this post was submitted on 13 Jan 2025
247 points (98.8% liked)

linuxmemes

22221 readers
439 users here now

Hint: :q!

Sister communities:

Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack users for any reason. This includes using blanket terms, like "every user of thing".
  • Don't get baited into back-and-forth insults. We are not animals.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
    • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
    • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, <loves/tolerates/hates> systemd, and wants to interject for a moment. You can stop now.
    • 5. πŸ‡¬πŸ‡§ Language/язык/Sprache
  • This is primarily an English-speaking community. πŸ‡¬πŸ‡§πŸ‡¦πŸ‡ΊπŸ‡ΊπŸ‡Έ
  • Comments written in other languages are allowed.
  • The substance of a post should be comprehensible for people who only speak English.
  • Titles and post bodies written in other languages will be allowed, but only as long as the above rule is observed.
    • Β 

    Please report posts and comments that break these rules!

    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.

    founded 2 years ago
    MODERATORS
    poopsmith@lemmy.world
    zephyr@lemmy.world
    rtxn@lemmy.world
    247
    Enterprise misery (lemmy.world)
    submitted 3 weeks ago by akash_rawal@lemmy.world to c/linuxmemes@lemmy.world
    30 comments fedilink hide all child comments
     
    top 30 comments
    sorted by: hot top controversial new old
    [–] partial_accumen@lemmy.world 28 points 3 weeks ago (2 children)

    RHEL 7 and RHEL 5 need to be flipped in your meme.

    Any large enterprise still running RHEL 5 in Prod (or even, yes, older RHEL versions) has fully accepted the risks and will grumble about supporting it, but go forward with whatever workarounds are necessary to keep the application running on it running. The RHEL 7 folks, however, are modern enough that the answer for any problem is "Upgrade to RHEL 9, because we know you can with some effort, because we don't want to waste time on supporting something you should be able to upgrade away from".

    This is the game of chicken in a modern enterprise for app teams. If their application is critical enough to business continuity and they remain on RHEL 7 long enough, they too will join the select few applications in the org that either get a cash injection for an application rewrite to modern RHEL 9 or be enshrined next to the RHEL 5 apps still running with grumbling, but continued support.

    In a perfect world these EOL unsupported OSes should be retired and replaced with modern supported version, but we're talking about reality now which is what the modern enterprise is, and which is far far from the perfect world.

    [–] felbane@lemmy.world 15 points 3 weeks ago (2 children)

    What's blowing my mind about this entire thread is the "rewrite application to support RHEL9" thing I keep seeing. What the fuck applications are y'all running that are so tightly bound to the OS that they can't handle library and/or kernel updates?

    [–] recarsion@discuss.tchncs.de 8 points 3 weeks ago

    That's what I'm thinking too but then remember my first corporate job where the application depended on an exact subversion of Java 8, no earlier and no later. This was in 2021. Knowing that company I'd bet they're still rocking the same setup.

    [–] partial_accumen@lemmy.world 6 points 3 weeks ago

    Most of the time I've run into this its COTS software and the customer refuses to pay for the cost of the updated version or the company that wrote the original COTS application is long since out of business.

    [–] akash_rawal@lemmy.world 3 points 3 weeks ago (1 children)

    Any large enterprise still running RHEL 5 in Prod (or even, yes, older RHEL versions) has fully accepted the risks

    It is more like 'involuntarily end up riding the risks of using unsupported old software'. RHEL 7 and RHEL 5 are in the right order.

    RHEL sells an unrealistic expectation that you don't need to worry about the OS for another 10 years, so the enterprise gets designed around it and becomes unable to handle an OS upgrade, ever.

    [–] partial_accumen@lemmy.world 2 points 3 weeks ago (1 children)

    It is more like β€˜involuntarily end up riding the risks of using unsupported old software’.

    Involuntarily? An org choosing to use an EOL OS to keep running an application is a business choice that accepts the risk of compromise/lack of support of an EOL OS. Any org in this situation has 3 choices:

    • deprecate the application entirely closing down that line of business the application was supporting
    • rewrite/replace the application to maintain the line of business on a modern supported OS
    • continue to run the EOL OS and accept the risks

    There's nothing involuntary here.

    [–] akash_rawal@lemmy.world 1 points 3 weeks ago (1 children)
    1. Struggle to come to a conclusion on what to do with the EOL OS because of internal political factors and the reality of how enterprise works.

    This is the involuntary choice. If you cannot choose from the first three, you end up implicitly choosing the fourth.

    [–] partial_accumen@lemmy.world 1 points 2 weeks ago* (last edited 2 weeks ago)

    Your #4 is the same as my #3. Play out your #4 and it ends up as my #3:

    1. Struggle to come to a conclusion on what to do with the EOL OS because of internal political factors and the reality of how enterprise works.

