OpenBSd or HP-UX?

classic Classic list List threaded Threaded
29 messages Options
12
Reply | Threaded
Open this post in threaded view
|

OpenBSd or HP-UX?

Alvaro Mantilla Gimenez
Hi folks,


    I need to install an LDAP server in my job. I am, obviously, an
OpenBSD guy but my boss wants to install the server with HP-UX. I need
to probe him that OpenBSD is a better solution than HP-UX but google
doesn't show a truly comparative between this two OS and there is a
"poor" information about the HP-UX skills doing this role. The price for
the "solution" (HP-UX or OpenBSD) does not matter this time, so the
argument "OpenBSD is OpenSource and the other is a propietary Unix $$"
is not an acceptable argument.

     Anyone have experience with this two OS?? Is there any heavy reason
(argument) to choose one over the other? Remember: it is an LDAP
server...not a database server....not a webserver.....not a file server.


     Thanks in advanced,

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Marc Balmer-2
Alvaro Mantilla Gimenez wrote:

> Hi folks,
>
>
>    I need to install an LDAP server in my job. I am, obviously, an
> OpenBSD guy but my boss wants to install the server with HP-UX. I need
> to probe him that OpenBSD is a better solution than HP-UX but google
> doesn't show a truly comparative between this two OS and there is a
> "poor" information about the HP-UX skills doing this role. The price for
> the "solution" (HP-UX or OpenBSD) does not matter this time, so the
> argument "OpenBSD is OpenSource and the other is a propietary Unix $$"
> is not an acceptable argument.
>
>     Anyone have experience with this two OS?? Is there any heavy reason
> (argument) to choose one over the other? Remember: it is an LDAP
> server...not a database server....not a webserver.....not a file server.

We run an OpenLDAP installation on OpenBSD that is fully synchronized on
two servers (one master, one slave) for the public schools here.
~15'000 accounts and all important systems (email, fileserver, even the
~80 firewalls, login, etc.) pull their data from it.

It is in operation for several years now, not a single problem with it.

I can say nothing about HP-UX, but OpenBSD surely is a stable foundation
for an OpenLDAP server.

- Marc Balmer, micro systems

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Travers Buda-2
In reply to this post by Alvaro Mantilla Gimenez
* Alvaro Mantilla Gimenez <[hidden email]> [2007-08-22 00:58:09]:

> Hi folks,
>
>
>    I need to install an LDAP server in my job. I am, obviously, an OpenBSD
> guy but my boss wants to install the server with HP-UX. I need to probe him
> that OpenBSD is a better solution than HP-UX but google doesn't show a
> truly comparative between this two OS and there is a "poor" information
*snip*

Just tell him that OpenBSD in the stead of HP-UX will be cheaper, faster to setup, and easier to maintain (because of your experience with Open.) Both OpenBSD and HP-UX can do LDAP, yes, but it's yourself that makes the difference here.

Oh, and you have much more freedom in picking out your hardware (back to the cheap tangent.)

--
Travers Buda

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

J.C. Roberts
In reply to this post by Alvaro Mantilla Gimenez
On Tuesday 21 August 2007, Alvaro Mantilla Gimenez wrote:

> Hi folks,
>
>
>     I need to install an LDAP server in my job. I am, obviously, an
> OpenBSD guy but my boss wants to install the server with HP-UX. I
> need to probe him that OpenBSD is a better solution than HP-UX but
> google doesn't show a truly comparative between this two OS and there
> is a "poor" information about the HP-UX skills doing this role. The
> price for the "solution" (HP-UX or OpenBSD) does not matter this
> time, so the argument "OpenBSD is OpenSource and the other is a
> propietary Unix $$" is not an acceptable argument.
>
>      Anyone have experience with this two OS?? Is there any heavy
> reason (argument) to choose one over the other? Remember: it is an
> LDAP server...not a database server....not a webserver.....not a file
> server.
>
>
>      Thanks in advanced,

There are two ways you can approach this question; logic and rhetoric.
Or better said, reasoning and FUD.

