disclaimer: I’ve never worked in a software auditing department or on in a company with one
What about risk-averse organizations with strict policy compliance guidelines? Can we expect them to audit a new distribution of Openstack every 6 months? Some sort of community-supported LTS system would at least give these consulting firms a base on which to build such a compliant Openstack distribution for industry X. If we’re only talking about patches to support minor updates to system packages what’s the cost to the community? I’m not against Tom’s idea and would be satisfied with it but it would be better, I think, to at least give the community an option of a solid base on which to build a compliant Openstack distribution that isn’t going to move out from underneath them in six months. Unless of course that should be the job of some distribution maintainer… in which case how to we work with them? > On Nov 9, 2015, at 10:50 AM, Tom Cameron <tom.came...@rackspace.com> wrote: > > On a personal level, supporting the same release of an open source project > for 5 years is something you should pay for...dearly. If operators have > customers that are pinned to Juno for some reason I couldn't imagine right > now, and they're willing to pay us to support it, then great! > > > But I think we need to very tightly scope what support means- Absolutely no > back or forward porting. The features you have now are frozen in time. Also, > they need to be tightly pinned to the OS distro repo versions of packages so > we don't have to care about fixing critical vulns in stuff we don't maintain > and can't control. This basically means they'll be paying us to make sure > they can upgrade distro packages for security reasons and that OpenStack will > keep functioning, and to file & patch upstream OpenStack bugs. > > > Effectively this means they're settling for less value for their money if > they remain on Juno for the full 5 years, whereas customers using newer > versions of operators' OpenStack offerings will be getting new development > and features for the same support dollars (which is a good way to market new > versions to them, BTW). > > > My $0.02 > > > > -- > Tom Cameron > > _______________________________________________ > OpenStack-operators mailing list > OpenStack-operators@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
