Slashdot Mirror
How Do You Manage a Product Based on Linux?
Ryan writes "Following my advice, my company has decided to base it's new appliance on Linux. So far, it's worked out great. Linux gave us a huge jumpstart on development because of it's open nature and the information we've garnered from public mailing lists. We've added software, modified startup files, and have built our own kernel. Now the question is: How do you manage it all? Do you put it all in CVS or Subversion? Do you use the distro's packaging system (we're using Debian)? What does your build system look like?"
You really should be stopping and look at what you are doing. How you want to manage it should be part of the strategy, and actually should have been part of deciding to use Linux (not in detail, but strategically).
So my advice, hold on, sit down and look at what you expect to produce and what you would need to get there. From there you can find out what you would need.
You will probably run into some issues, but that's just what happens, there is no ideal situation.
You're building a whole new appliance, but your software engineers don't know how to manage a development process?
I mean... I'm not being nasty here, but you're in trouble, and I don't even know where anybody could start to give you advice. It would be one thing if you were looking for guidance on a regular small scale software project, but if you're jumping in feet first with a whole new large scale application and no idea how to guide the process...
if the program only has one developer on it, simply tarring it up every once in a while has been sufficient. However, once you get another developer something like CVS would be very highly suggested so each programmer can be sure to keep each other's versions up to date.
This is a personal preference, some swear by CVS others SVN. As long as the files are well organized, the build works and it works for whatever the deployment is, it doesn't matter how the build is set up.
You should definitely put your code under some kind of revision control. We currently use cvs but are looking at switching to git or mercurial. One thing thats nice about cvs is the import feature that lets you bring in new copies of the open source programs you've modified and migrate your changes forward into the new copy. With regards to the packaging, its definitely worth the effort to put them into the distro's packaging system. We use debian as well and its nice to be able to have a repository that customers can just apt-get from to get the lastest for their appliance. We also have debian source packages to make it easy for the customers to get access to the source in a way thats easy for them to make changes and create new debian packages.
Your build should be in some sort of Versioning system (CVS, whatever). SOMETHING that allows you to cover your butt with you `rm` that folder and realize you just tanked the whole thing. Somehow you should be able to rebuild any version of your project back to day 1.
meh
If you're releasing a product to the public, the one word you need to keep in the back of your mind at all times is "reproducability".
.deb file). You can provide "answers" files for debconf so that no questions are asked during installation, and you can tweak various settings as you go along. If you've taken the VMWare approach, you can always login to the image and make final adjustments (just make sure they're scripted and version controlled) after the Debian install is complete.
:-)
e ment) is what you want to search for. Librarianship for software systems, kind of dry and boring, but oh-so-necessary.
Can you, at any point in the future, reproduce whatever version it is that customer X is having trouble with?
There are many ways to do this, ranging from taking complete snapshots of each "build" (requires lots of space, but fast to reproduce), to keeping a short list of the Debian packages installed (not much space, but slower to reproduce). It's a classic space-vs-time tradeoff.
I'd suggest you attempt to automate the system build as much as you can. Use virtualization tools like VMWare to help perform "builds" of your OS images. Most Linux distros have automated install processes. RedHat has "kickstart", Debian has "fai" (http://www.informatik.uni-koeln.de/fai/). At the minimum, you should version control the script you use to build your vmaware images, and the configuration script for fai/kickstart. This should let you re-build everything at some later stage.
When it comes to customising Debian systems, customised Debian packages are the way to go. If you're adding new files, package them up and deploy them as part of the automated install. If you're customising existing packages, edit their source and rebuild them with
customised version numbers, and list those versions of the packages in your fai script. You'll need to go through the whole version control process with each customised package too. (i.e. check it's source into a version control tool, tag it, apply your changes, tag it again, then build your
Do a search for "customized debian", there are quite a few people doing similar things already.
Basically, make sure that the end product requires nothing more than a button push to produce. Anything less and you'll introduce the risk of someone forgetting to perform a step, or doing it wrong. That'll create a support nightmare down the track.