The FUD against OpenBSD starts with the fact that it is open source, has
limitations on supported hardware (true of all operating systems), and
often includes the (mistaken) fact that you cannot get support (-If
necessary, you can purchase professional support for OpenBSD from many
third-party companies.) In comparison to linux and freebsd, OpenBSD
*supposedly* has a smaller installation base, and is therefore a niche
product (-no one truly knows for sure how many installations exist of
any open source OS).

The FUD against HP-UX is that it's a "Dead Operating System" since
PARISC has been discontinued, and Itaniaum support may not continue due
to lacking sales. HP-UX also has a history of security problems. Of the
commercial UNIX operating systems, HP-UX is a smaller player by
comparison, and therefore a niche product.

The reasoning for OpenBSD is very active continuous development, very
impressive reliability and of course, the buzzword "security" which
tends to overly impress any neophyte (even great security can be void
in the hands of a incompetent administrator).

The reasoning for HP-UX is brand name recognition, vendor support, and
of course job security -when something goes wrong, your boss can blame
the brand name vendor in hopes of saving his own ass.

LDPA has similarities to both database servers and file servers, so even
though it's not an exact match, performance metrics for database/flle
servers may be relevant to LDAP. As always, *YOUR* environment and
requirements must be tested to get any truly meaningful performance
metrics. If you have truly insane load and storage requirements, and an
unlimited budget, spending a quarter of a million dollars on a very
high end, 16+ CPU, Itanium box running HP-UX may be a better choice
than OpenBSD. Then again, if that's really the case, I would prefer to
go with big Sun hardware and Solaris under those circumstances.

By comparison, the multiple processor support in OpenBSD is for i386 and
amd64, and how well it will scale in *YOUR* situation can only be found
through testing. Personally, I've never seen a 16+ CPU dmesg, but I'm
not a project developer, and someone may very well be using OpenBSD on
such hardware.

The questions you need to answer are how much load do you expect (and
plan for) and how much storage do you require?

There are people from this list who deal with fairly large LDAP/SASL
installations on OpenBSD. Chris Paul (sentinare.com) and Jason Dixon
(dixongroup.net) come to mind but I'm sure there are others. If you
honestly expect to have *MASSIVE* loads and storage requirements (i.e.
comparable a fortune 1000 company), you should talk to the folks who
have done such things, get your own in-house testing done, and then
make a decision based on your results. -Anything less is just blind
guessing.

The best business decision is the solution that gives you the greatest
reliability and security for your requirements with the least amount of
investment. OpenBSD has a very good chance of coming out on top in the
majority of fairly tested comparisons. The corner case of insane loads
and storage requirements is the one *possible* exception but even then,
it may be sufficient.

jcr

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

frantisek holop
In reply to this post by Alvaro Mantilla Gimenez
hmm, on Wed, Aug 22, 2007 at 12:58:09AM -0600, Alvaro Mantilla Gimenez said that
>    I need to install an LDAP server in my job. I am, obviously, an
> OpenBSD guy but my boss wants to install the server with HP-UX. I need
> to probe him that OpenBSD is a better solution than HP-UX but google
> doesn't show a truly comparative between this two OS and there is a
> "poor" information about the HP-UX skills doing this role. The price for
> the "solution" (HP-UX or OpenBSD) does not matter this time, so the
> argument "OpenBSD is OpenSource and the other is a propietary Unix $$"
> is not an acceptable argument.

hard to believe there are still companies who are willing to waste
money this way...

let's look at a cursory TCO comparison:

1. which hp-ux?
the last mohican PA-RISC or the no-one wants me Itanium?
do you already have the hw or are you going to buy it?
how expensive will it be to replace something that leaks
it's smoke (i.e. stops working)? will you be able to replace
it without a hp technician?

2. support
are you going to buy a support contract?
(because we have one, i don't know if patches and updates
are freely available without this contract...)  where
can you go for help besides official support?  ever tried
to solve an obscure hp-ux problem?  except the hp forums
you are pretty much on your own...

if you are primarily an bsd/linux person as opposed to a sysv4
hp-ux person, how much will you have to learn to move comfortably
inside the system and do your work? will you start your job with
a 3 week hp training course (hp-ux for advanced unix admins,
hp-ux networking 1,2,3 and so on, and so on)?
 
