>> A substantial reason I'm not using debian/devuan is LTS support.RPvs> Debian has its own version of LTS: https://wiki.debian.org/LTS Yeah, I've seen that. Not a lot of faith in it though. It sounds a lot like "trust me, someone's going to do it." [I know, cheap, quick, well done - and I want all three. Sigh.] If they'd been doing it the last five years and it worked, then I'd feel better about it.>>I'm >> glad to be schooled in that regard, if someone has arguments to make. >> But I generally want to install a VM/Server/Box for a client and >> leave it alone as much as possible for as long as possible, and while >> it still works as initially designed. Less drama for me (less income >> perhaps too) and I can leave it sit, knowing that security patches >> are going to get applied and I don't need to do much, other than to >> watch that it stays healthy.RPvs> Also know as 'sit and let it bit-rot' ;-) MMMM. Bit-rot! Delicious! [Or does it get *better* with age, like Whiskey?]>> So, how do you all handle the Debian, IIRC, two year cycle? Do Debian >> upgrades go off pretty smoothly, so you have a 99% chance of moving >> from, say, jessie to stretch without any hassles other than mostly >> "apt-get distro upgrade" or whatever it is?RPvs> Can only speak for myself, but dist-upgrade has always worked for me, RPvs> okay there might be minor glitches, but never anything major. RPvs> Having said that, it might be slightly easier to install a new OS and RPvs> the latest version of Samba, especially if it is a DC. RPvs>>> Some of that angst gets less potent as more stuff moves to VM's etc. >> But even then, it's not a totally trivial concern either.RPvs> For a DC it is trivial ;-) and not much harder for a Unix domain member. So, lets assume I've got a samba DC - pure samba, no Win AD boxes at all. Rather than upgrading the in-place DC's you'd might simply spin up a new DC join it to the domain, and then migrate everything [roles] etc? Is there any downside to doing that? [And that does get around version upgrades, and follows how I generally like to do things - spin up new, and never upgrade an in-place setup. That way, if something really goes south, I can simply turn the "old" one back on and try again.]
On Tue, 31 Jul 2018 12:34:28 -0700 Gregory Sloop via samba <samba at lists.samba.org> wrote:> > >> A substantial reason I'm not using debian/devuan is LTS support. > > RPvs> Debian has its own version of LTS: https://wiki.debian.org/LTS > > Yeah, I've seen that. Not a lot of faith in it though. It sounds a > lot like "trust me, someone's going to do it." [I know, cheap, quick, > well done - and I want all three. Sigh.] If they'd been doing it the > last five years and it worked, then I'd feel better about it.From my understanding, they have been doing it for 5 years.> > >>I'm > >> glad to be schooled in that regard, if someone has arguments to > >> make. But I generally want to install a VM/Server/Box for a client > >> and leave it alone as much as possible for as long as possible, > >> and while it still works as initially designed. Less drama for me > >> (less income perhaps too) and I can leave it sit, knowing that > >> security patches are going to get applied and I don't need to do > >> much, other than to watch that it stays healthy. > > RPvs> Also know as 'sit and let it bit-rot' ;-) > > MMMM. Bit-rot! Delicious! [Or does it get *better* with age, like > Whiskey?]Surely you mean 'whisky', everything else is just posh moonshine. LOL No software only get better if it is maintained.> > >> So, how do you all handle the Debian, IIRC, two year cycle? Do > >> Debian upgrades go off pretty smoothly, so you have a 99% chance > >> of moving from, say, jessie to stretch without any hassles other > >> than mostly "apt-get distro upgrade" or whatever it is? > > RPvs> Can only speak for myself, but dist-upgrade has always worked > RPvs> for me, okay there might be minor glitches, but never anything > RPvs> major. > > RPvs> Having said that, it might be slightly easier to install a new > RPvs> OS and the latest version of Samba, especially if it is a DC. > RPvs> > > >> Some of that angst gets less potent as more stuff moves to VM's > >> etc. But even then, it's not a totally trivial concern either. > > RPvs> For a DC it is trivial ;-) and not much harder for a Unix > RPvs> domain member. > > So, lets assume I've got a samba DC - pure samba, no Win AD boxes at > all. > > Rather than upgrading the in-place DC's you'd might simply spin up a > new DC join it to the domain, and then migrate everything [roles] > etc? Is there any downside to doing that?No. it is probably the best way to do it.> > [And that does get around version upgrades, and follows how I > generally like to do things - spin up new, and never upgrade an > in-place setup. That way, if something really goes south, I can > simply turn the "old" one back on and try again.]Well yes, leave the old one running, create a new DC and then when you are sure it is running correctly, demote and remove the old DC. Rowland
