Salesforce.com acquires Heroku, wants your Enterprise apps

The big news today is that Salesforce.com has agreed to acquire Heroku, a company which hosts Ruby applications using an architecture that enables seamless scalability. Heroku apps run on “dynos”, each of which is a single process running Ruby code on the Heroku “grid” – an abstraction which runs on instances of Amazon EC2 virtual machines. To scale your app, you simply add more dynos.

image

Why is Salesforce.com acquiring Heroku? Well, for some years an interesting question about Salesforce.com has been how it can escape its cloud CRM niche. The obvious approach is to add further applications, which it has done to some extent with FinancialForce, but it seems the strategy now is to become a platform for custom business applications. We already knew about VMForce, a partnership with VMWare currently in beta that lets you host Java applications that are integrated with Force.com, but it is with the announcements here at Dreamforce that the pieces are falling into place. Database.com for data access and storage; now Heroku for Ruby applications.

These services join several others which Salesforce.com is branding at Force.com 2:

Appforce – in effect the old Force.com, build departmental apps with visual tools and declarative code.

Siteforce – again an existing capability, build web sites on Force.com.

ISVForce – build your own multi-tenant application and sign up customers.

Salesforce.com is thoroughly corporate in its approach and its obvious competition is not so much Google AppEngine or Amazon EC2, but Microsoft Azure: too expensive for casual developers, but with strong Enterprise features.

Identity management is key to this battle. Microsoft’s identity system is Active Directory, with federation between local and cloud directories enabling single sign-on. Salesforce.com has its own user directory and developing on its platform will push you towards using it.

Today’s announcement makes sense of something that puzzled me: why we got a session on node.js at Monday’s Cloudstock event. It was a great session and I wrote it up here. Heroku has been experimenting with node.js support, with considerable success, and says it will introduce a new version next year.

Finally, the Heroku acquisition is great news for Enterprise use of Ruby. Today many potential new developers will be looking at it with interest.

Database.com extends the salesforce.com platform

At Dreamforce today Salesforce.com announced its latest platform venture: Database.com. Salesforce.com is built on an Oracle database with various custom optimizations; and database.com now exposes this as a generic cloud database which can be accessed from a variety of languages – Java, .NET, Ruby and PHP – and accessed from applications running on almost any platform: VMForce, Smartphones, Amazon EC2, Google App Engine, Microsoft Azure, Microsoft Excel, Adobe Flash/Flex and others. One way to use it would via JPA (Java Persistence API) in an VMForce Java application.

The Database.com console is a web application that has a console giving access to your databases and showing useful statistics and system information.

image

You can also create new databases, specifying the schema and relationships.

image

The details presented in the keynote today were sketchy – we saw applications that honestly could have been built just as easily with MySQL – but there is more information in the FAQ. The Database.com API is through SOAP or REST web services, not SQL. Third parties can create drivers so you can you use it with SQL APIs such as ODBC or JDBC. There is row level security, and built-in full text search.

According to the FAQ, Database.com “includes a native trigger and stored procedure language”.

Pricing starts from free – for up to 100,000 records, 50,000 transactions and 3 users per month. After than it is $10.00 per month per additional 100,000 records, $10.00 per month per additional 150,000 transactions, and $10.00 per user if you need the built-in authentication and security system – which as you would expect is based on the native force.com identity system.

As far as I can tell one of the goals of Database.com – and also the forthcoming chatter.com free public collaboration service – is to draw users towards the force.com platform.

Roger Jennings has analysed the pricing and reckons that Database.com is much more expensive than Microsoft’s SQL Azure – for 500 users and a 50GB database $15,000 per month for Database.com vs a little over $500 for the same thing on SQL Azure, though the two are difficult to compare directly and he has had to make a number of assumptions. Responding to a question at the press and analyst Q&A today, Benioff seemed to accept that the pricing is relatively high, but justified in his view by the range of services on offer. Of course the pricing could change if it proves uncompetitive.

Unlike SQL Azure, Database.com starts from free, which is a great attraction for developers interested in giving it a try. Trying out Azure is risky because if you leave a service running inadvertently you may run up a big bill.

