Matt Bottrell writes about the Oracle Linux offerings presented at LCA 2008 [1]
The one thing that Oracle does which I really object to is the “unbreakable” part of their advertising. They have pictures of penguins in armour and the only reasonable assumption is that their system is more secure in some way. As far as I am aware they offer no security features other than those which are available in Red Hat Enterprise Linux, CentOS, and Fedora. The unbreakable claims were also made before Oracle even had their own Linux distribution, which gave them even less reason for the claims.
If someone is going to be given credit for making Linux unbreakable then the contributors list for the SE Linux project [2] is one possible starting point. Another possibility is that credit could be given to Red Hat for introducing so many security features to the mainstream Linux users before any other distribution.
In terms of improving the security of databases it’s probably best to give credit to Kaigai Kohei and the PostgreSQL team for Security Enhanced PostgreSQL [3]. I believe that NEC also deserves some credit for sponsoring Kaigai’s work, I am not sure whether NEC directly sponsored his recent work on SE-PostgreSQL but they certainly sponsored his past work (and are credited on the NSA web site for this).
Oracle’s Linux distribution is based on CentOS and/or Red Hat Enterprise Linux (RHEL). The situation with RHEL is that the source is freely available to everyone but binaries are only available to people who pay for support. CentOS is a free recompile of RHEL and a good choice of a distribution if you want a server with long-term support and don’t want to pay Red Hat (I run many servers on CentOS).
While Matt gets most things right in his post there is one statement that I believe to be wrong, he writes “One of the craziest statements I heard during the talk was that Oracle will only support their products running under a VM if it’s within Oracle VM“. My knowledge of Xen causes me to have great concerns about reliability. My conversations with MySQL people about how intensive database servers are and how they can reveal bugs in the OS and hardware are backed up by my own experience in benchmarking systems. Therefore I think it’s quite reasonable to decline to support software running under someone else’s Xen build in the same way as you might refuse to support software running under a different kernel version (for exactly the same reasons).
Matt however goes on to make some very reasonable requests of Oracle. The demand for native packages of Oracle is significant, I can’t imagine official Debian package support appearing in the near future, but RPM support for RHEL etc would make things easier for everyone (including Oracle).
A better installation process for Oracle would also be a good thing. My observation is that most Oracle installations are not used for intensive work and use database features that are a sub-set of what MySQL offers. I’ve seen a few Oracle installations which have no more than three tables! The installation and management of Oracle is a significant cost factor. For example I used to work for a company that employed a full-time Oracle DBA for a database with only a few tables and very small amounts of access (he spent most of his time watching videos of fights and car crashes that he downloaded from the net). Adding one extra salary for a database is a significant expense (although the huge Oracle license fees may make it seem insignificant).
Your experience of Oracle databases conflicts with my own. Over the last 10 years I’ve only worked on Oracle databases which are larger than a few hundred GB, many larger than a couple of TB, all with many thousands of tables. These are SAP installations which can (ab)use the database quite hard. Whilst I agree that the Oracle installer sucks, at least it’s somewhat cross platform (being written in Java) and thus provides a consistent interface for those of us installing on Linux, Windows, AIX or whatever.
Alan: I know that there are many heavy applications that use Oracle databases. But the vast majority of database installations are on the low end. My observation is that a good number of Oracle systems really have low end requirements. Of the systems that I’ve run which had Oracle installed, they all could have had flat-files used for their databases without any problems.
Keep in mind the fact that VolksWagen bought Bentley, BMW bought Rolls-Royce Motors, and McDonalds is the world’s most profitable “restaurant” chain. Any company that restricts itself to the high end risks becoming less profitable than one that caters for the majority of the market. Not that I expect Oracle to learn this before it’s too late.
IMHO an installation process that sucks on all platforms is not a good thing (being written in Java means that you first need to install Java). For a cross-platform language Perl is probably the best choice, most server Linux systems can’t be installed or booted without it.