Slashdot Mirror
The Decline and Fall of System Administration
snydeq writes "Deep End's Paul Venezia questions whether server virtualization technologies are contributing to the decline of real server administration skills, as more and more sysadmins argue in favor of re-imaging as a solution to Unix server woes. 'This has always been the (many times undeserved) joke about clueless Windows admins: They have a small arsenal of possible fixes, and once they've exhausted the supply, they punt and rebuild the server from scratch rather than dig deeper. On the Unix side of the house, that concept has been met with derision since the dawn of time, but as Linux has moved into the mainstream — and the number of marginal Linux admins has grown — those ideas are suddenly somehow rational.'"
WHOOSH!
TFA concludes with "But if all it takes is a few clicks of a mouse in vSphere's Windows-based client to pop out a cloned server instance (ostensibly built by someone who knew what they were doing), then what does it matter? It's all very convenient and cool, right? Wrong. If you don't understand the underpinnings, you're missing the point. Anyone can drive the car, but if it doesn't start for some reason, you're helpless. That's a problem if you're paid to know how to fix the car." While I agree in principle, the analogy here is off. If the car doesn't start in this case, I can just throw it away and clone a working one.
I’m not a system admin but I don’t see how this is a bad approach.
I see value in finding out what the problem is and why it happened.. if you just blindly re-image then the problem might pop up again at a less opportune time.
But if you know what the problem is... and you have an image of the server in a working state, or a documented procedure on how to set up the server in it’s intended configuration then why would anyone waste time trying to repair it.
I think you have this kind of problem in most jobs. New approaches that make more sense but require less skill (and imply less e-pene) are always hated by people who have already learnt how to do it “the hard way”.
I see this as a programmer all the time and have been a victim of it. I’ve seen a huge chunk of my chosen industry migrate from meat and potato problem solving to gluing libraries together and sprinkling in business logic.
I’ve been fortunate to land in a job where there’s still a lot of “from the ground up” work, but these jobs are getting scarcer as even the components that everyone uses are made from other components. And executable UML (or something of its ilk) is probably going to be the next thing to cut the legs off us.
"they punt and rebuild the server from scratch rather than dig deeper."
From personal experience this is normally due to management jumping down our throats to simply "get it done" which unfortunately runs counter to our inquisitive desires to actually solve the problem.
I suspect it's the end result of pressure to get more bang for their bucks in a tight economy, but that's pure speculation. It really could be a trend of the times.
As hosted services become more and more popular, sysadmins have less interest in spending the time to diagnose and solve a problem - this goes for Windows, Mac OS and Linux/Unix. When a fix is needed RIGHT NOW - the quickest way back up sometimes is a re-image.
When I was a small business IT consultant, I asked clients if they wanted to spend $125 per hour for me to diagnose and fix their system - with the understanding that it could take many hours to research and solve the problem - or if they wanted to spend ONE hour re-imaging the system to a known good point.
Almost everyone chose the "fix it now in under an hour" solution.
-ted
Many times, what I hear as "solutions" are simply variations on the theme: "Why can't we reboot the server?" or "Why can't we reinstall the server from scratch?".
And my answer usually was: "Listen, I don't care how many times you do this on a Windows machine, but this is UNIX - I'll only reboot this machine if I absolutely need to. In the meantime, watch and learn as I kill the offending processes. Oh, and re-installing the machine means 24h of downtime".
These days, I help run a (very) large application, which runs on top of a (very) large "enterprise" SQL database for a (very) large company. The only problem is: enterprise application does not manage database very well, and leaves zombie processes on the database server. After a while, the database server just crashes (hard) and takes down the application server with it. Logical solution (and the one recommended by sysadmins): upgrade application to version X, which is supposed to have a much better database management.
What do you think the PHB/management solution is? Ask the DBAs to write a script that will monitor zombie processes, so the sysadmins will be warned in advance... Like, around 20 minutes before the application crashes. Just enough time to tell all users to save their work, because we need to reboot everything. Just like under Windows.
Did I mention the application is considered mission-critical and runs 24x7? And that downtime can cost more than 6 figures to said (nameless) company?
And, since you asked, yes, I am looking for another job. (Clueless admins and pointy-haired bosses: a match made in...)