3. software availability
hp-ux is a quite typical commercial unix, userland is ancient,
gnu stuff in semi-official packages and miles behind openbsd's
port system, prepare to compile stuff and look for help compiling
stuff...


having said that we have a couple of netscape ldap servers here,
mostly because of inertia: thery are too old to touch.
but the main ldap servers are already linux boxen...

-f
--
support your local police force - steal!

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Jacob Yocom-Piatt-2
In reply to this post by Alvaro Mantilla Gimenez
Alvaro Mantilla Gimenez wrote:

> Hi folks,
>
>
>    I need to install an LDAP server in my job. I am, obviously, an
> OpenBSD guy but my boss wants to install the server with HP-UX. I need
> to probe him that OpenBSD is a better solution than HP-UX but google
> doesn't show a truly comparative between this two OS and there is a
> "poor" information about the HP-UX skills doing this role. The price
> for the "solution" (HP-UX or OpenBSD) does not matter this time, so
> the argument "OpenBSD is OpenSource and the other is a propietary Unix
> $$" is not an acceptable argument.
>
>     Anyone have experience with this two OS?? Is there any heavy
> reason (argument) to choose one over the other? Remember: it is an
> LDAP server...not a database server....not a webserver.....not a file
> server.
>

tried to take a bit of a side adventure and get HP-UX going on a PA-RISC
machine and it's no walk in the park. for cost, support, compatibility
and simplicity reasons i've abandoned the project and decided to use
other OSes instead.

you CANNOT discount the value of having essentially direct access to the
devs on these lists. the karma and assistance you receive as a result of
making even small donations is considerable and, in my experience,
better than any phone or tech support i've received from companies that
support "enterprise" software. for a fraction of the cost of a support
contract you can get direct access to the programmers and cut out the
nimwits on the phone you have to wade through.

as jc said, the only situation i can imagine where you'd want to run
something "enterprise" is in the case that you need a monolithic server.
unless the hardware is wacky, i'd still be inclined to run an opensource
OS on it for the support reasons cited above. not very familiar with
LDAP configs here but i imagine there is a way to spread load between
machines, making the monolithic solution pointless.

thanks for the reminder to investigate LDAP more closely... =)

>
>     Thanks in advanced,

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

J.C. Roberts
On Wednesday 22 August 2007, Jacob Yocom-Piatt wrote:
> tried to take a bit of a side adventure and get HP-UX going on a
> PA-RISC machine and it's no walk in the park. for cost, support,
> compatibility and simplicity reasons i've abandoned the project and
> decided to use other OSes instead.
>

bummer. Was my previous guess was correct that HPUX patches/updates are
only available with a HP support contract? If you still have the itch
to tinker...

> not very
> familiar with LDAP configs here but i imagine there is a way to
> spread load between machines, making the monolithic solution
> pointless.
>
> thanks for the reminder to investigate LDAP more closely... =)
>

LDAP can do some *VERY* cool stuff including load balancing, fail over
and similar. Whether you "need" a huge monolithic system actually
depends on how you define "need"  -See Marc Balmers' post regarding
supporting multiple services for 15K accounts with only two servers.
Chris Paul over at Sentinare (http://www.sentinare.com) provides
SEC/NASD/SOX compliant message archiving with LDAP for publicly traded
corporations and as far as I know, it's being done with racks of fast
boxes rather than using super behemoth 16/32/64/128 CPU systems.

To justify using behemoth systems you must have:
1.) money to burn
2.) insane load and storage requirements
3.) proper cost/benefit analysis and testing

Even if you can justify using behemoths, would you rather have a full
rack of 32, quad processor opteron systems which you can easily
repurpose individually as business needs change, or would you rather
spend the more money on a a pair of 64 processor beasts and fight the
system partitioning battle? -The answer is usually defined by which
flavor of marketing koolaid you drank and/or what kind of "incentives"
the vendor is offering to you personally... there are few things better
than an all expense paid eight week "training" course on some exotic
island....

and there are few things worse than your boss going to the training.

