A Gentle Rant About Software Development and Installers 338
Nerval's Lobster writes "This is the story of the comparison that just wasn't meant to be. It's a story of everything that can go wrong in the customer end of the software world, and some thoughts on what needs to be done, especially in an area known as Installers. I'm a software engineer with 25 years of experience, and for years I've wanted to point out some of the shortcomings of my own industry to help make it better for everyone involved—not only for the end-users, but also for the IT people who have to support the products; the salespeople who have to sell and later, possibly, apologize for the software; for the executives whose hands are tied because they don't have the technical knowledge to roll up their sleeves and help fix problems in the code; and for the programmers themselves who might get stuck with what some consider the absolute worst position for a programmer: maintenance of crappy code written by programmers who have long since left the organization."
Put everything in the cloud! (Score:5, Funny)
Problem solved. I will come by later to pick up my consulting fee.
Re:Put everything in the cloud! (Score:5, Funny)
I don't mean to rain on your parade, but that seems a bit precipitate.
You know, there was a time when "vaporware" was a bad thing.
Re: (Score:3)
Could you condense that for me?
Re: (Score:3)
Put everything in the cloud!
Problem solved. I will come by later to pick up my consulting fee.
Close, IMO. Put everything in a virtual machine image. For complex "enterprise" software, anyhow, you might as well have one (or several!) VMs for the product install. Just start up the VMs, give them static IPs where needed, and install done.
That's the "cloud" model, and there's no reason not to use it locally. With modern thin hypervisors you're not going to notice a performance difference and why ever worry about how two complex softwre installs might interact on the same OS install? Don't even go t
It's the submitter's fault. (Score:2)
Not as a user, the guy has been writing software for 20 years and complains about poor design and bugs? Nerval's Lobster should clean up his own house.
I wonder how the UNIX SAP software fared; Windows is
Re:It's the submitter's fault. (Score:4, Insightful)
Why should an automobile last longer than an OS?
That has no longer been valid since post-'95. An OS lasts just as long as an automobile, if you consider all the variables. If the infrastructure doesn't change, an OS would last forever. But infrastructure (read hardware support, network support, etc) does change, and rapidly. Your own automobile would be good for nothing if, for example, current roads would be replaced by magnetic field monorails.
Re: (Score:3)
No, we're obviously talking cross-purpose. yes, XP will run fine, but your machine will be pwned because MS won't fix its still lingering bugs.
Re: (Score:3)
Depends what you use it for.
Windows 95 would NOT run fine on a new machine. It would, however, run fine on an old machine, but would NOT be able to run most modern software. Hence the analogy with a car and the infrastructure it runs on. Same goes for Windows XP, albeit to a lesser degree.
I had the displeasure of working on a Windows 95 machine no earlier than two weeks ago. It looked and acted so aged... after being used to Windows 7 and Ubuntu 12.04, for example.
Re: (Score:2)
Why should an automobile last longer than an OS?
If you don't pay for regular maintenance (which costs more per year than a single OS license) I think you will find that your automobile will not last longer than an OS.
The problem is that we still use installers... (Score:4, Insightful)
Instead of creating single exe. Memory and disk space are cheap. Portable application creators are easily and cheaply available (e.g. Cameyo.com - both free and excellent at what it does). It's easier to copy a single file than to go through the hell that is installation for most apps.
Re:The problem is that we still use installers... (Score:5, Interesting)
This is enterprise software; it's a much bigger problem than that. You're not installing "a single app", you're typically installing an entire software stack. LAMP is just the beginning.
From TFA:
The past 20 years have seen us escaped Windows and DLL hell by moving to Linux. Then, we escaped its own little twisted maze of dependency hell by using apt-get. Then, we used all those open source tools to build ... the infrastructure that was then used by the closed-source community. In the case of the SAP product, it comes with Tomcat as a web server. In the case of the Oracle .OVA installation, an entirely preconfigured Linux install that probably comes with its own separate stack. If you keep them all on separate VMs, you've got a shot at getting them to talk to each other, but is that really the best use of the underlying hardware? One bit of Java talking to some other abstracted piece of Java, using dozens of VMs as intermediate layers of abstraction?
And now we're right back where we started. SAP will support this revision of Tomcat which works with this version of Java, because, well, that's the Java way. And Oracle appears to have solved that problem by throwing down a .OVA for every subcomponent.
Web services are a great way to save developer time - but in return for that, they're yet another layer of abstraction that has to be dealt with. Virtualization's a great way to save administrator time. Rather than having to separately install "the right version" of the entire stack from the OS to Java to the configuration properties of the web server, just grab the .ova and work from there. It also gives you some scalability that you might not have had - fire up the .ova on your PC for a demo, or on bigger iron for production.
But in exchange for the ability to get crap out the door ("it works on my machine / Great! Virtualize it and your machine's now the installer!") faster, we've merely exchanged one dependency tree for another: instead of kilobyte-sized .DLLs or megabyte-sized repositories of source from which we can rebuild our binaries, we're now dealing with gigabyte-sized VMs.