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
There are a lot of cases where pressing the button means that the problem will go away...for a few weeks. It will work right until you hit the same conditions that caused the problem in the first place. Suddenly, your using the refresh to cover up either a poor implementation, or a standing bug, and it isn't going to go away until you call that guy in suspenders.
Sure it was cool, back in the day, to spend 72 hours working on "the server" because even rebooting was not an option. Back then I had 3 servers, 10 years later I had 15. I didn't have the time to get into why each little snowflake of a problem was happening, I knew reinstalling and upgrading components would be a more prudent use of time. If I can rebuild a server and restore a data backup in 4 hours or I can spend an infinite amount of time "fixing" the existing install, which option do you think my PHB would prefer? It is not bad administration, it is just different.
It sounds like this guy is just upset that technology has progressed to the point where we don't need to pay out the nose for some high-priced UNIX consultant to spend 3 days troubleshooting an issue that can be fixed in minutes or hours.
Just because you might learn more by spending days chasing down an issue instead of using your available tools to quickly redeploy the server and get the business back up and running, doesn't make that the correct decision. If you really want dig into the root cause, clone the broken VM off and research it after you get a fresh one deployed from template.
This seems to me to be a philosophical question. Indeed, if the uptime and more importantly availability is higher by the purported crash and burn (taking liberties with the slash and burn deforestation technique) method, who is to say it is less useful or less valid? Indeed, to espouse skills over delivering for the client seems to be missing the point. It seems to be standing on some pedagogical imperative that knowledge is somehow of more value in the workplace than delivery.
Now - having said that - don't get me wrong. I have seen entirely too many *nix sysadmins (full disclosure: I got an RHCE in 2003) who don't know where the network config files are because they only know the GUI, and are hired by a team of people who have never logged into a *nix box. However, I think the ill that is most egregious is not that it sets some moral and ethical imperative fo fixing rather than reloading (or in this case, recovering from a VM image) a server, but the fact that it misses the point that there has been a dearth of qualified IT candidates since the dawn of our industry and that the fixes to this don't have to do with how we fix a server, but how we hire and more importantly who we hire. As is everything in IT, garbage in == garbage out.
Finally - I absolutely agree with the Infoworld argument. It assumes an unexpected failure within the server, not some external thing that needs to be diagnosed and fixed. If your app crashes because the SQL table isn't there on the SQL server you don't control, rebooting ain't going to do a hill of beans worth of good.
With bare metal virtualizatoin, there is not that much to maintain, and there is pointy clicky software to do that. No real admin skills required.
http://en.wikipedia.org/wiki/The_decline_and_fall_of_the_roman_empire
Sometimes a server is gradually degrading due to some issue. During that time, things are being modified. If you learn that the problem started a few months ago, you can't just re-image an old state and loose everything that had changed since then.
Of course to make app servers as stateless as possible helps against this problem. One of the reasons that my company enforces that data are kept on physically separate DB servers, and (virtualized) app server instances should be as dedicated to a single app as possible.
Till the problem occurs in the middle of the work week and you still don't know what the actual problem is. Then your looking at an hour of downtime during business hours while you re-image yet again with your boss asking what the hell the problem is and what you were doing on the weekend if you weren't solving the actual problem.
Covering up a problem is not the same as solving it.
Of all tyrannies, a tyranny sincerely exercised for the (supposed) good of its victims may be the most oppressive
Because pointing and clicking inherently takes more skill than using CLI, right? Never mind that most CLI commands will readily assist you with syntax if your format incorrectly, whereas documentation for a GUI, if it exists at all, is often useless..,
I'm not sure I buy everything in TFA, but have to admit to a certain extent this phenomenon is real. I've noticed, however a tendency to regenerate an instance, and when it doesn't work regen it again, and again and again because the purposely overextended and/or undertrained admin doesn't have time to figure out that the problem is in his template or due to something external like a dup ip. Come to think of it, this type of endless cycle seems to be fairly common in the Windows world. I guess we've caught up.
Sometimes the user has to diagnose the problem themselves, which is a win for the IT manager because the time didn't come out of the IT budget.
I'm hoping that at some point these practices will be recognized as the false economics they are. But I'm not holding my breath.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
As VM's are virtualized and taking snapshots of them becomes so easy, why would you bother troubleshooting anything when you can just restore to a snap that is an hour old?