Hi Guys,> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland Penny via samba > Verzonden: dinsdag 31 juli 2018 21:57 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Louis; re:your repo and Ubuntu 18.04 > > On Tue, 31 Jul 2018 12:34:28 -0700 > Gregory Sloop via samba <samba at lists.samba.org> wrote: > > > > > >> A substantial reason I'm not using debian/devuan is LTS support.Which is exact the reason why i use Debian as primary OS. The debian cycle in upgrade works (for me) better then the Ubuntu. I do use Ubuntu 18.04 and 16.04, but not at the office, mainly due to failing dist-upgrade on ubuntu. And note, my ubuntu installs are done the same way as my Debian installs. In my opinion Debian = LTS.> > > > RPvs> Debian has its own version of LTS: https://wiki.debian.org/LTS > > > > Yeah, I've seen that. Not a lot of faith in it though. It sounds a > > lot like "trust me, someone's going to do it." [I know, > cheap, quick, > > well done - and I want all three. Sigh.] If they'd been doing it the > > last five years and it worked, then I'd feel better about it. > > From my understanding, they have been doing it for 5 years.I must also say, i dont use the Debian LTS lines. I keep going in the stable upgrade (2y cycle), and thats just because i notice improvements with every upgrade. Some people may not like these upgrade (think in sysv systemd ), i just adapt.> > > > > >>I'm > > >> glad to be schooled in that regard, if someone has arguments to > > >> make. But I generally want to install a VM/Server/Box > for a client > > >> and leave it alone as much as possible for as long as possible, > > >> and while it still works as initially designed. Less drama for me > > >> (less income perhaps too) and I can leave it sit, knowing that > > >> security patches are going to get applied and I don't need to do > > >> much, other than to watch that it stays healthy.Well thats what i do. My system now run almost without maintainance at least manual.> > > > RPvs> Also know as 'sit and let it bit-rot' ;-) > > > > MMMM. Bit-rot! Delicious! [Or does it get *better* with age, like > > Whiskey?] > > Surely you mean 'whisky', everything else is just posh moonshine. LOL > > No software only get better if it is maintained. > > > > > >> So, how do you all handle the Debian, IIRC, two year cycle? Do > > >> Debian upgrades go off pretty smoothly, so you have a 99% chance > > >> of moving from, say, jessie to stretch without any hassles other > > >> than mostly "apt-get distro upgrade" or whatever it is?I use unattended upgrade on all my servers, no problems so far. I've set that up in feb 2018, and is running like that since then, incl kernel upgrades and auto reboots. ! Yes, you can do that also with ubuntu, but i've ended up a multiple times with a not booting ubuntu, while this never happend on my Debian systems. For the dist-upgrade, in the 2 year cycle goes very smooth but yes, i did calculated that in my install. This is why i have such a strict setups and very clean installs. This results in flawless upgrades. For example, my DC's, these started with Debian Wheezy, samba 4.1 These are upgraded to jessie and are now Debian Stretch with samba 4.8.3 My point, debian (clean install) with samba and not to much extras resulted for me in almost no hands up maintanance.> > > > RPvs> Can only speak for myself, but dist-upgrade has always worked > > RPvs> for me, okay there might be minor glitches, but never anything > > RPvs> major. > > > > RPvs> Having said that, it might be slightly easier to install a new > > RPvs> OS and the latest version of Samba, especially if it is a DC. > > RPvs> > > > > >> Some of that angst gets less potent as more stuff moves to VM's > > >> etc. But even then, it's not a totally trivial concern either. > > > > RPvs> For a DC it is trivial ;-) and not much harder for a Unix > > RPvs> domain member. > > > > So, lets assume I've got a samba DC - pure samba, no Win AD boxes at > > all. > > > > Rather than upgrading the in-place DC's you'd might simply spin up a > > new DC join it to the domain, and then migrate everything [roles] > > etc? Is there any downside to doing that? > > No. it is probably the best way to do it.Hmm, i just upgrade my servers. My last "dist-upgrade" on a DC took me about 10-15 min. Thats possible if you DC is only DC and you installed minimal. my DC for example uses only 1.8GB used space, so not much to upgrade.