Trying to clarify the Sun Ray difference

Trying to clarify the Sun Ray difference

Summary: You can be in the middle of faking up your 10-K report when someone blows up your Sun Ray - and exactly nothing will happen to your application - you just scrape the glass and plastic residues off your face, plug in a replacement Sun Ray, and continue typing.

SHARE:
TOPICS: Oracle, Hardware, Servers
20

Frequent contributor Erik Engbrecht had this to say last week in response to my comment that the Sun Ray does no processing and isn't, therefore, a client-server client: thin, fat, or otherwise:

Smart, Thick, Thin, Display

It's all word games. Depending on how you define "processing," there is processing going on. It still has to render graphics, translate keyboard and mouse events, etc. A SunRay is just a compacted Sun workstation of yesteryear without a harddrive and special firmware designed to work solely as an X-Windows server.

The problem is the attempt to make "smart displays" seem more fundamentally different from other similar solutions just muddies the waters. People like me groan because yet another term has been introduced that means almost the same as other terms that will need to be explained to the higher-ups. The higher-ups get confused and either latch onto it or, more likely, have their eyes glaze over.

Anyway, enough with our industry's incredible ability to make sure words are completely meaningless...

The problem with Sun Ray and other similar solutions is that they are really a local optimum based on today's technology and practices for a relatively narrow range of priorities. Change the priorities and the solution is no longer optimum. Introduce distributed computing techniques with the same low administrative overhead and they lose out entirely.

It's hard to argue with that last paragraph, but the other stuff contains errors of both fact and interpretation - and because his comments are often extremely perceptive I thought it reasonable to assume that both issues affect a lot of other people too.

First the issue of fact: the Sun Ray is not an X-terminal. In fact I don't know of anyone who makes a decent X-terminal anymore, and that's too bad because the NCD approach implemented the real network computing model and was, I thought, optimal for a wide range of business desktop needs.

What makes the Sun Ray different is that it interfaces a remote user to an application, including graphics display, running on a server. That's all it does: if you take your PC, put the CPU, graphics controller, and memory on a card accessing a SAN in the data center, and connect your USB keyboard, mouse, and monitor to it via the network then you've got the guts of a PC style Sun Ray.

The PC thing is, of course, a worst of all worlds option because it puts whole rackmounts of PC cards under IT's direct control, needs virtualization to minimise hardware while maximising user wait, and is resolutely a collection of single users wired together via the network - think of it as the most complicated and expensive known way of achieving data processing's goals for the 1960s IBM VM/CMS product set with the Windows GUI replacing CMS, and you've got it:

Sun Ray, in contrast, allows users to share resources and information independently of IT - because it inherently combines extreme simplicity with the true multi-user nature of the Unix backend.

Its advantages therefore include:

(1) portability: the classic illustration is someone who's typing up overheads for a talk, looks at his watch, stops in the middle of entering a bullet point, walks to the lecture hall, and continues that sentence on the Sun Ray there while waiting for the seats to fill.

As servers got bigger and more distributed this has meant that you can now use your personal computing environment from the office, from home, and from other people's offices without having to carry anything beyond some sign-on information (optionally on a smart card used in a two part identification system).

(2) reliability: once you've got your software running on at least two physically separated servers, Sun Rays become virtually unstoppable. Hardware will, of course, always fail unexpectedly; but such a system has enough redundancy to make failure a non issue for users - and failures are in any case less likely because networks are simpler and there are fewer components, including people, overall.

The Sun Ray itself is, of course, a 100% interchangeable device: if the one you're using fails, your work is completely unaffected - just get another one and continue.

(3) flexibility: a Sun Ray connected to one network can open windows to another - it's possible, for example, to access Windows Terminal Services sessions running on Windows servers. As a result there's virtually no software you can't use - it's not licensible, but people have made MacOS X work on Sun Rays accessing X-serves.

(4) security: if you don't use x86 servers than both Linux and Solaris Sun Ray servers are essentially immune from most of the common attacks. You are still vulnerable to intelligently directed, particularly socially engineered, attacks, but the vast majority of the daily threats affecting the desktop PC are simply irrelevant.