    Security or Compliance teams raise the concern with continuing to run the EOL OS, they demand the App team power down the offending servers or upgrade. App team escalates to leadership advocating for the upgrade and they ask for the funding. Leadership asks for a business case justifying the large spend requiring the ROI numbers. App team mostly shrugs because the ROI are intangibles of security or support-ability. Leadership sees no immediate monetary benefit being realized in the next 2 quarters from a costly upgrade and instead chooses to accept the risk. They send an exception order to Security or Compliance teams that this EOL OS should continue running as is and the App team shouldn't be bothered anymore.

    ...and we end up with my #3.

    [–] horse_battery_staple@lemmy.world 27 points 3 weeks ago (2 children)

    Rhel 5? I hope y'all are using microsegmentation and have a good firewall.....JFC

    [–] akash_rawal@lemmy.world 14 points 3 weeks ago (1 children)

    ...hope...

    [–] possiblylinux127@lemmy.zip 4 points 3 weeks ago (1 children)

    Why are you ok with this?

    [–] akash_rawal@lemmy.world 3 points 3 weeks ago (1 children)

    I am not. I worked hard to make our application support RHEL 8 and then RHEL 9. And then the politics takes over and the big wigs start an extended bickering over who should pay for the OS upgrade... which never happens. Sometimes hardware partners don't support the upgrades, which means OS upgrades also end up requiring new hardware.

    I blame Redhat.

    [–] possiblylinux127@lemmy.zip 2 points 3 weeks ago (1 children)

    Surely your pay is much more than a RHEL license.

    If nothing else you could move to Debian or Rocky Linux.

    [–] akash_rawal@lemmy.world 3 points 3 weeks ago (2 children)

    There is something you need to know about collective wisdom; the larger the org is, the lower it gets. Yes the application works on Alma 8 and 9, but the management says 'no'.

    [–] possiblylinux127@lemmy.zip 2 points 3 weeks ago (1 children)

    Yes and no

    A healthy organization shouldn't be having this issue.

    [–] Strykker@programming.dev 2 points 2 weeks ago

    Cool, welcome to reality where I don't think you will ever find a organization that is healthy head to toe.

    Honestly I don't think they exist at all but I know you'll come back with some nitpick cherrypicked example as "proof"

    [–] akash_rawal@lemmy.world 1 points 3 weeks ago

    The only way that will work is to somehow quit and rejoin as a much more highly paid consultant and enable them to upgrade EOL software in prod. I am actually considering this.

    [–] sylver_dragon@lemmy.world 8 points 3 weeks ago (1 children)

    IT installed a firewall between the legacy environment and everything else. Devs threw a fit and so the firewall was configured with a default allow rule. Security was last seen crying into their beer.

    [–] possiblylinux127@lemmy.zip 4 points 3 weeks ago (1 children)

    I'd get out before it implodes. This sounds like a poorly managed company. When something bad happens they will find escape goats.

    [–] sylver_dragon@lemmy.world 3 points 3 weeks ago

    they will find escape goats.

    Well now I want to stick around. Who wouldn't want an escape goat?

    [–] jmcs@discuss.tchncs.de 22 points 3 weeks ago (2 children)

    Unsupported versions are unsupported.

    [–] slazer2au@lemmy.world 25 points 3 weeks ago

    mission critical, but not enough to warrant a budget for redundancy.

    [–] FlexibleToast@lemmy.world 3 points 3 weeks ago

    Weird how that works...

    [–] possiblylinux127@lemmy.zip 11 points 3 weeks ago (2 children)

    You aren't using a EOL system in production right? If you are it better be air gapped. The last thing we need is more zombie machines for the botnets.

    [–] flambonkscious@sh.itjust.works 11 points 3 weeks ago

    "What do you mean? That's the clinical best practise!!" - Siemens healthcare/Philips or any other medical vendor

    (and I'm not talking about air gaps!)

    [–] ILikeBoobies@lemmy.ca 3 points 3 weeks ago* (last edited 3 weeks ago)

    Air gapped but my dad recently upgraded a RHEL 3

    Still working on getting the okay to upgrade the XP machines

    [–] lengau@midwest.social 10 points 3 weeks ago

    It might be time to upgrade

    [–] bruhduh@lemmy.world 7 points 3 weeks ago

    Some manufacturers machines still run dos

    [–] MNByChoice@midwest.social 4 points 3 weeks ago (1 children)

    HPC? Fuck we can't change shit in HPC. We tried a few times... Some sites appear manage it, but tend to forget a few dozen systems.

    [–] akash_rawal@lemmy.world 2 points 3 weeks ago

    I understand how it feels.