Re: (Score:2)
But then you depend on the software vendor to fix bugs or worse vulnerabilities in libraries used by the program that you otherwise would update separately.
It would be feasible to provide static packages in FOSS, though. Gobolinux and its rootless mode are one approach alternative to the monolythic package.
How much more disk is static linking anyway? (Score:2)
I remember being kind of annoying in the early 90s when I started using Windows and had to deal with Installers; as a Mac user, I was always used to just copying applications from system to system (although IIRC, some set resource values during install or copied INITs to the System folder).
A couple of software developers told me DLLs were better technically due to resource usage, but to me it just seemed like a clunky form of copy protection.
I kind of felt the same way on Linux/BSD platforms -- why couldn't
Security (Score:2)
why couldn't everything be compiled statically?
Please read my reply to oever [slashdot.org].
Re: (Score:3)
I kind of felt the same way on Linux/BSD platforms -- why couldn't everything be compiled statically? How much more disk space would it REALLY take to have an entire system statically linked?
Disk space isn't the only concern -- it probably isn't even the most important one, at least not anymore.
If all of your programs are statically linked, then they may (in practice, almost certainly "will") all be using different versions of the same libraries. Some of them are going to be exposed to security problems fixed in later versions and some of them will be incompatible with configuration options that you are using. If you want to upgrade a library, or apply a patch, or even switch from using one l
Re: (Score:2)
DRM. I love to keep installs as simple as possible. Every program should be able to be run on removable media. But back when I had a little less control over the software I develop, clients were horrified by such an idea. They wanted applications locked to a specific machine, permanently, if possible. If they would have known the lingo they would have asked for rootkits and BIOS viruses to keep their app from running anywhere it wasn't supposed to. (They would have gone with hardware dongles, but they were
Maintenance Isn't a Bad Job (Score:5, Insightful)
Re: (Score:2, Insightful)
That's because those programmers are not professionals but basically code churning prima donnas. They like to write new code and move on rather than do boring things like bug fixing and other maintenance tasks. The GNOME project epitomizes this attitude in spades.
Re:Maintenance Isn't a Bad Job (Score:5, Insightful)
The big problem I have with your statement is that often the problem with the software is the basic design. It's 10 years old, completely insufficient for what's being asked of it today, and has so many kludges and hacks bolted on that you can't do anything outside a tight set of constraints without irreparably breaking something else. Usually it gets to this state because management or the team leadership won't permit changes to the design (the usual justification is that there's too much risk and no business benefit right now). Once code's in that state, new code has to follow the old design to work and it's that old design that's adding complications and keeping new requirements from being cleanly implemented. You can't design new code, because the constraints imposed by the design it has to live inside are too tight. You can't implement new policies because they break existing code. You can't clean up code because every bit you try to clean up requires you to first clean up 8 other bits, and eventually you hit a stop-point in the recursion where cleaning up that level requires that the program design be changed, see above.
Yes, good code should never get to this state. But the problem cases aren't good code, that's why they're problem cases.
Re:Maintenance Isn't a Bad Job (Score:5, Insightful)
There is a problem in what you've stated, and it comes down to the last line, "entirely the discipline and ability of the team and its management that makes all the difference"
I've know a lot of exceptional programmers, and I've known a few absolutely horrible developers. However, I've known of NO developer who wanted to push code out that door that was just awful. Rather, I see a lot of developers end up over-engineering on every level to ensure that their product is the brightest, best thing ever. If they had all the time in the world, I'm sure their products would be simply exceptional.
On the other hand, I haven't worked for a single manager who, when the chips were on the table, said something along the lines of, "We'll give you 5 more moths to refactor this, to ensure that ongoing updates and maintenance will be straightforward, and our internal tools can support automation of common tasks," instead of "Just make it work, we'll worry about the rest in the next release." ...and when the next release comes up, it's, "We promised these new features, we don't have time to refactor: if it ain't broke, don't fix it."
I actually just left a company which has been fighting this problem for so long that the entire dev department is spending 80-90% of their time tracking down reported bugs, and the remaining time cramming in whatever was promised to the customers in the fastest way, damn the maintainability. Each year, the cost of bugs and maintenance has gone up, and the devs are now all on call - the operations team cannot support the product themselves anymore. Think about that; you are a developer, and you are on call. 24-7.
The problem is that you need an exceptional development manager who can fight the good fight for the good of the product and the company, and can make the subjective value of code reuse, good architecture, and so on apparent to those above and around him. The company needs that discipline you point out to set realistic customer expectations, to train their sales people not to overreach just to ensure a sale, to listen to the development managers when they describe cost, manpower required, and so on.
Of course, that's only if you want a perfect product, with ever-decreasing quality returns for your time and money investment. It's probably impossible for a developer or even development manager to say where the pivot point is in the market; where time and money spent on quality causes a potential loss of revenue for a product. Unless we're talking about military, healthcare, or hostile environment systems (subs, satellites, space travel, etc), there IS a point where the cost for quality is too high.