If you can reproduce easily what your customer has, you can also easily make a minimally invasive fix for them. That'll make them happy
If you're looking for resources on this stuff in general, "configuration mangement" (http://en.wikipedia.org/wiki/Configuration_manag
For distribution to the end-user, you will definitely want a package of some kind. I'm assuming that your end users won't be able to log in with a prompt, but may have some kind of web-based management, right? If you distribute your upgrades/patches as .deb packages (maybe renamed to .bin since that's what users have been conditionned to expect), then it makes things a whole lot easier... among other things, it would facilitate downloading the upgrade from a location other than where the product is: not all users have Internet connections at home, even in this day and age. You may also want to look into implementing something like Slackpackages, since they ignore dependancy. (They're basically just a tarball... you can install them manually by unzipping/tarring the file from / and then looking in the /install directory and manually executing any scripts there)
For actual development... you're gonna *need* to use SubVersion or CVS. Cover your ass. Also, not having it makes managing a project a royal pain in the ass.
If you believe everything you read, you'd better not read. - Japanese proverb
...but if you're using Debian, I would highly recommend that you spend a quality week or two *READING* the wonderful documentation debian has and read / ask a few questions on their mailing lists.
.../testing/ .../nightly/, etc. and integrate that with your testing / deployment infrastucture. ...but most of all, please READ the documentation that Debian has put together. In few words, it allows mostly volunteers in their spare time to do exactly what you are trying to do and with a high degree of reliability. The documentation in Debian Policy is the first stop (and most likely the last) for almost anything you are trying to do. When you see the types of bug-reports that are filed against packages that go against policy (ie: incorrect depends, provides, etc) you will see what types of mistakes are possible, and you should seriously consider how to check the work that you've done to make it more likely that your work would not have the same types of bugs filed against it.
Once you understand the package-management system of the SOFTWARE YOU ARE BASING YOUR BUSINESS OFF OF, the answer to your question will become clear... nay- simple.
- MyCompanySoftware-1_0.deb, MyCompanyKernel-1_0.deb, MyCompanyOtherStuff-1_0.deb
- Generous use of depends, requires, conflicts, provides, etc. (or maybe up-rev eg: kernel-image-2.6.8-1.deb to kernel-image-2.6.8-1-MyCompany-1.deb, these are the things you can ask for advice on Debian / Ubuntu lists).
- Source control all files used in any of those *.deb packages, and make an automated build process that can take your source-control tree and generate your packages at any time of the day or night.
- Set up internal repositories, ie: http://apt.mycompany.com/stable/
--Robert
Here's a checklist of things i have used:
..
* Subversion is the backbone - http://subversion.tigris.org/
* Buildbot - Does the rest with right setup. http://buildbot.sourceforge.net/
When new patch is submitted to subversion, buildbot will get notification, checks out the latest changes and runs pre-defined commands on the source.
The predefined commands i've had where:
* Runs Unittests
* checks src against invalid keywords/intendation/characters and so forth
* compiles
* if compile was success, builds binary package and copies to fileshare
* if it wasnt, sends email to submitted about bad patch
And status of the process is visible thru web interface
Basicly buildbot was just acting as a "scheduler" and all building/testing where bunch of scripts we had written ourselves.
Quite nice platform =)
I don't work for them and haven't used their product much, but there's a company called R-Path (founded by former Red Hat early employees) that seems like its designed for "appliances" just like yours.
The idea is that you build your platform on thier system, then you add your programs on top. The system merges updates from them and your system and places it onto the target system. The system they've built is called Conary. Conary itself is Free Software, but RPath sells services along with it that seem attractive.
It looks very well put together and if I were looking at building an appliance, it's certainly something I'd be considering.
http://www.rpath.com
I work for an ASP. We've got a web application (built with Perl), running on Debian. At the moment we've about 15 servers (some dedicated to one large customer, some with over 50 customers) live, have 4 full time developers on the product, 15 people in total, and are quite succesful in our niche.
:)
This is the short version of how we do things.
* We looked for an ISP where we rent the servers. They administer the servers (Debian stable), and install the perl modules, apache, etc. We don't have (want) root access to these machines: the ISP is responsible for the stability, and they do a good job. We ask them for changes/additional perl modules to be installed when needed. We've less than satisfactory experiences with several ISPs, make sure you find a good one.