(5) processing power: the desktop machine paradigm is limited in what it can deliver first by server and network bandwidth, and then by local processing capabilities. Thus when 500 people return from lunch and check their email, the system stalls waiting on the machine handling Exchange Server, and when a user hits a big compile, turnaround time is generally limited by memory and disk or network I/O on the desktop machine.

In contrast the Sun Ray user has full access to much bigger instantaneous resources - 500 email users hitting a pair of T2000s at very nearly the same time have essentially no effect on anyone's response time, and a big compile will get an order of magnitude more resources than are available on the desktop.

(6) cost: if you compare the total set-up costs for PC client-server versus Sun Ray systems with comparable screens, software, and disk you usually get near parity. Compare operating costs, however, and the Sun Ray side can dispense with the entire PC babysitting (helpdesk, software maintenance, security, evergreen policies, license management, rack operations, HVAC upgrades) infrastructure while using significantly less space, power, and admin time at the server end.

(7) user freedom: if you do things right (and most people don't) you can use the simplicity of the Sun Ray set-up to relax most of the systems management rules we've all become used to. In particular you can have your sysadmins interact directly with users and thereby pass day to day tactical IT control to user communities - trusting your sysadmins to directly customise systems operations to fit user needs.

That difference comes down to this: with either Wintel or data processing technologies you spend most of your time as an IT manager finding acceptable ways to say "No" to users. With Sun Ray you do the opposite: you work at finding ways to say "Yes" -largely because there's very little risk in any of the things business users tend to want. Thus stuff they usually to ask for - like trying out some new software, creating sandbox copies of major databases, prototyping new applications for existing or modified databases, or recovering files from previous OS/Application generations- that would rightly cause heart palpitations in traditional environments pose no threat in the Unix/Sun Ray world and can therefore be freely negotiated between sysadmins and users without management involvement.

Notice in all this that the big practical differences between the Sun Ray and PC all evolve from the simplicity of the device in combination with the inherently multi-user nature of Unix. In contrast the differences between the Sun Ray and X-terminal arise because the X-terminal handles graphics computation and network routing -making it more bandwidth efficient, but marginally less secure.

The perceptional difference is, however, more important and consists essentially of this fact: the Sun Ray does no application processing and is therefore no more a client than are the screen and keyboard on a PC - it is purely and only an interface between a user and a set of application resources. Thus you can be in the middle of faking up your 10-K report when someone blows up your Sun Ray - and exactly nothing will happen to your application -you just scrape the glass and plastic residues off your face, plug in a replacement Sun Ray, and continue.

Topics: Oracle, Hardware, Servers

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

20 comments
Log in or register to join the discussion
  • My response...

    http://erikengbrecht.blogspot.com/2007/07/sun-ray-thin-clients.html
    Erik Engbrecht
    • Please post that response here

      So I can reasonably respond to your (ahem, cough) egregious mistakes..
      murph_z
    • Response in brief

      1) your "killer argument" is that Sun Rays don't run Windows software and are therefore useless for most purposes. That's wrong: if you need Windows software, Sun Ray delivers.

      2) on cost you say that the hardware costs about the same - therefore costs don't change. That's wrong: nine out of ten wintel dollars get spent after the capital purchase. With Sun Ray those dollars don't get spent.

      3) you suggest running some applications (like a browser) locally or using diskless workstations in place of Sun Ray. Both have been tried repeatedly - starting with Sun's ELC series in the late 80s-, both fail: too complex to administer (almost as bad as client-server!).

      4) you maintain the twin fictions that most people can continue to work during network failures and that network failures are common enough to be worried about. In PC networks that's true - but:
      a) the things that fail (NICs, switches) and the actions that cause failure (network admins, users plugging in things they shouldn't) are omited from effective Unix networks. I.e. the things that cause most of the failures aren't there; and,

      b) most corporate networks now include the use of license sharing - download your Word license when you need it. Since most PCs are used for some form of data entry or retrieval, most people don't need it most of the time and this appraoch saves lots of cash. Except that if the network dies, so does usability for the data functions - and for the licensible stand alone functions

      This is one reason, by the way, for the popularity of laptops as desktop replacements: the laptop's intended use disconnected from the network leads to IT policies favoring putting licenses on the machines. As a result I now know of a large business which does this, while enforcing a (data security) policy under which no laptop leaves the building. The whole thing is a classic case of the user settling for less, at a total higher cost, just to assert an imagined "mine-ness" over a corportae resource - the desktop machine.

