FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Server Development

 
 
LinkBack Thread Tools
 
Old 02-16-2012, 05:33 PM
Alex Esterkin
 
Default MySQL's future in Debian and Ubuntu

As an end user, I would most strongly dislike this.* You clearly don't understand how corporate users think and operate, how they work with open source technologies, and how they plan and evolve their technical roadmaps.*



Last year Ubuntu inflicted enough damage on itself by messing up with UI and display management.* Replacing OpenOffice with LibreOffice was not a success story either.**

A year ago I had plans to migrate my remaining CentOS and Debian servers and test environments to Ubuntu and I recommended using Ubuntu for a couple of server appliance products we had in the works.* These plans were revisited and revised in the fall, based on revised Linux distro release and roadmap assessment.*



As far as MySQL is concerned, I don't care at this point what your Ubuntu server distro plans are, as I have already migrated away from Ubuntu.*

However, if the discussion about replacing MySQL also spreads into the Fedora Project and CentOS communities, that would give me a very good reason for migrating/porting MySQL apps and products to Postgres.**



Regards,

Alex Esterkin,
*** Former Chief Architect, Infobright

On Tue, Feb 7, 2012 at 04:37, Clint Byrum <clint@ubuntu.com> wrote:


Many of us in the Free and Open Source software community have seen a

trend regarding Oracle's stewardship of Open source software that it

inherited when it purchased Sun. In particular there were two fairly

large public project blow ups that resulted in OpenOffice splintering,

and the Hudson community (almost?) completely moving to an independent

fork called Jenkins.



It has been brought to my attention that MySQL may have gone this way

as well, but in a much more subtle way. This started about a year ago,

and has only recently really become obvious.



A few notable fellows from the MySQL ecosystem have commented:



Mark Callaghan

http://mysqlha.blogspot.com/2011/02/where-have-bugs-gone.html

(read the comments on this one, very informative, and most of the

commenters are extremely important non-Oracle members of the MySQL

community)



http://mysqlha.blogspot.com/2011/11/great-work-bug-12704861-was-fixed.html



Stewart Smith:

http://www.mysqlperformanceblog.com/2011/11/20/bug12704861/



And the CVE's are extremely vague:



http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0119



"Unspecified vulnerability in the MySQL Server component in Oracle MySQL

5.1.x and 5.5.x allows remote authenticated users to affect availability

via unknown vectors"



Links to here:



http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html



Which links to here:



http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1390289.1



Which requires an account (which I created). I did try to login but got

some kind of failure..



"Failure of server APACHE bridge:".



The bzr commits for the latest MySQL releases also reference log bug#'s

that are thought to belong to the private oracle support system, not

accessible to non-paying customers.



This is all very troubling, as in a Linux distribution, we must be able

to support our users and track upstream development.



So what should we, the Debian and Ubuntu MySQL maintainers and users,

do about this?



Well there is a Jenkins to MySQL's Hudson, a LibreOffice to their

OpenOffice.



MariaDB 5.3, in release-candidate now, is 100% backward compatible with

MySQL 5.1. It also includes a few speedups and features that can be found

in MySQL 5.5 and Percona Server. It is developed 100% in the open, on

launchpad.net, including a public bug tracker and up to date bzr trees

of the code.



http://mariadb.org

https://launchpad.net/maria



I'm writing to the greater Debian and Ubuntu community to ask for your

thoughts on a proposal to drop MySQL in favor of MariaDB. Its clear to

me that Oracle is not going to do work in the open, and this will become

a huge support burden for Linux distributions. The recent CVE's had to

be hunted down and investigated at great difficulty to several people,

since the KB articles referenced and the internal Oracle bug numbers

referenced were not available.



This will only get harder as the community bug tracker gets further out

of sync with the private one.



There is some need to consider acting quickly:



Ubuntu precise, the next LTS release of Ubuntu will be hitting feature

freeze on Feb. 16. The release, due in April, will be supported with

security updates for 5 years. That may be 5 long years of support if

MySQL continues to obscure things.