In layman's terms, the cost to make high-quality software exceeds the price people would be willing to pay for it. This means that we're all going to be happy 'enough' with imperfect software.
Re: (Score:2)
I actually just left a company which has been fighting this problem for so long that the entire dev department is spending 80-90% of their time tracking down reported bugs, and the remaining time cramming in whatever was promised to the customers in the fastest way, damn the maintainability. Each year, the cost of bugs and maintenance has gone up, and the devs are now all on call - the operations team cannot support the product themselves anymore. Think about that; you are a developer, and you are on call. 24-7.
Which is to say about half the software companies in the world these days.
Re: (Score:3, Insightful)
Try working in a place that doesn't permit rewrites and frowns on refactoring. I've seen software policies that a 120% guaranteed to result in the shittiest, cruftiest, nastiest pile of the most vile mismanaged crap you'll ever have the misfortune of trying to debug. What you call "whining" is usually the programmers trying to get 15 minutes of refactor time into the schedule. Answer: "No, bitches, where iz my features?"
Trying to fix it is futile and "against company policy".
Re: (Score:2)
They insist that the only way to go forward is to rewrite the whole thing...
Yeah, I've heard those comments. In my experience they are almost 100% of the time ignored, or explored for only a moment. At those times management usually steps in and says "No", that's not happening due to the usual cost constraints, etc. In most of the orgs I've been in the primadonas are deeply entrenched and stand behind their designs, bad or otherwise.
Re: (Score:2)
I'd add that this is true in more ways than the obvious one.
If you run into a team declaring their work to be crap and insisting on a rewrite based on your principles then you are most likely going to fail, not only technically but also professio
Professional Software (Score:2)
Disclaimer: My head hurts too much to read the article, so this may or may not be on topic.
A former colleague of mine likes to define "professional software" as "you need a professional to get it to work". Makes for a nice soundbite, but it's also very often right on the money.
That, however, isn't a problem with installers. It's just a general lack of quality and polish.
I do also have a problem with installers as they are commonly found in Windows software. Too much human interaction required. Obtain the so
Re: (Score:2)
So you're saying the end-user should have no say about where to install files? That they should rely on the package to install the files wherever it pleases based on the whim of the person who created the package? I'll pass.
There are enough
Re: (Score:2)
So you're saying the end-user should have no say about where to install files? That they should rely on the package to install the files wherever it pleases based on the whim of the person who created the package? I'll pass.
A real OS doesn't let apps install files in random places all over the disk, so it's not a problem. If Windows programmers hadn't been allowed to install in random directories and write data files into the program install directories, it would be far less of a horrible mess.
"the disk" (Score:2)
A real OS doesn't let apps install files in random places all over the disk, so it's not a problem.
"the disk" -- there's your assumption right there, that a system has only one disk. People want to install to the other disk once one disk runs low on free space.
Re: (Score:2)
I do also have a problem with installers as they are commonly found in Windows software. Too much human interaction required. Obtain the software, launch the installer, click to actually start, oh wait, have to click acceptance of the license agreement, click to accept where it wants to install stuff, click once more once it's done. That's about the lowest number of steps I've seen. With aptitude, it's one command.
Most Windows installers can be executed with a single text command. .MSI files installed with the MS Installer packages (or packaged as an .EXE installer) have one set of switches, and older Installshield packages have another and Wise packages a 3rd. Remote installations over SMS usually either contain every option as command-line arguments or are accompanied by an install script. It's a pretty powerful system, really.
My argument against Windows has always been that it discourages doing things the right
Why? (Score:5, Insightful)
Re: (Score:2)
The windows pc+user is "Territory", applications have the main function of occupying it, and if feasible preventing the competition to do the same as much as possible. Exerting control yields profits.
Probably, programmers wouldn't build daemons when simpler GUI triggered processes are enough, PHB make them build them anyway. Real world experiences anyone?
Re:Why? (Score:5, Insightful)
Exactly. Program A completely exits when the user shuts it down. Program B keeps most of itself still in memory and running in the background when the user "shuts it down." Result: When the user starts up Program B again, he is pleased at how fast it comes up. When he starts up Program A again, it has to load--this is an acceptable price for not turning your PC into a mass of sloth all the time, but the user doesn't see that part. And the loading is even slowed down by Program B hanging eating up memory and cycles! So the user thinks of Program B as an efficient, fast program, and Program A as a slow piece of crap.
Re:Why? (Score:5, Insightful)
- Program installs a little update process to run in the background. Don't. Acceptable ways to check for updates are: checking when the software itself is run, or glomming onto some centralised updater (take the App store as an example).