      6) and you should go and update yourself on Sun Ray - the impression you have from the ones you saw many years ago is obsolete - the machines still work; it's what you can do with them that's changed.
      murph_z
      • Good response.

        Having recently used Sun Rays, the first point regarding what can be run on it (as it is just a display device), you can run Windows applications on remote hosts (presumably on the back end of the network infrastructure) via rdesktop or similar thin client software that emulates the Windows thin client software (yet, there is thin client software on Windows, too). Just as you can remotely log into several hosts from the Sun Ray server that one logs into to get their display, you can use the same host (if the software is installed) to remotely access Windows or any Unix (or Unix like) host.

        3) There is no need for local software on a Sun Ray device, so the browser has no place on it. It belongs on the host that is serving the display (the machine with the Sun Ray software, maybe an LDAP server).

        His issue regarding laptops v. Sun Ray clients is interesting, though. If you have sensitive information (lets say medical data, as with the US VA medical records fiasco last year), if the data is on a laptop and gets lost or stolen, there is heavy liability. Remotely accessing the data stored on a server via a remote desktop (or a Sun Ray) is a safer solution, presuming remote access is done over an encrypted channel (VPN).

        Laptops are handy when you are going on a business trip, but there is the data issue (how valuable is the data stored on said laptop). Laptop theft happens all the time, it is not something that can be predicted. Data access from a laptop is not that hard either, remove drive from the laptop, place it in an inexpensive USB based drive case and grab the data while bypassing Windows security (may be slightly harder with a UFS or ext3 file system, if the laptop is running Linux, BSD or OpenSolaris).
        B.O.F.H.
      • Killer argument

        "1) your "killer argument" is that Sun Rays don't run Windows software and are therefore useless for most purposes. That's wrong: if you need Windows software, Sun Ray delivers."

        I didn't see that as my killer argument, because in a way I was counter-proposing a distributed Unix model - which would also be equally damaged by an infection of Windows. Unless you're saying that Sun has a secure version of Windows that doesn't require an x86 processor to be performant. Otherwise you have to have Windows on x86 on something somewhere....

        "2) on cost you say that the hardware costs about the same - therefore costs don't change. That's wrong: nine out of ten wintel dollars get spent after the capital purchase. With Sun Ray those dollars don't get spent."

        Except I wasn't proposing Wintel. What I envisioned was adding a couple gigs of RAM to a SunRay, plus a light version of Solaris (or other *nix) on flash, and so that it could do local processing when appropriate.

        "3) you suggest running some applications (like a browser) locally or using diskless workstations in place of Sun Ray. Both have been tried repeatedly - starting with Sun's ELC series in the late 80s-, both fail: too complex to administer (almost as bad as client-server!)."

        Neither you nor the guy a talked to at Sun could explain why it failed and was more complex to administer, only that it didn't seem to work. What that really tells me is that Sun Ray may not scale to very large numbers, because if you design the system right administering 100 servers or 10,000 workstations won't be that different.

        "a) the things that fail (NICs, switches) and the actions that cause failure (network admins, users plugging in things they shouldn't) are omited from effective Unix networks. I.e. the things that cause most of the failures aren't there; and,"

        Sun Ray's have embedded NICs, so how do they go way? They still have a port on the back for someone to screw up. Where do the switches go? Maybe you need to show the network topology for a Sun Ray network, but I can't see how they go away.