:-)

jcr

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Alvaro Mantilla Gimenez
In reply to this post by Marc Balmer-2
Marc Balmer wrote:
>
> We run an OpenLDAP installation on OpenBSD that is fully synchronized on
> two servers (one master, one slave) for the public schools here. ~15'000
> accounts and all important systems (email, fileserver, even the ~80
> firewalls, login, etc.) pull their data from it.

Can you send me a dmesg of this computers? I think it is a good start to
know how big is the hardware that i need to support something like that
with OpenBSD...

>
> It is in operation for several years now, not a single problem with it.
>
Which version of OpenLDAP are you running in this moment??

> I can say nothing about HP-UX, but OpenBSD surely is a stable foundation
> for an OpenLDAP server.
>
> - Marc Balmer, micro systems

Thanks in advance,


     alvaro

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Alvaro Mantilla Gimenez
In reply to this post by Travers Buda-2
Travers Buda wrote:

> *snip*
>
> Just tell him that OpenBSD in the stead of HP-UX will be cheaper, faster to setup, and easier to maintain (because of your experience with Open.) Both OpenBSD and HP-UX can do LDAP, yes, but it's yourself that makes the difference here.
>
> Oh, and you have much more freedom in picking out your hardware (back to the cheap tangent.)
>
> --
> Travers Buda

It would be wonderful convince my boss with that argument....but the
next question he will ask is: "What if....you die tomorrow?? Who can
maintain the system??...

Thanks anyway....it is a good point to mention on the conversation with
my boss.


          Alvaro

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Jacob Yocom-Piatt-2
Alvaro Mantilla Gimenez wrote:

> Travers Buda wrote:
>
>> *snip*
>>
>> Just tell him that OpenBSD in the stead of HP-UX will be cheaper,
>> faster to setup, and easier to maintain (because of your experience
>> with Open.) Both OpenBSD and HP-UX can do LDAP, yes, but it's
>> yourself that makes the difference here.
>>
>> Oh, and you have much more freedom in picking out your hardware (back
>> to the cheap tangent.)
>>
>> --
>> Travers Buda
>
> It would be wonderful convince my boss with that argument....but the
> next question he will ask is: "What if....you die tomorrow?? Who can
> maintain the system??...
>

not sure, but i do think jason dixon is still offering support
contracts.... this is WAYYYY cheaper than anything you'll get through HP
on the support contract tip

> Thanks anyway....it is a good point to mention on the conversation
> with my boss.
>
>
>          Alvaro

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Alvaro Mantilla Gimenez
In reply to this post by J.C. Roberts
J.C. Roberts wrote:

>
> The reasoning for HP-UX is brand name recognition, vendor support, and
> of course job security -when something goes wrong, your boss can blame
> the brand name vendor in hopes of saving his own ass.

And this is, i think, the main point for my boss and his "not
understanding" about the advantages of OpenBSD over HP-UX. But...i have
hope yet...he does not "close the door" to the OpenBSD possibility. He
wants probes...only i need to find a heavy argument. For example...the
developers that port OpenBSD to HPPA and HP300 platforms....maybe they
have benchmarks between this machines running HP-UX and/or OpenBSD. It
works better??

>
> LDPA has similarities to both database servers and file servers, so even
> though it's not an exact match, performance metrics for database/flle
> servers may be relevant to LDAP. As always, *YOUR* environment and
> requirements must be tested to get any truly meaningful performance
> metrics. If you have truly insane load and storage requirements, and an
> unlimited budget, spending a quarter of a million dollars on a very
> high end, 16+ CPU, Itanium box running HP-UX may be a better choice
> than OpenBSD. Then again, if that's really the case, I would prefer to
> go with big Sun hardware and Solaris under those circumstances.
>

This is a good point too. Is it the performance of OpenBSD running on
Sun computers equal to Solaris?? Personally...i think Solaris...sucks !!
But there is no a technical opinion here...it is only i like the OpenBSD
way to do the things. For me, Solaris is a like a big dinosaur.