Debian wheezy is still quite far off, but it is critical that this be

done and decided by the time the release freeze begins.



So, here is a suggested plan, given the facts above:



* Upload mariadb 5.3 to Debian experimental, with it providing

mysql-server, mysql-client, and libmysqlclient-dev.



* For Ubuntu users, upload these packages to a PPA for testing

applications for compatibility, and rebuild testing.



* If testing goes well, replace mysql-5.5 with mariadb in both Debian

unstable and Ubuntu precise. If there are reservations about switching

this late in precise's cycle, ship mysql-5.5 in precise, and push off

Ubuntu's transition until the next cycle.



Before I strike out on this path alone, which, I understand, may sound

a bit radical, I want to hear what you all think.



Thank you for your time and consideration.



--

Clint Byrum <clint@ubuntu.com>

Ubuntu Server Team

Debian MySQL Packaging Team



--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 02-16-2012, 05:34 PM
"Fabio T. Leitao"
 
Default MySQL's future in Debian and Ubuntu

Great stuff,
What ever the choice, even if it is to keep MySQL alone, lets remember MySQL will not be dropped ! Any one would still be able to install the Oracle GA if they wanted to (from some repository, probably partner, or even main)


If indeed there is a replacement, I can only talk about what I have experienced firsthand... it mus have ALL THE SAME COMMANDS AND PARAMETERS AND DB ENGINES so that every init.d, upstart and shell scripts must work unware of the change, even the DBA might not be aware of the change unless he types a $ mysql --version


MariaDB has met those criteria for me.
Other DB engines are welcome frosting in the cake.
Yet, at the same time, it MUST BE VERY CLEARLY DOCUMENTED the change itself, the underlying reazon to do so, the possible good and bad impact (such as know issues)... it could even explain the alternatives, between other DBs in the MySQL environment, including the "official" Oracle MySQL or even PG.


And I am sorry to all PG users, I know its an excelent DB, but no one but who is not already a PostgreSQL user even consider it as an alternative.*
Apple has changed its embended DB from MySQL to PG in the MacOSX Server when Oracle has purchased SUN.*Anyone could still choose to manually install MySQL (or any other), but it has a caused major issues in their user base and crippled several programs that were already pretty stable in the previous release. Not the change of flavors (to PG) but the buggy implementation of the change and the fact that it was so poorly documented.*


Lets try not to repeat their mistakes here.*

2012/2/16 Colin Charles <colin@montyprogram.com>


Hi!



On 16 Feb 2012, at 17:24, Henrik Ingo wrote:



> Clearly I was unclear in my previous email. The 2 year support is not

> true for any of the alternatives. MySQL gives 5 years (and more for

> customers that pay), Percona trails MySQL so they also end up doing 5

> years (and more for paying customers). MariaDB also does 5,

> apparently.



Oracle supports MySQL for 5 years from date of release commercially. There is supposedly only two GA releases supported at any one given time (in active support for community use). Of course we have no idea if this is true yet or not since 5.1 and 5.5 are still supported. We will know "firmly" what their plans are when 5.6 is released. Will it then be that 5.1 will drop from active GA support? I have no idea (as I don't work for Oracle). Only time can/will tell





--

Colin Charles, http://bytebot.net/blog/ | twitter: @bytebot | skype: colincharles

MariaDB: Community developed. Feature enhanced. Backward compatible.

Download it at: http://www.mariadb.org/

Open MariaDB/MySQL documentation at the Knowledgebase: http://kb.askmonty.org/





--
Fábio Leitão
..-. .- -... .. ---* .-.. . .. - .- ---* ...-.-



--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 02-16-2012, 07:25 PM
Pandu Poluan
 
Default MySQL's future in Debian and Ubuntu

I agree 100%.


Even though I'm a huge fan of PostgreSQL, if the standard database has been MySQL, then the next release must stay MySQL or something that's a drop-in replacement of (e.g. MariaDB).


