CentOS - May 2015 - VirtIO drivers and CentOS 5.4(Final)

Leon Fauster wrote:
> Am 06.05.2015 um 13:04 schrieb lhecking at users.sourceforge.net:
>>
>>> You have several hundred more Critical or Important security
updates
>>> outstanding.  If that box touches the Internet in any way, it is
likely
>>> compromised.  Just in the last 6 months there are 21 Important or
>>> Critical updates.
<snip>
>> While I'm all for keeping machines current, there are production
>> environments where upgrading is a huge pain or outright impossible.
>
> updating vs upgrading?
>
> and such "impossible" cases are rare compared to the majority of
> EL OS installations. Saying that because the implicitness should
> be systems in a current state and not contrariwise.
>
>> Where any upgrades need to undergo a rigorous QA process.
>
> the solution: automation
And a) the manager who made the decision to not upgrade needs to be made
aware of a) the dangers of *not* upgrading; b) the minimal risks up an
upgrade (security & bugfixes), and c) needs to stop coming up with
impossible schedules and put time into that least sexy thing of all,
maintenance of infrastructure.

And I, personally, would want an email from aforesaid manager telling me
not to do any upgrades, which I would print out in several copies and put
in a secure place....
<snip>

       mark "CYA"

> And I, personally, would want an email from aforesaid manager telling me
> not to do any upgrades, which I would print out in several copies and put
> in a secure place....
> <snip>
 You do not understand the situation I presented. This is about avoiding
 a situation where in a highly complex envirnoment, due to a quirk in one
 of the dozens of tools involved in designing your product, the product
 suddenly changes because libc was updated to a newer rev. So you keep your
 design environment static - all parts of it. We're talking business process
 here, not some stand-alone, uninformed PHB decision.

On Wed, May 6, 2015 9:28 am, lhecking at users.sourceforge.net
wrote:
>
>> And I, personally, would want an email from aforesaid manager telling
me
>> not to do any upgrades, which I would print out in several copies and
>> put
>> in a secure place....
>> <snip>
>
>  You do not understand the situation I presented. This is about avoiding
>  a situation where in a highly complex envirnoment, due to a quirk in one
>  of the dozens of tools involved in designing your product, the product
>  suddenly changes because libc was updated to a newer rev. So you keep
> your
>  design environment static - all parts of it. We're talking business
> process
>  here, not some stand-alone, uninformed PHB decision.
>
I can understand you - on a smaller scale...

<rant>

I have a couple of boxes with NVIDIA cards and fancy screen setup. I have
to use NVIDIA proprietary driver, open source driver does not support
configuration. Darn Nvidia never released enough information about their
chip's internals for open source developers to be able to write more
versatile driver. I hate Nvidia for that. I love their competitor ATI: not
only open source driver is way better, their proprietary drivers are
consistently less buggy, and the same can be said about chips, at least
I've never seen artifacts on ATI cards, I've seen artifacts on NVIDIA
based cards a few times.

Now, back to my boxes. NVIDIA declared these fancy cards obsolete (the are
only about 6 years old, and hardware still does appropriate job for what
we need). There is no proprietary NVIDIA driver which you can install with
latest kernels (latest speaking CentOS 6 kernels). You know you have to
compile kernel interface for their binary driver. No way: no updated
binary driver for these my obsoleted by NVIDIA cards. So, NVIDIA locked me
on these boxes to older kernel.

So, how would you like this company after that!?

</rant>

Valeri

++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

Am 06.05.2015 um 16:28 schrieb lhecking at
users.sourceforge.net:
> 
>> And I, personally, would want an email from aforesaid manager telling
me
>> not to do any upgrades, which I would print out in several copies and
put
>> in a secure place....
>> <snip>
> 
> You do not understand the situation I presented. This is about avoiding
> a situation where in a highly complex envirnoment, due to a quirk in one
> of the dozens of tools involved in designing your product, the product
> suddenly changes because libc was updated to a newer rev. So you keep your
> design environment static - all parts of it. We're talking business
process
> here, not some stand-alone, uninformed PHB decision.

I am on your site - but this approach (your word, static) is also a goal 
of an enterprise operation system. So, your argument is valid but  
rare in the above example (libc breakage, enterprise context).

--
LF