Re: why 100 packages are evil
On Mon, Apr 25, 2016 at 1:22 AM, David Chisnall wrote: > On 25 Apr 2016, at 06:48, Gerrit Kühn wrote: > > > >> Yes. It will be replaced by 'pkg upgrade' -- as far as I know, that's > >> the plan for 11.0-RELEASE. > > > > Hm... I never had any troubles with freebsd-update, it always "just > > worked" for me. OTOH, I remember having several issues with pkg, > requiring > > to fix databases manually and so on. > > There are two kinds of issues with freebsd-update: > > The first is fairly common: it’s slow and creates a lot of files. If you > read the forums, you’ll find a lot of issues about this. Updates from one > patchlevel to the next are pretty straightforward, but on both the VMs that > I use for FreeBSD and a slow AMD machine with ZFS it takes around an hour > (sometimes more) for freebsd-update to jump one major release. After that, > it takes pkg a minute or two to update the 2-3GB of packages that need > upgrading. Minor releases can often take tens of minutes on these system. > > The many files issue can cause inode exhaustion. One one machine, I just > checked and have 20K files in /var/db/freebsd-update/files. If you’re > using UFS for /var, it’s fairly easy for freebsd-update to run out of > inodes. Trying to recover a FreeBSD system that can no longer create files > in /var is not the most fun uses of my time. > > The second issue is that it sometimes just fails to work. I have twice > had freebsd-update manage to become confused about versions and install a > kernel that couldn’t read the filesystem. I’ve had similar confusion where > (on a box that I administer mostly via the network and where physical > access is a pain) had it install a version of ifconfig from an older > userland than the kernel. These are all on machines where freebsd-update > has been responsible for every upgrade after the initial install from CD. > Most depressingly, it spends ages doing checksums of every file in the > system, determines that they don’t match the expected ones, and then > installs the wrong one anyway. > > I have been using the testing versions of pkg on most FreeBSD machines > since it became available. Since pkg 1.0 was released, I have had far > fewer issues with pkg than with freebsd-update and almost all of those were > to do with poor information in the ports tree and the rest were either UI > or performance issues. We have a lot tighter control over the packaging > metadata for the base system. > > David > I have to agree with this. freebsd-update works pretty well. I have only been burned by it once. (The same ifconfig issue.) I had a number of issues, none disastrous, but painful to fix, with pkg in the early days. Some were probably PBCAK due to lack of familiarity with the tool. Others were bugs in early versions. Since 1.3 came out, I have had no problems at all with pkg other than packages that were not available due to vulnerabilities. Most were either linux-c6 packages (which never sent o get fixed) and ports depending on ffmpeg that include a specific ffmpeg distribution. At this point, I am quite comfortable with the idea of using pkg for the base system, though I will be very, very nervous about it for a while. -- Kevin Oberman, Part time kid herder and retired Network Engineer E-mail: rkober...@gmail.com PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683 ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: why 100 packages are evil
On 25 Apr 2016, at 06:48, Gerrit Kühn wrote: > >> Yes. It will be replaced by 'pkg upgrade' -- as far as I know, that's >> the plan for 11.0-RELEASE. > > Hm... I never had any troubles with freebsd-update, it always "just > worked" for me. OTOH, I remember having several issues with pkg, requiring > to fix databases manually and so on. There are two kinds of issues with freebsd-update: The first is fairly common: it’s slow and creates a lot of files. If you read the forums, you’ll find a lot of issues about this. Updates from one patchlevel to the next are pretty straightforward, but on both the VMs that I use for FreeBSD and a slow AMD machine with ZFS it takes around an hour (sometimes more) for freebsd-update to jump one major release. After that, it takes pkg a minute or two to update the 2-3GB of packages that need upgrading. Minor releases can often take tens of minutes on these system. The many files issue can cause inode exhaustion. One one machine, I just checked and have 20K files in /var/db/freebsd-update/files. If you’re using UFS for /var, it’s fairly easy for freebsd-update to run out of inodes. Trying to recover a FreeBSD system that can no longer create files in /var is not the most fun uses of my time. The second issue is that it sometimes just fails to work. I have twice had freebsd-update manage to become confused about versions and install a kernel that couldn’t read the filesystem. I’ve had similar confusion where (on a box that I administer mostly via the network and where physical access is a pain) had it install a version of ifconfig from an older userland than the kernel. These are all on machines where freebsd-update has been responsible for every upgrade after the initial install from CD. Most depressingly, it spends ages doing checksums of every file in the system, determines that they don’t match the expected ones, and then installs the wrong one anyway. I have been using the testing versions of pkg on most FreeBSD machines since it became available. Since pkg 1.0 was released, I have had far fewer issues with pkg than with freebsd-update and almost all of those were to do with poor information in the ports tree and the rest were either UI or performance issues. We have a lot tighter control over the packaging metadata for the base system. David smime.p7s Description: S/MIME cryptographic signature
Re: why 100 packages are evil
