Amazon.com Inc. is among the largest, most visible proponents of the Linux operating system. When questions are raised about the capabilities of Linux to scale and be sufficiently secure to operate enterprise systems, Amazon is often cited as an example to answer those questions. At the recent LinuxWorld conference in New York, Eric Lundquist, editor in chief of eWEEK, had a chance to sit down with Tom Killalea, vice president of infrastructure at Amazon.com.
We made that decision in early 2000. Amazon has always run on Unix, and at that time, we were on proprietary Unix with a proprietary operating system on top of it. Cost was a big driver, and flexibility was also a big driver. We migrated our front-end HTTP servers to Linux in the third quarter of 2000.
Were you the advocate of Linux?
I was. I wouldnt say I was the overwhelming advocate, but it really didnt take long to get to consensus to what we needed to do. We really wanted to get to an i386-based hardware architecture, and that drove our operating system choices. Vendor support is always an issue, and even then there was a lot of momentum around Linux, and there was very solid Oracle [Corp.] client support for Linux. We take a lot of pride in having held Oracles hand toward making their server really rock-solid, stable and scalable on Linux.
One of your big projects in front of you right now is around data warehousing. What is the nature of that project?
A couple of key requirements are that it has to be scalable, and we need to add pretty cheap, simple units of computing when we need to grow it. We need cheap but fast storage. And it needs to have phenomenal throughput at 10 gigabits per second.
One question that often comes up in Linux discussions is security. Without getting into the details of how you secure the Amazon operation, can you tell me your opinion of Linux as a secure operating system generally?
We dont usually talk about security. It is obviously something we think about phenomenally. We wouldnt have made the decision to move to Linux if we didnt feel like we could contain any security concerns.
Is security more about the operating system or the process?
Security is all about process and how you manage your environment.