* For a repository we use cvs. This is flexible enough for our needs, and there was some experience with the app. If you haven't got any experience with cvs, also take a look at subversion or mercurial, as you could benefit from the improvements there.
* As a cvs client we use eclipse. Great product, but unfortunately it is Java, and therefore slow. Some of the developers use the editor of eclipse, others use external editors (vi baby
* Our work environment is mixed. We all have a windows workstation, but for the actual development we have a server with a dedicated debian VPS for each developer. We connect to the VPS (which is hosted on our lan, and not accessible externally) through ssh, samba and x. The VPS are UML based, but nowadays when setting things up, we'd probably use Xen. The advantage of using VPSs is that it's easy to set up a clean developement/test environment.
* Have a release cycle, and try to stick with it. Most bugs are introduced when improperly tested code is implemented on live servers. Never edit directly on a live machine.
Our current shortcomings (i.e. pitfalls):
* Hardly any automated testing, and no formal testing procedures. Testing the application takes a lot of work, so it is often skimped. This is a risk, and introduced bugs are occasionnally missed.
* The release policy is not always honored due to deadlines. This puts a strain on the organisation, because, as noted above, it needs to be tested manually. This is when testing is skipped most of the times, and most bugs are introduced. It's a commercial tradeoff: let a customer wait, or take the risk. Depending on who and when you ask you get different answers.
the pun is mightier than the sword
I would definitely put everything you do into Debian packages -- nothing should be done on testing and production systems by hand and the package manager provides a known good framework. There's a bit of a learning curve on how to produce Debian packages, but I believe there are some 'hardening' packages that can be used as models for how to handle the type of sysadmin tasks you're looking at.
... you are using make-kpkg, right?
You're using make-kpkg to build your kernel, of course, so it's already kicking out packages for your locally-built kernels.
I have to agree with the others that the fact that you're asking about version control tools is scary. That's something that should have been decided a long time ago.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
You can manage it any way you want, but the best way is to work with the standard tools available to work with the software at hand. If you're using Red Hat use RPM to manage your system(s), if using Debian use apt.
-ALWAYS- use a change-revision system when managing a product based on Linux, both the build-out and development stages, and document document document. CVS is fine, though really it doesn't matter what you use as long as it gives you the proper control and feedback on changes.
Your build system can be anything you like, though again it's best to go with standard tools available for your system(s) in question. RedHat has kickstart, Debian i'm sure has its own system, etc. There are some universal build systems but they're never guaranteed to give you the same results as the defacto tool for your distro.
The last thing i'll say is to always think towards the future. I know you want to try X piece of software now and maybe hack in this and that functionality to get it up and running, but in 2-5 years when your distro is obsolete and trying to patch or upgrade something on it becomes impossible (not to mention how new hardware obsoletes old Linux kernels like nothing) you'll have to face re-doing your system to work around a new piece of software or hardware and it won't be pretty. Always have a migration path in mind, and think about how you'll have to move to a completely different distro and hardware platform in the future. Consider this: Debian project is abandoned due to changes in the new GPL and official Debian policy, and you have to find a whole new distro... How long will it take to develop & build out a whole new system, put it throug h quality, and push out as a product? Try to make your product as distro and packaging-Agnostic as possible; separate packaging and installation into a different phase of build-out.
I put it on Sourceforge and enable "Accepts Donations" in my settings... ...oh wait... SF uses PayPal... ah.. nevermind..
No points today, and I loathe "mod parent up" postings, but that's the perfect response.
Nobody is going to be able to provide any reasonable advice, other than perhaps for the submitter to hire a consultant (or employee) that has proven experience in large scale software development projects.
To submitter Ryan: This is highly non-trivial; you don't seem to have any idea how very much you're missing. If you don't know what you don't know, you need outside help. And because you've already started down the path without a plan, you need help fast. Very fast.
Don't forgt to build tests for each bug you fix (or at least for those feasible to do so) and run them in regression testing which should be part of each build prosess.
