Comments on: Linux, Solaris & Windows: The Application Management Q&A http://redmonk.com/sogrady/2005/08/09/linux-solaris-windows-the-application-management-qa/ because technology is just another ecosystem Thu, 04 Dec 2008 23:33:10 +0000 http://wordpress.org/?v=2.6.3 By: James Governor http://redmonk.com/sogrady/2005/08/09/linux-solaris-windows-the-application-management-qa/#comment-969 James Governor Thu, 11 Aug 2005 15:46:57 +0000 http://redmonk.com/sogrady/wp/?p=532#comment-969 this is great solid analysis stephen. but calling it application management is inappropriate, imho. application management is my bailiwick no? its an operational management discipline. folks like BMC and Tivoli do application management. Of course as they push into the config database market there is more overlap, but i would still rather you used round pegs for round holes. i would go with ryan's terminology and call it package management, which is more constrained, but also i believe more accurate. and it is generally accepted terminology. you are in the main talking to lower level constructs than applications? this is about stack management - that you then deploy to, no? this is great solid analysis stephen. but calling it application management is inappropriate, imho.

application management is my bailiwick no? its an operational management discipline. folks like BMC and Tivoli do application management.

Of course as they push into the config database market there is more overlap, but i would still rather you used round pegs for round holes.

i would go with ryan’s terminology and call it package management, which is more constrained, but also i believe more accurate. and it is generally accepted terminology.

you are in the main talking to lower level constructs than applications? this is about stack management - that you then deploy to, no?

]]> By: Dennis Clarke http://redmonk.com/sogrady/2005/08/09/linux-solaris-windows-the-application-management-qa/#comment-968 Dennis Clarke Thu, 11 Aug 2005 11:38:10 +0000 http://redmonk.com/sogrady/wp/?p=532#comment-968 In actual fact we have about 1100 software packages at Blastwave and its up to the reader to determine what constitutes an "application". Suffice it to say that a large number of dependencies are handled. Of far greater value will be the shift towards an open build model that will expose the porting efforts of the developers to the world. A single one stop shopping place to find all the code changes and knowledge that is used to perform code porting to Solaris is being built now. Ultimately this will aid the OpenSolaris port to PowerPC and Power Architecture ( codename Polaris ) at www.BlastWare.org and Blastwave. Dennis Clarke Director Blastwave.org In actual fact we have about 1100 software packages at Blastwave and its up to the reader to determine what constitutes an “application”. Suffice it to say that a large number of dependencies are handled. Of far greater value will be the shift towards an open build model that will expose the porting efforts of the developers to the world. A single one stop shopping place to find all the code changes and knowledge that is used to perform code porting to Solaris is being built now. Ultimately this will aid the OpenSolaris port to PowerPC and Power Architecture ( codename Polaris ) at http://www.BlastWare.org and Blastwave.

Dennis Clarke
Director Blastwave.org

]]> By: Ryan Tomayko http://redmonk.com/sogrady/2005/08/09/linux-solaris-windows-the-application-management-qa/#comment-967 Ryan Tomayko Tue, 09 Aug 2005 20:02:42 +0000 http://redmonk.com/sogrady/wp/?p=532#comment-967 You can also do a ton of stuff completely unattended. This is a huge pro when your managing a lab or large number of machines. I think that's the it Seth was scratching when he built Yum. He admins Duke's physics department and wanted a higher level tool for performing regular updates and installs. You can also do a ton of stuff completely unattended. This is a huge pro when your managing a lab or large number of machines. I think that’s the it Seth was scratching when he built Yum. He admins Duke’s physics department and wanted a higher level tool for performing regular updates and installs.

