We only open our wallets when the price is dirt cheap.

<<< We only open our wallets when the price is dirt cheap. >>>

It turns out that current out-of-pocket costs determined all of the
recent decisions made by employer. No consideration was given to other
metrics like TCO (Total Cost of Ownership). That is how we ended up
moving a mission-critical VAX/VMS application from “a dual host
VAX-4300 cluster with 20 spindles on four DSSI busses” to “a platform
consisting of two DL380 chassis and one full MSA chassis” even though
we still have the source code.

The new OS is Windows Server 2003 and VAX emulation is done with
CHARON. The whole thing works so you cannot blame MS, or HP, or the
CHARON product, but only time will tell if this PC solution will
outlast the VAX it replaced. My employer is responsible for three
fubars, which I will pass on to you now.

1) Even though we are using controller based RAID, someone requested
that system disk shadowing be "host based". OK, this should not be a
big deal except one of the installers was doing a VMS shutdown at the
same time another installer manually stopped the service (did I
mention that a fully configured CHARON environment runs as an NT
service?). This resulted in a corrupt system disk, which meant that we
received a stack dump whenever the shadow driver loaded at the next
boot. This could only be fixed by a conversational boot (on whichever
disk was good) then remounting the mate disk to it. Ouch!

(back in the day we saw real time events like AC-low and DC-low which
would warn the processor to prepare for a catastophe; its kind of hard
to emulate that level of detail when the emulator is stopped by
someone without enough caffeine :-)

2) Whenever our Windows people hear about a new system, they need to
get involved too. So even though this is not a real Windows
application, they decided to configure all the windows domain stuff.
Now any corporate idiot browsing the windows domain can see this box
and attempt to connect with it (hopefully network-based authentication
and privs work properly). The first time our application went off-line
seemed to coincide with something in the Windows event log with a
message similar to “arbitrating for Windows domain mastership” or some
such nonsense.

(One NIC belongs to Windows whilst the other two belong to VMS; Others
have told me that smart CHARON users unplug the Windows NIC and only
reconnect it when Windows maintenance is required. Not so with my
employer)

3) This is a Windows box on our corporate intranet so someone decided
to install McAfee anti-virus protection. The CHARON installation group
warned everyone to restrict McAfee to only monitoring the “C”
partition. Two days later, another nosy Windows expert noticed that
McAfee was misconfigured and so decided to help us poor sods. That is
when McAfee noticed some software mysteriously writing directly to the
“D” partition, assumed it was a virus then shut it down. Did I mention
that CHARON runs out of the “D” partition? That virus was CHARON.
Ouch!

Neil Rieck
Kitchener/Waterloo/Cambridge,
Ontario, Canada.
[url]http://www3.sympatico.ca/n.rieck/[/url]

I assume your point is that people are stupid. None of this sounds like a
VMS, CHARON, or Windows problem. It sounds more like non-existent
configuration management on even less communications.

Mike Ober.

"Neil Rieck" <n.rieck@sympatico.ca> wrote in message
news:9d3d0a4f-04f1-4e39-b969-eacae1ce5af5@m45g2000hsb.googlegroups.com...
<<< We only open our wallets when the price is dirt cheap. >>>

It turns out that current out-of-pocket costs determined all of the
recent decisions made by employer. No consideration was given to other
metrics like TCO (Total Cost of Ownership). That is how we ended up
moving a mission-critical VAX/VMS application from “a dual host
VAX-4300 cluster with 20 spindles on four DSSI busses” to “a platform
consisting of two DL380 chassis and one full MSA chassis” even though
we still have the source code.

The new OS is Windows Server 2003 and VAX emulation is done with
CHARON. The whole thing works so you cannot blame MS, or HP, or the
CHARON product, but only time will tell if this PC solution will
outlast the VAX it replaced. My employer is responsible for three
fubars, which I will pass on to you now.

1) Even though we are using controller based RAID, someone requested
that system disk shadowing be "host based". OK, this should not be a
big deal except one of the installers was doing a VMS shutdown at the
same time another installer manually stopped the service (did I
mention that a fully configured CHARON environment runs as an NT
service?). This resulted in a corrupt system disk, which meant that we
received a stack dump whenever the shadow driver loaded at the next
boot. This could only be fixed by a conversational boot (on whichever
disk was good) then remounting the mate disk to it. Ouch!