Not to mention installation testing on all supported platforms and certify your product based on the versions of the various Linux distros tested.
If you mod me down, I *will* introduce you to my sister!
One important point not yet raised is that you need to control the platform for your appliance. Every customer should be on a release of your code, tested and deployed on a release of the platform - hardware as well as OS configuration.
Security and features patches are helpful, but can also bring complexity and confusion when it comes to troubleshooting.
Your best bet is to tweak a build of the OS (shut down unneeded services, automatic updates, etc) then GHOST (or equivalent) the disk so that EVERY customer gets the same thing.
If you choose to rev the hardware or the OS, how will you make sure that your installed base has the same stuff? I can't emphasize enough how important this is to long-term support.
You'll need to consider how to slipstream patches in (connection to your website, flash drive, CD, etc) for both the OS and your code.
You'll need to design it so that you can upgrade the OS install without affecting your application (perhaps a separate filesystem?) What will happen after your customer has installed and used your application for 12 months and you decide to upgrade your code? Do they have customizations? Will your upgrade work?
Hope these ideas help.
Regards,
Anomaly
But Herr Heisenberg, how does the electron know when I'm looking?
I would recommend looking at what other people in your situation are doing. Roaring Pengiun uses Debian for their appliances and push updates out to all systems. You could either open a dialog with their dev team (great people) or buy a low-end unit and look at the guts yourself. They give users complete control over the appliance which is nice.
Yes, I'm a corporate shill, but rPath's rBuilder tools are specifically designed to do what the poster is asking: manage appliances based on Linux: http://www.rpath.com/
We are developing the port of Linux to the Nintendo DS. The project is based on uClinux. We have inherited uClinux' build system and CVS organisation.
Just like in uClinux, our CVS repository contains everything (Linux kernel, uClibc C library, uClinux userland). It is very, very large (almost 1GB). It has multiple branches to keep imports of third party sources organised. I've written a page on our wiki that explains how we set things up in the repository.
Not everyone is really happy with this. While I am comfortable using CVS (since by now I know how not to shoot myself in the foot), there are a couple of things that CVS cannot do for us. When it comes to moving things around on a great scale CVS is just a pain in the ass.
Regarding the build system: Our current setup makes package management quite impractical, but people keep requesting this feature It is very hard to incorporate, because of our strong ties to the way things are done in uClinux (zero package management).
Also, there is currently only one anonymous CVS mirror. At peak times the load is very high, and people keep complaining about poor performance of the server. Making CVS use a ram disk for temporary files helped a little, but the bottleneck is really CVS's poor ability to scale to large trees.
So we are considering moving to git. I am currently investigating it and I must say that I like it much more than CVS and subversion. The way we handle branching should feel much more natural with git. Conversion from CVS seems to be very smooth, at least according to the git documentation.
Conclusion:
Changing the version control system is not a huge problem really. You can always do that. What is very hard is changing the build system. You should really consider and evaluate all alternatives you've got before going productive. The question is of course what you really want to do, and what you are starting out with.
In your case, you should probably take a look at various other Debian-based projects. You may find a suitable solution, already tried and tested.
In our case, uClinux was an obvious choice, since it included an (incomplete) port of Linux to the Gameboy Advance, which DSLinux is based on. Alas, it looks like we now have to live with the deficiencies of the build system.
That's pretty much it. .debs of all packages you modify in the system (including one for depending on your whole-system).
Maintain your code in an svk repository.
Generate
Use cmake to build your binaries.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
I tend to do basically what MPlayer does nowadays, and that includes using Subversion for SCM, Bugzilla for bugs, Mailman for mailing lists, and Apache HTTPD for serving it all. I like to maintain a Debian Sid package (you can't directly upload to stable or testing anyhow, so the Debian maintainers will take care of adapting the package for those distros), and if someone else on the team knows anything about RPM, we also maintain the .spec file as well. I also like to keep an emerge script in there as well, but even if I didn't, someone would write one faster than you can bootstrap a Gentoo Mac Pro, so there's nothing to worry about there.
