mypapers/enterprise-software/enterprise-software.html

   1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
   2 <html>
   3   <head>
   4     <link rel="stylesheet" href="../mrtg-td/slides.css" type="text/css">
   5     <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
   6     <meta name="Language" content="en">
   7     <meta name="Author" content="Petter Reinholdtsen">
   8     <title>Writing enterprise ready software</title>
   9   </head>
  10   <body>
  11
  12     <h1>Writing enterprise ready software</h1>
  13
  14     <p></p>
  15
  16     <p><tt><a href="http://www.hungry.com/~pere/mypapers/enterprise-software/enterprise-software.html">http://www.hungry.com/~pere/mypapers/enterprise-software/enterprise-software.html</a></tt></p>
  17
  18     <div class="presenter">Petter Reinholdtsen
  19       <br>pere@hungry.com
  20       <br>Debconf5, Helsinki 2005-06-12</div>
  21
  22     <h2>Overview</h2>
  23     <ul>
  24
  25      <li>we are in trouble
  26      <li>clues for the clueless
  27      <li>multilevel configuration
  28
  29    </ul>
  30
  31 <h2>We are in trouble</h2>
  32
  33 <p>Some things are possible for 1 to 10 machines, and impossible with
  34   500 machines.  What do you do when you break the ssh configuration
  35   file on 700 machines?
  36
  37 <h2>Trouble moving</h2>
  38
  39 <p>With 60000 users and about 150 home directory file servers
  40  available from 12000 machines, users move from file server to file
  41  server.  This break several applications when the path to the users
  42  home directory changes.  (example: /mn/hegel/u1/pere to
  43  /usit/saruman/u1/pere).</p>
  44
  45 <!--
  46 Moving a user from one user disk to another break mozilla and
  47 openoffice configuration.  - not using relative paths
  48 -->
  49
  50 <h2>Downgrade trouble</h2>
  51
  52 <p>With 900 linux machines with common user database and home
  53 directories while running different versions of programs, users will
  54 run several versions of a program with the same configuration
  55 files.</p>
  56
  57 <!-- Trying to run with KDE 2 and 3 on different machines messes up
  58 the configuration - not handling downgrades
  59
  60 - handle up/downgrades - people will use different versions on
  61 different machines, with common home directories
  62
  63  -->
  64
  65 <h2>Some old trouble</h2>
  66
  67
  68 <p>Some users lost the source of their production systems, and need
  69 the binaries to keep working for 10-15 years.</p>
  70
  71 <!-- 15 year old binaries should keep working.  The source is lost
  72 long time ago, and the program is still used in production. -->
  73
  74 <h2>No room for more trouble</h2>
  75
  76 <p>When the file system for the PostgreSQL database in production goes
  77 full, one do not want to kick out 30000 users to take down the
  78 database and resize the file system.</p>
  79
  80 <h2>Disk trouble</h2>
  81
  82 <p>RAID is only only useful until the last redundancy disk is lost.
  83
  84 <p>Automatic RAID status systems need API or command line tools to
  85 extract the status.  Not like afacli, which go into interactive mode
  86 when an error is detected.
  87
  88 <h2>Installation trouble</h2>
  89
  90 <p>Trying to compile/install software on Irix, Solaris, Linux, HP-UX,
  91 Tru64 Unix, MacOSX and AIX when the process require a sysadmin to sit
  92 around to answer questions, change CDs, or insert licenses is both
  93 painful and prone to errors.</p>
  94
  95 <h2>Network trouble</h2>
  96
  97 <p>Trying to get some network server to work when it require to use
  98 some given port range, which is already taken by some other service
  99 and blocked in the router -- or try to get the corporate network
 100 gatekeeper to open up the firewall</p>
 101
 102 <h2>Version trouble</h2>
 103
 104 <p>Given three tcl or php applications, is there one version of TCL or
 105 PHP usable with all of these?
 106
 107 <h2>Usability trouble</h2>
 108
 109 <p>When starting a program from the menu, where does it go if nothing
 110 appear on the screen?
 111
 112 <p>Do users always read their ~/.xsession-error file?
 113
 114
 115 <h2>Clues for the clueless</h2>
 116
 117 <ul>
 118
 119 <li>at least three levels of config files; package defaults, site
 120   defaults and host defaults
 121
 122 <li>never ask questions at compile time.  when compiling automatically
 123   for 10 platforms, a sysadmin do not want to sit down and answer
 124   questions.
 125
 126 <li>split installation tasks in two, one for installation, and one for
 127   the operations needing root access. (build / configuration as well)
 128
 129 <li>make sure the software can be installed anywhere (location
 130   independent), avoid hard coding paths into the binaries.
 131
 132 <li>make the source available to make it possible to fix problems on
 133   site, and to use it on different platforms (os/hw) in the future
 134
 135 </ul>
 136
 137 <h2>More tips</h2>
 138
 139 <ul>
 140
 141 <li>Make paths into users home directories relative to ~user/, as users
 142   will move from disk to disk, or copy their home directory from site
 143   to site.  Always convert paths when saving config files.
 144
 145 <li>depend on as few libraries as possible, as it is a pain to get every
 146   extra library in place
 147
 148 <li>use well known libraries instead of making your own implementation.
 149   reduces the security risk.
 150
 151 <li>make sure libraries, and programming languages are backwards
 152   compatible.
 153
 154 <li>use a well known license.  it is a pain to evaluate every new
 155   license
 156
 157 </ul>
 158
 159 <h2>Make it easier for everyone</h2>
 160
 161 <ul>
 162
 163 <li>when distributing source, do not use vendor specific compiler
 164   features.  It will not work with the other vendors compilers used to
 165   compile on site.
 166
 167 <li>write portable code, make sure it works the same on all platforms.
 168
 169 <li>make the software work out of the box (require as little
 170   configuration as possible).
 171
 172 <li>avoid resource leaks (memory, shared memory, locks, file
 173   descriptors, X server resources, etc).  Restarting a long-running
 174   server is not always an option.
 175
 176 <li>system services should send messages to syslog.  always log why when
 177   crashing.  always log problems and errors.
 178
 179 </ul>
 180
 181 <h2>Final clues</h2>
 182
 183 <ul>
 184
 185 <li>reuse configuration when possible.  ktouch have its own x layout setting.
 186   better to fetch the current one from X like xkeycaps.
 187
 188 <li>providing hooks to the local administrators
 189
 190 <li>reduce flexibility.  trying to support people over the phone when
 191   the gui is different for every person is a pain.
 192
 193 </ul>
 194
 195     <h2>Solving the upgrade problem using multilevel
 196       configuration</h2>
 197
 198     <ul>
 199
 200       <li>local configuration should be kept during upgrades</li>
 201
 202       <li>do not change configuration file format</li>
 203
 204       <li>easiest to do if the local configuration is separate from the
 205         package default
 206
 207       <li>several actors what to have a say in the service
 208          configuration.  allow them to have their own files
 209
 210       <li>Example: read config from /usr/share/foo/config,
 211          /site/share/foo/config, /etc/foo/config, ~/.foo/config,
 212          /etc/foo/config.fixed, /site/share/foo/config.fixed,
 213          /usr/share/foo/config.fixed.
 214
 215       <li>make it possible to provide package, site, host and user
 216         defaults, as well as locking down features on a host, site and
 217         package level.
 218
 219       <li>always well known where the admin made his changes
 220
 221     </ul>
 222
 223     <h2>Thank you very much</h2>
 224
 225     <h3>Questions?</h3>
 226
 227   </body>
 228 </html>