The whole OpenVMS installation and configuration scheme is baroque, so
I guess it makes sense to somebody. it's a complete pile of dreck, so
I guess it's "great!" or "secure!" or "atomic awesome sauce!" or some
such. It's a particularly hideous approach to test all the
permutations, so it must be "wonderful!" There's certainly no reason
to just install a server platform that has server features, even if all
of those are shut down by default, because that would make things far
more straightforward. And as for auditing, that's something which
OpenVMS had as an add-on decades ago but that ended up vaporized in the
mists of time and so there's no way to tell what's actually part of the
installation and what's been added, because OpenVMS needs to be
"hairier" because it's the platform for "real developers" or some such.
But seriously, dragging the whole platform back to something as utterly
antique as optical disks? Or continuing with and adding to what is
already massive complexity and to the zillions of is-this-installed and
we-need-that-go-set-some-parameter and
edit-those-configuration-files-to-start-these-dozen-products-and-which-are-part-of-other-server-platform-base-distros-and-remember-to-start-them-in-that-specific-order
is even a remotely sane thing to do? Load it all, configure it all,
set up a sane way that the services are started, and provide a way to
verify what's installed is as expected, except for {list of files}.
And we have this little thing called "the internet", and for all dozen
of you that cannot "internet" there's this odd little thingie called a
USB flash drive. Don't expect and don't require optical media.
Anybody that's auditing is going to run a port scan on the box, and
they're also going to want to audit what's installed, so... make that
all easier.
In the best-possible world, the whole need for
SYSTARTUP_VMS.COM and
SYLOGICALS.COM can go away for most folks, too. Automatic direct kit
access at VSI servers, too, and not involving manual notifications and
manually downloading kits unless that's specifically locally requested
and expected. Reinstallations get a whole lot easier, as we have
server settings files we can re-load and can transfer as needed.
Basically, we get out of writing our system configuration as code, and
start writing our system configuration as, for instance, YAML.
Detection of changes due to mistakes and corruptions and malicious
activity gets easier, too. We get... well... server profile files.
Why? I've spent way too much time trying to make add-on installation
procedures and product documentation and product startups semi-sane,
with testing all of the cases when
this-and-that-but-not-that-other-dependency is present, and this
current situation is utterly screaming bonkers, and it's only getting
worse. KILL IT WITH FIRE.
Encourage the behaviors that are best for the longer-term future of the
platform and best for most of the users (even if some of those same
users will grumble for now), and discourage the more problematic
behaviors and requirements. USB and network installs are the path
forward, not optical media. Reduce the complexity. Reduce the
configuration requirements. Simplify. Make the installations easier.
Make the kitting easier. Make the dependency checks easier. Make
integrity verification part of the environment, and maybe make large
hunks of OpenVMS immutable by most users. Make updates easier.
Don't add to the complexity. Don't add to the testing. Don't assume
servers have optical or Blu-ray. Don't add to the organizational and
the purchasing and pricing efforts, for that matter.
--
Pure Personal Opinion | HoffmanLabs LLC