In practice SQL Azure is likely to be more attractive than Database.com for its core market, existing Microsoft-platform developers. Microsoft experimented with a web services API for SQL Server Data Services in Azure, but ended up offering full SQL, enabling developers to continue working in familiar ways.

Equally, Force.com developers will like Database.com and its integration with the force.com platform.

Some of what Database.com can do is already available through force.com and I am not sure how the pricing looks for organizations that are already big salesforce.com users; I hope to find out more soon.

What is interesting here is the way salesforce.com is making its platform more generic. There will be more force.com announcements tomorrow and I expect to to see further efforts to broaden the platform then.

Update – I had a chat with Database.com General Manager Igor Tsyganskiy. He says Microsoft’s SQL Azure is the closest competitor to Database.com but argues that because Salesforce.com is extending its platform in an organic way it will do a better job than Microsoft which has built a cloud platform from scratch. We did not address the pricing comparison directly, but Tsyganskiy says that existing Force.com customers always have the option to “talk to their Account Executive” so there could be flexibility.

Since Database.com is in one sense the same as Force.com, the API is similar. The underlying query language is SOQL – the Salesforce Object Query Language which is based on SQL SELECT though with limitations. The language for stored procedures and triggers is Apex. SQL drivers from Progress Software are intended to address the demand for SQL access.

I mentioned that Microsoft came under pressure to replace its web services API for SQL Server Data Services with full SQL – might Database.com face similar pressure? We’ll see, said Tsyganskiy. The case is not entirely parallel. SQL Server is a cloud implementation of an existing SQL database with which developers are familiar. Database.com on the other hand abstracts the underlying data store – although Salesforce.com is an Oracle customer, Tsyganskiy said that the platform stores data in a variety of ways so should not be thought of as a wrapper for an Oracle database server.

Although Database.com is designed to be used from anywhere, I’d guess that Java running on VMForce with JPA, and following today’s announcement Heroku apps also hosted by Salesforce.com, will be the most common scenarios for complex applications.

Google App Engine and why vendor honesty pays

I’ve just attended a Cloudstock session on Google App Engine and new Google platform technologies – an introductory talk by Google’s Christian Schalk.

App Engine has been a subject of considerable debate recently, thanks to a blog post by Carlos Ble called Goodbye App Engine:

Choosing GAE as the platform four our project is a mistake which cost I estimate in about 15000€. Considering it’s been my money, it is a "bit" painful.

Ble’s points is that App Engine has many limitations. Since Google tends not to highlight these in its marketing, Ble discovered them as he went, causing frustrations and costly workarounds. In addition, it has not proved reliable:

Once you overcome all the limitations with your complex code, you are supposed to gain scalabilty for millions of users. After all, you are hosted by Google. This is the last big lie.

Since the last update they did in september 2010, we starting facing random 500 error codes that some days got the site down 60% of the time.

Ble has now partially retracted his post.

I am rewriting this post is because Patrick Chanezon (from Google), has added a kind and respectful comment to this post. Given the huge amount of traffic this post has generated (never expected nor wanted) I don’t want to damage the GAE project which can be a great platform in the future.

He is still not exactly positive, and adds:

I also don’t want to try Azure. The more experience I gain, the less I trust platforms/frameworks which code I can’t see.

Ble’s post is honest, but many of the issues are avoidable and arguably his main error was not to research the platform more thoroughly before than diving in. He blames the platform for issues that in some cases are implementation mistakes.

Still, here at Cloudstock I was interested to see if Schalk was going to mention any of these limitations or respond to Ble’s widely-read post. The answer is no – I got the impression that anything you can do in Java or Python, you can do on App Engine, with unlimited scalability thrown in.

My view is that it pays vendors to explain the “why not” as well as the “why” of using their platform. Otherwise there is a risk of disillusionment, and disillusioned customers are hard to win back.

One day of hacks, REST and cloud: Salesforce.com Cloudstock

I’m in San Francisco for the annual Salesforce.com conference, where the pre-conference day is called Cloudstock and features a bunch of sessions on cloud development from vendors whom Salesforce.com considers more partners than competitors, and from Salesforce.com itself, along with a hackathon competition where you build an instant cloud app.