(back in the day we saw real time events like AC-low and DC-low which
would warn the processor to prepare for a catastophe; its kind of hard
to emulate that level of detail when the emulator is stopped by
someone without enough caffeine :-)

2) Whenever our Windows people hear about a new system, they need to
get involved too. So even though this is not a real Windows
application, they decided to configure all the windows domain stuff.
Now any corporate idiot browsing the windows domain can see this box
and attempt to connect with it (hopefully network-based authentication
and privs work properly). The first time our application went off-line
seemed to coincide with something in the Windows event log with a
message similar to “arbitrating for Windows domain mastership” or some
such nonsense.

(One NIC belongs to Windows whilst the other two belong to VMS; Others
have told me that smart CHARON users unplug the Windows NIC and only
reconnect it when Windows maintenance is required. Not so with my
employer)

3) This is a Windows box on our corporate intranet so someone decided
to install McAfee anti-virus protection. The CHARON installation group
warned everyone to restrict McAfee to only monitoring the “C”
partition. Two days later, another nosy Windows expert noticed that
McAfee was misconfigured and so decided to help us poor sods. That is
when McAfee noticed some software mysteriously writing directly to the
“D” partition, assumed it was a virus then shut it down. Did I mention
that CHARON runs out of the “D” partition? That virus was CHARON.
Ouch!

Neil Rieck
Kitchener/Waterloo/Cambridge,
Ontario, Canada.
[url]http://www3.sympatico.ca/n.rieck/[/url]

Neil Rieck schrieb:[color=blue]
> <<< We only open our wallets when the price is dirt cheap. >>>
>
> It turns out that current out-of-pocket costs determined all of the
> recent decisions made by employer. No consideration was given to other
> metrics like TCO (Total Cost of Ownership).[/color]

TCO is only important if it shows that the desired "new"
solution is cheaper than the "old" one.
Most of the time, however, it's the price of the hardware
which counts.
[color=blue]
> (did I
> mention that a fully configured CHARON environment runs as an NT
> service?).[/color]

Being cynical, one could ask who was the idiot that decided
that NT is the OS of choice to host Charon as a VAX/VMS emulator.

"Neil Rieck" <n.rieck@sympatico.ca> wrote in message
news:9d3d0a4f-04f1-4e39-b969-eacae1ce5af5@m45g2000hsb.googlegroups.com...[color=blue]
><<< We only open our wallets when the price is dirt cheap. >>>[/color]
[...][color=blue]
>1) Even though we are using controller based RAID, someone requested
>that system disk shadowing be "host based". OK, this should not be a
>big deal except one of the installers was doing a VMS shutdown at the
>same time another installer manually stopped the service (did I
>mention that a fully configured CHARON environment runs as an NT
>service?). This resulted in a corrupt system disk, which meant that we
>received a stack dump whenever the shadow driver loaded at the next
>boot. This could only be fixed by a conversational boot (on whichever
>disk was good) then remounting the mate disk to it. Ouch![/color]

I was surprised at first to think that an emulator could allow for HBVS, but
I'm glad to see it can be done. Question, though: Did you mean to imply that
you had *both* RAID and HBVS in the same system? Seems a mite complicated to
me.

My other comment is that once HBVS was decided upon, all management tasks
should have been turned over to the VMS-knowledgeable folks, since HBVS is a
critter not seen outside of VMS.
[color=blue]
>2) Whenever our Windows people hear about a new system, they need to
>get involved too. So even though this is not a real Windows
>application, they decided to configure all the windows domain stuff.[/color]

See my comment above - VMS, whether emulated or not, should properly be the
"domain" of those trained to use it. :-)
[...][color=blue]
>3) This is a Windows box on our corporate intranet so someone decided
>to install McAfee anti-virus protection. The CHARON installation group
>warned everyone to restrict McAfee to only monitoring the “C”
>partition. Two days later, another nosy Windows expert noticed that
>McAfee was misconfigured and so decided to help us poor sods. That is
>when McAfee noticed some software mysteriously writing directly to the
>“D” partition, assumed it was a virus then shut it down. Did I mention
>that CHARON runs out of the “D” partition? That virus was CHARON.[/color]

Didn't you realize that VMS stands for "Virus Management System"?
:-)
[...]

