[CentOS] about major version upgrades

Tue Feb 7 19:11:59 UTC 2012
Craig White <craig.white at ttiltd.com>

On Feb 7, 2012, at 10:38 AM, Les Mikesell wrote:

> On Tue, Feb 7, 2012 at 10:02 AM, Craig White <craig.white at ttiltd.com> wrote:
>> 
>>> For this reason it is often better to upgrade more frequently then every 7-10 years. Personally I have a 5 year max lifetime for my systems. Even then upgrades are painful and we try to stagger these so they all aren't due to upgrade at once.
>> ----
>> if you think about it, perhaps you are making the case for using a configuration management system like puppet where the configuration details are more or less abstracted from the underlying OS itself. Thus once running (and I'm not suggesting that it is a simple task), migrating servers from CentOS 5.x to 6.x or perhaps to Debian or Ubuntu becomes a relatively simple task as the configuration details come from the puppet server.
> 
> If it is possible to abstract the differences, perhaps you aren't
> using all the new features and didn't have to upgrade after all...
----
I suppose that if you believe that, then you are suffering from a lack of imagination. I can deploy LDAP authentication setups to either Ubuntu or CentOS with the various pam, nss, padl files which are vastly different in no time.

some of the differences can be accounted for from within puppet itself but others - and I'm talking about actual config files - the differences can be handled from within the templated config files which have enough business logic to change the output to various needs or simply use different templates altogether.

Of course there is an investment to get to this stage and if you've only got a handful of servers to upgrade, it may not be worth it but there is the satisfaction of knowing the configuration files are ensured to be what you intended them to be - to the point of if someone makes changes by hand, they are automatically changed back.

I'm only expressing the notion that it is entirely possible to get beyond the paradigm of locked in server installs on iron that takes a lot of effort to maintain (ie, update/upgrade X number_of_servers). There are some very sophisticated configuration management system, chef looked good, I chose to go with puppet and I've been very pleased with the depth and scope of puppet.

Craig