        "b) most corporate networks now include the use of license sharing - download your Word license when you need it. Since most PCs are used for some form of data entry or retrieval, most people don't need it most of the time and this appraoch saves lots of cash. Except that if the network dies, so does usability for the data functions - and for the licensible stand alone functions"

        My impression is that licenses for common applications like Word are typically local because everyone uses them. Network based licenses are generally checked-in and checked-out, so losing connectivity to the license server prevents new users from launching the application, and current ones from returning their license. It does not preclude use during the disconnected period.

        "6) and you should go and update yourself on Sun Ray - the impression you have from the ones you saw many years ago is obsolete - the machines still work; it's what you can do with them that's changed. "

        I think you completely missed the point of my response. I never once challenged what could be done with Sun Rays, I merely stated that the centralized computing paradigm they impose is suboptimal.
        Erik Engbrecht
        • part of one answer

          The reason doing some processing on the client gets complicated is that this commits you to having a functional OS on the client - and that vitiates the system's security advantages bnecause you have to continually update and manage it.

          People do this now because the cheapest way to achieve is simply to run Linux on a PC and run X to access remote resources - sadly that's really not structurally different from what MS does and inherits the same problems.

          With NCD/X or Sun ray no application code runs on the client - none, zero: there's nothing to maintain, nothing to break - a ten year old desktop will work as well as brand new one, showing the same software: updated in one place - the server (or network of distributed servers.)
          murph_z
          • But there is something to break, just less of it

            There's still an embedded microkernel. That's less likely to fail, and a much more difficult attack vector, but it still may fail and still may be attacked.

            In my model all the software still has it's permanent home on the server, so you actually need less permanent local software. Just enough firmware to get the boot sequence started. Additional software can be cached in order to improve disconnected operation, but that's not essential.

            So it is structurally different because all permanent resources are all centralized, it just happens that some of them temporarily float out into the cloud to be closer to where they are being used. From an administrative perspective everything is just as centralized as with Sun Rays. Only processing and transient state are being distributed.

            The key is permanent state, not transient state and computation. It is impossible to eliminate transient state and computation, so you might as well leverage its existence to make the architecture more robust.

            I'll admit that to my knowledge no one has implemented a well engineered solution similar to what I'm describing. I think you need a company that does hardware and software in order to do it. The problem is startups would just use stripped-down PCs running Linux (introducing the attack vectors associated with the x86 architecture, and probably crappy quality from cut-rate Chinese manufacturers), and companies like Sun have too much a stake in selling big servers for a solution that doesn't involve big servers to pass middle management.
            Erik Engbrecht
          • How much does run on the Sun Ray?

            There is a processor and a video card, so it has the capability to do something. Sun says that no application state is on the Sun Ray, and no application processing. But what about display processing, like anti-aliasing? Other processing?

            If the Sun Ray does process locally, where does the software come from? Is it in the firmware or is if downloaded from the server?

            I bet you'll find that the Sun Ray is doing more than you think.
            Erik Engbrecht
    • Don't be contrite.

      Quoting:

      The real debate is: "Where should processing take place?"

      I'll give you a contrite answer - as close to the data as possible. Any computation involves a set of inputs and a set of outputs. It makes no sense to shuttle a million database rows from a database server to an application server or client machine in order to sum up a couple fields. It makes much more sense to do it where the data is, and then ship the result over the network. Likewise, if you have a few kilobytes of input data and several megabytes/gigabytes of results, it makes sense to do the computation wherever the results are going to be needed.



      Nothing to be sorry for. You're right.
      Anton Philidor
      • Stop the presses! Call Balmer! Anton supports Unix!!!!

        By saying that Erik's pro Sun Ray argument is correct -which it is.
        murph_z
        • Yearning.

          Remember when Windows was considered a toy operating system?

          Unix experts would prove to each other that the software was ineffective, chaotically engineered, and so would never be used where real software was needed.

          And, to clinch the argument, they were in charge of data processing, and they would not accept it.

          And so Windows was stillborn in the enterprise, while IT remains under the control of those who know it best.

          Or not.

          A main problem for opponents, somehow Windows managed to supply what was required of it.

          There were certain functions, certain ways of operating which only Unix could provide. Name the function and you've proven the need for Unix. Ipso facto.