"Michael Kraemer" <M.Kraemer@gsi.de> wrote in message
news:gb6fjm$ent$03$1@news.t-online.com...[color=blue]
> Neil Rieck schrieb:[color=green]
>> <<< We only open our wallets when the price is dirt cheap. >>>
>>
>> It turns out that current out-of-pocket costs determined all of the
>> recent decisions made by employer. No consideration was given to other
>> metrics like TCO (Total Cost of Ownership).[/color]
>
> TCO is only important if it shows that the desired "new"
> solution is cheaper than the "old" one.
> Most of the time, however, it's the price of the hardware
> which counts.
>[color=green]
>> (did I
>> mention that a fully configured CHARON environment runs as an NT
>> service?).[/color]
>
> Being cynical, one could ask who was the idiot that decided
> that NT is the OS of choice to host Charon as a VAX/VMS emulator.
>[/color]


Being only mildly cynical, Bob 'GQ' Palmer and all who came after him......
except Pfeiffer.

"Neil Rieck" <n.rieck@sympatico.ca> wrote in message
news:9d3d0a4f-04f1-4e39-b969-eacae1ce5af5@m45g2000hsb.googlegroups.com...
<<< We only open our wallets when the price is dirt cheap. >>>

It turns out that current out-of-pocket costs determined all of the
recent decisions made by employer. No consideration was given to other
metrics like TCO (Total Cost of Ownership). That is how we ended up
moving a mission-critical VAX/VMS application from “a dual host
VAX-4300 cluster with 20 spindles on four DSSI busses” to “a platform
consisting of two DL380 chassis and one full MSA chassis” even though
we still have the source code.

The new OS is Windows Server 2003 and VAX emulation is done with
CHARON. The whole thing works so you cannot blame MS, or HP, or the
CHARON product, but only time will tell if this PC solution will
outlast the VAX it replaced.


I looked into Charon APR-2007 as an option to purchasing a refurb VAX
7000-630 to match our running system for DR. The quote for the Charon
solution was ~10x the price for the VAX. It was so much higher, I could not
realistically even propose the solution.

As it turned out, the DR system was not purchased either as "we are going to
start working of a replacement platform very shortly". Of course that has
not happened either.

Neil Rieck wrote:
[color=blue]
> (back in the day we saw real time events like AC-low and DC-low which
> would warn the processor to prepare for a catastophe; its kind of hard
> to emulate that level of detail when the emulator is stopped by
> someone without enough caffeine :-)[/color]


Oktoberfest just started in Munich. I assume Oktoberfest would also
start at the same time in Kitchener ? Consuming industrial quantities of
beer does have some effect on decision taking :-) :-) :-)

[color=blue]
> 2) Whenever our Windows people hear about a new system, they need to
> get involved too.[/color]

Politically, this should not have been sold as a VMS system running
under windows. It should have been sold as a turnkey VAX emulator on an
8086 machine with specially configured OS.

Another avenue is to have upper management pass an edict to force
special standards/configs for that machine to prevent the MS geeks from
deploying normal corporate windows environment/standards on those machines.

Failing this, you would have needed to spend a lot of hours with the
windows people to explain this environment and why windows only exist to
host an applicationa and that none of the standard windows services must
be enabled.

Doesn't Charron also run on Linux ? It would have been more politically
savvy to somehow find the arguments that would have convinced upper
management to go with VAX hosted on a Linux instance since this way,
your windows folks would not have touched it.

Out of curiosity, how come your Windows weenies got the passwords to the
Windows box that runs VMS ? Shouldn't that password have been kept by
only the VMS system manager for that box ?

Or can someone get into Windows without knowing a password ?

On Sep 21, 9:57*pm, JF Mezei <jfmezei.spam...@vaxination.ca> wrote:
[...snip...][color=blue]
>
> Oktoberfest just started in Munich. *I assume Oktoberfest would also
> start at the same time in Kitchener ? Consuming industrial quantities of
> *beer does have some effect on decision taking :-) :-) :-)
>[/color]

Our Oktoberfest always starts on the Friday before the Canadian
Thanksgiving weekend. This year it starts on October 10. Doing it this
way, many people can enjoy both.

