Date: Tue, 5 May 2009 18:45:12 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-chat@FreeBSD.ORG Subject: Re: End of Life is Meaningless Message-ID: <200905051645.n45GjCmc080214@lurza.secnetix.de> In-Reply-To: <310d12470905050843p1bd1f8aai19414b3ea06d962d@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Pete Ehlke <pde@rfc822.net> wrote: > Suppose I have a decent sized installation of 2000 machines, and they've > been running SomeOS v4.1 for three years. That's over 2 Million machine-days > of production experience I have with SomeOS v4.1. Sure, there are bugs, > there are behaviors that may not be ideal, and there may be things that I > have to work around. But with 2 Million machine-days under my belt, I pretty > much *understand* those bugs, behaviors, and workarounds, and I can with > fairly significant precision predict and model my installation. > > Now, upgrade them. What do I have? > > I have maybe eliminated some of the bugs and suboptimal behaviors that I > knew about, but now I have exactly Zero hours of production experience with > my new installation. There are new bugs that nobody knows about yet, new > behaviors to find, and new workarounds to develop. I can't, with any > precision, model my installation, and I can't effectively predict its > behavior. > > Management is going to nail me on predictability. They couldn't give a rat's > butt about bugs and vulnerabilities, it's predictability and risk management > that counts. > > That's why a lot of people in large installations won't upgrade. > Surprisingly often, there is no compelling reason to, and there are very > significant disincentives. It's by no means clear at all that 'a little > downtime' is the only cost of an upgrade. So ... predictability, you say ... Well, with that attitude you can predict that your 2000 machines will be part of a botnet (or smiliar) very soon. Seriously, when you have an installation of 2000 machines, you'd better have a good update plan including extensive testing procedures, and some of those machines should be reserved for testing. That's what I do even with much smaller installations. There are only very few exceptions. For example, when those 2000 machines are not connected to any network, so security vulnerabilities are not that much of an issue (thinking of Pixar's render farm). But if those machines run any kind of internet service, you will regret not having a working update plan. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "The scanf() function is a large and complex beast that often does something almost but not quite entirely unlike what you desired." -- Chris Torek
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200905051645.n45GjCmc080214>