Interest in modular datacenters is growing, fueled by high-profile endorsements from Microsoft and Google. But the model raises new management concerns, and efficiency claims may be exaggerated.

Modular, containerized datacenters being sold by vendors such as IBM, Sun, and Rackable Systems fit storage and hundreds, sometimes thousands of servers into one large shipping container with its own cooling system. Microsoft, using Rackable containers, is building a datacenter outside Chicago with more than 150 containerized datacenters, each holding 1,000 to 2,000 servers. Google, not to be outdone, secured a patent last year for a modular datacenter that includes "an intermodal shipping container and computing systems mounted within the container."

[ Get sage advice on IT careers and management from Bob Lewis in InfoWorld's Advice Line blog and newsletter. ]

(See related slideshow: IT takes a close look at shipping container-based datacenters.)

To hear some people tell it, containerized datacenters are far easier to set up than a traditional datacenter, easy to manage and more power-efficient. It should also be easier to secure permits, depending on local building regulations. Who wouldn't want one?

If a business has a choice between buying a shipping container full of servers, and building a datacenter from the ground up, it's a no-brainer, says Geoffrey Noer, a vice president at Rackable, which sells the ICE Cube Modular Data Center. 

"We don't believe there's a good reason to go the traditional route the vast majority of the time," he says.

But that is not the consensus view by any stretch of the imagination. Claims about efficiency are overrated, according to some observers.

Even IBM, which offers a Portable Modular Data Center and calls the container part of its green strategy, says the same efficiency can be achieved within the four walls of a normal building.

IBM touts a "modular" approach to datacenter construction, taking advantage of standardized designs and predefined components, but that doesn't have to be in a container. "We're a huge supporter of modular. We're a limited supporter of container-based datacenters," says Steve Sams, vice president of IBM Global Technology Services.

Containers are efficient because they pack lots of servers into a small space, and use standardized designs with modular components, he says. But you can deploy storage and servers with the same level of density inside a building, he notes.

Container vendors often tout 40 to 80 percent savings on cooling costs. But according to Sams, "in almost all cases they're comparing a highly dense [container] to a low-density [traditional data center]."

Containers also eliminate one scalability advantage related to cooling found in traditional datacenters, according to Sams. Just as it's more efficient to cool an apartment complex with 100 living units than it is to cool 100 separate houses, it's more cost-effective to cool a huge datacenter than many small ones, he says. Air conditioning systems for containerized datacenters are locked inside, just like the servers and storage, making true scalability impossible to achieve, he notes.

Gartner analyst Rakesh Kumar says it will take a bit of creative marketing for vendors to convince customers that containers are inherently more efficient than regular datacenters. Gartner is still analyzing the data, but as of now Kumar says, "I don't think energy consumption will necessarily be an advantage."

Finding buyersThat doesn't mean there aren't any advantages, however. A container can be up and running within two or three months, eliminating lengthy building and permitting times. But if you need an instant boost in capacity, why not just go to a hosting provider, Kumar asks.

"We don't think it's going to become a mainstream solution," he says. "We're struggling to find real benefits."

Kumar sees the containers being more suited to Internet-based, "hyper-scale" companies such as Google, Amazon, and Microsoft. Containerized datacenters offer scalability in big chunks, if you're willing to buy more containers. But they don't offer scalability inside each container once it has been filled, he says.

Container vendors tout various benefits, of course. Each container is almost fully self-contained, Rackable's Noer says. Chilled water, power, and networking are the only things from the outside world that must be connected to each one, he says. Rackable containers, which can be fitted with as many as 22,400 processing cores in 2,800 servers, are water-tight and are fitted with locks, alarms, and LoJack-like tracking units. Sun's Modular Data Center can survive an earthquake -- the company made sure of that by testing it on one of the world's largest shake tables at the University of California in San Diego.

A fully equipped Rackable ICE Cube costs several million dollars, mostly for the servers themselves, Noer says. The container pays for itself with lower electricity costs due to an innovative Rackable design that maximizes server density, Noer says.

But it's still too early to tell whether containerized datacenters are the way of the future. "We're just at the cusp of broad adoption," Noer says.