Why Cloudstock? The parallels with Woodstock’s peace love and music are obscure, but I think the idea is revolution of cloud vs revolution of free love, or something. Presumably nothing to do with mud, getting high or sneaking in without paying.

I’m guessing that the PR goal is to position Salesforce.com at the heart of cloud computing. Good PR, but there are many other ways to do cloud.

I’m in a session on Google App Engine and new Google platform technologies – an introductory talk by Christian Schalk. More on that in this separate post.

Wrestling with Microsoft SharePoint

I do not know what to think about Microsoft SharePoint. It is kind-of inevitable if you live on the Microsoft platform. At some point the question comes up: how do we get to our documents over the Internet; and while VPN works, it is an awkward solution that means opening a VPN tunnel first and arguably opens up too much from a security perspective; direct internet access is easier and works from any device. Microsoft also has Direct Access, which lets you connect to network shares without a VPN; I have not tried it though it requires Windows 7 which is a serious restriction.

In any case, SharePoint does so much more: search, blogs and wikis, company portal, business intelligence, platform for document workflow applications, office web apps for in-browser editing of Office documents, alerts when documents are added or changed, and near-infinite possibilities for customization, to mention a few features.

The downside is that SharePoint is intricate, sometimes slow, and complex to administer.

I run a miniature Microsoft-platform setup for test and development. The servers are on Hyper-V virtual machines, and include Exchange 2007 (2010 upgrade pending), SharePoint 2010, and ISA Server 2006. I have been trying out SharePoint for some time, and once I figured out how to map a drive reliably I have enjoyed using it as a document repository. I have also tried SharePoint WorkSpace 2010 on a netbook, which is useful for offline work, though the user interface needs attention and it has an annoying limit on the number of items it will download.

The problem I have had though is that the internal URL (eg http://sharepoint) was different from the external URL (eg https://sharepoint.mydomain.com). In consequence, it did not work smoothly on a laptop or netbook that is not always on the internal network.

I spent some time fixing this. I am not sure that I found the best solution, but I found one that works. I extended the SharePoint application to a second web site for ssl access; I set up split DNS so that sharepoint.mydomain.com resolves to the internal server on the local network, and to ISA on the internet; I set up a new listener in ISA for the external URL, and a new policy that redirects to the internal server using SSL throughout; I turned off link translation; I removed all the paths except for /*; I set NTLM authentication. Finally I set Alternate Access Mappings for the new external URL which, thanks to split DNS, also works internally.

If that sounds like jargon, welcome to the world of SharePoint administration. Few things are intuitive or straightforward; which is why, for example, you can find a three part series by the Troy Starr on What every SharePoint administrator needs to know about Alternate Access Mappings.

Another thing that is obvious to SharePoint admins but not to occasional visitors: when you patch SharePoint with an official update, it is not enough to run the patch. You also have to update the configuration with psconfig -update or the configuration wizard, to update the metadata.

And after all that, in my very simple SharePoint setup, I still have warnings in Health Analyzer about missing server side dependencies for WebPart class [8d6034c4-a416-e535-281a-6b714894e1aa] – I am not sure why the Analyzer cannot look up the GUID somewhere and present something more meaningful, nor why the “More information about this rule” link in the analyzer takes you to the SharePoint Server home page rather than anywhere useful.

That said, I am pleased with my setup. It makes getting at documents when out and about very easy, particularly with mapped drive integration. I also found several iPhone clients – Steve McDonnell has a round up – and installed the free Moprise to get started. Performance is rather good; and while it has little advantage over Dropbox for an individual, in a corporate environment it makes sense.

My immediate conclusion is that specialising in SharePoint consultancy and administration is probably a smart move if you have the requisite skills; but that tinkering with SharePoint is something non-specialists are unlikely to enjoy. Shifting the administrative burden to Microsoft by using its hosted SharePoint is attractive, as is using an alternative collaboration and document platform such as Google Apps, though the two platforms are not very alike.

The top Silverlight feature request: implement on more platforms

One of the things mentioned by Microsoft VP Scott Guthrie in his Firestarter keynote yesterday was that Silverlight 5, the new version set for release in 2011, implements some 70% of what users have voted for. I presume he means the feedback forum here. But look what the top request is – as noted by a comment to yesterday’s post:

image

Looking at the comments, Android is a common request, and relatively easy for Microsoft to achieve given the open nature of that platform.