          So, to say that processing should occur with the data implies only one possible solution, the Unix way. Many locations are achieving the same result with Windows. That's a fact.

          No facts please, we're Unix. We won. We always win.

          Sigh.
          Anton Philidor
          • Ternary Thinking

            Murph's issue seems to be that he believes there are only three ways to do computing:
            (1) Centralized computing with thin clients
            (2) Localized computing using Wintel
            (3) Centralized data processing using mainframes

            Everything must fit into one of those buckets.
            Erik Engbrecht
          • Tertiary-rate thinking, yes.

            I think Sun has been able to reduce real-estate expenses by use of a hot-desk model in which no one should be seen at the same place twice. Probably reminds employees of layoff instability.

            Murph appears to be generalizing this type of rootless ( ;-) ) connection. That's possible if one emphasizes provision of services, rather than receipt of services.

            Looking at a system now starts with the users, a change from the days when users were permitted only a small window to the place where IT worked, and had to deal with an IT version of the Soup Nazi to receive reports on schedule.

            The user expects a stable environment and control. That's easier and more reassuring if the processing power is on his desk, with delivery systems through servers.

            I was surprised at how thoroughly and quickly Windows servers were accepted. The products went from little use to dominating their markets and providing almost as large a share of profits as Office. And that did not occur only because of intra-Microsoft performance enhancements.

            Design models these days make Mr. Murphy appear very old-fashioned. Not that old-fashioned approaches don't thrive - COBOL is still, after all, the most run business software - but he hasn't too much to say about major shifts in the software/hardware markets.

            I'm ascribing that to Microsoft snobbery, thinking Windows an infection rather than the basis for modern computing. Agreed?
            Anton Philidor
          • Uhhh....

            "I'm ascribing that to Microsoft snobbery, thinking Windows an infection rather than the basis for modern computing."

            I think Windows more resembles an addiction than an infection. The junky receives very tangible, immediate benefits when he takes drugs, but at the same time he is rotting on the inside.

            The only way Windows is the future of modern computing is if MS completely re-engineers it so that it internally shares little in common with what we currently call Windows, and doesn't exhibit some of the more negative external traits.

            MS, of course, has more than enough cash to realize this vision, or chase it as a pipe dream while Sun spends their last dollar releasing the solution as open source.

            Maybe MS should contract Sun to build them an OS.
            Erik Engbrecht
        • Um, no

          The "processing" can be done near the data using a RDBMS running on any platform.

          Of course the users and developers shouldn't be doing any "processing"; only assignment and inference, the RDBMS does all the processing.

          What operating system the RDBMS is running on is almost totally irrelevant.

          The Sun Ray sounds very like the kind of "smart-dumb" terminals that the old minicomputer operating systems I was familiar with back in the 80s and 90s had. Nothing wrong with that of course, and nothing wrong with distributing processing - provided of course it is all done under the control the central server. The only way a program or data can get to the terminal is from the server - and appropriate microcode is downloaded at login.

          Of course the programs that run on the terminal are largely generic ones for handling user input and doing some rudimentary type checking (the terminal prevents you entering letters in a numeric field for example).
          jorwell
  • One item I haven't seen...

    ...discussed is how to handle systems that control instruments or other equipment.

    Approximately 1/2 of our systems are connected to some sort of instrument, using a secondary NIC, a serial port, or in some cases a specialized interface card installed into the system.

    Within that group there are systems that are in isolated areas where network connectivity is not a realistic option, so the data has to be gathered and stored locally, and retrieved via a USB drive or some other method.

    Data must also frequently be stored locally on the systems that are networked because the instrument generates data quickly enough that the network can't keep up. Once the data is gathered, it is copied en masse to a network share for analysis.

    I'd be interested to hear if SunRays can be used for systems in that sort of environment, and if not, I wonder if the cost of implementing them for half of the organization, while maintaining a system to support the data gathering, erodes the savings a SunRay system might provide.
    brble
    • Some rough answers

      1) I have used a device from lantronix -see

      http://www.lantronix.com/products/ to connect a wide variety of odd devices to standard networks for control and communications. In all cases with Unix, but the devices are software independent.