Neil Rieck
Kitchener/Waterloo/Cambridge,
Ontario, Canada.
[url]http://www3.sympatico.ca/n.rieck/[/url]

On Sep 22, 4:49*am, JF Mezei <jfmezei.spam...@vaxination.ca> wrote:[color=blue]
> Out of curiosity, how come your Windows weenies got the passwords to the
> Windows box that runs VMS ? Shouldn't that password have been kept by
> only the VMS system manager for that box ?
>
> Or can someone get into Windows without knowing a password ?[/color]

My employer has been an unofficial MS booster club for years. The
WinTel people now see this as "their time" to run things and so have
official access to alomost everything. There are no official VMS
managers anymore as this work has been contracted out. During the
cutover conference calls, there were usually 10 people on the line:
usually 3 employees, and 7 contractors (spread across 3 external
vendors). I'm assuming this crazy situation is happening at most large
as well.

Oh and one final point: most decisions are being made/influenced by 30-
year-old MBAs with no computer experience other than they used one in
University. (What do you need that non-MS stuff for? I never saw it in
school so it must be dying or dead)

NSR

On Sep 22, 9:49 am, JF Mezei <jfmezei.spam...@vaxination.ca> wrote:[color=blue]
> Out of curiosity, how come your Windows weenies got the passwords to the
> Windows box that runs VMS ? Shouldn't that password have been kept by
> only the VMS system manager for that box ?
>
> Or can someone get into Windows without knowing a password ?[/color]

Those authorised as administrators on the Windows domain can typically
get admin access to any machine which is a member of the domain, and
can therefore do all the things which Neil mentioned them doing,
because as Neil said back in the first post, this machine was set up
as a member of the domain. Why that was done is an interesting
question, but "because we always do it that way" (ie we always blindly
follow the same procedures regardless of whether they are sensible or
relevant in any particular case) is a likely answer.

Wrt: "can someone get into Windows without knowing a password ?"
Often, yes. Even if they don't immediately get admin access,
elevation of privilege exploits allow users to get admin-class access
when they're not authorised for admin access. Exploits permitting this
kind of thing emerge about as frequently as they are fixed. And then
there are the various legitimate (?) "rescue discs" that allow admin
access assuming you've got physical access to the machine to reboot it
from CD/USB/etc.

On Mon, 22 Sep 2008 04:26:42 -0700, Neil Rieck <n.rieck@sympatico.ca>
wrote:
[color=blue]
> On Sep 22, 4:49*am, JF Mezei <jfmezei.spam...@vaxination.ca> wrote:[color=green]
>> Out of curiosity, how come your Windows weenies got the passwords to the
>> Windows box that runs VMS ? Shouldn't that password have been kept by
>> only the VMS system manager for that box ?
>>
>> Or can someone get into Windows without knowing a password ?[/color]
>
> My employer has been an unofficial MS booster club for years. The
> WinTel people now see this as "their time" to run things and so have
> official access to alomost everything. There are no official VMS
> managers anymore as this work has been contracted out. During the
> cutover conference calls, there were usually 10 people on the line:
> usually 3 employees, and 7 contractors (spread across 3 external
> vendors). I'm assuming this crazy situation is happening at most large
> as well.
>
> Oh and one final point: most decisions are being made/influenced by 30-
> year-old MBAs with no computer experience other than they used one in
> University. (What do you need that non-MS stuff for? I never saw it in
> school so it must be dying or dead)[/color]

I would quietly one weekend reinstall under a stripped down Linux system
Make sure you have two NICs one for Linux and one for VMS.
[color=blue]
>
> NSR[/color]



--
PL/I for OpenVMS
[url]www.kednos.com[/url]

In article <slrngddgq7.55o.BRAD@rabbit.turquoisewitch.com>,
[email]BRAD@rabbit.turquoisewitch.com[/email] (Brad Hamilton) writes:
[color=blue]
> I was surprised at first to think that an emulator could allow for HBVS, but
> I'm glad to see it can be done. Question, though: Did you mean to imply that
> you had *both* RAID and HBVS in the same system? Seems a mite complicated to
> me.[/color]