]]> By: Ryan Tomayko http://redmonk.com/sogrady/2005/08/09/linux-solaris-windows-the-application-management-qa/#comment-966 Ryan Tomayko Tue, 09 Aug 2005 19:55:46 +0000 http://redmonk.com/sogrady/wp/?p=532#comment-966 I must say, I'm liking this mini Q/A thing you've been doing. It lets you tackle a lot of different points in a small space and seems to work surprising well with the blog format. But yea, package management rocks. You should have mentioned a little about how this helps with security by allowing a (usually large) subset of a packages' files to be installed with strict permissions. Packaging is also heavily declarative stating where stuff should go and the packaging tool handles performing the actual install. Compare that to imperative installers like InstallShield that are usually fully executable and shipped around each time. Most packages have small sections that run tiny scriptlets but there's a push to move as much as possible into declarative territory. Not only that but many of the packaging communities have really nailed GPG signing of packages which provides another layer of security. I can be relatively sure that packages installed from yum are exactly as the original author distributed with a potential small set of changes by the package maintainer. The whole GPG web of trust thing is super interesting to me and seems to be working at least for the Fedora Extras repository. Lastly, I think there's a killer-app waiting to be written that utilizes the metadata available from the package management system to determine what files are base/package-provided vs. those that are user-edited. This can be used figure out an absolute minimum backup set that excludes files provided by the distro. I wrote a piece on this a couple years ago and I still think it's a great idea: I'm sure there's other ways external apps could use the repository and locally installed package metadata. Yum has come a long way here and provides a clean python API to querying remote repositories. We're seeing all kinds of interesting add-on scripts. To sum up, I totally agree with you here. Package management is sooooo under-rated. This might be, as you said, because the people that enjoy it consider a fundamental aspect of the system. Fundamentals suffer from lack of discussion sometimes. Indeed, my friend Seth Vidal (Yum maintainer) ripped me apart when I switched to OS X - not because of the freedom issue, but because it lacked a native package management solution. That's just plain unacceptable to many. While I'd love to see the native Mac apps provided as part of darwinports or fink, I've had relatively few problems with the handfull of native Mac apps I run on a regular basis. Package management thrives in small-pieces-loosely-joined environments. Actually, I'd go further and say that package management is a key aspect to enabling small-pieces-loosely-joined systems. I must say, I’m liking this mini Q/A thing you’ve been doing. It lets you tackle a lot of different points in a small space and seems to work surprising well with the blog format.

But yea, package management rocks. You should have mentioned a little about how this helps with security by allowing a (usually large) subset of a packages’ files to be installed with strict permissions.

Packaging is also heavily declarative stating where stuff should go and the packaging tool handles performing the actual install. Compare that to imperative installers like InstallShield that are usually fully executable and shipped around each time. Most packages have small sections that run tiny scriptlets but there’s a push to move as much as possible into declarative territory.

Not only that but many of the packaging communities have really nailed GPG signing of packages which provides another layer of security. I can be relatively sure that packages installed from yum are exactly as the original author distributed with a potential small set of changes by the package maintainer. The whole GPG web of trust thing is super interesting to me and seems to be working at least for the Fedora Extras repository.

Lastly, I think there’s a killer-app waiting to be written that utilizes the metadata available from the package management system to determine what files are base/package-provided vs. those that are user-edited. This can be used figure out an absolute minimum backup set that excludes files provided by the distro. I wrote a piece on this a couple years ago and I still think it’s a great idea:

I’m sure there’s other ways external apps could use the repository and locally installed package metadata. Yum has come a long way here and provides a clean python API to querying remote repositories. We’re seeing all kinds of interesting add-on scripts.

To sum up, I totally agree with you here. Package management is sooooo under-rated. This might be, as you said, because the people that enjoy it consider a fundamental aspect of the system. Fundamentals suffer from lack of discussion sometimes.

Indeed, my friend Seth Vidal (Yum maintainer) ripped me apart when I switched to OS X - not because of the freedom issue, but because it lacked a native package management solution. That’s just plain unacceptable to many.

While I’d love to see the native Mac apps provided as part of darwinports or fink, I’ve had relatively few problems with the handfull of native Mac apps I run on a regular basis. Package management thrives in small-pieces-loosely-joined environments. Actually, I’d go further and say that package management is a key aspect to enabling small-pieces-loosely-joined systems.

]]>