Tuesday's sessions began with the Advanced Topics Workshop, once again ably hosted by Adam Moskowitz. We started with an overview of the revised moderation software and general housekeeping announcements. We followed that with introductions around the room — in representation, businesses (including consultants) outnumbered universities by about 4 to 1; over the course of the day, the room included 5 LISA program chairs (3 past, 1 present, and 1 known-future, up from 3 last year) and 7 past or present members of the USENIX, SAGE, or LOPSA Boards (up from 6 last year).
We used a sign-up system in the moderation software instead of a strict around-the-table method as in years past — where people got to say how they believed system administration has changed in the past year. The general concensus seemed to be that "not much" has changed on a professional level, although various compliance issues (local and federal regulations on IT including SOX) has affected many. There's an expectation that compliance will take up more of our time and budget. Furthermore, automation is becoming a more obvious necessity to more people; folks are learning that scale, especially with clustering, simply requires it. We also agreed that the so-called soft problems, such as user interaction and customer service, will increase. We noted that many of us seem to be leaving system administration-type roles, for networking, security, and in at least one case company executive (CIO), and others are losing interest in pure-SA-type work.
Our next topic was a quick around-the-room for tools that we've seen. On a personal note, wearing my Documentation Is Good hat, many people said "wiki" in one form or another; other tools included cfengine and other configuration management tools, Google Earth, IM clients within and across workgroups, Nagios and monitoring tools in general, Ruby, System Installer Suite (SIS), VMWare and other virtual machine tools, VNC, ILO, and other Lights-Out Management (LOM) software, and Xen. Others mentioned methodologies for development and testing, and code reviews; still others went with hardware tools like label makers for cables and power-consumption monitoring.
After the morning break, we discussed security and some of the hardware VPN solutions, using security incidents as catalysts for change on both an organizational and technical level, and when to allow exceptions in your mandated security policy. This segued into a discussion on compliance; two of the points someone stressed was that (a) there's no established case law for SOX, so the auditors get to define what compliance is, and (b) making the collection of reports (or at least data) for the auditors should be both automated and reproducible. This is much like ISO 9000 all over again in some places.
Our next discussion was on scaling and automation. You should never say "we can do this stuff with less staff," but rather "we can do more stuff with the same staff," lest you lose budget. It's extremely necessary to plan for growth at the beginning, because you'll rarely get the opportunity to go back and fix it. Many places run home-grown systems (especially in the configuration management and automation areas) because there's no off-the-shelf software that does everything we want out of the box, and other products tend to have too steep a learning curve or a cost. Furthermore, getting different single-OS groups to agree on a multi-platform product is hard, and some people are scared to automate their jobs in fear of losing them, as opposed to getting rid of the mundane tasks to focus on the more challenging.
We next discussed personal productivity tools; this ranged from changing OS ("MacOS X") to documentation (more wikis) to simple command-line tools (vi, grep, glimpse), as well as books, PDA-specific applications, web calendaring and sharing tools, sleeping pills (for ourselves, not our customers), unsubscribing from magazines and mailing lists, delegating to others, and even going to the gym.
After lunch, we briefly discussed autonomic computing, and how we as system administrators will interact with these self-modifying systems. In summary, it won't change what we do overnight, there'll be a cost/value tradeoff in outsourcing, and it'll probably be inappropriate for organizations with open-ended problem sets (such as research organizations and other places where the problems the systems are there to solve are not well-contained or easily programmed).
Our next discussion was on professionalism and seniority. Some expressed concern that fewer institutions of higher education were offering courses specifically aimed towards system administrators, though others argued that as long as the candidates have thinking and problem-solving skills that (plus experience as needed) was sufficient. Some concerns were raised about forthcoming regulation of IT personnel as an industry; between compliance issues such as HIPAA and SOX and the issues caused by not patching systems regularly, several people predict that regulation is coming sooner rather than later. The usual analogies were mentioned (are we doctors, are we janitors; or are we on a spectrum like the electrician/electrical engineers).
We next went around the room to mention tools we thought we'd need to learn in the next year or so; answers included concepts from AJAX to ZFS, along with new operating systems for people (MacOS X, Solaris 10, and Windows), and the usual suspects (documentation and knowledge management process management, project planning, and virtualization).
We next discussed storage and efficiency, had the afternoon break, and then discussed network versus system administration. Some argue that netadmin is five to ten years behind sysadmin; others argue the reverse. The concensus seemed to be somewhere in the middle and depends a lot on what you mean when you define your terms. For example, it's harder to have the Internet in your test lab, and routers and switches tend to make changes immediately rather than "when you reboot" or "when you send a signal to a process" like with systems. There was also a discussion about the relative security models for systems (data) and networks (keys to the kingdom). (System administrators outnumbered network administrators about 2:1 here, but this is a system administration conference.)
Finally, we discussed physical plant issues (power, cooling, weight, and remote access) and social technologies. Most places are using some form of Wiki or other documentation and collaboration software; many are using some other form of instant-messaging client. One novel approach some places have begun is to use podcasting for information broadcasts.