Inside Google's Intranet

Have you wondered ever what do employees of the world's greatest enterprise stare at in the morning when they’ve arrived at the office? They might be looking at Moma, the name for the Google intranet. The meaning of the name of “Moma” is a mystery(it reminds you of the momma of yours - the mother company),but Moma’s mission is prominently displayed on its footer: “Organize Google’s information and make it accessible and useful to Googlers.” A “Googler,” as you may know, is what Google employees call themselves (they have other nicknames for specific roles; a noogler is a new Google employee, and so on ...)


Fig :Inside Moma's pages

"MOMA, Google's intranet, was designed by and for engineers and for the first couple of years, its home page was devoid of any aesthetic enhancements that didn't serve to provide information essential to the operation of Google. It was dense and messy and full of numbers that were hard to parse for the uninitiated, but high in nutritional value for the data hungry.

MOMA displayed latency times, popular search terms, traffic stats for Google-owned properties and, at the center of it all, a large graph with colored lines labeled with the names of Muppet characters.I am taking the accounts from another blog on the structure of the site for those interested.


The login dialog on Moma's homepage reads, “Many internal apps. One login page.”

On the top of the homepage, you’ll find the logo reading “Moma - Inside Google.” Next to it is a search box allowing you to find information from Moma in general, information on specific Google employees, information on availability of meeting rooms, building maps and more. You can choose to include secure content or not via a checkbox. Another checkbox offers you to use “Moma NEXT"(<--go to the link for a news piece for more info) for a more experimental variant of search results.

To the top right, there’s an option to switch to iMoma, an iGoogle-style tool prepared by the company which allows further customization of the intranet start page. This way, employees may be able to select their own news and service widgets of interest to be displayed when they log-in.

The actual content of the homepage in the picture is split up into 4 columns. To the left, there’s a “My Office” section, with information for employees and a way to choose your own office for more relevant links. It’s followed by the sections “Survival Kit” and “My shortcuts.” In the middle columns, news gadgets are headlined “Welcome to Google!,” “Communications,” “HR” (human resources), “Company Info” and “Internal Google news,” all in common soft shades of Google base colors. The right column is listing Google teams.

Ex-employee Doug Edwards mentioned how he came to take for granted everything was available on the intranet, “from the status of products in development to the number of employees at any point in the company’s history.If you are concerned with coworkers, there is also an employee search part on the system which gives you relevant information without compromising the confidentiality.

How employees access the system

A Google employee can log-in to the intranet from within the office, or with a so-called Virtual Private Network (VPN) connection. This connection comes pre-installed on laptops Google hands out, and can be reached via a desktop icon. A Google employee is required to authenticate their sign-in with account credentials(The talk of the town is that the authentication is based on LDAP Protocol)

From within a Google building, an employee may likely reach the intranet via the address corp.google.com. We previously found out Google additionally uses many sub-domains in their intranet, like album.corp.google.com, agency.corp.google.com, alien.corp.google.com, karma.corp.google.com, periscope.corp.google.com, pineapple.corp.google.com. You may also likely just enter e.g. “m” (which maps to “http://m” which is “http://m.corp.google.com”) to be taken to a service like your Gmail-powered email account.

Externally, like from a laptop at a conference – or if you’re one of the employees mainly working from home, as there are some – employees can access the VPN servers located on sites like Mountain View or Dublin, Ireland, with different hostnames each like man....ext.google.com or de....ext.google.com (we depleted part of the hostname).If you work in a team for a product, you may also get a prototypical version of the service. Special links to debug windows are offered to developers as well, one of them being opened in the screenshot. Google employees also get to see previews of completely unreleased tools, such as wiki service JotSpot (which is being integrated into Google Apps), or Platypus, the internal Gdrive client for file-sharing.For code reviews, Google created Mondrian, a “Perforce backend with some custom Google wrappers on top - once again it is based on creative commons : the sweetest of all licences.

Others , Welcome

But, Google doesn’t just use their own tools. For instance,many Google employees prefer social network Facebook to their own production, Orkut (e.g. some Google employees considered Orkut too spammy, or too buggy in the past).

If a Google employee encounters trouble with any Google tool, they can call their internal support hotline named “Tech Stop.” The hotline promises 24-hour availability. Numbers like +1 877... (last part depleted) are partly toll-free and partly with toll, and accessible from all over the world. Internally, a Google employee may also simply press 3-HELP (3-4357). Tech Stop centers aren’t just located in the US, but also in places like Hyderabad, India.

Big thanks to the article :What the Google Intranet Looks Like by Philipp Lenssen & Tony Ruscoe.Images reproduced from Wikimedia Commons - the free repository.Information in this article is in no way violating the confidentiality policies of any Enterprise.

One who doesn't understand the GPL

"This is the absolute reproduction of the famous column by Bennett McElwee on the Technology Blog "Semicolon" on the new venture of Microsoft to Open path and its real motives and flaws..All rights reserved by the author.We want to inform you that we are not against any trade practices of any corporation.Only for informative purposes of Open Source advocates"

Microsoft’s Shared Source Initiativ.e website contains some pretty "outrageous" falsehoods about free software licenses and the GNU General Public License (GPL). The Shared Source Initiative (SSI) allows certain third parties access to some of the Windows source code. It’s dismaying, but not entirely surprising, that the SSI website shows such a lack of understanding about the GPL.