> By comparison, the multiple processor support in OpenBSD is for i386 and
> amd64, and how well it will scale in *YOUR* situation can only be found
> through testing. Personally, I've never seen a 16+ CPU dmesg, but I'm
> not a project developer, and someone may very well be using OpenBSD on
> such hardware.

Anyone that wants share his experience with this type of hardware?

> There are people from this list who deal with fairly large LDAP/SASL
> installations on OpenBSD. Chris Paul (sentinare.com) and Jason Dixon
> (dixongroup.net) come to mind but I'm sure there are others.

Do you have their emails?? Please, give my email to them if they decide
to share some information with me. (I look the emails too, maybe are
public...i don't want to bother anyone with unwanted email).

>
> The best business decision is the solution that gives you the greatest
> reliability and security for your requirements with the least amount of
> investment. OpenBSD has a very good chance of coming out on top in the
> majority of fairly tested comparisons. The corner case of insane loads
> and storage requirements is the one *possible* exception but even then,
> it may be sufficient.

Do you have urls of this fairly tests?


>
> jcr

Thank you so much....


        Alvaro

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Alvaro Mantilla Gimenez
In reply to this post by Jacob Yocom-Piatt-2
Jacob Yocom-Piatt wrote:

>>
>
> tried to take a bit of a side adventure and get HP-UX going on a PA-RISC
> machine and it's no walk in the park. for cost, support, compatibility
> and simplicity reasons i've abandoned the project and decided to use
> other OSes instead.

How was your adventure?? Can you be more specific?? I know the cost
part...obviously it is more cheaper run OpenBSD that HP-UX. But i need
more...something really heavy like "I tried to install an OpenLDAP with
HP-UX and the system load with 2000 users rise to the sky...but the same
  number of users with OpenBSD had an incredible performance and never
pass from 10% of load"....or whatever...

>
> you CANNOT discount the value of having essentially direct access to the
> devs on these lists. the karma and assistance you receive as a result of
> making even small donations is considerable and, in my experience,
> better than any phone or tech support i've received from companies that
> support "enterprise" software. for a fraction of the cost of a support
> contract you can get direct access to the programmers and cut out the
> nimwits on the phone you have to wade through.
>

I agree with you...

> as jc said, the only situation i can imagine where you'd want to run
> something "enterprise" is in the case that you need a monolithic server.
> unless the hardware is wacky, i'd still be inclined to run an opensource
> OS on it for the support reasons cited above. not very familiar with
> LDAP configs here but i imagine there is a way to spread load between
> machines, making the monolithic solution pointless.
>
> thanks for the reminder to investigate LDAP more closely... =)
>

Thanks to you...


        Alvaro

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

fuzzyping
In reply to this post by Jacob Yocom-Piatt-2
On Aug 27, 2007, at 8:57 PM, Jacob Yocom-Piatt wrote:

> Alvaro Mantilla Gimenez wrote:
>> Travers Buda wrote:
>>
>>> *snip*
>>>
>>> Just tell him that OpenBSD in the stead of HP-UX will be cheaper,  
>>> faster to setup, and easier to maintain (because of your  
>>> experience with Open.) Both OpenBSD and HP-UX can do LDAP, yes,  
>>> but it's yourself that makes the difference here.
>>>
>>> Oh, and you have much more freedom in picking out your hardware  
>>> (back to the cheap tangent.)
>>>
>>> --
>>> Travers Buda
>>
>> It would be wonderful convince my boss with that argument....but  
>> the next question he will ask is: "What if....you die tomorrow??  
>> Who can maintain the system??...
>
> not sure, but i do think jason dixon is still offering support  
> contracts.... this is WAYYYY cheaper than anything you'll get  
> through HP on the support contract tip

You really don't want me for LDAP support contracts.  I'm sure there  
are plenty of other qualified consultants on the support.html page.  
Know your strengths, know your weaknesses.  ;)