On 25/04/2016 08:39, Miroslav Lachman wrote: Gerrit Kühn wrote on 04/25/2016 07:48: On Sat, 23 Apr 2016 18:52:32 +0100 Matthew Seaman wrote about Re: why 100 packages are evil: MS> > Is freebsd-update going away as result of the new packaging ? Yes. It will be replaced by 'pkg upgrade' -- as far as I know, that's the plan for 11.0-RELEASE. Hm... I never had any troubles with freebsd-update, it always "just worked" for me. OTOH, I remember having several issues with pkg, requiring to fix databases manually and so on. I had many issues with freebsd-update in the past so the last year I converted all machines back to "installkernel & installworld" from NFS mounted build server. It is faster and predictable than freebsd-update (in my case). I hope that pkg upgrade will be good replacement one day. But I don't think it is good enough right now. Miroslav Lachman As another useless datapoint - I've not had any real issues with freebsd-update and I've been using it since 6.x, same with pkg(ng) after the initial bugs were ironed out, this is on 30-40 production servers. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: why 100 packages are evil
Gerrit Kühn wrote on 04/25/2016 07:48: On Sat, 23 Apr 2016 18:52:32 +0100 Matthew Seaman wrote about Re: why 100 packages are evil: MS> > Is freebsd-update going away as result of the new packaging ? Yes. It will be replaced by 'pkg upgrade' -- as far as I know, that's the plan for 11.0-RELEASE. Hm... I never had any troubles with freebsd-update, it always "just worked" for me. OTOH, I remember having several issues with pkg, requiring to fix databases manually and so on. I had many issues with freebsd-update in the past so the last year I converted all machines back to "installkernel & installworld" from NFS mounted build server. It is faster and predictable than freebsd-update (in my case). I hope that pkg upgrade will be good replacement one day. But I don't think it is good enough right now. Miroslav Lachman ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: why 100 packages are evil
On Sat, 23 Apr 2016 18:52:32 +0100 Matthew Seaman wrote about Re: why 100 packages are evil: MS> > Is freebsd-update going away as result of the new packaging ? > Yes. It will be replaced by 'pkg upgrade' -- as far as I know, that's > the plan for 11.0-RELEASE. Hm... I never had any troubles with freebsd-update, it always "just worked" for me. OTOH, I remember having several issues with pkg, requiring to fix databases manually and so on. cu Gerrit ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: why 100 packages are evil
On 23/04/2016 17:19, Poul-Henning Kamp wrote: > > In message , Lyndon > Neren > berg writes: > >> With freebsd-update, an announcement comes out that says 'update'!. So we >> do. Move from 10.2-p11 to 10.2-p12. There is a very clear track record >> of why and how this happened. > > Is freebsd-update going away as result of the new packaging ? Yes. It will be replaced by 'pkg upgrade' -- as far as I know, that's the plan for 11.0-RELEASE. I have no idea if anyone intends to run maintain freebsd-update in parallel for a transition period, but freebsd-update will ultimately be superceded. Cheers, Matthew signature.asc Description: OpenPGP digital signature
Re: why 100 packages are evil
In message , Lyndon Neren berg writes: >With freebsd-update, an announcement comes out that says 'update'!. So we >do. Move from 10.2-p11 to 10.2-p12. There is a very clear track record >of why and how this happened. Is freebsd-update going away as result of the new packaging ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: why 100 packages are evil
On Fri, Apr 22, 2016 at 08:41:06PM -0700, Lyndon Nerenberg wrote: > But the dependency base will be huge. Yet you fail to explain how. > Right now I can count on a very limited set of dependencies for > anything I ship as a 3rd party package. How is this different than the existing model? What do you think happens to everything that depends on OpenSSL when an SA is issued? Glen signature.asc Description: PGP signature
Re: why 100 packages are evil
Same as it is now for releases. Packages will be available for SAs/ENs. There is no intention to change this model. I get that. But the dependency base will be huge. Right now I can count on a very limited set of dependencies for anything I ship as a 3rd party package. Doing that for n>100 packages gets to be troubling. I know it can be done, but for a small company like the one I work for, it quickly becomes impractical. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: why 100 packages are evil
On Sat, Apr 23, 2016 at 03:21:38AM +, Glen Barber wrote: > On Fri, Apr 22, 2016 at 08:17:15PM -0700, Lyndon Nerenberg wrote: > > With freebsd-update, an announcement comes out that says 'update'!. So we > > do. Move from 10.2-p11 to 10.2-p12. There is a very clear track record of > > why and how this happened. > > > > What will be the new update frequency with >100 base packages? > > Same as it is now for releases. Packages will be available for SAs/ENs. > > There is no intention to change this model. > Furthermore, not every package will be updated with an SA/EN; just the one(s) affected. Which is why I find the complaining over 700+ packages to be quite nonsensical, since we're reducing the bandwidth required for a binary update. Glen signature.asc Description: PGP signature
Re: why 100 packages are evil
On Fri, Apr 22, 2016 at 08:17:15PM -0700, Lyndon Nerenberg wrote: > With freebsd-update, an announcement comes out that says 'update'!. So we > do. Move from 10.2-p11 to 10.2-p12. There is a very clear track record of > why and how this happened. > > What will be the new update frequency with >100 base packages? Same as it is now for releases. Packages will be available for SAs/ENs. There is no intention to change this model. Glen signature.asc Description: PGP signature
why 100 packages are evil
Here's a real example. I have n Centos servers. Cron, once or twice a day, updates our local cache of the yum repos. Then nagios comes along and flags 35 packages out of date. An hour later, management comes along asking questions about the security implications of those packages. An hour later we finish trolling through and say 'no worries'. Repeat. Every day. With freebsd-update, an announcement comes out that says 'update'!. So we do. Move from 10.2-p11 to 10.2-p12. There is a very clear track record of why and how this happened. What will be the new update frequency with >100 base packages? How will that impact people running productions systems. I know rebooting the mysql servers is an amount of pain that everyone below the VP level doesn't want to have anything to do with it; explaining to the VP that is. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"