I don’t mean to interpret this as Microsoft’s official position statement on the GPL, but it has been on their website for quite some time, on the pages for the well-publicised SSI. Also, there is no author’s byline, implying that the piece reflects Microsoft policy rather than the opinions of a Microsoft employee.

Microsoft’s Shared Source Initiative: Licensing Overview is the main offender. In a paragraph on free software licenses (including the GPL), they say

These licenses often are described as “viral,” because they purport to extend their own terms to, or to “infect,” software other than the licensed program, and even to software not yet in existence.

This is silly; commercial software licenses also “infect” “software not yet in existence”, but you don’t hear Microsoft bemoaning this fact. If I write a program incorporating a part of the Linux kernel, I am not allowed to distribute it under a commercial license now or in the future. But the same is true for a program incorporating a part of the Windows kernel. At least with the Linux-based code, I am allowed to release it under the GPL; as for the Windows-based program, I can’t release it at all.

This page goes on to a specific discussion of the GNU General Public License (GPL), and attempts to discuss three features of the license. Impressively, it gets all three wrong.

The GPL permits unlimited free use, modification, and redistribution of software and its source code, but imposes three key restrictions on every licensee:

• If the licensee redistributes any code licensed under the GPL, it must guarantee availability of the code for the entire work for unlimited replication by anyone requesting it.

This is not true. GPL section 3 says that in general, the distributor has only to either distribute the source code with the program, or include a written offer to make the source code available for a period of three years. And it does not have to guarantee this to “anyone requesting it”, but only to licensees who have obtained their license from the distributor.

• If the licensee redistributes GPL code, it may not charge a licensing fee or royalty, but may charge only for distribution costs.

Not true. This applies to source code only. The licensee is free to charge any fee for executable code.

• If the licensee includes any GPL code in another program, the entire program becomes subject to the terms of the GPL.

Wrong again. This is Microsoft’s interpretation of the “viral” GPL, but they have it backwards. Here’s what the GPL actually says.

2. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.

4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. […]

This seems quite clear. Here’s an example of how it works.

1. You write a program that includes (knowingly or otherwise) someone else’s GPL code.
2. You distribute this program under a commercial license.
3. Because you have failed to comply with clauses 2b and 4 of the GPL, your GPL rights are terminated. In other words, you now have no right to distribute the (copyrighted) GPL software.
4. The copyright holder of the GPL code can sue you for copyright infringement.

The GPL license has not “infected” your program at all. All that has happened is that you have failed to comply with the terms of the GPL, so your license has been terminated. Exactly the same would happen if you distributed a program that incorporated source code from, say, Microsoft Word. Again, you may distribute your GPL code-based program under the terms of the GPL; you can’t legally distribute your Word-based program at all.

Microsoft may have been confused on this point by GPL section 6:

6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients’ exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.

So if the licensee includes any GPL code in another program and distributes it to a third party, then the third party automatically gets a GPL license for the original GPL code (”the Program”), not the entire distributed program. In our example from above, the third party would automatically get a GPL license for the GPL code incorporated into your program, not your program itself.

Microsoft say that they do not oppose the GPL for use by individual developers, but “our concern is based on the health of the overall software ecosystem and the effect of the GPL on the process of sustained innovation.” They recommend relatively unrestricted BSD-style licenses instead, especially by researchers, because “use of unrestrictive open-source licenses by the research community preserves the ability of the private sector to develop basic research into useful and affordable software products for individual and business consumers.”

In other words, use of unrestrictive open-source licenses by the research community preserves the ability of Microsoft to make money from others’ research. Fair enough, but raising concerns about “the health of the overall software ecosystem” seems a little overblown. If Microsoft are unable to use somebody else’s research to develop products, then they’ll just have to do their own research — which they already do anyway. The same goes for other commercial software developers. This should actually increase innovation by forcing commercial developers to come up with their own original software, rather than simply build on somebody else’s.

(Rather than use the GPL, presumably Microsoft would prefer researchers to patent all their new software, so that Microsoft and other commercial developers would be free to pay license fees to the patent holders — or buy the patents outright. They don’t mention this in the SSI site, for some reason.)

At the end of the page, Microsoft say that developers should be free to choose licensing terms, but sensibly encourage caution: “The decision to use or produce open-source or free software, however, should be based on an informed understanding of the licenses that govern such software.” It looks as if Microsoft could do with some informed understanding themselves.

Subdomain Configuration in DNS

I am posting this as a quick tip for those who want to add a subdomain of some form in a DNS server having domains configured in it.This is usually handy for those system administrators who have to frequently add subdomains as part of hosting services.This is being narrated as a real experience of mine as recently i had to work over it.

The requirement was to add a subdomain (h***dmin.a**s.net) in the form ..net to the DNS gateway at the organisation.The domain has already been existing.I had prior knowledge of adding a domain in the "named.conf" file which is the main configuration file for the server.

