How Microsoft came to terms with Linux

Embracing open source

Mentioning Windows and Linux together used to be a shortcut for talking about geek arguments rather less friendly than the Marmite ‘love it or hate it’ divide. Open source seemed to be an existential threat to Microsoft; instead, it’s become another way of reaching customers and working with communities and competitors. Cloud may have driven this new level of comfort with Linux as Microsoft, just as it’s driven involvement with once competitive technologies like Java and Oracle Database: more than half of the VMs on Azure famously run Linux rather than Windows, driven both by Linux servers moving to the cloud and by new cloud native technologies that are built on Linux.

But Microsoft’s wholehearted embrace of Linux (and open source generally, which often requires embracing Linux) covers far more than IaaS.

As well as Linux VMs, Azure also has services that provide access to Linux distributions, like HDInsight and the Azure Kubernetes Service. Some services that Microsoft was bringing to Windows, like container support, were already available for Linux, and Microsoft added support for those to Azure. The Windows team also used what they learned doing that to guide the development of containers for Windows, abandoning an internal project in favour of not just supporting the Docker format that had become standard in the Linux world but taking a dependency on that open source project, and then enhancing it with Windows-specific options.

.NET and Linux

Back in 2015, then Windows architect Jeffrey Snover talked about how Microsoft’s vision of the cloud was as much about supporting Linux workloads as Windows ones. “Throughout the [Windows Server] org, each of the teams now has a Linux team within them. We had a group in Windows Server doing Linux support for Hyper-V; now that’s everywhere and the .NET team is making .NET available on Linux.”

That was driven by customers’ desires to run .NET in a lightweight computing environment that they could stand up, restart and scale in an agile way with limited resources, which the full Windows Server and .NET stack didn’t then support as well. By bringing .NET to Linux, it became a programming platform that could work on smartwatches and smart TVs where Windows isn’t an option.

Microsoft Linux distros

Microsoft has developed several of its own special purpose Linux distributions for similarly constrained scenarios. Azure Sphere is a Linux-based IoT device hardware platform where resources are extremely constrained: it goes in small devices where power is an issue. Software for Open Networking in the Cloud (SONiC) is a network switch OS that runs on the Switch Abstraction Interface (SAI), a standardised API Microsoft designed to run on a wide range of network hardware (on top of OpenNetLinux) and provide a consistent interface. That means Azure can run the same software-defined networking system on network hardware from any vendor and only have to fix bugs once, instead of waiting for each vendor to fix their own version of a common vulnerability.

Customer convenience

Making PowerShell Core available for Linux meant that admins already used to PowerShell could use it for more tasks; PowerShell was already something of a universal tool, letting admins control everything from Exchange to VMware – now that includes AWS and Linux-powered network hardware, and again it works with tools that the Linux community expects to be able to use, like using Swagger to generate PowerShell modules from documents that describe REST APIs.

Bringing SQL Server to Linux was also about supporting customers on the platform they wanted to use (rather than losing them to open source SQL databases) and it let Microsoft take advantage of the availability of containers to let Linux admins and developers try out SQL Server quickly using Docker. In SQL Server 2019, that expands to running from Windows containers as well, plus using Kubernetes to deploy both the SQL Server database engine and Apache Spark with HDFS in a ‘big data’ cluster that can handle SQL and unstructured data together.

Just as Microsoft brought its antimalware tools to the Mac to protect Office 365 customers, it’s also bringing Defender ATP endpoint detection and response to Linux servers (this was teased in July and announced at Ignite) – because a hacker is going to attack all the systems a customer has, and a breach on one device endangers the others.

Windows Services for Linux

WSL (Windows Services for Linux), which runs multiple Linux distros and Linux binaries in Windows 10 was a critical feature for bringing back developers and admins who need to work with Linux servers and had been turning to the Mac because they could run bash scripts and other Linux binaries there without a VM – and those have become even more widespread with the rise of cloud-native app development. Now they can run those directly from Windows, using either the Windows kernel in WSL 1 or Microsoft’s own Linux kernel in WSL 2.

A Linux client for Teams – which Microsoft has been working on intermittently for the last couple of years and recently committed to – makes sense if Microsoft wants to compete with Slack, which already has a Linux client. The value of a company chat client is that every team in the company can use it to collaborate; without a Linux client for Teams, that means keeping a browser window open all the time, which just isn’t as convenient.

Microsoft is even considering building a version of its new Edge browser for Linux, although customer demand for that may be smaller.

From support to community involvement

Supporting Linux VMs on Azure and building WSL has meant working with the various Linux distros to support the versions of Linux that Microsoft customers want to use, as well as directly with maintainers of various Linux subsystems. Between Azure, WSL and its own Linux distributions, Microsoft sees customer issues and finds bugs in Linux running at enormous scale. The Microsoft security research centre gets so many security reports for Linux code from users and vendors that it’s joined not just the Linux Foundation – which is a corporate association as much as a technical one – and the Open Invention Network, but technical forums like the Linux kernel security mailing list.

Microsoft is even contributing the exFAT file system used in SD cards and USB flash drives (as well as in Windows) that was once protected by patents the company would sue over, to the OIN’s Linux System Definition as a defensive patent to protect Linux users from lawsuits. That major a change in direction has taken some time but it’s a typical example of what happens when Microsoft decides on a strategy

For Microsoft, Linux is no more a threat than Android or the iPad. Microsoft rightly views Linux as a way of extending and improving its platform so it does more of what users need, reaching more customers on the platforms they want to use and powering low level building blocks for networking that Windows and Azure benefit from. It’s a much more mature and, above all, pragmatic, approach.

For more information, contact the Grey Matter Services team: +44 (0)1364 654200 or email: [email protected]