- Program doesn't really update itself, but initiates the download for a fresh install file that I then have to run and click through. Don't. Instead, make sure the program updates itself with minimal user interaction. (Kaspersky does this well; the Battlefield 3 browser plugin doesn't)
- Program updater makes you specify every install option again, like the installation directory, or even the ^&%$*(&@$ license that has to be accepted again. (Java is one of the many things that does this)
- Program updater asks to install a browser toolbar (the default is "yes", of course). Seriously, Adobe, a browser toolbar, in 2012???
- On top of all of the above: publish an update every other day or so. Don't unless you're patching critical security holes.
In short, the updater should not be implemented as a background process unless there is a very, very, very good reason to do so, and should perform the update with minimum user interaction required. That is: asking me for permission, and nothing else. And it certainly should not install anything other than the software being upgraded: publishing an update is not "an opportunity to re-engage with existing customers".
Re: (Score:3)
Checking when the application starts and silently applying the update when it closes leaves the software vulnerable for hours while the user is using the old version.
So prompt the user about the urgency of the patch *if* it is a critical patch. Or even force them to update before the software can be used. Some software already does this.
or glomming onto some centralised updater (take the App store as an example).
Which usually requires an annual fee plus a cut of the sales.
True, at the moment there isn't a good, free and widely used mechanism for this. Not on Windows or Apple platforms anyway. That doesn't mean current practices are acceptable.
The legal department often demands this when it updates the EULA to cover a newly discovered loophole.
Screw the legal department. Seriously. And if there is some law that requires the EULA to be accepted on *every* patch, then screw the legislators too. I unde
The reason for startup updaters is simple (Score:2)
Flash and Java and such run a small program at start to check for updates. They do this because if they don't even fewer people will upgrade their software this century BUT you can be CERTAIN that those who update never, SCREAM the hardest when they are affected by a bug fixed ten years ago.
You can rant gently or hard about software developers, but about [ulûk/users] *thunderclap*, you can only curse in black speech.
I am a developer myself and have had quite literally had to debug configurations whe
Re: (Score:2)
A Gentle Rant About Fixed Width Web Content (Score:2, Insightful)
I have a wide screen monitor. The article uses about 1/4 of the total screen width. The column on the right a little bit more. The rest is whitespace. Resizing my browser window has no effect - just more or less whitespace. I skimmed the article but didn't read it because it is annoyingly narrow and I balk at zooming in or increasing the font size to fill more of the screen. Fixed width content needs to go.
Re:A Gentle Rant About Fixed Width Web Content (Score:4, Insightful)
I see your, 'fixed width web content' rant, and raise you a 'running browser full-screen' rant. There's no useful purpose (as you've so elegantly pointed out) to running your browser the entire width of your monitor. In fact, the entire point of a wide screen monitor is so you can get more done (ie, more done at once.) So, have your browser as a nice window on the side, that's in a size and shape that's useful for the content, and use the rest of your widescreen monitor for something else. Save 'full-screen' for those times when the content dictates that you use full-screen.
I find it interesting that 'zooming' was one of your proffered solutions, but scrolling isn't. You realize that even if you did zoom, you'd still have to scroll?
Re: (Score:2)
I call Bullshit.
The entire point of wide screen monitors was for playing video content, period. Mostly as a meaningless marketing ploy ("Yes, our monitor is HD!"), it had absolutely nothing to do with usability, productivity, or additional space to get "more done at once".
That's what high res monitors were all about. Devices that once were common, but now after the rise of "HD" are hard to find and very
Agree (Score:4, Interesting)
I frequently remark to my colleagues how bizarre it seems to me that after 50 years or so of software engineering, we're still building awful crap. If we were architects, we'd be unveiling skyscrapers built using favela techniques of plugging any old crap together, in the mud, next to a river.
There are lots of reasons, but the two big ones I'd say are time pressures (which we as programmers will never be able to resolve) and a lack of code reuse (which we can resolve). For example, the constant churn of technologies to me is simply a failure to reuse code.
I would start by trying to engineer whole classes of faults out at the language level, as has been done with buffer overflows and garbage collection.
Make static analysis much more anal, forcing the programmer to express their intent up front - static types, constraints, etc. Make the compiler a totally pedantic Nazi. Sure, it's nice to be able to hack shit up in an afternoon in Python or whatever, but then it ships, and the bugs come in, and you end up adding a pile of asserts and whatnot that should have been caught way before the product shipped.
Make unit/integration testing a mandatory part of the build, i.e. the compiler/linker refuses to link with code that hasn't been marked as tested.
If we learned to put the hard thinking and effort into designing APIs, and then reusing those same APIs across whole new classes of problem (because the language makes defining APIs is such a hassle that we'd rather not dream up new ones left and right), I think things would improve massively. Forcing the APIs to be public, but allowing the internals to be as obscure and proprietary as you like, would allow for reuse, interoperability, and hopefully improvement (by replacing particular implementations of APIs with better ones). Add a sane API mechanism for backwards compatibility, so that when you realise the API is fundamentally bad, you can or are required to implement the old API in terms of the new, and you don't just abandon people to DLL version hell. A language could provide support all of these things.