---
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

J.C. Roberts
In reply to this post by Alvaro Mantilla Gimenez
On Monday 27 August 2007, Alvaro Mantilla Gimenez wrote:

> J.C. Roberts wrote:
> > The reasoning for HP-UX is brand name recognition, vendor support,
> > and of course job security -when something goes wrong, your boss
> > can blame the brand name vendor in hopes of saving his own ass.
>
> And this is, i think, the main point for my boss and his "not
> understanding" about the advantages of OpenBSD over HP-UX. But...i
> have hope yet...he does not "close the door" to the OpenBSD
> possibility. He wants probes...only i need to find a heavy argument.
> For example...the developers that port OpenBSD to HPPA and HP300
> platforms....maybe they have benchmarks between this machines running
> HP-UX and/or OpenBSD. It works better??
>

The hppa port is for 32bit. The hppa64 port will run more modern 64bit
parisc systems. With the correct hardware both hppa and hppa64 are
usable but you need to realize two things: (1) the ports are still
under development and (2) benchmarks lie.

The *ONLY* "benchmarks" that are applicable to your decisions are from
the tests that *YOU* run in *YOUR* environment.

Your boss should read up on LDAP and realize it was designed to scale by
supporting clustering, fail-over and fault tolerance... -In other words
it was built to run effectively on a bunch of lower cost commodity
machines, as well as on huge expensive beasts.

Unless you do a full case study with adequate testing in your
environment, there is absolutely no valid justification for spending a
ridiculous sum of money on huge massively multi-processor systems.

> > LDPA has similarities to both database servers and file servers, so
> > even though it's not an exact match, performance metrics for
> > database/flle servers may be relevant to LDAP. As always, *YOUR*
> > environment and requirements must be tested to get any truly
> > meaningful performance metrics. If you have truly insane load and
> > storage requirements, and an unlimited budget, spending a quarter
> > of a million dollars on a very high end, 16+ CPU, Itanium box
> > running HP-UX may be a better choice than OpenBSD. Then again, if
> > that's really the case, I would prefer to go with big Sun hardware
> > and Solaris under those circumstances.
>
> This is a good point too. Is it the performance of OpenBSD running on
> Sun computers equal to Solaris?? Personally...i think Solaris...sucks
> !! But there is no a technical opinion here...it is only i like the
> OpenBSD way to do the things. For me, Solaris is a like a big
> dinosaur.
>

In some of the BS comparisons you'll find, OpenBSD is often just
slightly slower due to it's memory/stack security and other security
measures which other operating systems lack. Since other operating
systems do not have these advanced security features, you can't really
call the comparisons fair.

In general the only truly fair test data you'll find is in the various
presentations made by Theo and other developers over the years which
compares OpenBSD to itself, with and without specific security features
enabled. It can give you a rough idea of the performance cost of the
various security features, but you need to realize different archs,
systems, and even processors can yield slightly different results for
such tests.

> > By comparison, the multiple processor support in OpenBSD is for
> > i386 and amd64, and how well it will scale in *YOUR* situation can
> > only be found through testing. Personally, I've never seen a 16+
> > CPU dmesg, but I'm not a project developer, and someone may very
> > well be using OpenBSD on such hardware.
>
> Anyone that wants share his experience with this type of hardware?
>
> > There are people from this list who deal with fairly large
> > LDAP/SASL installations on OpenBSD. Chris Paul (sentinare.com) and
> > Jason Dixon (dixongroup.net) come to mind but I'm sure there are
> > others.
>
> Do you have their emails?? Please, give my email to them if they
> decide to share some information with me. (I look the emails too,
> maybe are public...i don't want to bother anyone with unwanted
> email).
>

I already gave you their web sites and Jason has replied in this thread
suggesting you look at http://www.OpenBSD.org/support.html for
people/companies who specialize in OpenBSD LDAP installations.