Potential use cases for containers include disaster recovery, remote locations like military bases, or big IT hosting companies that would prefer not to build brick-and-mortar datacenters, Kumar says.

A TV crew that follows sporting events may want a mobile datacenter, says Robert Bunger, director of business development for American Power Conversion. APC doesn't sell its portable datacenter, but in 2004, it built one into a tractor-trailer as a proof-of-concept. It was resilient. "We pulled that trailer all over the country" for demos, Bunger notes.

But APC isn't seeing much demand, except in limited cases. For example, a business that needs an immediate capacity upgrade but is also planning to move its datacenter in a year might want a container because it would be easier to move than individual servers and storage boxes.

UC San Diego bought two of Sun's Modular Data Centers. One goal is to contain the cost of storing and processing rapidly increasing amounts of data, says Tom DeFanti, principal investigator of the school's GreenLight energy efficiency research project. But it will take time to see whether the container approach is more efficient. "The whole idea is to create an experiment to see if we can get more work per watts," DeFanti says.

The Modular Data Center is not as convenient to maintain as a regular computer room, because there is so little space to maneuver inside, he says. But "It seems to me to be an extremely well-designed and thought-out system," DeFanti says. "It gives us a way of dealing with the exploding amount of scientific computing that we need to do."

Beware vendor lock-inBefore purchasing a containerized datacenter, enterprises should consider several issues related to their manageability and usefulness. Vendors often want you to fill the containers with only their servers, Kumar notes. Besides limiting flexibility at the time of purchase, this raises the question of what happens when those servers reach end-of-life. Will you need the vendor to rip out the servers and put new ones in, once again limiting your choice of technology?

"At the moment, most vendors will fill their containers only with their servers," Kumar says.

IBM, however, says it uses industry-standard racks in its portable datacenter, allowing customers to buy whatever technology they like. (Compare server products.) DeFanti said Sun's Modular Data Center allows him the flexibility to buy a heterogeneous mix of servers and storage. Rackable, though, steers customers toward either its own servers or IBM BladeCenter machines through a partnership with IBM.

"I think vendors are learning that people want more flexibility," DeFanti says.

Another consideration is failover capabilities, says Lee Kirby, who provides site assessments, data center designs and other services as the general manager of Lee Technologies. If one container goes down, its work must be transferred to another. Server virtualization will help provide this failover capability, and also make it easier to manage distributed containerized datacenters -- an important consideration for customers who want to distribute computing power and have it reside as close to users as possible, Kirby says.

"I think it is key that the combination of virtualization and distributed infrastructure produce a container that can be out of service without impacting the application as a whole," Kirby says.

If you know one thing about Linux users, it's probably this: They enjoy the challenge of installing their operating system of choice on pretty much anything with a transistor in it. It's only a matter of time before they get around to replacing all those electronic singing greeting cards to make the sound of penguin mating calls.

So the news that Linux has been ported to the iPhone and the iPod touch shouldn't exactly come as a shock; please hold your cries of heresy until the end. OpeniBoot, which brings the Linux 2.6 kernel to the iPhone platform was developed by members of the iPhone DevTeam, the same folks who have long been working on cracking the iPhone's firmware every time a new version comes out.

[ Special report: IT's guide to the iPhone ]

The capabilities of OpeniBoot are still incredibly limited--at present, there's no support for writing to the flash memory, using the touch screen, wireless networking, the cell phone, sound, or the accelerometer. So if you thought that you'd be ending up with a fully operational Linux iPhone--or even a partially operational phone--I'm afraid you're going to be disappointed for now.

There's also some talk that this may pave the way for installing Google's Android OS on the iPhone, though as someone who's been using a G1 for a few days now, that seems like overhauling a Porsche to run like a Hyundai. But then again, there's always somebody who wants to prove that it's possible. So knock yourself out, guys.

Macworld is an InfoWorld affiliate

Consumer electronics giants Apple, Dell, Motorola, Microsoft, Nintendo, and Samsung have been slow to get serious about climate change, and are notably lagging behind, according to the latest edition of the Greenpeace Guide to Greener Electronics.