None of this would stop you from writing shitty code. But at least, to do so, you'd have to knowingly subvert the compiler in a bogus way, ignoring screeds of the compiler telling you that you and your code suck goats' balls.
Is there a patent on administering electric shocks every time there's a build error?
Re:Agree (Score:5, Interesting)
All of this assumes that the vendor *wants* it to improve. TFA shows that where there's an incentive for good installers, they get written. MySQL installs in a snap. Mainstream open source software installs on Linux in an apt-get/yum/whatever one-liner.
Now look at Oracle DB -- one of TFA's examples of "bad". The people who specify Oracle are seldom the people who will be installing it; or if they are, they're people who've done Oracle training and are charging by the hour for Oracle consultancy.
Lots of people *benefit* from Oracle being a dog to install. Consultants, as above. Staffers who get to put down a week's timesheets for "Oracle installation and configuration". Oracle themselves, because for certain decision making managers, "serious" software is difficult to install -- if you can install it in 20 minutes it must be a toy; and because they can sell books / training / certification.
There's a lot of people who would lose out on profitable (but wasteful) activity if enterprise software was easier to install.
Re: (Score:2)
Good software engineering is harder than architecture. There, I said it. (And by the way, I am not a software engineer; I'm more of a favela style programmer...). As the tired old saying goes: if we build our skys
If we build it (Score:5, Insightful)
If we build it, it is because the user, may his children be cursed for a thousand generations, told us to do so. In fact, that is pretty much the reason ANY crap building has been up to cheaply in a dangerous area. ONLY because THE LAW and BIG GOVERNMENT stops users from demanding high rises build out of mud on top of mud in a flood plane on a fault line, has this stopped... and then only when THE LAW and BIG GOVERNMENT do their job really really well. Just google engineering disasters for examples when THE LAW and BIG GOVERNMENT were stopped from doing their job.
Remember that Engineers have strict laws governing their actions. Software Engineers (HAHA) don't. You want to have the same quality from Software Engineers as real engineers? PAY FOR IT! And WAIT FOR IT.
There are good reasons for building codes and there MIGHT be a cause for coding codes BUT it won't happen when "cheapest" wins out every time. I have seen it far to often when a project was reduced in quality by the customer insisting it be done cheaper and faster. Well guess what, then you get buildings oops code that fall down when someone sneezes.
Want an installer that works in more then one near perfect situation? Sure that will be X on the total bill. User: oops no and I want to save Y amount as well, so cut some more corners please.
Is there a patent on administering electric shocks every time a user demands a shortcut but expects quality?
Re: (Score:3)
I would start by trying to engineer whole classes of faults out at the language level, as has been done with buffer overflows and garbage collection.
I once started a library of C wrappers that would handle most normal and a few abnormal errors. For instance, the fopen() wrapper instead of saying "no such file or directory", would tackle each part of a path like /usr/etc/subdir/file and tell you where it couldn't go further. If there was a permission problem, it would say "Cannot search /usr/etc/subdir", or if subdir didn't exists, it would say so, rather than just spitting back the whole path and letting the user figure out what went wrong. It used C
Well, Oracle and SAP are THE WORST POSSIBLE (Score:5, Interesting)
It's hard for me to think of any software companies that are worse at creating software that actually WORKS.
SAP and Oracle are notorious for pushing out incredibly expensive, complex products that are impossible to install and generally don't work like ANYTHING else.
SAP, especially, seems to be incapable of releasing a product without a half-dozen show-stopping bugs that require obscure workarounds that you'll only find out about by calling support. I won't even talk about the unholy mess that is SAP's support site.
There's a rule about software that people often forget, and it's this:
"Software quality is inversely proportional to cost". In other words, the more expensive a given piece of software is, the crappier it is. Oracle and SAP are the NUMBER ONE offenders in this regard.
Sorry, no. Informatica FTW! (Score:3)
I usually start the process by crawling into a corner in the fetal position and sobbing uncontrollably for 30 minutes, cuz I know the next week of my life will be complete hell. Then I throw away the docs, since I know they're a work of
Is all about details (Score:2)
If software X works in the environment Y, the author assumes that X is ready to be distributed. But what happens when the environment is Y + 0.45? Failure. Because X software never considered the possibility of Y not being exactly Y.
But NOOOO, is so "uncool" to spend time covering details, rig
The authors experience is largely my own. (Score:5, Insightful)
I'm a developer who winds up having to do a lot of backend support and installs, I've been installing various enterprise packages for the last 6 years. The authors experience is VERY familiar to me. It's quite hit or miss, with some of the most expensive ($40,000+) pieces of software giving the most miserable experiences. You spend days trying to fix this or that, and it winds up being some obscure setting somewhere that only a super-expert could ever understand.
What sucks is that we have to put up with this crap. End users wouldn't stand for it.... but yet sometimes I swear IT staff think it's somehow OK, and they either blame themselves, or think they've "learned" something by going through these dumb install problems and jumping through the hoops. I'm tired of it, and it wastes a lot of valuable time. There's some things that can't be avoided, but the majority of the problems I've come across could have provided MUCH better indications of what went wrong, or avoided the problem altogether.
