What Was Discussed At the Big LUG Meeting
January 25, 2017 Alex Woodie
About 100 representatives from the biggest IBM i shops in the world are at the IBM lab in Rochester, Minnesota, this week for the first of three meetings of the Large User Group (LUG) scheduled for 2017. Judging by the agenda for the week-long meeting, security and storage concerns will dominate the agenda.
The LUG is one of the most influential user groups in the IBM i community, if not one of the most secretive. The group is composed of about 100 of the biggest companies to use the IBM i server. Their exact names aren’t known, but you can likely guess many of them.
The LUG recently posted its agenda for this week’s meeting, which began Sunday night and runs all the way to Friday morning. Out of 41 sessions, 11 of them have to do with security (including auditing and compliance), while 10 others are on storage or the database.
The LUG was kind enough to make its co-chairs, Dutch and Sue, available to IT Jungle for a quick conversation this week. Due to the confidential nature of the LUG’s membership rolls, they were not authorized to share what companies they work for, nor their last names (lest LinkedIn and Google connect the dots for intrepid readers).
As Dutch explains, security has been the main topic of discussion for the past two or three winter meetings. The meeting scheduled for June is slated to cover systems management topics, while the September get-together will focus on application development and mobile devices, he says.
“We try to cover at least two topics per meeting,” Dutch says. “This meeting is on security, and on storage as well. We take the opportunity to let IBM tell us what they’re working on from a security standpoint, as well as for us to listen to speakers from different areas of IBM that can talk to what they’re doing and things we should be aware of from a security standpoint.”
Among the security topics that will be covered are hacker Bart Kulach’s infamous 2015 DEF CON session, “Hack the Legacy,” where he purported to share information on how to compromise the IBM i server’s legendary security protections (claims that were refuted by IBM i security expert Carol Woodbury). That LUG session will take place today, and will be led by Westley P Mcduffie, a regular speaker at LUG meetings.
“We often have Wes come in and speak with us,” Sue says. “This is more of an education about what’s going on, what might have occurred in the industry. It’s not necessarily specific to IBM i. We all run various types of environments in our organizations, and so Wes is typically always on our [winter] agenda.”
Security is shaping up to be a major topic of focus for IBM i professionals in the New Year, perhaps driven in part by high-profile hacks of political groups during the 2016 presidential election campaign, as well as attempted hacks of the election itself by hackers tied to the Russian government.
The security discussions at the LUG meeting will be a mix of high-level security awareness as well as the nuts and bolts of IBM i configuration settings. “It’s a chance to make sure that the system itself is very secure, and to make sure you know how you should have those settings to be secure,” Dutch says. “It’s a chance to review that, and a chance to let IBM talk about any enhancements with the technology refreshes, for changes that have been made.”
What won’t be talked about are specific security vulnerabilities or patches, which is more of a “break-fix” topic that’s dealt with separately, Dutch says. “It’s more of a level set, and of a ‘Here’s the state of the industry right now,'” he says.
Interestingly, the topic of vulnerabilities in open source software–such as the flaws in OpenSSL libraries that spawned the “Heartbleed” vulnerability in 2014, or holes in any number of other open source libraries found in the IBM i stack–won’t be a primary area of discussion at the LUG. That hasn’t been a major area of concern, Sue says.
The storage options on IBM i seem to be evolving as fast as security topics, to the point where spinning disks will no longer be offered on Power Systems servers, that it will be all flash and tape (a prediction that an IBM executive made to IT Jungle last year, and which the LUG confirms has been communicated by IBM to them too).
“We keep tabs on the members through self-reporting about who’s using internal disk, who’s using external, what their plans are,” Dutch says. “As we’ve tracked that over the last several years, we’ve seen more and more of our membership on external storage, and there’s fewer and fewer of them saying they don’t plan” to move to external disk.
This being a LUG meeting, the DS8000 Power-based array will be a frequent topic of discussion, as well VIOS, the AIX-based Virtual I/O Server that IBM i shops of all sizes are learning to love (albeit some more slowly than others).
LUG members’ IBM i environments are, by definition, large. It’s not uncommon to see a 50 TB to 100 TB database running in a LUG shop. Ensuring the availability of such a big production DB2 for i database during a high availability roll swap is no trivial matter. Picture the computer glitch that grounded United Airlines flights for two-and-a-half hours on Sunday–that’s the sort of situation LUG shops desperately want to avoid.
But it’s not just the size of your IBM i that matters. “It’s not just how many processors you have or how many machines you have, but also the complexity of the environment you’re running,” Dutch says. “When we look at people who are applying to LUG, we look at the complexity of the environment. If they’re not doing anything complex, even though they may have large number of machines, that doesn’t mean they’re a good fit for LUG.”
LUG membership does bring its privileges. At the top of the list is hearing from the IBM Rochester development team what sort of stuff they have planned for the next few releases of the OS, as well as new hardware features in the Power Systems iron (all under strict non-disclosure agreements [NDAs], to the chagrin of the free IBM i press).
IBM also uses the LUG as a sounding board for new ideas, and the LUG in turn has a direct line to communicate the technological concerns of its members to IBM, and to submit technical requirements that often go right to the top of the list. Having this kind of impact is exciting, especially for IT professionals who have devoted a big chunk of their careers to this unique computing platform called IBM i.
“The nice thing about LUG is we provide immediate feedback to IBM as to whether or not we think they’re going down the right path,” Dutch says. “We’ve had several instances in the past where IBM has said this is the direction we’re going to go, and the LUG has said, we don’t think that’s a good idea, and IBM has changed direction.”
Does that happen often? “Probably not,” Sue says. “It’s an opportunity for IBM’s largest IBM i customers to share with IBM, and for IBM to share with their largest customers. And it is absolutely a give and take environment, and it’s a great partnership that we enjoy with IBM.”
If you’re thinking about joining the LUG, there’s good news: The organizations is accepting new members. There’s a small amount of churn among the LUG membership, with several members leaving and joining every year. You can inquire about the application process at the LUG website, http://www.the-lug.com.
Even if you’re not LUG material, don’t fret: the LUG is looking out for your more modest IBM i needs, too. “What we found is the things that the large IBM i instances face are things that everybody is going to face,” Dutch says. “It’s just that the large shops are going to face them sooner.”
RELATED STORIES
Imagine There’s No Spinning Disk (It’s Easy If You Try)
Security? How is the discussion of lack of cipher availability for IBM i 7.1 going? I’d just as soon IBM announce an End Of Support date for 7.1.