> > > > > [And that does get around version upgrades, and follows how I > > generally like to do things - spin up new, and never upgrade an > > in-place setup. That way, if something really goes south, I can > > simply turn the "old" one back on and try again.] > > Well yes, leave the old one running, create a new DC and then when you > are sure it is running correctly, demote and remove the old DC. > > Rowland >In case of samba upgrades. As noted for the last samba 4.8 you make the repo line stretch-samba48. All next samba versions will en up in a "os-name-sambaXX version" repo line. This to make sure your samba does not upgrade from for example from 4.8 to 4.9 Choose a repo and you stay with that until you change your repo lines. Safety first in upgrades. And know, what i do is best effort, but i use samba so much, this is my pay back to the community, And as long im able to, i'll maintain the unreleased samba versions for Debian. Which imo has a big advantage because samba is fast moving product, and even that the debian maintainer work had to keep up. Due to policys its not always possible to put a newer samba line in debian ( mainly due to behaivior changes ). As lots of people noticed with the 4.4 to 4.5 to 4.6 to 4.7 to 4.8 upgrades.. But thats also because, ( as i myself sometimes do ), just upgrade and see what happens and than fix the last problems. In case of the samba upgrade these did all fail due to smb.conf changes. Now this is greatly improved in samba 4.8.3, Mathieu Parent ( Debian Samba Maintainer ), is doing a great job here. And i try to help/improve where i can, i pick up the things from samba git(salsa now) and process that in my packages. Last, the Ubuntu packages, i make these on best effort and if people ask. Debian Stretch and Ubuntu 18.04 are pretty close. I changed the repo line in 4.8 so all needed packages are not spread anymore over 1-2-3 repo lines, but you only use one as of 4.8 This make a rebuild for Ubuntu more easy, and in the current case, its possible to use the debian stretch 4.8 also in ubuntu 18.04 ONE BIG SIDENOTE HERE... Using the debian samba on ubuntu works fine, IF, you setup clean. I do not advice these for a server with a lot of extra things installed. One of my goals for samba and debian is the following. If you run jessie and want to upgrade to stretch. - Add my backported samba packages to jessie ( 4.5.12bpo ), these should match the version of then next debian. - Upgrade samba on jessie, fix the smb.conf here needed. - Upgrade jessie to stretch, and your done. - And now you choose, say with the debian packages or move up with my packages. If you run stretch and want to upgrade to buster. ( ! When buster is the new stable. ) - Add my backported samba packages to stretch ( 4.8.x ) atm, this might be 4.9 when buster is released. - Upgrade samba on stretch, this wil match with the next version of samba on the debian buster release, fix the smb.conf here needed. - Upgrade stretch to buster, and your done. - And again, now you choose, say with the debian packages or move up with my packages. This is what i try to make work every time, if an os release get upgraded, i make sure the next samba is available before you upgrade. This way, you dont have problem with the upgrades, at least, this process works great for me. And after every upgrade you can choose to use my or debian packages. Other questions? Just ask. Greetz, Louis
Hello everyone,
I'm doing something similar to Louis, I ran unattended update for the
past 17 years on Debian, never had an issue. Also on a computer pool for
University of Erlangen with approx 200 workstations. I also ran unattended
updates on other distros and had issues (SLES: RHEL) for customers who
wantes this distros. One example would be a /tmp cleaner that deleted
the whole system or another a selinux rule which blocked the startup of
the firewall. I have systems which run Debian for 20 years, without a
reinstallation. The hardware has changed multiple times it was
constantly upgraded, no issues. I also moved systems remotely from one
provider to another. I also upgraded three of my main servers
running 30+ services on it from 32 bit to 64 bit using Debian. It is not
supported, but it works. Friends of mine have done simliar stuff. Just
last week I upgraded a system from a friend which is serving as PBX from
Debian Etch (4) to Debian Stretch (9) without an issue. The system ran
without an issue for 11 years on an internal network. Now we had to
update asterisk and upgraded Debian as well. All customers of mine run
Debian, without issues. Sometimes I try Ubuntu. The last time I tried it
a few years big their LTS released choked on me producing a bootable
system. After 30 minutes, I did not even search for the reason and went
straight back to Debian. I also run Debian stable on the Desktop for
approx 17 years.