> > The best business decision is the solution that gives you the
> > greatest reliability and security for your requirements with the
> > least amount of investment. OpenBSD has a very good chance of
> > coming out on top in the majority of fairly tested comparisons. The
> > corner case of insane loads and storage requirements is the one
> > *possible* exception but even then, it may be sufficient.
>
> Do you have urls of this fairly tests?
>

You missed the main point. You will never find urls to test results that
are truly applicable to your decision. Any "benchmarks" or "testing"
you might find on the web should be considered irrelevant since they
could easily be fake, or wrong, but more importantly, because THEY DO
NOT REFLECT RESULTS FOR YOUR ENVIRONMENT.

Your system environment, your hardware, your software, your network,
your users and every other factor in your situation will affect the
outcome of *YOUR* testing.

You can either do the needed testing yourself, or higher a contractor to
do the needed testing in your environment.  -If your boss is willing to
dump a quarter of a million dollars buying some massive HP boxes, then
spending a small amount of money to get proper testing done (either
your time or a contractors time) to support such a decision is
absolutely mandatory. Anything less would be pure stupidity.

If I was the CEO, and found out that your boss tossed a huge chunk of
money at a problem without doing proper testing and analysis, I'd fire
him immediately.

kind regards,
jcr

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Darren S.
In reply to this post by Alvaro Mantilla Gimenez
On 8/27/07, Alvaro Mantilla Gimenez <[hidden email]> wrote:

> Travers Buda wrote:
>
> > *snip*
> >
> > Just tell him that OpenBSD in the stead of HP-UX will be cheaper, faster to setup, and easier to maintain (because of your experience with Open.) Both OpenBSD and HP-UX can do LDAP, yes, but it's yourself that makes the difference here.
> >
> > Oh, and you have much more freedom in picking out your hardware (back to the cheap tangent.)
> >
> > --
> > Travers Buda
>
> It would be wonderful convince my boss with that argument....but the
> next question he will ask is: "What if....you die tomorrow?? Who can
> maintain the system??...

Easy. Let him know that any person who has a grasp of the written
language can easily pick a system up and administer it by reading the
available documentation.

I'm not kidding - this is an easy win. Docs are a strong point and an
unappreciated one. How hard is it to find good for commercial Unix
variants? It works out for me that even if you find the docs, it's
incredibly hard to find the specifics you're looking for in all the
fluff.

Between the excellent manual pages and online docs (e.g.
http://www.openbsd.org/faq/), coupled with the amassed years of other
users' experience and developer input found in the misc@ archives, it
is not difficult for anyone with some Unix familiarity to pick OpenBSD
up and run with it.

DS

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Marc Balmer-2
In reply to this post by Alvaro Mantilla Gimenez
Alvaro Mantilla Gimenez wrote:

>> We run an OpenLDAP installation on OpenBSD that is fully synchronized
>> on two servers (one master, one slave) for the public schools here.
>> ~15'000 accounts and all important systems (email, fileserver, even
>> the ~80 firewalls, login, etc.) pull their data from it.
>
> Can you send me a dmesg of this computers? I think it is a good start to
> know how big is the hardware that i need to support something like that
> with OpenBSD...

No dmesg at hand, but there are regular 19" servers (Fujitsu Siemens and
Dell in this case) with Xeon CPU, 2 GB RAM, U320 SCSI or SAS Raid with
fast (15K) disks.

>> It is in operation for several years now, not a single problem with it.
>>
> Which version of OpenLDAP are you running in this moment??

The one that is in ports.

- mb

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Nick Holland
In reply to this post by Alvaro Mantilla Gimenez
Alvaro Mantilla Gimenez wrote:

> Travers Buda wrote:
>
>> *snip*
>>
>> Just tell him that OpenBSD in the stead of HP-UX will be
>> cheaper, faster to setup, and easier to maintain (because
>> of your experience with Open.) Both OpenBSD and HP-UX can
>> do LDAP, yes, but it's yourself that makes the difference here.
>>
>> Oh, and you have much more freedom in picking out your hardware
>> (back to the cheap tangent.)
>>
>> --
>> Travers Buda
>
> It would be wonderful convince my boss with that argument....but the
> next question he will ask is: "What if....you die tomorrow?? Who can
> maintain the system??...