The entry is given as following steps:

Step 1: In /etc/named.conf, find the domain file corresponding to the domain which we wish to configure the subdomain. Example for here, the domain in arys.net and the file is :
"/var/named/slaves/sec.arys.net" as evident from its entry in 'named.conf'


Step 2: Open the domain file and give the subdomain as a C or A entry.

This can be either as :

h***admin CNAME www (C Entry)

or

h***admin A

"March Linux"- Simple, Lean and Fast Distro

"March Linux" aims to be a Simple, Lean and Fast GNU/Linux distribution for the desktop which urges the users to learn linux instead of holding their hands at every step!

At the same time, it is usable and fully functional with almost every software that one might need being available. It is heavily based on Arch Linux








Some Statistics

• The default desktop in March Linux is Fluxbox
• The current version is 1.0 BETA, to start off with.
• Currently, March is available only as a Live CD (built using the Linux Live scripts).
• No installation option is available, as of now.

You can do the following right out of the box :

• Listen to music and watch movies in a variety of formats, record sounds
• View pictures and perform graphical editing
• Connect to and browse internet, check emails, download via torrents, perform ftp transfers
• Play a number of cool games, including a few DOS based ones
• View and edit document files, create spreadsheets, view pdf-s, perform calculations, take notes
• Do small programming in a number of languages with an IDE
• …… and many more!!

March is designed to run amply well on a 128 mb RAM machine, PII or later (or equivalent). A 160 mb RAM is recommended for best performance! The apps it includes are mostly LnF (Lean and Fast), and the default desktop (fluxbox) is a minimalistic and lightweight one, which just doesn't get in your way!

Some Wisdom

We can say that March Linux is well suited for anyone who wants to use Linux! Even a relatively newbie can begin to "learn the ropes" on this distro, provided he/she has the will and resilience to learn!

On the other hand, if you are a windows fan-boy, and prefer being served everything on a platter to you rather than using your brains even to the least extent, then March Linux is NOT for you! March Linux tries its best to make learning linux as easy & enjoyable as possible, but really the onus is on you to actually benefit from it!

Links

Hear to some user comments at Arch Linux Forums.

Have a first hand look at the different sides of this rocking distro at March Linux Homesite



Unless stated otherwise Content of these links are licensed under Creative Commons Attribution-Share Alike 2.5 License.

Quick-Tip: Permission Denied error on secondary DNS server

I like to consider myself a newcomer in DNS/BIND,and it goes to show that you can learn something new everyday. In between my work,i was asked to setup my secondary DNS servers for both 'ar*s.net' and 'calpin*****.net' and other personal domains of the company in the way that I always have.

Scenario:

There was a gateway machine in CentOS which was acting also as the Primary DNS of the company(Set with both Public and Private IP's).The requirement was to set up a secondary DNS in another machine which will recieve updated of all domains from the primary so that it can act as a fallback server.

But I noticed that the secondary was consistently getting the following error:

transfer of 'ar*s'/IN' from #53: failed while receiving responses: permission denied

From this error I assumed that my master server was not setup correctly to allow transfers from the secondary. This is normally done with the following configuration option in the /etc/named.conf file:

allow-transfer { ; };

After I had checked this configuration on the master to make sure it was there and that I had not done something like typed the IP address in error. On the surface everything seemed to be perfectly setup, but I was still getting the error.

Eventually I realized that the error was not a permission denied error from the remote master server, but from the local DNS server. The error turned out to be a file permission error in the default layout of BIND on a CentOS system.

Around the time of Fedora Core 3(Similary in CentOS 4) the default configuration for BIND is setup to chroot the daemon into it's own filesystem space to help avoid and contain any security breaches. This is a great feature.

Option 1

To fix your permission denied error on your secondary or slave DNS server all you need to do is change the permissions of your data directory to include group write permissions. On my system that directory is set as /var/named/sec. You can do this with a simple:

# chmod 775 /var/named/sec

or

# chmod g+w /var/named/

It should be noted that you will only run into this error on a secondary or slave DNS server if you have the secondary store it's slave information in a file. This happens when a slave is configured like this:

zone "example.com" IN {
   type slave;
   file "secondary-example.com";
   masters { 192.168.0.1; };
};

Option 2:

Another option, that in many ways is more correct on a Fedora Core system, is to store your secondary zone files in the slaves/ directory. This directory is in /var/named/chroot/var/named/ and already has the proper permissions for you. So instead of file "secondary-example.com"; you would simply say: file "slaves/secondary-example.com";.

Error Checking:

For checking the errors during the tryout of these options, just restart named daemon like this:

#/etc/init.d/named restart

(note: the shutdown of named my fail, since it may not be running after the initial install)

4. Let's look in the /var/log/messages file and see if the named daemon started without error. Use the command:

#less /var/log/messages

Hopefully this shows you how to resolve this particular error. These suggestions have been tested on Fedora Core and CentOS alike.

Here are some other good DNS guides:

http://ldp.hughesjr.com/HOWTO/DNS-HOWTO.html
http://linux.maruhn.com/sec/dns-howto.html

DNS Rerource Directory : http://www.dns.net/dnsrd/

Powered by ScribeFire.