Cheers,
Thomas
Ahhh. Also an "oldie" then. :-) +1 :-)) I started with debian in 1999. Tried all the top distros and i always went back to Debian. I was a debian potato starter. And :)) same here, i've also have some broken hardware. I swapped the raidcontroller and the harddisk, boot, change the ETH mac adresses. Reboot and done running again, happend on my old nt4 PDC. And something the same with a hosting server, hardward died, Debian Died due to corrupted files. Mounted the old filesystem, synced it to the new disk, including the errors, then I did a new install OVER the existing os and files, them reboot and up again. I really like Debian.. :-)) I do like Ubuntu mate 18.04 also as desktop, im using that now at home to test out if im able to remove my win10 pc. Probely still need w10 for my gaming, but i HATE the crappy windows updates, imo very low quality lately. @Thomas, Good to know you know Asterisk, i might have some questions about Asterisk in the future. ;-) Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Thomas Glanzmann via samba > Verzonden: woensdag 1 augustus 2018 10:22 > Aan: L.P.H. van Belle via samba > Onderwerp: Re: [Samba] Louis; re:your repo and Ubuntu 18.04 > > Hello everyone, > I'm doing something similar to Louis, I ran unattended update for the > past 17 years on Debian, never had an issue. Also on a > computer pool for > University of Erlangen with approx 200 workstations. I also > ran unattended > updates on other distros and had issues (SLES: RHEL) for customers who > wantes this distros. One example would be a /tmp cleaner that deleted > the whole system or another a selinux rule which blocked the > startup of > the firewall. I have systems which run Debian for 20 years, without a > reinstallation. The hardware has changed multiple times it was > constantly upgraded, no issues. I also moved systems remotely from one > provider to another. I also upgraded three of my main servers > running 30+ services on it from 32 bit to 64 bit using > Debian. It is not > supported, but it works. Friends of mine have done simliar stuff. Just > last week I upgraded a system from a friend which is serving > as PBX from > Debian Etch (4) to Debian Stretch (9) without an issue. The system ran > without an issue for 11 years on an internal network. Now we had to > update asterisk and upgraded Debian as well. All customers of mine run > Debian, without issues. Sometimes I try Ubuntu. The last time > I tried it > a few years big their LTS released choked on me producing a bootable > system. After 30 minutes, I did not even search for the > reason and went > straight back to Debian. I also run Debian stable on the Desktop for > approx 17 years. > > Cheers, > Thomas > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
On 7/31/2018 3:56 PM, Rowland Penny via samba wrote:> On Tue, 31 Jul 2018 12:34:28 -0700 > Gregory Sloop via samba <samba at lists.samba.org> wrote:** SNIP **> > Rather than upgrading the in-place DC's you'd might simply spin up a > new DC join it to the domain, and then migrate everything [roles] > etc? Is there any downside to doing that? > No. it is probably the best way to do it. > > > Rowland >I see this mentioned on the list about creating a new DC and migrating everything over vs. an in place upgrade. I would expect this practice to be detrimental to the rid pool. I would expect Samba to behave the same as a Microsoft DC. Once you demote and remove a DC, it's rid's are lost and can never be allocated. This may be trivial with small networks, but with larger ones greater care has to be considered when choosing an in place vs. migration I expect. On a side note all my DC's starting with Samba 4.0 has been on Ubuntu and doing an in place upgrade without fail. I also maintained my use of Ubuntu because of LTS. I don't do unattended upgrades however. - James