Enterprise apps are supposed to be hard (Score:5, Insightful)
To those who haven't read the article, the author posits that testing two same-purpose pieces of software to see if they generate the same result is a simple proposition. Then we find out that the systems are SAP and Oracle. This is not like installing two mp3 players, these are the poorly-defined field of 'enterprise apps'.
I don't disagree that the installation for anything claiming to be an enterprise app is usually hard. Setting either SAP or Oracle ~properly~ requires expert knowledge, and running either ~properly~ requires expert knowledge. This is expected, because it's an extremely complex product which is meant to be deeply customized to your own business solutions. This is similar to the gulf between installing the next version of windows and installing, say, a slackware distribution. One is more about clicking next, while the other requests explicit knowledge of the system in order to tailor it to your specific needs, and even after install requires effort to make it usable. One requires you know nothing, and allows almost no customization, the other expects you know everything, and allows an almost infinite level of customization.
That's why the install of MySQLwas so easy for him. Nothing against MySQL, but I'm not going to put it in the same category as Oracle or SAP. It's not trying to be either of those - it has it's own niche. It just doesn't have the same level of customizations or capabilities.
The other thing that always irritates me: Why the hell would you have a software developer installing 'enterprise' software anyway, unless they're some sort of expert in that software type anyway? Don't get me wrong, I've installed many a developer version of Oracle locally, but I'd be the first to point out that I'm not the Oracle-certified expert that I expect will be running the show in production. Don't people understand that these are separate skillsets? The author states that he came from a j2ee shop running large products, my guess is, he didn't have to know how to admin the application servers. Ever try to dive into enterprise app server configurations? Clustering across firewalled domains with reverse proxies, remote caching, load balancing, certificate management, and active directory tie ins? In something 'big', like JBoss or worse, WebSphere? You could be an incredible java developer, but it has nothing to do with setting up and configuring the app server.
So, he was the wrong person for a task that was, quite honestly, supposed to be hard. Of course he had problems.
Re:Enterprise apps are supposed to be hard (Score:4, Insightful)
Setting either SAP or Oracle ~properly~ requires expert knowledge, and running either ~properly~ requires expert knowledge. This is expected, because it's an extremely complex product which is meant to be deeply customized to your own business solutions.
I hear this, but I think, "A C complier is a extremely complex product meant to be deeply customized to your own business solutions." Yet GCC is relatively easy to install, and once installed I can start customzing right away. I can even use customizations that I've written years before and expect them to run with little or no modification. (C programs)
Installing the product, and running a test case should be a no-brainer, no matter how big the product is. After it's installed and running, then you can start to add business customizations that might be difficult and time consuming.
Re: (Score:3)
Now I'm working on an Oracle OUD 11.x installation that doesn't do exactly what we want. The sales engineer said, oh you can write a custum plugin to do that. "Ok", I said,
Re: (Score:3)
There's several answers.
1. Not enough resources have been put into the 'installation' program. Resources are always limited.
2. How about the myriad of consultants? They need jobs too and are they likely to push a product that they won't have any support for?
3. People have gotten used to self-service in the industry. When if you look at the rest of life, so much of it relies on the expert knowledge of specific industries. Not that it *can't be done*, but just most people don't. I don't change my own brake p
Re: (Score:3)
Actually, I had no problems installing and running these types of apps locally. Follow their suggestions and requirements exactly, and I've never had a problem. Deviate from them, and you better hope you know what you're doing with custom systems and installs.
But just to get the damn thing to run? That should be able to be done by a first level tech.
These pieces of software are not written for the first level tech. They're not written for the software dev who's forced to wear too many hats. They're not written so that your administrative assistant or their mom can install it. Where do you see
Apples and oranges. (Score:2)
Installing huge enterprisey things SAP and Oracle software is harder than using a package manager to install Apache.
Simpler than all that: (Score:2)
Laziness has no minimum capitalization requirement.
It pays to do shitty development (Score:3)
Because you make more money on maintenance. Thats on the of the biggest problems.
Re:Okay. (Score:4, Informative)
Because most Enterprise software (and I manage a product line which is definitely in this category) isn't something so simple that you can install it with RPM or Installshield (or whatever the heck MS calls it now). There are multiple interacting services, very specific dependencies for things that are often not packaged at all for the target platform and usually cannot be distributed, etc. Complex databases, usually on other machines, have to be set up, XML files edited, etc to even create a basic working environment for our software. Now, MOST things might not be quite this complicated, but I suspect most software that you have to install largely by hand has many of these kinds of issues. Most of this stuff has to integrate fairly deeply with the client's IT infrastructure and setting up the basic applications is only a small part of it.