It's not that unusual. Back when disks were smaller, one could use
RAID5 to make a larger virtual disk. However, each of the "individual
disks" in the RAID5 could be a HBVS shadow set. (One could also do it
the other way around, but a) one then has two RAID5 arrays and b) the
"individual disks" in the shadow set are much larger and result in
larger copy times if one physical disk fails and needs to be replaced.)

on 21-9-2008 23:57 Brad Hamilton wrote...
[snip]
[color=blue]
> I was surprised at first to think that an emulator could allow for HBVS, but
> I'm glad to see it can be done. Question, though: Did you mean to imply that
> you had *both* RAID and HBVS in the same system? Seems a mite complicated to
> me.[/color]

Well, as soon as you realize that it's the VAX *hardware* that is being
emulated,
you'll find that any and all software that runs/has run on that hardware,
will run on the emulated hardware as well. Even the hardware diagnostics!
[color=blue]
> My other comment is that once HBVS was decided upon, all management tasks
> should have been turned over to the VMS-knowledgeable folks, since HBVS is a
> critter not seen outside of VMS.[/color]

Storage redundancy is "cheaper" in terms of systems resources when done
at the controller level, but for systems management reasons it's
sometimes advisable to just add HBVS on top. Costs a few VMS cycles, but
a VAX on a new DL380 is much faster than the original VAX, and has
CPUcapacity to spare I'm sure.

And yes, I've come across those "helpful" Windows systems admins as
well, but you learn to cope with it in the end...

/Wilm

In article <48d75ccb$0$12411$c3e8da3@news.astraweb.com>, JF Mezei <jfmezei.spamnot@vaxination.ca> writes:[color=blue]
>
> Or can someone get into Windows without knowing a password ?[/color]

Gee, that sounds so hard.

;-)

"JF Mezei" <jfmezei.spamnot@vaxination.ca> wrote in message
news:48d75ccb$0$12411$c3e8da3@news.astraweb.com...[color=blue]
> Out of curiosity, how come your Windows weenies got the passwords to the
> Windows box that runs VMS ? Shouldn't that password have been kept by
> only the VMS system manager for that box ?
>
> Or can someone get into Windows without knowing a password ?[/color]

It was mentioned this was added to the corporate domain, so any Domain
Administrator would automatically get full access to the box.

On 21 Sep 2008 at 13:58, Neil Rieck wrote:[color=blue]
> That is how we ended up moving a mission-critical VAX/VMS application from
> "a dual host VAX-4300 cluster with 20 spindles on four DSSI busses" to "a
> platform consisting of two DL380 chassis and one full MSA chassis" even
> though we still have the source code.[/color]
Having the source code isn't always enough. A move to CHARON-VAX can be away to avoid
an extensive re-qualification or re-write. Not to mention middleware/database software
that didn't make it to Alpha, much less Itanium.
[color=blue]
> [...] one of the installers was doing a VMS shutdown at the same time
> another installer manually stopped the service[/color]
Too many cooks spoil the soup. Trite, but true.
[color=blue]
> did I mention that a fully configured CHARON environment runs as an NT
> service?[/color]
Only if you configure it that way.
[color=blue]
> its kind of hard to emulate that level of detail when the emulator is
> stopped by someone without enough caffeine :-)[/color]
A little program could capture the Windows shutdown and relay it to VMS. Unfortunately,
I am not a Windows programmer.
[color=blue]
> The first time our application went off-line seemed to coincide with
> something in the Windows event log with a message similar to "arbitrating
> for Windows domain mastership" or some such nonsense.[/color]
Yeah, you'll have to get the machine into another domain, or configure it so it doesn't
participate in the election.
[color=blue]
> Others have told me that smart CHARON users unplug the Windows NIC and only
> reconnect it when Windows maintenance is required.[/color]
I've given up on that approach. Being able to remote manage is useful.
[color=blue]
> The CHARON installation group warned everyone to restrict McAfee to only
> monitoring the "C" partition. Two days later, another nosy Windows expert
> noticed that McAfee was misconfigured and so decided to help us poor sods.[/color]
And that person should be spit-roasted by management. Your installation group doesn't
appear to have enough authority to enforce policy. I suggest that you contact the
manager who approved the system and get it a special exception, with special penalities
for people who screw it up.

Be patient, the pain will soon pass...

