Web admin

SpikeSource, a starry Redwood City, California, start-up providing Open Source software testing services, wants to embolden enterprises to use the Linux, Apache, MySQL, and PHP/Python/Perl (LAMP) stack (www.spikesource.com). Their goal is to certify the LAMP stack and the applications that use it. At the heart of its value proposition is an automated testing bed, which lets software vendors and Open Source projects upload their applications and verify that there are no conflicts with the stack.

SpikeSource provides these tools for free and offers tools to integrate and manage Open Source assets. SpikeSource tools such as Spike Asset Manager (SAM) have been open sourced and are on Sourceforge (http://sourceforge.net/projects/spike-asset-mgr/). These services and software are free but complement the company's for-profit offerings:

• Update Services - SpikeSource services include an update service (distribution and alerts) for a trusted source of software and screened updates for the SpikeSource core stack.
• Technical Support - SpikeSource offers technical support for its certified stack with guaranteed service levels (SLAs) and an incident-based support model that gives customers a number of support incidents with differing degrees of response each year based on the level they bought.
• ISV Certification - SpikeSource will certify applications built on its stack and offer alerting services to ISVs who rely on these "certified stacks" for their products to work. Qualified Open Source projects can benefit from certification at no cost.

When asked whether SpikeSource competes with enterprise Linux companies such as Red Hat and Novell, SpikeSource vice-president Nick Halsey said the company sees itself as complimenting those partner vendors. SpikeSource sees value in having Linux OS vendors and database provider MySQL AB as partners to provide a single point of contact for Open Source enterprise support. Besides interoperability, SpikeSource is trying to pull in partners that can help it mitigate other kinds of risk like the proverbial IP risk with the help of Black Duck Software (www.blackducksoftware.com). Overall its mission is to provide one-stop shopping for a complete LAMP solution.

The SpikeSource team boasts some high-profile management talent in CEO Kim Polese, who sold Marimba to BMC software in April 2004 for $239 million. Ms. Polese is not the only Silicon Valley heavy hitter on the team. There's SpikeSource founder and CTO Murugan Pal who was entrepreneur-in-residence at premier venture capital house Kleiner Perkins Caufield and Byers, SpikeSource's backer. And topping the list is SpikeSource's chairman, none other than former Oracle president, Ray Lane. The challenge for these folks is to take their historical success into the competitive Open Source space where software royalties are being replaced by service contracts as the main source of revenue.

SpikeSource made a lot of noise with its recent product announcement but it's been working for two years crafting its test bed for Open Source solutions that runs a reported 22,000 automated tests nightly. The start-up has also certified its Core Stacks with 63 Open Source components running on six platforms and six supported languages. There are already 109 queued packages that can be included in the stack including Computer Associates' once commercial, now Open Source Ingres database. Inquiries have been made about an Open Source stack for non-LAMP applications like embedded Linux but Halsey says the company wants to focus on its first stack before it moves into other areas.

Not only does SpikeSource support the LAMP stack but the same "AMP" combination running on Windows and Java on the same stack with Tomcat servlet container and a partnership with JBoss (www.jboss.com). Founder Murugan Pal hasn't entered this business model lightly and the SpikeSource team has done an incredible amount of research among CIOs. It found that many of them have in-house staff piecing together and testing these stacks on their own. These IT executives figure the 30% savings on IT procurement costs they get using Open Source is eaten away by increased support costs compared to commercial offerings. SpikeSource's theory is that automated testing and certification will reduce the labor costs incurred in implementing these solutions while giving customers a sense of security about deploying Open Source solutions.

Commitment to Making Quality Open Source
SpikeSource tests code coverage, load balancing, scalability, and security but its primary focus - and heaviest thrust of its tests - is on the interoperability between packages. After testing it will publish the test results on its Web site. If an error is found or a security risk arises, it will contact the vendor or Open Source project like it recently did with MySQL AB. It has open sourced a testing upload interface and reporting interface that feeds results to O'Reilly's CodeZoo (www.codezoo.com/). It's also hoping to drive reporting standards by making the Test Upload Interface (TUI) and the Test Results Publication Interface (TRPI) public.

Summary
SpikeSource has a unique approach in moving all the heavy lifting of certification to an automated process. It's also striving to aggregate the knowledge and educational resources in a freely accessible library (www.spikesource.com/sitemgr/resources.php). Ms. Polese says that the time for Open Source implementations has arrived because the applications are here and production-ready though, according to her, "What has changed is the need for interoperability and the ongoing version management for the stack that companies are now deploying in production networks."

It's also her opinion that vendor lock-in is one aspect of what's driving the adoption of Open Source. That leads to the next logical step, which is testing and vendor-neutral certifications that allows enterprise users to know what their options are and how well competing technologies might work in their infrastructure. Another observation is that Open Source often has a grassroots start in the enterprise because of its high availability and low acquisition costs. System administrators know they can quickly implement these products because they sidestep formal procedures like purchase orders and budgetary approvals. CIOs aren't opposed to this but they want some kind of structure around what software is coming into their company.