In our case we have some installers for some specific tools, but the main product? No, it wouldn't materially assist in setup and would just be yet another task to maintain when some tarballs/zips, thorough instructions, and heavy tech support works fine. You're already typically paying from 10's to 100's of K up front and 1000's a month to even run real Enterprise class software anyway. Surprisingly installer tech that was designed around simple desktop apps is just not that helpful. Our installer is a guy that shows up at you office, lol.
Re:Okay. (Score:5, Insightful)
Bullshit. There's not one thing in your list that cannot be handled with an installer. You just don't care to automate the process, and are making up excuses to justify that after the fact.
Re:Okay. (Score:5, Insightful)
Re: (Score:2, Insightful)
Mine too, but it never works that way.
The last thing that gets thought about is dependencies - this is also one of the reasons Android software acquires permissions but rarely relinquishes them. We only know how to grow software, once it starts working the "Job is done, go home".
Re:Okay. (Score:5, Insightful)
I agree. By thinking about installation when creating complex enterprise software, you end up making better quality software. When you're forced to handle the inter-dependencies of complex systems in an installation process, you end up having a better handle on how everything interacts. This has been my experience at least.
Absolutely true. I didn't even bother going there in my response, because I figured it was pointless when someone was actually claiming "enterprizey software is simply too complex for installers". Sigh. As usual, the creators of the problems are blind to the problems...
Re:Okay. (Score:5, Insightful)
Not blind, necessarily. Enterprise software is almost certainly designed to be "consultant ware."
Oh, having trouble getting it installed? Yep, our software is very powerful therefore very complex. We can help you with that, let's talk about a retainer.
A function isn't working? It must be your sprawling IT infrastructure. We can help track it down for you with an engineer dispatched to your data center, what's your closest hotel?
Re: (Score:2)
Re: (Score:2)
What installer can set up databases on other machines?
They can all run scripts. Just because there's not a checkbox labeled "set up our database on the other machine" doesn't mean it can't be done--at least if you're not a lazy bastard.
Or, the easier approach, an installer for each part on each machine. There's really not an excuse for not considering that.
Re: (Score:3)
I think what the person was trying to get at is that installers make sense for individual tools and applications, but once you start getting into entire systems or stacks the idea of having an 'installer' increasingly becomes nonsensical since there is less and less generalizable behavior.
Re: (Score:3)
Re:Okay. (Score:4, Insightful)
Bingo! "My organization uses a bunch of home-grown ad hoc'd garbage that isn't versioned or managed by anyone sane or competent" isn't a problem with installers, it's a problem with having a deeply dysfunctional organization. There is no software that's gonna fix that problem, and it's not because packaging/distribution software is lacking in some functionality.
If you have to install it by hand, why? What are the steps? Why can't those steps be automated? Why can't those dependencies also be automated? What, you can't edit XML files, .ini files, or registry settings on the fly? Why not?
Re: (Score:3)
Well, that's great (Score:5, Insightful)
Yet another incipient genius who probably hasn't had the slightest experience on the ISV side of this equation with the convenient one-size-fits-all answer to end all answers. Thanks, that was amazingly edifying!
Frankly, you have NO FUCKING CLUE what you're talking about. I would presume you really have no familiarity with actual commercial line-of-business enterprise class software. Any enterprise which is not run by morons and is large enough to qualify as an 'enterprise' has an extensive IT infrastructure which is highly integrated and designed around an enterprise information systems architecture, involves capacity, availability, security, and usability analysis and planning etc. When you 'deploy' software into these environments, and I'm talking about large banks, Fortune 500's, large international corps mainly there's no such thing as "drop the installer on a hard drive and run it". You're dealing with integrated management systems, enterprise-wide credentials and role management, complex licensing situations, other corporate IT policy issues, etc etc etc. The idea that MY software, which handles transactions from generally 1000's of clients and integrates with easily on average 4-5 other complex software stacks is 'lacking an installer' because you don't install it clicky--click is hilarious.
You can think what you want, but at least in my world 'enterprise software' means something very different from what some people seem to be using it for. This is not like in your typical small business environment where you slap up a copy of Apache and install Trac on it and call it a day (and even there I'll note there's no single installer that can handle setting that up for you).
Re: (Score:2)
On an enterprise software level... bring what you need in a local, self contained directory structure. There is absolutely no reason your reliance on foobar v1.20a-final means that Software X cannot have 1.21c-upgraded.
Link to your own directory first in your search path.
Where's my check?
Re: (Score:3)
What check? That's at most half of the solution. It covers most cases on Unix systems, but the situation on Windows (which was referred to explicitly) is a far greater mess. The way linking happens depends on about 10 to 20 different things, and not all of them are under your control.
Re: (Score:3)
Re: (Score:2)
Our installer is a guy that shows up at you office, lol.
That combined with your username is the real LOL.
Re: (Score:3)
Re:Okay. (Score:5, Insightful)
Re:Okay. (Score:4, Interesting)
Because RPM/DEB makes assumptions. And some of those assumptions are simply invalid for some use cases.