After all, those using PostgreSQL are skillful enough to know how to install PostgreSQL when they need it ;-)


Rgds,



On Feb 17, 2012 1:44 AM, "Fabio T. Leitao" <fabio.tleitao@gmail.com> wrote:
Great stuff,
What ever the choice, even if it is to keep MySQL alone, lets remember MySQL will not be dropped ! Any one would still be able to install the Oracle GA if they wanted to (from some repository, probably partner, or even main)



If indeed there is a replacement, I can only talk about what I have experienced firsthand... it mus have ALL THE SAME COMMANDS AND PARAMETERS AND DB ENGINES so that every init.d, upstart and shell scripts must work unware of the change, even the DBA might not be aware of the change unless he types a $ mysql --version



MariaDB has met those criteria for me.
Other DB engines are welcome frosting in the cake.
Yet, at the same time, it MUST BE VERY CLEARLY DOCUMENTED the change itself, the underlying reazon to do so, the possible good and bad impact (such as know issues)... it could even explain the alternatives, between other DBs in the MySQL environment, including the "official" Oracle MySQL or even PG.



And I am sorry to all PG users, I know its an excelent DB, but no one but who is not already a PostgreSQL user even consider it as an alternative.*
Apple has changed its embended DB from MySQL to PG in the MacOSX Server when Oracle has purchased SUN.*Anyone could still choose to manually install MySQL (or any other), but it has a caused major issues in their user base and crippled several programs that were already pretty stable in the previous release. Not the change of flavors (to PG) but the buggy implementation of the change and the fact that it was so poorly documented.*



Lets try not to repeat their mistakes here.*

2012/2/16 Colin Charles <colin@montyprogram.com>



Hi!



On 16 Feb 2012, at 17:24, Henrik Ingo wrote:



> Clearly I was unclear in my previous email. The 2 year support is not

> true for any of the alternatives. MySQL gives 5 years (and more for

> customers that pay), Percona trails MySQL so they also end up doing 5

> years (and more for paying customers). MariaDB also does 5,

> apparently.



Oracle supports MySQL for 5 years from date of release commercially. There is supposedly only two GA releases supported at any one given time (in active support for community use). Of course we have no idea if this is true yet or not since 5.1 and 5.5 are still supported. We will know "firmly" what their plans are when 5.6 is released. Will it then be that 5.1 will drop from active GA support? I have no idea (as I don't work for Oracle). Only time can/will tell






--

Colin Charles, http://bytebot.net/blog/ | twitter: @bytebot | skype: colincharles

MariaDB: Community developed. Feature enhanced. Backward compatible.

Download it at: http://www.mariadb.org/

Open MariaDB/MySQL documentation at the Knowledgebase: http://kb.askmonty.org/





--
Fábio Leitão
..-. .- -... .. ---* .-.. . .. - .- ---* ...-.-




--

ubuntu-server mailing list

ubuntu-server@lists.ubuntu.com

https://lists.ubuntu.com/mailman/listinfo/ubuntu-server

More info: https://wiki.ubuntu.com/ServerTeam

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 02-17-2012, 03:47 AM
Stewart Smith
 
Default MySQL's future in Debian and Ubuntu

On Thu, 16 Feb 2012 08:33:50 +0100, Bjoern Boschman <bjoern@boschman.de> wrote:
> On 16.02.2012 00:57, Henrik Ingo wrote:
> > Percona Server is like MariaDB in that both of them are compatible
> > with MySQL and you could do a plug-and-play replacement. Percona
> > Server is much closer to MySQL (which many think is great), shall
> > I say more focused. MariaDB has more deviation in the code base and
> > also adds more stuff like additional storage engines (which many
> > think is great, especially when you want to play with new
> > features).
>
> The additional storage engine also applies to percona :-)

We use the name XtraDB to refer to our modified InnoDB (this avoids
confusion and trademark issues). We don't ship any other engines though,
we simply don't see the demand.