The security exploit that cracked the old image in less than a second, will crack the "identical" new image in less than a second. Or data sample #1213 which overflowed the buffer and crashed image A will simply overload and crash image B.
What it really brings up is a class distinction in sysadmins. Theres the guy whom actually fix systems, like patching security holes in system libraries to work around app bugs, redesigning firewall ACLs to avoid a new threat, do scalability assessments before the overload crashes something, and there are the guys that fix individual things like motherboards and hard drives, not administer systems, basically help desk people with the fancy sysadmin job title. Virtualization means the helpdesk board swappers with the cool job titles are outta here, but the real sysadmins have little if anything to fear.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
Oh, and re-installing the machine means 24h of downtime
I am with you except here. If re-installing a machine incurs 24h of downtime, you do not have a suitable contingency plan. Most environments I deal with are 15-20 minutes from offline to production on reinstall at the long end.
I agree that if the system is as critical as they say, they should have a better failover in place, however in a lot of companies, very little importance is placed on Live Failover systems. More than likely he's including lots more than the OS/Application build in that 24 hour timeframe.
Probably database reload/recovery time, or file system initialization (inadequate RAID controller to Disk design?).
This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
This whole argument is retarded. I always pick the most appropriate response to the problem at hand. If your server is hosed and not booting, I don't have time to mess around with some Knoppix DVD, trying to figure out exactly where in the boot process it is dying. Especially if you have nightly backups! Sometimes a clean sweep and restore is perfectly acceptable and reasonable. Why even sacrifice downtime trying to troubleshoot an issue that could be resolved within minutes?!
Now, if it happens again the following night, you do have a deeper problem and should investigate it further, because constantly restoring the machine is now the inefficient part in the process.
It's like we've lost common sense in favor of our technical ego.
... documentation for a GUI, if it exists at all, is often useless..,
How true. There popular explanation of the difference between a CLI and a GUI is that CLIs are so complicated that you need a manual to use it, whereas GUIs are so simple and intuitively obvious that no manual is needed.
Of course, the reality is that this attitude allows vendors to supply GUIs without any "unnecessary" manuals, but make the nested tree of windows and menus so deep and complex that nobody can ever remember where everything has been hidden, and there are no good tools to help you find something that you know is in there somewhere.
Meanwhile, the people who build the CLI know that nobody can ever remember it all, so they include tools for finding your way around. They also tend to make the defaults for the commands fit the most common cases, so you don't have to use the manuals all that often. And most tools have a -help option (though they can't quite agree on how to spell it), to provide quick reminders. And the CLI includes a current directory, search paths and aliasing, so you don't have to remember full paths to everything.
One of the ongoing frustrations with every GUI is constantly seeing a new window pop up, which is positioned back at the root directories, and I have to laboriously poke at things to get down to the directory that I'm working in. Then, when I do what the window was opened for, it closes, all that navigation is lost, and I have to do it all over again the next time I want to access a file in the same directory.
GUIs may have some aesthetic appeal (aka "pretty pictures"), but they remain the slowest, clumsiest way to use a computer that we've yet developed. But I trust that people are working on finding ways to make it even clumsier and slower. This seems to be happening with the "cloud" approach, for example.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
Someone still has to maintain the machines that are actually running the VMs.
This is true. What's also true is that those admins can be fairly intensely busy running those machines. The summary mixes the concepts of the growing age of virtualization with "marginal admins." The summarizer doesn't really know what's going on, I think. In intensive virtualization operations, the talent pool is shrinking, but growing more concentrated. Cross training is now becoming more common, with the few critical people one has for the core operation being, trained in operating systems (both windows and linux), storage administration, and network administration.
These admins are often far too busy to spend a great deal of time on a specific VM. They're might be literally thousands of virtual machines in a large operation. For just one VM to draw their attention, it has to be something important and shared. Domain controllers, DNS systems, Radius servers, or other shared production systems will often get close attention, but if a quick reboot might resolve things and isn't any more disruptive than the current problem, of course you are going to do that.
What I think the summarizer isn't really grokking is that in this growing age of virtualization, the number of admins per server is going down a lot, and the focus of these admins has changed.
C//
Sounds like you have poor unix admins that are exactly the reason this mindset is prevalent. I can tell you from 15+ years as a Unix admin, the only times I have "needed" to reboot were: upgrades (OS or hardware), hardware failure, and testing of init scripts. Real, stable, properly administered systems don't need rebooting. I even think this is fair to say of Windows. The problem is, as already described: there are not many good Windows Admins.