'Yes, firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.'
rm -fR /
Does your PXE process automatically partition/format the disk with the OS?
.tar.gz of each filesystem.
I used PXE boot on Linux a few years ago with great success, but when I was considering doing an appliance-type solution, I created a customized system rescue CD which included a
This would have allowed me to script the partitioning process, as well as the extraction of the filesystems to end up with a bootable CD which would create an appliance hands-free. (At least that is what I was on target to complete when the project was cancelled by management.) Our original goal was to be able to distribute the media to a remote location and have unskilled people create applicances from commodity hardware.
Theoretically the same thing could be done with a PXE and a boot menu. Is that what you've done?
Regards,
Anomaly
But Herr Heisenberg, how does the electron know when I'm looking?
I have written extensively on this problem at my Blog. I use Morphix which is a system for building live cd's. They provide a core and you build on top of it. I have lightly modified the core (with a custom kernel and custom modules). Then you create a main module (which is just an xml file of debian packages). Morphix tools work out all the dependiences etc. I do all of my development in VmWare as it gives me a separate process space/machine to do all my work in. I will be presenting on it this Saturday at the Cerroitos Lug and the SFVLUG. It will be recorded and I will put the (video)podcast online. Along with notes and configs. Its mostly on VmWare but also how I am using it for development work. Feel free to reply to this post with questions and I will be more then happy to answer them. So vmware+morphix(highly customized) = great results. I am also building an appliance (an exchange replacement with MAPI support). See my signature for links.
Charles Wyble System Engineer
While not getting specifically into what I support, I do support a linux-based application. Here have been some of the issues that I've seen:
* clueless admins who keep up2date running and auto-applying patches. This happened a few months ago, and when they changed the coreutils package on an unrelated change, it broke many of our scripts for code commits from running. This was a bad thing, and it took us a little bit to understand not only what the hell was going on, but what broke the patches. Make sure your systems are QA'ed with auto-applied patches, and ask your customers to update once a week, after you've figured out if it will break something or not.
* VPN/Firewall restrictions: I've got a ticket that I've been trying to work for almost 2 weeks because their site is DOA from the outside. Make sure you can access your sites, either by using a secure VPN, or by having that site grant you permissions for the firewall.
* If it's not Supported, Don't support it. I don't care of you're running the latest version of SuSE, we don't support anything other than SLES. (as an example)
* As much as you'd like to think that everyone out there is a skilled admin, you'll still run up with idiots who think that their shit doesn't stink. You will have to spell it out to them in Kindgergarten terms from time to time if they're too out of it.
HTH;
AC
"Linux gave us a huge jumpstart on development because of it's open nature and the information we've garnered from public mailing lists."
Sure, because everyone knows than non-OSS operating systems don't have any documentation that allows programmers to easily develop for it and certainly not anything as comphrensive, consise, and organized as what you find on a public mailing list.
What part of "How do You Manage a Product Based on Linux?" do you not understand?
.. he's interested in the ways /.'ers are maintaining their linux-based products ...
... perhaps (naively) hoping that the peanut gallery might provide an interesting result.
..
None, actually; I understand it quite well, thank you.
He's not asking for help
Agreed. And I put it to you (and Ryan) that this is a fundamentally flawed approach.
It might indeed be interesting, but it's almost certainly not going to solve his company's underlying problem.
This does not necessarily mean he wants help with his lame system; read closely, and you might realize that Ryan seems quite happy with his approach so far
The AC posting, and my reply, in no way assumed he wanted help with his system; he needs help with a process going forward. This doesn't sound like some hobby he's taken up in his basement; it's an actual product line his employer is attempting to develop and market. He's the one to recommend Linux, but he hadn't at the time thought through how to even begin to manage the complexity of this endeavor. He's happy enough with the results, but not the process, and his company may soon decide that Ryan's approach comes with a great deal of latent overhead.
but this is still an interesting topic worth objective attention.
I fully concur. That doesn't mean that Ryan will get what he wants here; I maintain that he doesn't yet realize how very much there is involved, and the best response to his original question is to enlighten him as to the magnitude of the complexity he's asking.