Many companies still show little engagement with the issue, which is a disappointment, according to Greenpeace International Climate & Energy campaigner Mel Francis.

[ For more on technology and the environment, see Ted Samson's Sustainable IT blog | Stay ahead of advances in technology with InfoWorld's Ahead of the Curve blog and newsletter. ]

"They are basically lagging behind on what we need for a good climate package. They haven't demonstrated any real commitment to cutting their own CO2 emissions, or to lobbying politicians to get a good deal post-Kyoto," said Francis.

"They assume that growth in their business also must therefore mean growth in their CO2 emissions. At Greenpeace we think that's not necessarily true," said Francis.

Greenpeace would like to see a lot more action going forward. "We are simply asking them to become climate leaders. They need to put their words into action and follow through on the claims they're making," said Francis.

Still, there are a few exceptions: Fujitsu Siemens Computers, Philips and Sharp support the level of cuts in greenhouse gases that science requires, according to Greenpeace.

In its latest Guide to Greener Electronics, Greenpeace gives Philips marks for committing to making absolute reductions in its own greenhouse gas emissions from the product manufacture and supply chain, which HP has done as well.

Both Philips and HP have also committed to making cuts in greenhouse gas emissions from their own operations. Nokia has done the same, said Francis.

Its overall ranking -- which takes into account company policies on toxic chemicals, recycling and climate change -- is topped by Nokia (Greenpeace likes its take-back program and use of renewable energy), followed by Sony Ericsson and Toshiba.

Philips and HP are in the bottom half of the list: good energy policies aren't enough, and both companies must improve how they handle e-waste, said Greenpeace.

Motorola, Toshiba and Sharp made the biggest moves up the chart, while the companies falling down the ranking are the PC brands Acer, Dell, HP -- and Apple, although it still gets a thumbs-up for improving its score, by better reporting on the carbon footprint of its products.

Apple's new iPods are also are now free of both PVC and brominated flame retardants, according to Greenpeace.

In general, the PC manufacturers need to improve the handling of e-waste.

Dell and Acer also need to reduce their use of toxic chemicals, said Greenpeace. Dell loses points for withdrawing from its commitment to eliminate all PVC plastic and brominated flame retardants by the end of 2009.

The use of toxic chemicals has in the past been a focus area for Greenpeace, but here there has been some positive movement. Consumer electronics companies have been allies to Greenpeace as it has tried to reduce the use of toxic materials and get legislation passed, according to Francis.

Nintendo remains in last place in the ranking, although it is taking small steps to remove or monitor the presence of some potentially toxic additives in the plastics it uses, Greenpeace said.

JetBrains released TeamCity 4.0, a continuous integration server and distributed build management tool featuring enhanced build capabilities, this week.?

Version 4.0 offers build chains support for breaking down a single build procedure into several parts that can be run on different build agents using the same sets of sources.?

Other improvements in version 4.0 include the ability to redo a particular build from a particular control revision, known as a history build, and improved authentication mechanics.

With version 4.0, statistics are offered for an entire project. Extensibility is enabled via a Java API, the company said. A tests reordering capability determines which tests are likely to fail and performs those first during the next project build.

TeamCity 4.0 automates routines and streamlines the software development process. Team communication is improved, and teams can implement agile methodology, JetBrains said. The product integrates with multiple IDEs.

Eclipse integration is highlighted as is integration with ClearCase, with Eclipse backing bringing IntelliJ Idea IDE capabilities to Eclipse users.

"Since its creation, TeamCity has been a key element in our own development process," said JetBrains CEO Sergey Dmitriev, in a statement released by the company. "The production TeamCity server at JetBrains is currently having over 50 build configurations in a build grid with more than 50 build agents, with literally every project and every developer using it on a daily basis

Version 4.0 also has an improved search engine and user interface improvements, JetBrains said. TeamCity automates more than 600 Java code inspections.

TeamCity 4.0 is available free to individual developers and small-to-medium-size teams. The free edition is restricted to 20 build configurations and three build agents.

TV network CBS has become the latest big name to have it Web site used to host malware, a security company has reported.