It's VMs all the way down.
Could be. One of my favorite cosmological theories is that our universe is a simulation. In the "real" universe, there's a big computer that has a data object for every elementary particle in our universe. The simulation software (probably massively parallel) "steps" through the simulation, by calculating the position and velocity of each particle after the next time quantum. The beings running the simulation can stop it, do a bit of editing, and restart, which explains the religious "miracles" that have been so often reported.
It's hard to imagine how we could test this hypothesis. If we were to do a successful test, the simulation could just be stopped, reloaded from backup, and edited so our test came out inconclusive.
Of course, if this is valid, then we should also consider that the simulation might itself be running in a simulated universe ...
That's really not too far from Hermetic thought, which is quite ancient. What follows is an oversimplification I hope is still useful. The main difference could just be that they didn't have computers thousands of years ago. Rather than imagining that the simulation is running on a highly advanced computer that's basically a machine of the ultimate sophistication, they conceive the simulation (the "software") to be thoughts in the mind of God. It's also an explanation for how God could be transcendental, beyond the Universe, omniscient and omnipresent, but not some old man in the clouds you could shake hands with like the more childish notions of God.
The Matrix is based on some very old ideas.
I also think it's fascinating to wonder ... if you could see the Universe as a whole, in its entirety, all at once, like perhaps from the perspective of another Universe, what would it look like? Would it look like a single living being, recognizable as such? Would it look sort of like a man even, as in the "we are made in the 'image of God'" idea? What fascinates me about that is the notion of galaxies being like cells in its body, which are made of stars, which have planets, which have organisms, which are made of cells, which are made of molecules, which are made of atoms, which are made of subatomic particles, etc, potentially to infinity. It could be infinite both ways, scaling ever smaller and also scaling ever larger. It's like the fractal Universe idea.
That, in turn, reminds me of the holographic Universe idea. It's a notion of such a fractal nature in terms of interrelatedness. It's an analogy for how the "parts contain the whole". Basically, if you take a glass photographic plate and take an ordinary photograph on it, and then break that plate ... you get something like a jigsaw puzzle. Each piece has an incomplete fraction of the total information. If you put a hologram onto a photographic plate and then break that plate into pieces, you get something quite different. You don't get a jigsaw puzzle at all. If it breaks into 10 pieces, then you get 10 complete holograms containing the full information of the original, just with each of them 1/10th the size of the original.
It's like the notion that truly understanding yourself would require truly understanding the Universe. Carl Sagan may or may not have been thinking something like that when he said, "in order to make an apple pie from scratch, you must first invent the Universe."
It is a miracle that curiosity survives formal education. - Einstein
My average Unix (in the past decade, Linux) system uptime between reboots is now 3 to 4 years.
Not surprisingly, most of the reboots are there exactly for installation (aka "rebuild") of an updated OS usually on the next generation of server hardware. Major package upgrades (e.g. MySQL, Apache) almost never require any tinkering with the OS.
I compare that to typical Windows servers in my group, where reboots happen in many cases nightly as a preventative measure, and the system is still some crufty old version of Windows (e.g. Windows NT), the application packages are deeply tied to DLL's and drivers, and I suspect that the statistics and attitudes are apples vs oranges.
At seriously large scales, the rate of problems caused by events previously considered so improbable that you'll never likely see them in your career, become likely. TCP checksums are weak. Cosmic rays cause bit flips. Sometimes those bit flips mutate data on the way to the disk, so you never notice unless you've also checksummed the data and read it back and re-check it after writing it.
At these scales, it's fruitless to try and root cause every problem that happens, because you will hit problems like these that most sysadmins simply aren't likely to ever figure out. Document (statistically) the problem and re-image, without a second thought. In fact, write automation to collect some data and re-image for you when this situation occurs. Once you have a few repeats of the same event, or the statistics you've been collecting show a disturbing trend, THEN try to do some root-cause analysis. Otherwise, you're just wasting your time chasing things that you're not likely to figure out, or meaningfully fix if you do figure it out.