Its not a screaming/crying/spoiled-brat cry for help that some of the similarly inclined responses have implied, anyway
You're absolutely right; I think he asked his question very professionally, which is why he deserved the AC's (equally professional) response. From reading between the lines it's fairly clear he hasn't realized the scope of the problem, and I think it merits a response (otherwise I wouldn't have bothered posting, or reading any further, in the first place). In fact I really only wanted to highlight a well-written AC response, since it would otherwise have gotten lost in the noise of the other (less professional) replies. As I said, with no mod points today, this was the best I could do.
I love when people hype up "free" software without thinking about all of the other things you need to have in place to get it working. Choosing a platform without looking at critical components like build tools and version control is inexcusable - find another job now before this project is completely doomed and you have no choice.
Why didn't you just say "STFU and RTFM!!!!!!!!1" ('1' intended) and get back to your <sarcasm>thrilling</sarcasm> life? People come here, ask a serious question that's troubling them, and once they make it past the editorial interest filter, they get this bull. This isn't just one more stupid forum, this is Slashdot.
What examples can you provide of these "some issues" you're talking about? The asker is trying to understand the whole process, and you're just telling him to expect trouble? What a worthless comment!
You would manage it the same way you manage any other project. Your application names may vary, but the methodlogy will be pretty much the same.
If someone is passing you on the right, you are an asshole for driving in the wrong lane.
Good choice choosing debian,thats a great disto for many different architectures.
Note, I am just a happy user of TortoiseCvs (and nowadays TortoiseSvn), but not affiliated to the project in any way.
While I do think that was a helpful little tidbit about your scenario, unless I read it wrong, the question was about products based on Linux, not in Linux. That is, specific issues relating to building specialized Linux systems -- particularly here for embedded systems.
There are several reasons why by itself won't work...
First, you're going to first need to remove any and all debconf options during install/update time. Additionally, if there are any packages left that don't use debconf, those will also need to be removed (I don't think there are anymore but I don't know for sure).
Secondly, you're assuming that the configuration files for all the packages is perfect for the appliance. I doubt it.
Thirdly, if I were a small startup company, I might want to think long and hard about which distribution I used. While Debian is great, an appliance like this needs to last a long time in the field. One of the problems with Debian is that policy demands they only support the OS until a new stable is declared.
This may mean a need to do full upgrades on live or semi-live boxes...
Say, something like LinuxLink from TimeSys. You can sign up for a free trial with LinuxLink, or if even that's too much for you, you can take a look at some free (as in beer) tools and FC5-based distributions built using LinuxLink on the TimeSys crossdev site.
Of course, I'm a bit biased, since I'm a former TimeSys employee and helped build a lot of what they're offering :-). Having been through all the pain of building a few hundred Linux SDKs over the past five years, I'd really, really, really recommend using something like LinuxLink. It probably takes away 95% of the pain and frustration of building a custom embedded Linux distro, which lets you get on to doing the really fun stuff more quickly.
"Great men are not always wise: neither do the aged understand judgement." Job 32:9
> There are several reasons why by itself won't work...
...Q's regarding configuration options...
... configuration files for all the packages is perfect for the appliance.
:^)
* .deb and the "firmware update command" is: scp newfirmware.deb device.my.net:/var/local-archive/debs-copied-local ly-for-updates/
Of course, IANAEDDM, and a slashbox is not enough space to fully explain good development practices.
>
Or run debian in "no questions, defaults only" mode, or FAI or debconf answers, etc.
>
Hrm... Appliance... Toaster... All the same... Toaster configurations... Probably not an insurmountable problem.
> an appliance like this needs to last a long time in the field. One of the problems with Debian is that policy demands they only support the OS until a new stable is declared. This may mean a need to do full upgrades on live or semi-live boxes...
One- have you *seen* Debian's release cycle?
Two- have you ever *run* apt-get update ; apt-get upgrade? Even if the "remote repository" is http://127.0.0.1/debs-copied-locally-for-updates/
'nuff said, no harm intended. Fun discussion and fun to think about.
--Robert
Having the process without the software is much, much harder.