--
Stewart Smith

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 02-17-2012, 05:24 AM
Stewart Smith
 
Default MySQL's future in Debian and Ubuntu

On Thu, 16 Feb 2012 10:55:58 +0200, Walter Heck <walterheck@gmail.com> wrote:
> I think it would be fair to take into account both the things Colin
> and Stewart have said as many of them are correct, but their words
> should also be taken with a grain of salt as they work for the
> companies that would benefit heavily from having 'their' fork be the
> replacement of mysql. That's not to accuse them of anything, just to
> keep in mind when making a decision. The fork that 'wins' this
> decision might well be the more succesful one in the long run simply
> because of being the default mysql version in two of the most widely
> used linux distributions.

Just to be clear: I'm not aiming for Percona Server to become
upstream. The benefit of Percona Server is in having extra performance
and features to better help you diagnose what's going on inside your
server. We intentionally closely track Oracle MySQL releases and don't
deviate hugely.

> Percona server's direction is heavily influenced by the commercial
> value for Percona. They implement new features when customers pay for
> them, and their development seems to be driven by that largely. The
> community benefits from the 'fallout' of those features being released
> as open source. The largest benefit is a release cycle that seems a
> bit more regular then mariadb's.

We do put customer priorities first although we do also do development
for the general good of the wider community - but it's just commercial
sense to prioritise work for paying customers (we like making enough
money to hire new people and pay them well). It's not just fallout
though, it is a pretty core belief of those of us who work here that
free software is the best way to develop software and that every bit of
software we ship is licensed under a free software license.


--
Stewart Smith

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 02-17-2012, 07:53 AM
Björn Boschman
 
Default MySQL's future in Debian and Ubuntu

Hi Alex,

Am 16.02.2012 19:33, schrieb Alex Esterkin:

As an end user, I would most strongly dislike this. You clearly don't
understand how corporate users think and operate, how they work with
open source technologies, and how they plan and evolve their technical
roadmaps.


I think I understand a bit of how corporate users think and operate.

When you are an enterprise user who has subscribed support from MySQL
via Oracle you are enforced to use the Oracle binaries and cannot just
use the distribution supplied binaries at all.
This includes bugfixes and security fixes from your vendor, in this case
Oracle (not Debian or any other distribution).


When you do not have such a subscription you rely on the support from
your distribution. That's the point this whole discussion is about.
Neighter Debian nor Ubuntu can offer reliable bugfixes and security
support. Not because they don't want to. Their hands are bound because
MySQL/Oracle somehow is not willing to provide important information
such as detailed changelogs or security information.


This leads us to the following options:
* Stay with MySQL but no security nor bugfixes
* Search for an alternative which is even 100% compatible with MySQL +
having full community support


From my personal as well as my business perspective I want a system
where I can get bugfixes as well as security fixes. You should consider
those questions in your roadmap as well.



B

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 02-17-2012, 08:41 AM
Henrik Ingo
 
Default MySQL's future in Debian and Ubuntu

2012/2/17 Björn Boschman <bjoern@boschman.de>:
> This leads us to the following options:
> ** Stay with MySQL but no security nor bugfixes
> ** Search for an alternative which is even 100% compatible with MySQL +
> having full community support

For completeness, let me also defend Oracle for a change :-) There's
also the 3rd option:

* Stay with MySQL and blindly apply the updates that Oracle continues
to release as GPL.

The downside - which our Canonical maintainers seem to dislike - is
the "blindly" part. The fixes are GPL, but the bugs are not public, so
we don't know what they fix. Most Linux distributions like to take a
minimalist approach to updates, so they'd like to just fix the most
critical bugs. The information to do that is now hidden.

But to put things in context, in MySQL 5.0 series the situation was
the opposite: The bugs were public but the publicly released and GPL
licensed bug fixes would be up to 6 months delayd in favor of paying
customers getting them instantly. In some ways, the current situation
is still better than back then.

henrik


--
henrik.ingo@avoinelama.fi
+358-40-8211286 skype: henrik.ingo irc: hingo
www.openlife.cc

My LinkedIn profile: http://www.linkedin.com/profile/view?id=9522559

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 02-17-2012, 08:42 AM
Nicholas Bamber
 
Default MySQL's future in Debian and Ubuntu

I really think Alex ahas a point. It does not matter what the technical
arguments are. The techie will not be able to explain them adequately to
the guy making the decisions - who only knows that he is running a MySQL
shop.


