tuesday afternoon (''An Enterprise Open Source Success Story In the Fortune'').

Lots more coming from this humungo show. Stay tuned.