To my mind restoring from image isn't a replace for system administration, but it can buy you precious time. Too many times in the past I've had a gun to my head over trying to figure out why this database server or that mail server was barfing, and if I could have just kept things going while I tested on a sandboxed copy, it would have been a lifesaver. VM images and other type of OS images are tools, nothing more and nothing less. At the end of the day you still have to have some skill in troubleshooting, otherwise even with these powerful tools your system will be down the tubes soon enough.
The world's burning. Moped Jesus spotted on I50. Details at 11.
No, the difference is that a CLI is nearly impossible to use if you aren't familiar with it - the semantics and syntax are as, if not more, important than the concepts - whereas a GUI requires much less focussing on the "how", allowing much more focussing on the "what".
Ridiculously untrue, particularly in the context of non-specialised, non-expert users.
Of course, the reality is that this attitude allows vendors to supply GUIs without any "unnecessary" manuals, but make the nested tree of windows and menus so deep and complex that nobody can ever remember where everything has been hidden, and there are no good tools to help you find something that you know is in there somewhere.
I think it's even worse than that.
If you have a problem to solve with a CLI then you might spend several days trying to make something work the way you need it to, but, once it's sorted it's very easy to document it for next time. (where next time might be several years down the line)
With GUI it's almost impossible to know what you've actually done at the time, let alone several years later.
Need to change a config file - take a copy, make changes, experiment etc. Once you've worked out what it is you actually need to to, restore the copy and then make the required changes. (Or just diff the original with the new version, "Hmmm, don't think I should have changed that setting, I'll change it back".)
With a GUI that "try this, try that" means that you have no idea what you might inadvertently/incorrectly have changed on your way to fixing the issue that you were really interested in.
And five years later when you need to do it again - CLI, all the options have changed subtly but your notes immediately give you a point to google and half an hour later you've worked out the correct set of switches to achieve what you need with the current version.
With the GUI, even if you've got perfect notes on what you did back then if it's even slightly non-obvious then it's very likely that the configuration option you need doesn't even exist any more (but no way to tell that of course).
Tim.
God said, "div D = rho, div B = 0, curl E = -@B/@t, curl H = J + @D/@t," and there was light.
If you end up rebuilding the server 5 times over the course of the year, at 2 hours per pop,
W T F. If you rebuild a server more then once every 3 years...
..Then your hardware sucks and you need better equipment.
..Then your applications suck and need to quick dicking with the operating system.
..Then your admins suck and need to be fired.
While I've only been doing admin work since '95, I can say with any modern server operating system is not going to fall over and die unless there is an underlying issue that needs addressed. I guess this is why I'm the bearded guy that comes in and fixes messes. I also say once every three years because by that time Windows can become a mess of security patches that will run better from a fresh install.
> with a CLI ... it's very easy to document it for next time.
Indeed - just run "script" before starting typing.
Show me the equivalent of that for any GUI too.
And once you've cleaned up your document (changing 'vi filename' to 'sed .... filename') you can usually get to the point where you can just run your documentation with /bin/sh the next time you need it.
> a clean sweep and restore is perfectly acceptable and reasonable
NNNOOOOOOO!
Often a glitch like that is the only evidence you'll have that a machine had been compromised or that hardware is failing.
If you must do a clean sweep, do that on a standby system, and keep an image of the failed one until you can investigate the exact reason for the failure.
I always thought it was MCRE..??
Microsoft Certified Reboot Engineer...?
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
Why even sacrifice downtime trying to troubleshoot an issue that could be resolved within minutes?! Now, if it happens again the following night, you do have a deeper problem and should investigate it further, because constantly restoring the machine is now the inefficient part in the process. It's like we've lost common sense in favor of our technical ego.
You make a fair point. However, the fundamental question is more complex than you're giving it credit for. There's always the question of tradeoffs between immediate, fast fixes and long-term advantage. That has to be balanced with the situation at hand, of course. But there are times when the initial time / effort investment pays off in the long run. And that trade-off as much a philosophical question within the admin world as a technical one.
Quite a few years ago, we were migrating our institutional firewalls from one product to an entirely different product. Large institution. Very large and complex rule sets consisting of a lot of legacy. We paired down the rules a bit by taking advantage of the effort to audit out some legacy cruft. But we still had a pretty impressive configuration to convert between legacy and new environments. Eventually the rules got split between two of us - I got one firewall boundary and a co-worker took the another.
