Alban Hertroys
2014-Sep-02 10:01 UTC
[HEADSUP] pkg(8) is now the only package management tool
On 2 September 2014 11:08, Julian Elischer <julian at freebsd.org> wrote:> On 9/1/14, 8:03 PM, Andrew Berg wrote: >> >> On 2014.09.01 21:39, Julian Elischer wrote: >>> >>> sigh.. when are we as a project, all going to learn that reality in >>> business is >>> that you often need to install stuff that is old. Its not always your >>> choice. >>> The custommers require it.. >>> You should try arguing with someone like Bank of Americas security and >>> operations >>> department some day about whether they want to suddenly upgrade 300 >>> machines >>> for no real reason (from their perspective). >> >> FreeBSD minor version upgrades are meant to be non-disruptive. However, I >> will >> admit that I have not performed any such upgrades in a critical >> environment, so >> if you think they are disruptive, please enlighten me with the details. >> Also, there are options out there for getting support for extended periods >> if >> you need it. Some companies are built around providing support for things >> that >> the original developers have long abandoned because some businesses need >> it. > > > It's not how disruptive they are technically. > it's how many months of shakedown testing you have to go through before they > allow you to put new software on any production system.Just adding here, in commercial environments things don't change quickly or easily. Whether this applies to the current issue with pkg is not for me to say. For example, certain commercial upstream software vendors require to go through a certification process before they even consider supporting the new software you intend to use with theirs. Admittedly we haven't run into this issue in relation to FreeBSD, but we certainly have with Firefox. As an example, the last version of Firefox that Information Builders' WebFOCUS 7.7 supports is 3.6.7 (currently available versions are 31 or 32!) and for Internet Explorer that's 7 (currently at 11). If you run into any kind of problem, the standard answer is to use a browser that they support. Good luck with that! Firefox 3.6.7 was released on July 20, 2010; over 4 years ago. In such cases you're more or less required to keep an old system around that still has such old packages, if only to see if you can reproduce any issues you encounter (with modern versions of your software) on those old versions. With the deprecation of the old pkg_* tools you run into a conflict; You can either update packages that are _not_ under certification for such a vendor and get security updates and fixes using the new pkg, or you have to stick with the certified software and _not_ get any security updates or fixes. It gets more interesting if you have to deal with manufacturing processes (something we're looking to use FreeBSD for to replace our current OpenVMS systems before they go out of support), as often automatons write data to external databases and such software resides in PLC's. Manufacturing equipment tends to age and the kind of external databases they support is limited to what was available when they were new and the capabilities of the PLC involved. I can totally understand that at some point it starts to get impossible to maintain two separate packaging systems and I understand that you think 2 years is enough time to shake things out, but software vendors aren't that quick. For many, 2 years is a short time. Just saying... -- If you can't see the forest for the trees, Cut the trees and you'll see there is no forest.
Marcus von Appen
2014-Sep-02 10:52 UTC
[HEADSUP] pkg(8) is now the only package management tool
Alban Hertroys <haramrae at gmail.com>:> On 2 September 2014 11:08, Julian Elischer <julian at freebsd.org> wrote: >> On 9/1/14, 8:03 PM, Andrew Berg wrote: >>> >>> On 2014.09.01 21:39, Julian Elischer wrote: >>>> >>>> sigh.. when are we as a project, all going to learn that reality in >>>> business is >>>> that you often need to install stuff that is old. Its not always your >>>> choice. >>>> The custommers require it.. >>>> You should try arguing with someone like Bank of Americas security and >>>> operations >>>> department some day about whether they want to suddenly upgrade 300 >>>> machines >>>> for no real reason (from their perspective). >>> >>> FreeBSD minor version upgrades are meant to be non-disruptive. However, I >>> will >>> admit that I have not performed any such upgrades in a critical >>> environment, so >>> if you think they are disruptive, please enlighten me with the details. >>> Also, there are options out there for getting support for extended periods >>> if >>> you need it. Some companies are built around providing support for things >>> that >>> the original developers have long abandoned because some businesses need >>> it. >> >> >> It's not how disruptive they are technically. >> it's how many months of shakedown testing you have to go through before they >> allow you to put new software on any production system. > > Just adding here, in commercial environments things don't change > quickly or easily. Whether this applies to the current issue with pkg > is not for me to say. > > For example, certain commercial upstream software vendors require to > go through a certification process before they even consider > supporting the new software you intend to use with theirs. > > Admittedly we haven't run into this issue in relation to FreeBSD, but > we certainly have with Firefox. As an example, the last version of > Firefox that Information Builders' WebFOCUS 7.7 supports is 3.6.7 > (currently available versions are 31 or 32!) and for Internet Explorer > that's 7 (currently at 11). > If you run into any kind of problem, the standard answer is to use a > browser that they support. Good luck with that! > Firefox 3.6.7 was released on July 20, 2010; over 4 years ago. > > In such cases you're more or less required to keep an old system > around that still has such old packages, if only to see if you can > reproduce any issues you encounter (with modern versions of your > software) on those old versions. > > With the deprecation of the old pkg_* tools you run into a conflict; > You can either update packages that are _not_ under certification for > such a vendor and get security updates and fixes using the new pkg, or > you have to stick with the certified software and _not_ get any > security updates or fixes. > > > It gets more interesting if you have to deal with manufacturing > processes (something we're looking to use FreeBSD for to replace our > current OpenVMS systems before they go out of support), as often > automatons write data to external databases and such software resides > in PLC's. Manufacturing equipment tends to age and the kind of > external databases they support is limited to what was available when > they were new and the capabilities of the PLC involved. > > I can totally understand that at some point it starts to get > impossible to maintain two separate packaging systems and I understand > that you think 2 years is enough time to shake things out, but > software vendors aren't that quick. For many, 2 years is a short time. >It also should be noted that everyone had enough time to raise those issues in the time between tthe announcement and now. No one did. Now that it is gone, they are brought up, while they should have been long time ago instead. It can't work that way. My 2 cents in this discussion :-). Cheers Marcus
Michelle Sullivan
2014-Sep-02 11:47 UTC
Re: [HEADSUP] pkg(8) is now the only package management tool
Marcus von Appen wrote:> Alban Hertroys <haramrae@gmail.com>: > >> >> I can totally understand that at some point it starts to get >> impossible to maintain two separate packaging systems and I understand >> that you think 2 years is enough time to shake things out, but >> software vendors aren't that quick. For many, 2 years is a short time. >> > > It also should be noted that everyone had enough time to raise those > issues > in the time between tthe announcement and now. No one did. Now that it is > gone, they are brought up, while they should have been long time ago > instead. It can't work that way. > > My 2 cents in this discussion :-).Actually I brought it up as soon as I found the EOL was a deadline for breaking pkg_* tools, was told, "too late now" - that was more than 2 weeks ago, less than 2 months ago (forget the date) ... I'm happy with an EOL and working to upgrade everything, I'm not happy that the EOL was not actually an EOL and it was actually a deadline. -- Michelle Sullivan http://www.mhix.org/ _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
Brandon Allbery
2014-Sep-02 13:37 UTC
Re: [HEADSUP] pkg(8) is now the only package management tool
On Tue, Sep 2, 2014 at 6:52 AM, Marcus von Appen <mva@freebsd.org> wrote:> It also should be noted that everyone had enough time to raise those issues > in the time between tthe announcement and now >If this is an issue that needed to be brought up, then FreeBSD has apparently never before been used in an enterprise??? -- brandon s allbery kf8nh sine nomine associates allbery.b@gmail.com ballbery@sinenomine.net unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"