Ever want to install more than one copy of Apache? Maybe you want your database installed somewhere other than default because that's where your GPFS shared disks are mounted? Ok, the latter is possible with RPM, though sometimes a bit more difficult. The former was also possible, but far more painful.
Complex post-requirements? Sure, RPM handles pre-reqs okay, though not circular ones. Post-reqs? When we were switching away from RPM in 2001/2002, no.
Cross platform? No. Want to get your apps installing on Linux, AIX (ok, AIX has RPM now, but it's severely outdated), Sun, HP, and anything else that comes up? Sure, they have their own installers. With their own unique quirks and issues.
In the end, we used tarballs with a Java/C++ front-end. Far simpler. And, for enterprise software, one of the better installers. Though maybe I'm a bit biased there :-)
Re: (Score:2)
If you wanted to test different versions, you'd be better off using multiple virtual machines - that way you don't have trouble with one version of Apache requiring different libraries than another one.
Re: (Score:3)
Virtual machines have a performance hit, require permissions, and don't reflect native hardware. Fine for Apache, but what about something like a file manager, or anything which requires OpenGL currently?
Admittedly there's progress on this front - LXC in the Linux kernel goes some of the way to fixing this problem, though what we really need is a distribution that's LXC aware so it's easy to use.
Re: (Score:2)
I assume he meant virtual *hosts*, which is fair enough, though vhosts arent necessarily the answer to everything.
If you had two physical interfaces to a machine then its not a stretch to suggest you might want to glom an instance of httpd onto each.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Also, how do you keep control of security patching? One machine with 15 different versions of tomcat installed in various directories is going to be difficult to manage, but 15 virtual machines, each with a different version of tomcat installed in the standard direc
Re: (Score:2)
they may give you a performance hit but they also give you portability so say your windows server has a major hardware failure you can move it to another with completely different hardware without windows killing itself because it thinks you have pirated it. it also makes backups and if necessary regression to easier state easier because you can just take a snapshot of the vm. oh and if one copy crashes its os it won't take the other one down with it. lots of advantages to vm's really.
Re: (Score:2)
Bespoke development of a plug-in for each client (Score:2)
Companies often want the database to run on their existing Oracle (or whatever) install, which means scripts to build out the tables in their database.
Is there a reason the installer can't have a button to execute these CREATE TABLE IF NOT EXISTS scripts in a given database? The installers for phpBB, MediaWiki, WordPress, and the like have this.
There are often existing APIs that need to be called that are custom to the client. That means that after the install you will need to add code to make API calls that the standard install does not necessarily make.
Now you're getting somewhere by mentioning the requirement of bespoke development of a plug-in for each client.
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
Define "necessary parts".
We have a lot of storage space these days, but I don't think every piece of software basically having their own /usr/lib or /windows directory is feasible yet.
Re: (Score:2)
Security updates to a "necessary part" (Score:2)
The file should not be unpacked, it should simple be one executable with all necessary parts inside.
So what happens when a security vulnerability is discovered in one of these "necessary parts" statically linked into the executable? If the part lives in its own package on which your package depends, a fix for this vulnerability is applied for all applications using the part once the part's maintainer releases the fix. Otherwise, you have to wait for the maintainer to update the application with the fix, and $DEITY help you if the maintainer has pronounced the application's end of life.
Re: (Score:2)
I would watch with interest when that single-file Database you're using messes up for good, completely, because that single-file was deleted by mistake. Tee hee. Or when it got corrupted by power loss, etc.
Re: (Score:2)
There should not be any installers. A software package should be one file that is download and run. The file should not be unpacked, it should simple be one executable with all necessary parts inside.
Any software that is not simple a single file is complex and brittle.
Do we have to include the whole operating environment in the file, even eliminating BIOS? Because all modern software builds on external functions and libraries, even on a game console. Heck, even the cartridges for the original Nintendo relied on firmware inside the console to some extent....
Re: (Score:2)
Heck, even the cartridges for the original Nintendo relied on firmware inside the console to some extent....
The Famicom had no firmware at all. The NES added only a CIC (Checking Integrated Circuit), a microcontroller on a completely separate bus that communicated with a matching microcontroller on the cartridge to make sure that the game was "licensed by Nintendo".
Re: (Score:2)
Re: (Score:2)
puppet to automate it.
package { "wtf" : ensure => latest }
Re: (Score:2)
And etckeeper to make sure you can blame whoever comes along and fucks it up later.
Re: (Score:2)
Oy, never knew of this little gem... Installing immediately!
Re: (Score:2)
Re: (Score:2)
The correct answer is b). Install software as a system service whenever possible and also have that service run as a system user with only the required permissions to do its job.
Production software should never be reliant on an individual's account/credentials.
Reusing existing apt-get (Score:2)
On occasion you get the rare third option of "add this repository of compiled binaries to your package manager" which is no different to downloading a random installer.
With one big difference: adding a repository allows the existing package manager to check for and apply updates instead of adding Yet Another Daemon to do this.