I've been using Mercurial to manage my own projects. I figure I can always figure out how to expand it later if I get another developer. I wanted something simple, lightweight, and hackable, yet still with all the features of, say, SVN or CVS, even making the commandline look similar, so that people coming from other systems aren't immediately lost. I think this is the best we've got as far as that goes.
Don't thank God, thank a doctor!
I think he was creating an appliance, which may mean rolling your own distro, which realistically means forking someone else's. But even someone else's distro, you're going to want packages for distribution to the end-user. Only use version control for things you actually need to tweak, but as soon as you start to tweak them, try to use the same version control as upstream, and pull from their repository. And of course, for your own product, it doesn't much matter, but you want version control for yourself and packages for your users.
Don't thank God, thank a doctor!
...you may not have to do a thing.
.so's in your installation dir -- basically, just like you'd do for Windows. Or, you can be a good citizen and actually do an automated compilation/test for every distro, so that you can actually have it link against the local versions of whatever libraries you're using -- so you actually share them.
As far as I know, most native Linux games (unreal, doom, etc) simply distribute an install script, which is essentially the Linux equivalent of a self-extracting zipfile. Distros are free to repackage it, as far as I know, and Gentoo does. Just work with the existing distro maintainers.
You may have other problems, like making everything consistent across distros. You can either go the typical gaming route -- statically link everything you can, and include a couple of
Don't thank God, thank a doctor!
You didn't decide that before you started pushing this out the door????
Dude!
That said, you can still salvage the situation. It would depend on what you're doing with the box.
Personally, I'm not a big fan of the Debian distros because they don't update their packages often enough to suit me. That's really my only criticism of them though. The whole packaging system that they use is pretty powerful and I'm sure that you can bend it to your will to update what ever it is that you're rolling out.
There are a lot of things to consider though. How are you going to contact the client thingys? Will they phone home or will you be pushing updates? How do you handle authentication for the updates? License management? What kind of updates will you be pushing - just text config files or whole new binaries? What about kernel and other software packages? If the hardware is all the same, why not just unpack a gzipped tar ball, hup the service, and forget about it?
You guys have a lot to think about.....
2 cents,
QueenB
HDGary secures my bank
At the risk of raining on the linux parade, I'd advise against linux entirely and would recommend something like Free or NetBSD (my preferred choice for appliances) instead.
.wait a minute, p is now 0xffcdfee0? How the fuck did that bit get toggled?").
Pros of linux:
o journalled file systems*
o significant SMP support*
o better software availability
o all the cool kids are doing it
Cons of linux:
o GPL'd code for the OS just sucks. If you've any customer base worth noting, you've guaranteed yourself some management escalations from some ideological or opportunistic jackass who's worried about this sort of thing (in our last two cases, one was an employee of a competitor and the other was from a consultant who didn't even work for our customer but was given our support information). If you're like us, you'll give them what they want and then they'll quibble that it's not good ("we're sorry we didn't #ifdef COMPANYNAME our changes, run your own goddamn diff"; "no we're not going to give you the user-space code that calls into the virtual device.") enough.
o followon to the previous -- if you're looking at a high-performance application, you're quite limited in the intellectual property you might do with a kernel mod. For example, let's say you want to write a custom openssl bio using a custom stream domain socket type or maybe use a virtual device to mmap memory to avoid some data copying, you just made your life a lot harder.
o Torvalds' infinite wisdom left debugger and crash dump support out of the default kernel (NOTE: you can get patches that may or may not apply cleanly but that's beside the point; ideology just made it significantly more difficult to troubleshoot any kernel crashes which matters even if the crash came from bad hardware since it'll help you diagnose this as well--"this pointer was 0xfecdfee0 when it was passed in on the stack, it got assigned to p, we did a successful dereference of p->blah two instructions ago and now the debugger showing p as inaccessible memory. .
o excepting perhaps slackware, linux distributions pride themselves on their incoherency for configuration as well as their adhoc mechanisms for adding optional software to the system. Likewise, as a general criticism, linux distros pride themselves on their insupportability.
o poor integration with the CM and build system is problematic.
o if you're doing a high-performance application and you've enabled paging, linux' default overcommit strategy for the VM can be problematic as your widgetmabobby gets pre-empted by kswapd (FWIW, it's probable 2.6 is better in this regard; likewise, it's unclear whether or not other OSes are better).
