Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 5 May 2009 18:45:12 +0200 (CEST)
From:      Oliver Fromme <olli@lurza.secnetix.de>
To:        freebsd-chat@FreeBSD.ORG
Subject:   Re: End of Life is Meaningless
Message-ID:  <200905051645.n45GjCmc080214@lurza.secnetix.de>
In-Reply-To: <310d12470905050843p1bd1f8aai19414b3ea06d962d@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Pete Ehlke <pde@rfc822.net> wrote:
 > Suppose I have a decent sized installation of 2000 machines, and they've
 > been running SomeOS v4.1 for three years. That's over 2 Million machine-days
 > of production experience I have with SomeOS v4.1. Sure, there are bugs,
 > there are behaviors that may not be ideal, and there may be things that I
 > have to work around. But with 2 Million machine-days under my belt, I pretty
 > much *understand* those bugs, behaviors, and workarounds, and I can with
 > fairly significant precision predict and model my installation.
 > 
 > Now, upgrade them. What do I have?
 > 
 > I have maybe eliminated some of the bugs and suboptimal behaviors that I
 > knew about, but now I have exactly Zero hours of production experience with
 > my new installation. There are new bugs that nobody knows about yet, new
 > behaviors to find, and new workarounds to develop. I can't, with any
 > precision, model my installation, and I can't effectively predict its
 > behavior.
 > 
 > Management is going to nail me on predictability. They couldn't give a rat's
 > butt about bugs and vulnerabilities, it's predictability and risk management
 > that counts.
 > 
 > That's why a lot of people in large installations won't upgrade.
 > Surprisingly often, there is no compelling reason to, and there are very
 > significant disincentives. It's by no means clear at all that 'a little
 > downtime' is the only cost of an upgrade.

So ... predictability, you say ...

Well, with that attitude you can predict that your 2000
machines will be part of a botnet (or smiliar) very soon.

Seriously, when you have an installation of 2000 machines,
you'd better have a good update plan including extensive
testing procedures, and some of those machines should be
reserved for testing.  That's what I do even with much
smaller installations.

There are only very few exceptions.  For example, when
those 2000 machines are not connected to any network, so
security vulnerabilities are not that much of an issue
(thinking of Pixar's render farm).

But if those machines run any kind of internet service,
you will regret not having a working update plan.

Best regards
   Oliver

-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

"The scanf() function is a large and complex beast that often does
something almost but not quite entirely unlike what you desired."
        -- Chris Torek



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200905051645.n45GjCmc080214>