Could we adopt the following scheme:

mysql-X depends on mysql-X-5.1 | mariadb-X-5.1 (in unstable) and
mysql-X-5.5 | mariadb-X-5.5 (in experimental)

Having the mariadb-* packages managed by the same team as the mysql-*
team should enable leveaging of effort.

This would keep the corporate guys happy and support for my the oracle
based mysql could be dropped if it became clear that it was no longer
required.

On 17/02/12 08:53, Björn Boschman wrote:
> Hi Alex,
>
> Am 16.02.2012 19:33, schrieb Alex Esterkin:
>> As an end user, I would most strongly dislike this. You clearly don't
>> understand how corporate users think and operate, how they work with
>> open source technologies, and how they plan and evolve their technical
>> roadmaps.
>
> I think I understand a bit of how corporate users think and operate.
>
> When you are an enterprise user who has subscribed support from MySQL
> via Oracle you are enforced to use the Oracle binaries and cannot just
> use the distribution supplied binaries at all.
> This includes bugfixes and security fixes from your vendor, in this case
> Oracle (not Debian or any other distribution).
>
> When you do not have such a subscription you rely on the support from
> your distribution. That's the point this whole discussion is about.
> Neighter Debian nor Ubuntu can offer reliable bugfixes and security
> support. Not because they don't want to. Their hands are bound because
> MySQL/Oracle somehow is not willing to provide important information
> such as detailed changelogs or security information.
>
> This leads us to the following options:
> * Stay with MySQL but no security nor bugfixes
> * Search for an alternative which is even 100% compatible with MySQL +
> having full community support
>
> From my personal as well as my business perspective I want a system
> where I can get bugfixes as well as security fixes. You should consider
> those questions in your roadmap as well.
>
>
> B
>
> _______________________________________________
> pkg-mysql-maint mailing list
> pkg-mysql-maint@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint


--
Nicholas Bamber | http://www.periapt.co.uk/
PGP key 3BFFE73C from pgp.mit.edu

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 02-17-2012, 10:24 AM
Michael Widenius
 
Default MySQL's future in Debian and Ubuntu

Hi!

>>>>> "Henrik" == Henrik Ingo <henrik.ingo@avoinelama.fi> writes:

Henrik> On Thu, Feb 16, 2012 at 10:55 AM, Walter Heck <walterheck@gmail.com> wrote:
>> As for MariaDB, I like their much more community driven development
>> that seems less commercially driven,
Henrik> ...
>> At this point I think MariaDB would probably be a better match for
>> being in the main ubuntu/debian distro's as their whole ecosystem
>> seems to match better.

Henrik> Nuances, but I always like to separate the following:

Henrik> I wouldn't say that MariaDB is any more a community fork than Percona
Henrik> is. MariaDB is 100% controlled by Monty and his company, just like
Henrik> Percona Server is controlled and developed by Percona. Both companies
Henrik> are community friendly and open source minded. However, MariaDB has a
Henrik> strategy of being very inclusive while Percona has a strategy of not
Henrik> deviating too much from "upstream" MySQL. This is great, because
Henrik> including things like more storage engines in MariaDB exposes them to
Henrik> more users - so MariaDB does a great service to those engines in the
Henrik> MySQL ecosystem.

MariaDB is not controlled by me or Monty Program Ab. Anyone outside of
Monty Program Ab can get commits rights to MariaDB and there is
people outside of the company that has commit rights and has done
commits. MariaDB is in this regard driven as most other open source
projects.

What it's true is that Monty Program Ab takes responsibility to
support a version for 5 years after it been declared stable and will
fix any security issues that is reported (even if there is no paying
customers for it). This is however not the same thing as having 100%
control of it.

<cut>

Henrik> Otoh even MariaDB is not - unfortunately - even close at capturing the
Henrik> wholeness of what is out there in the MySQL ecosystem. I've already
Henrik> mentioned major things like MySQL 5.5 or Galera, otoh there are lots
Henrik> of smaller patches too like those from Anders Karlsson or TaoBao. So
Henrik> like I said, it is unfortunate we don't have a distribution that would
Henrik> really cover the whole community.