Regardless of OS environment you use, I'd suggest the following things:
o ensure your configuration subsystem and your work subsystem can't screw one another -- if this means separation onto separate processors with partitioned memory, that's good. If that means separation onto separate OS instances, that's better. You don't want some customer's walk of your entire MIB to cause problems for your critical work.
o having a well-engineered build system matters
o don't put all your smart people on what's perceived to be the highest-value part of your appliance. Since you're delivering a product, your customers *will* care that SNMP or NTP don't work.
*for a network appliance that does little disk IO, you might be fine without journalling since the filesystem should be small if you don't fuckup. Likewise, quality of SMP support depends on the frequency of an application's syscalls. Since it's possible to mmap kernel memory directly to userspace, you can write a userspace application that avoids syscalls so a BGL isn't a problem.
1) Immediately go here and read the whole thing. Then keep it near you throughout the entire process of developing your product. Although not as strictly necessary, reading this site definitely won't hurt you either.
2) Do not go near rpm.
3) Do not go near dpkg/apt.
I can safely say that there is no packaging system in existence for Linux which I anyway am completely happy with on all fronts. They all have egregious problems, and what is even worse, re-inventing the wheel tends to get virtual tomatoes thrown at you, because people think you're an idiot for trying to solve a problem that has already been solved...the only thing is, it hasn't been. The reasons for the above are similar for both package managers listed, but broadly speaking,
a) The use of subpackaging and package splitting can (and does) cause all manner of headaches.
b) Unsigned binary rpms/debs are horrible for security.
c) Although dpkg is worse, neither of these systems are particularly robust. I've had them go berserk and trash the entire host distro numerous times when I was trying to uninstall something and the program got the dependencies screwed up.
d) The spec/Makefile formats for both are hideous, and encourage false dependencies, and all manner of sloppiness and bad practice.
e) *Binary* packaging in general has been a practice adopted purely to satisfy the desires of Windows users, and was not originally a fundamental characteristic of Linux. This was because before people started trying to make Linux mainstream, they were aware that binary packaging was a really bad idea.
What I'm doing for my own system is an adaptation of ports, which isn't exactly the same as BSD's ports given that there are differences between the two operating systems...although I'm still intending it to be as portable as possible. For this reason I also do not recommend portage, because it is Gentoo specific.
4) If you default to runlevel 4 on bootup, (going straight into X Windows, with kdm or gdm) make sure the user is told somewhere how to switch to 3 so he can fix anything in xorg.conf that needs fixing. Yes, I know you're also going to want an automagic GUI element that sets such things up...but things at times can still go wrong.
5) Run an open beta, and give it to people with as many different hardware configurations as possible. You want to know about exotic/weird hardware that people are trying to use with it, so that you can find drivers for it and set up detection for it. The end user isn't going to be able to do that, and if you expect them to, they will simply throw your product away. (Unfortunately, they don't need to be able to do it; windows plug and play hardware detection is taken for granted by users of that system, to a large degree)
6) Figure out very early on what your revenue model is going to be, and realise that because you're using a GPLed system, whatever you're going to make money on, it isn't going to be IP. Either make money on support, or open source all of your unique elements (I'm going to be using the BSD license for anything I write myself which doesn't use GPLed code, and recommend that you do the same, for both widest possible circulation and PR points) and then sell integration of said individual elements as a service and convenience.
7) Focus on people who are entirely new to Linux as a target audience for your product, rather than the established userbase. The reason why is because if you try to sell to the existing userbase, you will attract the inevitable screeching, basement-dwelling, autistic FSF/GNU fanatics who if you try and make any money on the product at all, will endlessly whine that you're not doing enough to "give back to the community", (read: cult) irrespective of how much effort you actually do make on this score by open sourcing all of your product's unique elements. They will also complain if you use Gnome as a UI instead of KDE, if you us