Microsoft buys GitHub

gitnew desktop

By far the dominant story from this week in the software development world involves Microsoft’s buyout of the source control giants, GitHub. In fact, we just talked about GitHub’s positive impact on the application engineering process in May’s news digest. Of course, this news spawned a lot of discussion and controversy within the developer community.

Let’s take a closer look at Microsoft’s purchase of GitHub with an eye on the reasons behind the acquisition as well as what it means for your app engineering shop. Is a new era in software development now upon us? Will it change how your team manages its source code?

The Details behind the Microsoft/GitHub Purchase

Microsoft buying GitHub isn’t just another example of Redmond crushing a competitor. Burning venture capital at a high rate over the past few years made GitHub a ripe target for acquisition. The giants in the industry, namely Amazon, Google, and Microsoft, all considered a purchase of the code-sharing organization.

According to an article in CNBC, GitHub preferred Microsoft due to the relationship between their founder, Chris Wanstrath, and Redmond CEO, Satya Nadella. Paying $7.5 billion meant MS paid nearly 25 times GitHub’s revenue, to use a stock analyst metric. Microsoft gains the benefit of a popular Cloud-based service for its Azure offering; part of its strategy to compete with Amazon AWS in the industry.

GitHub also pairs nicely with LinkedIn in the Redmond portfolio. It gives Microsoft access to a large number of software engineering and general technology professionals. The expectation is for GitHub to continue to operate in a largely independent fashion with the exception of a migration to Azure.   

Is this the End of the Open Source GitHub?

As we discussed last week, GitHub provides a great example of the positive influence of open source on the software development world. Back in the Steve Ballmer era, Microsoft earned a reputation as an enemy of open source software. “Linux is a cancer that attaches itself in an intellectual property sense to everything it touches,” said the MS CEO back in 2001.

Much of the gnashing and trashing in the developer community about a Microsoft-owned GitHub is a reflection of Redmond at the turn of the century. The Nadella-led company, on the other hand, is more of a champion of open source. The Visual Studio Code and .NET Core initiatives are examples of this new progressive attitude at Microsoft.

One of Nadella’s strategic goals involves fostering a developer-centric focus, or even emphasizing the one that already existed at Microsoft. GitHub fits perfectly with these plans. In fact, Microsoft closing its own competitor to the service – Codeplex – last year hinted at this week’s purchase. The added benefit of boosting Azure’s chances against AWS in the Cloud wars likely clinched their purchase decision.

Ultimately, when compared to Google or Amazon, Microsoft is arguably the better choice for GitHub. This especially rings true considering the company’s developer focus, as well as the embracing of open source under Satya Nadella. Nonetheless, every development shop currently using the source code service needs to consider whether staying makes sense for the long term.

Thanks for reading this edition of the Betica Blog. Stay tuned for additional dispatches from the never boring world of software development.

The Impact of Spectre and Meltdown on IT Operations

Screen Shot 2018-01-19 at 3.03.59 PM

 

Undoubtedly, the news about the Intel and AMD microprocessor flaws – targeted by exploits known as Meltdown and Spectre – reached your desk over the last few weeks. It is important for these chipmakers to fix the issue, lest those holes provide the means for cybercriminal activity. Unfortunately, some fixes hamper CPU performance, affecting users from the personal to the corporate.

Let’s take a closer look at this important problem that software engineers and their management need to consider. Its impact on the performance of their applications – both deployed and currently in development – is notable.

 

The CPU Fixes for Meltdown and Spectre

A recent article in TechRepublic analyzed some approaches to fix the CPU architecture flaws used by Meltdown and Spectre. Unfortunately, while offering a measure of protection to computers powered by these Intel and AMD chips, the performance hits are significant. Software patches or not; ultimately, a new chip design is what’s needed for the future.

One patch leverages a technique known as Kernel Page Table Isolation (KPTI). TechRepublic’s James Sanders notes early reports stating a 30 percent performance degradation due to the patch. He feels this number is exaggerated compared to real world usage scenarios.

The KPTI approach essentially separates the chip’s page tables for user-space and kernel-space. Naturally, this comes with a subsequent performance cost. Sanders feels the use of process-context identifiers (PCIDs) helps to mitigate the issue. The problem involves the lack of support for PCIDs in the most recent versions of Linux.

He mentions a few recent benchmarks analyzing server performance on Linux boxes with KPTI enabled. Some of these tests involved running PostgreSQL processes, which should be relevant to many of our readers.

 

Fixes for Intel Chip Flaws impact PostgreSQL Performance

 Developer, Andres Freund, ran a few Postgres processes on servers using KPTI without PCID enabled. His full set of benchmarks are available here. Notably the results showed a performance hit of anywhere from 7-17 percent to 16-23 percent depending on the workload of the individual process.

Sanders feels changing to a Linux kernel with PCID support helps to mitigate the degradation in performance. Still, this causes extra work for network administrators ultimately due to a mistake in chip architecture from the two leading manufacturers in the industry. This reflects poorly on both companies in a Cloud-based era where so many businesses of all sizes depend on good performance.

Other high throughput databases, like the in-memory NoSQL data store, Redis, display similar performance issues due to the patches for Meltdown and Spectre. They also get a subsequent boost in horsepower by using the Linux kernel with PCIDs enabled.

According to the article, these benchmark results don’t necessarily apply in other computing scenarios. Blender, the 3D graphics tool, and the venerable web server Apache don’t receive a performance boost from PCID. The performance impact of the KPTI patch was also smaller.

Other companies, notably Google, are taking steps to protect CPUs from the Meltdown and Spectre exploits without performance issues. Google’s Reptoline especially shows promise, but requires a full recompilation of the OS and all applications. Ultimately, make sure to research these other options to ensure your servers stay protected while maintaining the highest performance possible.

 

Stay tuned to the Betica Blog for additional news and insights from the software development world. Thanks for reading!