It appears that Russian malware distributors were able to launch another iFrame attack on a subdomain of the cbs.com site so that it was serving remote malware to any visitors. A user's vulnerability to the malware attack launched by the site hack would depend on a number of factors, including the type of security used on a PC, the operating system, and possibly the browser version.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

"This saga confirms our many previous warnings that obfuscated code posing a serious threat to Internet users' PCs," said Finjan CTO, Yuval Ben-Itzhak, who has devoted a fair amount of time in recent months to finding these hacks.

"Our Threats Reports have continued to identify the increasing use of code obfuscation as a means of bypassing traditional signature-based solutions in order to propagate malware," Ben-Itzak continued, taking a pop at the anti-virus products against which his company in part competes.

"It also highlights the fact that no web portal, no matter how high ranking, can be totally secure against a system hack and consequent infection of its visitors. Web users need to exercise caution at all times," he said.

Finjan has it had informed CBS of the issue, but that the Russian exploit server had in any case been taken offline, neutering the attack for the time being.

iFrame and SQL injection attacks on big-name Web sites have been one of the fashionable attacks of 2008, embarrassing a string of household names.

Techworld is an InfoWorld affiliate.

As President-elect Barack Obama prepares to take office, the task of upgrading the security of federal computer systems continues to be a work in progress.

Several cybersecurity initiatives launched during the Bush administration are still years away from being completed. Others are closer to completion but don't do enough by themselves to defend networks and systems against increasingly sophisticated attacks, according to IT security analysts.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

And, they said, resolving the security issues will require Obama to focus on more than just finishing the ongoing initiatives.

For starters, he needs to end the policy of tying federal cybersecurity efforts so closely to the post-9/11 war on terror, said Gartner analyst John Pescatore. "The terrorist attacks sent the Bush administration in the wrong direction" on cybersecurity, Pescatore said, adding that more immediate threats to federal systems have been overlooked.

Progress has been made, claimed Karen Evans, administrator of e-government and IT at the White House Office of Management and Budget (OMB). Evans said several security initiatives launched over the past few years are already making, or will soon make, a difference.

At the top of her list is a 2004 mandate by President Bush that required federal agencies to issue new smart-card identity credentials to all employees and contractors. But even that program hasn't been fully implemented. Agencies were supposed to finish issuing the new ID cards in late October, but most will need at least two more years to do so.

Other projects that Evans pointed to include a recent upgrade of federal networks to the more secure IPv6 protocol and the Trusted Internet Connections program, under which agencies are working to reduce their external network connections.

Evans also cited the Federal Desktop Core Configuration (FDCC) project, which is aimed at cutting costs and boosting security by requiring agencies to employ standard security settings on all Windows PCs.

Earlier this year, President Bush also put in motion a highly classified, multiagency program called the Cyber Initiative, with a goal of bolstering the nation's ability to detect and respond to cyberthreats against critical infrastructure targets.

Tom Kellerman, vice president of security awareness at Core Security Technologies in Boston, said the Cyber Initiative marked an "awakening" in Washington about the need for stronger cybersecurity efforts.

But Kellerman, who is a member of a commission that's developing cybersecurity recommendations for Obama, said much remains to be done. "The existing administration has only just begun to pay attention to cybersecurity" as a national security issue, he said.

Many of the ongoing initiatives are helping to improve security in bits and pieces, Pescatore said. But, he added, they were the result of "random edicts" from the OMB, not broad cybersecurity objectives.

Increasingly, new funding has been moving toward surveillance and monitoring initiatives related to fighting terrorism. While such efforts are needed, Pescatore said, they do little to protect federal agencies from cybercriminals.

Franklin Reeder, an independent consultant and former chief of information policy at the OMB, said the most important step for Obama is to use the government's purchasing clout to compel IT vendors to build more security capabilities into products. The FDCC program has shown that such an approach can be successful, Reeder said.

More spending is needed on security training, he added. He also thinks the feds must change how they work with the private sector on security. Existing programs, Reeder contended, "have just been convened by the government for the government."

This version of the story originally appeared in Computerworld's print edition. Computerworld is an InfoWorld affiliate.

Got something to add? Let us know in the article comments.