What if you go with HP/UX (or ANYTHING else) and you die tomorrow?

Answer is always the same: you have to have more than one capable
person on staff who knows the product.  It's not just about your
death, of course...you DO want to be able to take some time off
without having the phone stuck to your ear, right?

Cross training people on OpenBSD is much easier -- I bet you have
more OpenBSD-capable HW laying around than you do HP/UX capable
HW.  People can practice at home..and even put systems to use at
home.

Your resulting system will have to be documented.  People will
have to look at that documentation and verify its completeness.
It doesn't matter what OS and apps you run, you will have to
document HOW you implemented your systems.  Contrary to many
boss's expectation, they can't just pick up the phone and have
your replacement magically walk through the door and pick up
where you left off.  Using a commercial OS doesn't change this,
your IMPLEMENTATION must be documented.

Your real question is not the OS, but rather the applications
that you are running (LDAP in your case).  Your hypothetical
replacement will spend a lot more time learning your LDAP
application and implementation than they will the OS it is
running on.

Nick.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Joachim Schipper
In reply to this post by Alvaro Mantilla Gimenez
On Mon, Aug 27, 2007 at 07:07:58PM -0600, Alvaro Mantilla Gimenez wrote:

> Jacob Yocom-Piatt wrote:
>> tried to take a bit of a side adventure and get HP-UX going on a PA-RISC
>> machine and it's no walk in the park. for cost, support, compatibility and
>> simplicity reasons i've abandoned the project and decided to use other
>> OSes instead.
>
> How was your adventure?? Can you be more specific?? I know the cost
> part...obviously it is more cheaper run OpenBSD that HP-UX. But i need
> more...something really heavy like "I tried to install an OpenLDAP with
> HP-UX and the system load with 2000 users rise to the sky...but the same  
> number of users with OpenBSD had an incredible performance and never pass
> from 10% of load"....or whatever...

I wrote a huge mail, but essentially: `what Jacob said'.

I think that if you manage to convince the right people that a network
of smaller nodes has advantages (higher availability, better
scalability, lower `TCO' - whatever), OpenBSD - with low cost, good and
cheap support, and very competitive performance - becomes a very
attractive option.

On the other hand, if you really need a 16-core machine with 32 GB of
memory, installing OpenBSD gets you cool dmesg pr0n but not a really
useful configuration - OpenBSD doesn't perform too well on such beasts.
(Although I see Jacob's point in that you can still use OSS even if it's
not OpenBSD.)

I'd focus my research on this issue.

In the end, though, the goal should not be to use what you like best;
the goal should be to pick what is best for the business. (And OpenBSD
can be a very good fit, and picking something that is not too offensive
to the person maintaining it *is* good for the business; but still.)

                Joachim

P.S. One more issue: you *do* realize that getting OpenBSD to
authenticate against LDAP is not entirely trivial, right? This might be
a serious problem if the LDAP system is to handle network-wide logins...

--
TFMotD: dbmmanage (1) - create and update user authentication files in
DBM format

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Marc Balmer
Joachim Schipper wrote:

> P.S. One more issue: you *do* realize that getting OpenBSD to
> authenticate against LDAP is not entirely trivial, right? This might be
> a serious problem if the LDAP system is to handle network-wide logins...

OpenBSD can not authenticat against an LDAP server.  Well, stricly
speaking it can, but you have duplicate all accounts on OpenBSD.  So
realistically it can't.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSd or HP-UX?

Bryan Irvine
In reply to this post by J.C. Roberts
<snip>
> In general the only truly fair test data you'll find is in the various
> presentations made by Theo and other developers over the years which
> compares OpenBSD to itself, with and without specific security features
> enabled. It can give you a rough idea of the performance cost of the
> various security features, but you need to realize different archs,
> systems, and even processors can yield slightly different results for
> such tests.
<snip>

This sounds interesting.  Are there slides or a linky to this sort of thing?

--Bryan

12