My co-worker got immediately to work on his portion of the rule-set. He was a very hands-on kind of guy. His tactic was to read a given rule from the legacy system and manually write up the equivalent rule (including various objects, groups, etc.) for the new system.
My tactic was different. I created a few test files based on a sampling of legacy objects. I then went to work creating several scripts that could be run in sequence to do specific tasks that would convert our legacy configuration files to a configuration file for the new environment as well as a simple expect script that would load that configuration in to the target devices when the time came.
I have to admit that I was knocking off a fair bit of rust during my scripting exercise; my script development was far from efficient. So I wasn't too surprised that my co-worker was churning through configuration well before I had a functional, error-free script. It was a little disconcerting when he announced his config. file was complete before I had my script. Which had me questioning whether I was doing the Right Thing by spending time developing scripts instead of just banging out a config. file. But shortly after my co-worker's announcement, I had my script converting legacy to new configurations. Even if I had wasted time writing scripts, I hadn't wasted TOO much time.
Then came the sanity checking. We swapped config files and went over each other's configurations with new eyes. He manually spot-checked my work. I ran his legacy config file through my scripts and then compared my script's config to his manually written config. That was the first dividend. I uncovered numerous typos very quickly.
Then came the implementation. I won't go in to details and make an already long story longer. But in the middle of a massive down-time, we discovered some fundamental mistakes in how the firewall was being deployed. We would have to rework the firewall configurations. We were already past the half-way mark, everyone was tired, and it seemed like we'd have to pull the plug and go back to legacy while we re-grouped and scheduled another major outage to try again at some future date. It wasn't Fun Happy Time. I pondered over the situation. I realized that if I made a few adjustments to the outputs of my configurations in between running the various stages of my conversion scripts, we'd have our new configuration adapted to the new reality. I ran my scripts. And despite the limited time and our fatigue, I was able to produce the config we needed to press forward. The deployment was a success.
In the end, there were two competing strateg
No, the difference is that a CLI is nearly impossible to use if you aren't familiar with it - the semantics and syntax are as, if not more, important than the concepts - whereas a GUI requires much less focussing on the "how", allowing much more focussing on the "what".
Yes. The only problem is the "where" gets a little jumbled up every now and then, but that's the result of a sloppy implementation, not a flaw inherent to GUIs.
In fact failover provides support for this sort of thing and is hardly a step away from proper administration.
This is actually a very good thing. Far too often people have automatic failover but never test it and are shocked to find it doesn't automatically failover and remained undetected because failover is never tested.
No, the difference is that a CLI is nearly impossible to use if you aren't familiar with it - the semantics and syntax are as, if not more, important than the concepts - whereas a GUI requires much less focussing on the "how", allowing much more focussing on the "what".
While there's a certain truth to this, GUIs are in general a lot less "intuitive" than people tend to believe. Without documentation and training, most users are unaware of most of their GUI's capabilities, and have great difficulty in learning much more than the basics.
An example I've read a number of warnings about in web-design documents is that a significant number (often estimated at around 50%) of "non-geek" users don't understand scroll bars. This is usually mentioned along with the advice to put the important part of your web pages close to the top, because the non-scrolling users won't be able to see anything below that.
Yes, I was dubious when I first read this. But over the years, I've run into several clear examples. I've been involved in building web sites for some very non-geeky organizations. The orgs' leaders generally want a lot of stuff on their main page, and at the top they usually want some text about the organization, its purposes, its main activities, etc. They also agree that it's good to have a list of upcoming public events on the main page, and inevitably that's positioned below the introductory text, so it's often not visible unless the user has a rather large window.
In each case, there were eventually meetings with discussions of how to improve the web site. One thing that would come up was suggestions from users (including members) that the home page should have a list of upcoming events. The leaders have always been dumfounded by this. "But, but, ... There is such a list on the home page." "What?? No, there isn't."
Eventually, I have to interrupt, and explain to the org's leaders that they're hearing from people who don't understand scrollbars, have never seen the events table because they don't scroll down to see it. The users are, of course, confused; they know that there's no such table because they've never seen it. We bring up the site on a handy machine (preferably a laptop or tablet with a small screen), and I show the users that it's there by scrolling down to it. Their response again is confusion, because they don't know what I did or how I did it. "Why's it hidden like that?"
So I teach them about scrollbars, and a few users have learned something useful. But this has a more important effect: It gets across to the leaders why their design was wrong, as I'd been telling them, and they'll have a better web site if they'll let me fix it.
