[debian-mysql] MySQL's future in Debian and Ubuntu

Aaron Kincer kincera at gmail.com
Tue Feb 21 18:47:40 UTC 2012


Most enterprise users I've seen usually standardize on commercially
supported databases (whether open source or not). If they are actually
using a non-supported version of open source software, they're rolling
their own if they are worried about version changes or distro supplied
patches mucking things up. Otherwise, they just roll with the
patches/version changes after putting them through the paces of their
dev/test machines.

Unless I'm mistaken, LTS releases have 3 years of support beyond the next
LTS release date. Given this, you have three years to do compatibility
testing with your apps against whatever default DB is shipping in the next
release and/or develop an alternate plan. You're going to have to do this
testing anyway. If it takes more than three years to figure out what you
need to do, you're doing it wrong.

Given that the options being discussed are free for download and in the
case of MariaDB, you can do a drop in replacement on an existing 10.04
MySQL box so you can start testing now on your dev/test boxes/VMs.

On Thu, Feb 16, 2012 at 1:33 PM, Alex Esterkin <aesterkin at gmail.com> wrote:

> As an end user, I would most strongly dislike this.  You clearly don't
> understand how corporate users think and operate, how they work with open
> source technologies, and how they plan and evolve their technical
> roadmaps.
>
> Last year Ubuntu inflicted enough damage on itself by messing up with UI
> and display management.  Replacing OpenOffice with LibreOffice was not a
> success story either.
>
> A year ago I had plans to migrate my remaining CentOS and Debian servers
> and test environments to Ubuntu and I recommended using Ubuntu for a couple
> of server appliance products we had in the works.  These plans were
> revisited and revised in the fall, based on revised Linux distro release
> and roadmap assessment.
>
> As far as MySQL is concerned, I don't care at this point what your Ubuntu
> server distro plans are, as I have already migrated away from Ubuntu.
>
> However, if the discussion about replacing MySQL also spreads into the
> Fedora Project and CentOS communities, that would give me a very good
> reason for migrating/porting MySQL apps and products to Postgres.
>
> Regards,
>
> Alex Esterkin,
>     Former Chief Architect, Infobright
>
> On Tue, Feb 7, 2012 at 04:37, Clint Byrum <clint at ubuntu.com> wrote:
>
>> Many of us in the Free and Open Source software community have seen a
>> trend regarding Oracle's stewardship of Open source software that it
>> inherited when it purchased Sun. In particular there were two fairly
>> large public project blow ups that resulted in OpenOffice splintering,
>> and the Hudson community (almost?) completely moving to an independent
>> fork called Jenkins.
>>
>> It has been brought to my attention that MySQL may have gone this way
>> as well, but in a much more subtle way. This started about a year ago,
>> and has only recently really become obvious.
>>
>> A few notable fellows from the MySQL ecosystem have commented:
>>
>> Mark Callaghan
>> http://mysqlha.blogspot.com/2011/02/where-have-bugs-gone.html
>> (read the comments on this one, very informative, and most of the
>> commenters are extremely important non-Oracle members of the MySQL
>> community)
>>
>> http://mysqlha.blogspot.com/2011/11/great-work-bug-12704861-was-fixed.html
>>
>> Stewart Smith:
>> http://www.mysqlperformanceblog.com/2011/11/20/bug12704861/
>>
>> And the CVE's are extremely vague:
>>
>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0119
>>
>> "Unspecified vulnerability in the MySQL Server component in Oracle MySQL
>> 5.1.x and 5.5.x allows remote authenticated users to affect availability
>> via unknown vectors"
>>
>> Links to here:
>>
>> http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
>>
>> Which links to here:
>>
>> http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1390289.1
>>
>> Which requires an account (which I created). I did try to login but got
>> some kind of failure..
>>
>> "Failure of server APACHE bridge:".
>>
>> The bzr commits for the latest MySQL releases also reference log bug#'s
>> that are thought to belong to the private oracle support system, not
>> accessible to non-paying customers.
>>
>> This is all very troubling, as in a Linux distribution, we must be able
>> to support our users and track upstream development.
>>
>> So what should we, the Debian and Ubuntu MySQL maintainers and users,
>> do about this?
>>
>> Well there is a Jenkins to MySQL's Hudson, a LibreOffice to their
>> OpenOffice.
>>
>> MariaDB 5.3, in release-candidate now, is 100% backward compatible with
>> MySQL 5.1. It also includes a few speedups and features that can be found
>> in MySQL 5.5 and Percona Server. It is developed 100% in the open, on
>> launchpad.net, including a public bug tracker and up to date bzr trees
>> of the code.
>>
>> http://mariadb.org
>> https://launchpad.net/maria
>>
>> I'm writing to the greater Debian and Ubuntu community to ask for your
>> thoughts on a proposal to drop MySQL in favor of MariaDB. Its clear to
>> me that Oracle is not going to do work in the open, and this will become
>> a huge support burden for Linux distributions. The recent CVE's had to
>> be hunted down and investigated at great difficulty to several people,
>> since the KB articles referenced and the internal Oracle bug numbers
>> referenced were not available.
>>
>> This will only get harder as the community bug tracker gets further out
>> of sync with the private one.
>>
>> There is some need to consider acting quickly:
>>
>> Ubuntu precise, the next LTS release of Ubuntu will be hitting feature
>> freeze on Feb. 16. The release, due in April, will be supported with
>> security updates for 5 years. That may be 5 long years of support if
>> MySQL continues to obscure things.
>>
>> Debian wheezy is still quite far off, but it is critical that this be
>> done and decided by the time the release freeze begins.
>>
>> So, here is a suggested plan, given the facts above:
>>
>> * Upload mariadb 5.3 to Debian experimental, with it providing
>> mysql-server, mysql-client, and libmysqlclient-dev.
>>
>> * For Ubuntu users, upload these packages to a PPA for testing
>> applications for compatibility, and rebuild testing.
>>
>> * If testing goes well, replace mysql-5.5 with mariadb in both Debian
>> unstable and Ubuntu precise. If there are reservations about switching
>> this late in precise's cycle, ship mysql-5.5 in precise, and push off
>> Ubuntu's transition until the next cycle.
>>
>> Before I strike out on this path alone, which, I understand, may sound
>> a bit radical, I want to hear what you all think.
>>
>> Thank you for your time and consideration.
>>
>> --
>> Clint Byrum <clint at ubuntu.com>
>> Ubuntu Server Team
>> Debian MySQL Packaging Team
>>
>
>
> --
> ubuntu-server mailing list
> ubuntu-server at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
> More info: https://wiki.ubuntu.com/ServerTeam
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20120221/ac8c102b/attachment.html>


More information about the pkg-mysql-maint mailing list