We are talking with Galera of adding it to MariaDB 5.5. You know very
well about this as you where present when this was discussed only 2
weeks ago. The main reason we haven't done it yet is that we want to
make the changes to the upper level less intrusive to make the code
it easier to manage long term and we are working with Galera to get
these changes done.

Henrik> Hence it is a bit of a paradox really: In theory MariaDB should
Henrik> satisfy more users, since it tries to include more features. In
Henrik> practice however I've repeatedly found that Percona has been (much)
Henrik> faster to include stuff that really matters, like MySQL 5.5,
Henrik> HandlerSocket and Galera. (HandlerSocket is also in the MariaDB 5.3
Henrik> Release Candidate now.)

How about microseconds, MyISAM new key cache, group commit, optimizer
enchancements, dynamic columns, thread pool etc. MariaDB 5.3 and 5.5
has a LOT of critical features that Percona will never implement.

Handler socket was added in MariaDB about the same time Percona added
it, no big difference there.

Regards,
Monty

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 02-17-2012, 03:39 PM
Clint Byrum
 
Default MySQL's future in Debian and Ubuntu

Excerpts from Clint Byrum's message of Tue Feb 07 01:50:18 -0800 2012:
> Many of us in the Free and Open Source software community have seen a
> trend regarding Oracle's stewardship of Open source software that it
> inherited when it purchased Sun. In particular there were two fairly
> large public project blow ups that resulted in OpenOffice splintering,
> and the Hudson community (almost?) completely moving to an independent
> fork called Jenkins.
>
> It has been brought to my attention that MySQL may have gone this way
> as well, but in a much more subtle way. This started about a year ago,
> and has only recently really become obvious.
>
> A few notable fellows from the MySQL ecosystem have commented:
>
> Mark Callaghan
> http://mysqlha.blogspot.com/2011/02/where-have-bugs-gone.html
> (read the comments on this one, very informative, and most of the
> commenters are extremely important non-Oracle members of the MySQL
> community)
>
> http://mysqlha.blogspot.com/2011/11/great-work-bug-12704861-was-fixed.html
>
> Stewart Smith:
> http://www.mysqlperformanceblog.com/2011/11/20/bug12704861/
>
> And the CVE's are extremely vague:
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0119
>
> "Unspecified vulnerability in the MySQL Server component in Oracle MySQL
> 5.1.x and 5.5.x allows remote authenticated users to affect availability
> via unknown vectors"
>
> Links to here:
>
> http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
>
> Which links to here:
>
> http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1390289.1
>
> Which requires an account (which I created). I did try to login but got
> some kind of failure..
>
> "Failure of server APACHE bridge:".
>
> The bzr commits for the latest MySQL releases also reference log bug#'s
> that are thought to belong to the private oracle support system, not
> accessible to non-paying customers.
>
> This is all very troubling, as in a Linux distribution, we must be able
> to support our users and track upstream development.
>
> So what should we, the Debian and Ubuntu MySQL maintainers and users,
> do about this?
>
> Well there is a Jenkins to MySQL's Hudson, a LibreOffice to their
> OpenOffice.
>
> MariaDB 5.3, in release-candidate now, is 100% backward compatible with
> MySQL 5.1. It also includes a few speedups and features that can be found
> in MySQL 5.5 and Percona Server. It is developed 100% in the open, on
> launchpad.net, including a public bug tracker and up to date bzr trees
> of the code.
>
> http://mariadb.org
> https://launchpad.net/maria
>
> I'm writing to the greater Debian and Ubuntu community to ask for your
> thoughts on a proposal to drop MySQL in favor of MariaDB. Its clear to
> me that Oracle is not going to do work in the open, and this will become
> a huge support burden for Linux distributions. The recent CVE's had to
> be hunted down and investigated at great difficulty to several people,
> since the KB articles referenced and the internal Oracle bug numbers
> referenced were not available.
>
> This will only get harder as the community bug tracker gets further out
> of sync with the private one.
>
> There is some need to consider acting quickly:
>
> Ubuntu precise, the next LTS release of Ubuntu will be hitting feature
> freeze on Feb. 16. The release, due in April, will be supported with
> security updates for 5 years. That may be 5 long years of support if
> MySQL continues to obscure things.
>
> Debian wheezy is still quite far off, but it is critical that this be
> done and decided by the time the release freeze begins.
>
> So, here is a suggested plan, given the facts above:
>
> * Upload mariadb 5.3 to Debian experimental, with it providing
> mysql-server, mysql-client, and libmysqlclient-dev.
>
> * For Ubuntu users, upload these packages to a PPA for testing
> applications for compatibility, and rebuild testing.
>
> * If testing goes well, replace mysql-5.5 with mariadb in both Debian
> unstable and Ubuntu precise. If there are reservations about switching
> this late in precise's cycle, ship mysql-5.5 in precise, and push off
> Ubuntu's transition until the next cycle.
>
> Before I strike out on this path alone, which, I understand, may sound
> a bit radical, I want to hear what you all think.
>
> Thank you for your time and consideration.