      2) buffering remotely collected data for storage or processing is a common practice and has no bearing that I know of on the Sun Ray for users issue. If you need local resources, you need local resources and nothing's going to change that - except a really fast network, in which case you don't need local... etc etc

      3) The need to have non sun ray devices has no impact on the value of using Sun rays where you need desktops - unless the business is so small that the overheads for setting up and running the Sun ray server aren't justified. YOu would not, for example, sensibly use a Sun ray with a home Linux machine if you were the only user...
      murph_z
      • Thanks!

        I'm not sure the solutions provided address all of the concerns I see with SunRays in my environment, but I do appreciate the info. The lantronix stuff looks pretty interesting - I'll have to look into that further for a variety of uses.
        brble
      • Where Wintel crept in?

        Why did MS even get a look in?

        Perhaps it was because there were a lot of individuals using Windows, then there were small networks (Novel, then Windows 3.11) for expanding businesses (not ready cash or time wise to replace it all). There were a whole lot of people who were used to Windows and MS started providing more network infrastruct to make expanding a Windows network into the enterprise easier.

        It was an organic, cultural evolution. All the Unix solutions proposed on this thread totally ignore the history and pretend that a company big enough to use their topology is starting from scratch.

        Yes, it may be cheaper, but a company wanting it would have to have a very sizable outlay NOW (equipment and personnel) and train everybody while running the old and the new side by side.

        Is it any wonder that most businesses will choose to incrementally replace old equipment within their current admittedly inefficient, but wholly less disruptive, topology?

        Why do people keep trying to propose solutions that totally ignore the obvious situation most businesses are in. Only those really wanting to spend their excess profits (above those given to their execs) would want to replace their IT in one swoop. How many are in the position to implement this 'ideal topology'?

        Really, this make the 'lets drop IE just because it's not standards compliant' debate seem trivial.

        A much more practical path would be to detail how businesses could start to adopt some of that thinking in minimally disruptive ways. Be where businesses are, not where you think they ought to be! MS has shown itself able to do so many times. Perhaps that is why they have been successful when many have had the so-called 'perfect' solutions but fail to achieve that promise.
        Patanjali
  • From a whitepaper on Sun's website

    "In contrast, although Sun Ray thin clients provide users with seamless access to all the applications and utilities they normally use on their workstations or PCs, [b]all actual computing is performed on remote servers[/b]. The physical desktop unit ? consisting of client, monitor, keyboard, mouse, and a built-in smart card reader ? needs only [b]enough memory and computing power to recognize keystrokes and mouse events and to display pixel data received from the server[/b]. [b]No computing is performed locally[/b], so the Sun Ray desktop unit (DTU) needs no local operating system, no hard drive, and no cooling fan. As a consequence, it seldom needs to be replaced."

    http://www.sun.com/sunray/whitepapers/wp_sun_ray_overview.pdf

    page 3

    emphasis mine

    Let me paraphrase:
    No computing is performed on the client.
    Well, some, but only a little.
    No computing is performed on the client.

    I think I smell marketing. No self-respecting engineer could have written that.

    Which is where the confusion comes from. If there was something like this:

    "The Sun Ray client processes the following locally:
    (1) Translating keyboard, mouse, smartcard, and USB I/O into a network stream to the server.
    (2) Translating a video stream sent with loss-less compression (or is it vector graphics? Sun's docs said "pixels" but vectors seem a lot more likely...) into information for the GPU to display
    (3) Encryption of the above network traffic, using special-purpose hardware.

    The above software is embedded in the Sun Ray's firmware, along with VxWorks (or stripped down Solaris or Linux) for a MIPS system-on-a-chip."

    But that just doesn't have the same ring to it. So I know someone is pulling me leg, I just don't know how much. The tech specs put a lot power in the thin client. It's more like a PDA or Smartphone. So until someone gives me a logically consistent technical description of a Sun Ray, I will refuse to believe that Sun Engineers are wasteful enough to put that much computing power in something that does next to no computation.

    As usual, blame marketing.
    Erik Engbrecht