[Shameless Plug Alert(tm) -- I am a CHARON reseller. I, however, didn't do this
installation.]

--Stan Quayle
Quayle Consulting Inc.

----------
Stanley F. Quayle, P.E. N8SQ Toll free: 1-888-I-LUV-VAX
8572 North Spring Ct., Pickerington, OH 43147 USA
stan-at-stanq-dot-com [url]http://www.stanq.com/charon-vax.html[/url]
"OpenVMS, when downtime is not an option"

On 21 Sep 2008 at 21:57, JF Mezei wrote:[color=blue]
> Doesn't Charron also run on Linux ?[/color]

Actually, it's spelled "CHARON", all in caps.

As for Linux support, it's on the development list. But it's way down the list.

Personally, I'd like to see an embedded OS purpose-built for CHARON-VAX and CHARON-AXP.
CHARON-VAX was implemented in QNX once.

--Stan Quayle
Quayle Consulting Inc.

----------
Stanley F. Quayle, P.E. N8SQ Toll free: 1-888-I-LUV-VAX
8572 North Spring Ct., Pickerington, OH 43147 USA
stan-at-stanq-dot-com [url]http://www.stanq.com/charon-vax.html[/url]
"OpenVMS, when downtime is not an option"

> -----Original Message-----[color=blue]
> From: Stanley F. Quayle [mailto:infovax@stanq.com]
> Sent: Tuesday, September 23, 2008 1:43 PM
> To: [email]Info-VAX@Mvb.Saic.Com[/email]
> Subject: Re: We only open our wallets when the price is dirt cheap.
>
> On 21 Sep 2008 at 13:58, Neil Rieck wrote:[color=green]
> > That is how we ended up moving a mission-critical VAX/VMS application[/color]
> from[color=green]
> > "a dual host VAX-4300 cluster with 20 spindles on four DSSI busses"[/color]
> to "a[color=green]
> > platform consisting of two DL380 chassis and one full MSA chassis"[/color]
> even[color=green]
> > though we still have the source code.[/color]
> Having the source code isn't always enough. A move to CHARON-VAX can
> be a way to avoid
> an extensive re-qualification or re-write. Not to mention
> middleware/database software
> that didn't make it to Alpha, much less Itanium.
>[/color]

Usually, in any type of critical Application, moving to something as
different as adding another OS between the OS / App and the HW requires
an entire new re-certification, so that argument is a bit of a wash.

In addition, moving to a current version of OpenVMS natively allows one
to use some of the newer features (Java, encryption, third party support
like MQ Series + others etc) to integrate existing app code with other
applications currently in use in the Cust environment.

As you mentioned, if there are apps that cannot be translated or ported,
then something like CHARON is an option to explore. However, you do need
to also consider whether the App/DB etc will be supported by the vendor
in a CHARON environment (it may, but need to confirm).


[snip...]



Regards

Kerry Main
Senior Consultant
HP Services Canada
Voice: 613-254-8911
Fax: 613-591-4477
kerryDOTmainAThpDOTcom
(remove the DOT's and AT)

OpenVMS - the secure, multi-site OS that just works.

On 21 Sep 2008 at 19:45, Steven Underwood wrote:[color=blue]
> I looked into Charon APR-2007 as an option to purchasing a refurb VAX
> 7000-630 to match our running system for DR. The quote for the Charon
> solution was ~10x the price for the VAX. It was so much higher, I could not
> realistically even propose the solution.[/color]

I hear that fairly often. But you are comparing a brand new box with a used one. Did
you compare the 7630 with CHARON-VAX 6620? Nearly the same performance, and markedly
cheaper than the 6630 emulator.
[color=blue]
> As it turned out, the DR system was not purchased either as "we are going to
> start working of a replacement platform very shortly". Of course that has
> not happened either.[/color]

Until a project is actually funded and staff, a replacement platform is just a wish...

--Stan Quayle
Quayle Consulting Inc.

----------
Stanley F. Quayle, P.E. N8SQ Toll free: 1-888-I-LUV-VAX
8572 North Spring Ct., Pickerington, OH 43147 USA
stan-at-stanq-dot-com [url]http://www.stanq.com/charon-vax.html[/url]
"OpenVMS, when downtime is not an option"