One instance of this happened just last week. The org's web site now has that block of extensive history and purpose in a separate box at the bottom of the page, and the table of coming events is positioned near the top, just below the logo bar, where non-geek users will see it and be able to read at least the first few entries.
Examples like this abound in GUI design. Many of the common widgets are not at all intuitive to most people. Even if they accidentally poke at things and trigger the actions, it's often difficult to grasp what the effect was. You see things change, but the changes don't make sense, and have no obvious relation to the icon that you clicked on. Often the icons don't look like anything that most users can name. The result is that most of the GUI is unusable to most of the users.
I wish I knew good ways around this. But truly making a GUI obvious is very difficult, and takes a lot of time studying the users and learning about their misconceptions. I very rarely have the time to do this, and in many cases the people paying me have expressly forbid wasting time with dumb users.
And that's something that's very difficult to program around. ;-)
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
Some of the comments here remind me of a post on a woodworking board a few months back. Essentially, the poster was lamenting because he had to fire a guy because he couldn't afford to keep him... Not because of the economy, but because the guy was an absolutely inflexible perfectionist. He'd spend $300 worth of time on what should have been a $60 job... The guy was a hell of a woodworker, at home in his own shop, but just couldn't adapt to a production environment.
This isn't about Windows vs. Unix. This is about admins not understanding their job is to get production rolling again, not to satisfy their obsessive need to understand every problem or their need to satisfy their ego. ("I'm a UNIX admin dammit, I refuse to use habits that make me look like a Windows admin" or it's equivalent is a refrain modded up again and again here on Slashdot.) If a reboot or a re-imaging fixes the problem, that's the right solution. If it doesn't, *then* you dig deeper.
That, is entirely a matter of opinion.
No, it doesn't. Your comment assumes that an interface should *have* to be learnt, to be easy to use.
No, the CLI appeals primarily to people who like to focus on memorising semantic minutiae and believe that doing so is, in and of itself, a productive endeavour.
The implication that GUIs are only used for "trivial" tasks is ridiculous on its face.
There is nothing unique to Windows, or even computers, about this. Do you know the intricacies of how your car works ? How about your blender or oven ? Could you fabricate a new bed or sofa from raw materials, and without modern tools ? Do you grow your own produce ? Could you butcher a cow or chicken ? Could you set a complex fracture or create your own painkillers ? Can you brew your own beer ?
No, it's nothing like that at all. One is an example of financial irresponsibility and the other is simply realising that you do not need a deep and intricate understanding of a given thing to use or take advantage of the services or benefits it provides.
Sure, but the point is with a CLI and no understanding of its syntax and semantics, you're pretty much dead in the water from the get-go. You could have a deep understanding of networking, but if you're unfamiliar with the syntax of iptables, you're not going to be able to configure a Linux firewall.
Your scrollbar example is actually a good one, because it highlights the key differences between a GUI and a CLI. In a GUI, there is both a visual indicator that the content is larger than a single page, positive feedback from the UI element if the user tries to interact with it (ie: it reacts to a mouse click), and secondary feedback that the UI element is important even if it is triggered "accidentally" (ie: it moves if the user presses page down, space, or in some other way makes the page scroll).
In a CLI, you would simply be presented with a single page of text. Advancing to the next page would require knowing which key(s) to press to do so. If you don't know the key, you're screwed. Some CLIs may present a "press space to continue", or similar, message, but that's starting to blur the line between CLI and GUI, IMHO.
Further, the new knowledge those users have about the scrollbar is now applicable to pretty much any GUI they use in the future, even ones running on completely different OSes (I recognise this doesn't apply to all UI elements, but the fundamentals - buttons, menus, scrollbars, selection boxes, etc - are pretty consistently implemented in similar ways across the board). The knowledge they have gained about the CLI interaction is probably specific to that CLI only (how many different ways in different CLIs do you know of to trigger a page down ?).
Sure, but the point is that there *ARE* things there to "poke at" and there is feedback that something actually happened. A CLI has neither - you need to know the commands in advance to do anything, and often the only feedback from a command is to indicate an error (and frequently said feedback is not useful at all in understanding what the error was).
Human cognition is highly depend on visualisation, context and feedback. A CLI interface lacks - or typically has very minimal implementations of - all of those.