Thanks everyone for all of the thoughts and the great discussion that
has taken place since my original message.

As a smart person once said, "The plan is nothing, Planning is
everything."

In the course of looking at this from many different angles, I think
I have come to understand the different facets of the problem and the
situation that Debian and Ubuntu are in with regard to MySQL.

To re-cap, the original suggestion was that we might "replace" MySQL with
MariaDB in Debian and Ubuntu. This was somewhat ambiguous, and probably
needed clarification. My intention was to suggest that MariaDB would be
the database that Ubuntu supports, not that MySQL would be removed from
Debian or Ubuntu. If it still meets the requirements for inclusion in
either distribution, it should remain there.

In discussing this with various parties, it has become clear that Oracle
does not intend to change their policy on security updates, and will
continue to keep them hidden. This is unfortunate for the model that
Debian and Ubuntu have traditionally taken for MySQL, which was to just
cherry pick security fixes, and avoid importing all of the incompatible
changes that get introduced on a regular basis.

However, the code is still Free, and the releases are still available to
us with the fixes in them. We are not exposing Debian or Ubuntu users
to any new dangers. For this reason, as a conservative step, it seems
clear that for Precise Pangolin (the upcoming 12.04 release of Ubuntu),
we should continue to release with MySQL 5.5. I do expect that this may
be a somewhat painful decision, as we will be forced to release any bug
fix release from Oracle as a whole update. However, it is less of a risk
than switching out for a totally new code base with more than half of
the release cycle done.

In order to prepare for a potential promotion of MariaDB and/or Percona
Server to Ubuntu main, I am going to work toward getting them both into
the Ubuntu and Debian archives ASAP. Because we are past feature freeze
in Ubuntu, there is no guarantee that they will ship with precise in
universe. I will make sure that they are able to replace the precise
mysql package in such a way where we can put them in to our backports
repository and have them available to precise users for testing.

I think this will give users a "way out" if they do not want to stay
on the track of running the latest patch release of MySQL all of the
time. Of course, users can also just get these packages from Percona or
the MariaDb project directly until this is complete.

For Debian, I think its clear that MySQL should stay in Debian. What
is not clear is how much of my time and other maintainers' time will be
spent on it going forward. I think that is up for individual contributors
to decide. I will continue to spend time to make sure that the Debian
packages stay in sync with whatever goodness we have added to the Ubuntu
packages as time permits.

Long term, we need to have a frank and open discussion about how important
it is to us, and our users, that we cherry pick fixes rather than ship
upstream releases. I'd like to invite everyone who is interested in
solving this in Ubuntu and Debian to join us at the next Ubuntu Developer
Summit in Oakland, CA, USA, the week of May 7th - May 11th. More details
can be found here:

http://uds.ubuntu.com/

Watch the ubuntu-server mailing list[1] for details on how to join
the discussion.

-Clint

[1] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 

Thread Tools




All times are GMT. The time now is 10:17 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org