This was apparently not part of the 70% though. Instead, Guthrie introduced more Windows-only features – showing that concerns about divergence between Windows and Mac implementations when Microsoft announced COM support at the 2009 PDC were justified.

What if Microsoft had purchased Novell, or purchased Mono from Novell, instead of letting it go to Attachmate? It would have enabled Microsoft to unify the Windows and Linux implementations as well as building on the work the Mono team has done on compilation for iOS.

That dream is over though; the Silverlight application strategy seems focused on making it better for Windows-platform corporations.

Silverlight 5 unveiled: more power, more Windows

Microsoft has announced details of Silverlight 5, a major new release of its browser plug-in and desktop runtime for Windows and Mac. Silverlight is also the primary application runtime for Windows Phone 7, though this update does not apply to the phone yet. Silverlight 5 will go into beta in the first half of 2011, and release is planned for the second half of 2011 – no more than a year or so away.

So what’s in Silverlight 5?

On the media side, there is hardware decoding of H.264 video (an overdue feature) plus enhancements including TrickPlay which enables fast-forward and rewind. There is also remote control support of some kind. According to VP Scott Guthrie, you will be able to stream HD video to a netbook.

The bigger area of change is in Silverlight as an application runtime. Here are the highlights:

  • Text rendering is much improved, with multi-columns, OpenType support, and control of tracking and leading.
  • Postscript vector printing greatly improves printing support, and you can now create a dedicated print view different from what is on screen.
  • A new hardware-accelerated 3D graphics API, as well as immediate mode graphics which lets you render directly to the GPU.
  • There is a 64-bit version of Silverlight 5.
  • WS-Trust support for secure messaging in tandem with Windows Communication Foundation.
  • Databinding enhancements, and support for debugging a binding by setting a breakpoint on it.

Alongside these, trusted Silverlight applications have new capabilities. But what is a trusted application? In the past, Silverlight applications become trusted if they run out of the browser and the user gives permission via a dialog. In Silverlight 5 this changes. A Silverlight application can be trusted within the browser as well, though Microsoft says this only works “when enabled via a group policy registry key and an application certificate”. This implies that the feature is aimed at corporate environments rather than for applets with a broad reach.

Once trusted, an in-browser Silverlight applet has the following additional features:

  • A new web browser control lets you host HTML content within a Silverlight application.
  • Read and write access to My Documents
  • Ability to launch Microsoft Office applications – examples include creating an email message or opening a report in Word
  • Access to COM components – Microsoft gives the example of accessing a USB security key or a bar-code scanner
  • Ability to call native code vith PInvoke (Platform Invoke)

In addition, out of browser applications support multiple windows including child windows, so they can be made to behave even more like normal desktop Windows applications.

You can see the theme here: making trusted Silverlight applications more powerful so that a larger proportion of custom business applications can be implemented in the browser or as Silverlight out-of-browser applications, rather than as traditional Windows applications that require desktop deployment. Put this together with Office 365 and Windows Azure, and you can see how well Silverlight works as a component in Microsoft’s cloud stack – provided users do not have anything inconvenient like an Apple iPad.

But what about the Mac? All these “trusted” features appear to be Windows-only. I asked about Mac support and was told:

We’re evaluating mechanisms for enabling similar trusted applications on the mac.

Fair enough; but the way this is put does suggest that having retreated from any ambitions for broad device reach in statements at the recent PDC conference, it now seems that Microsoft is further retreating from Mac and Windows parity, and moving Silverlight more towards being an application runtime for Windows – though note that there will still be a Silverlight 5 for the Mac and which will have the features that do not require COM or PInvoke.

It is disappointing that there is still no built-in local database support, though there are third-party offerings.

There are a couple of ways to look at Silverlight. Microsoft’s lack of commitment to cross-platform parity and its unwillingness to address broad device support means it does not look good as a broad-reach browser plugin, despite its great features on systems that do support it.

On the other hand, as an alternative to desktop Windows applications Silverlight looks increasingly attractive as its capabilities increase.

More information on the new features here – though note it neglects to mention what will and will not work on a Mac.