This post originated from an RSS feed registered with .NET Buzz
by Randy Holloway.
Original Post: More on SQL Server Auto-Updates
Feed Title: Randy Holloway's Weblog
Feed URL: /msdnerror.htm?aspxerrorpath=/rholloway/rss.aspx
Feed Description: Commentary on Yukon, the CLR, and related technologies interspersed with personal opinion.
Frans and Paschal don't like the idea of auto-updates, and both raise legitimate concerns about the idea. Robert and I both like this idea. Discussion has ensued, and it has helped me to develop my thoughts on this subject. Let me explain a little bit more about why I like the idea of auto-updates, and how I'd like to see this implemented.
First, I agree that it is not feasible in all cases for the SQL box to connect directly to the outside and pull the updates. In situations where this wouldn't work, why not have an "agent" function that can be installed on another server, perhaps located in a DMZ, that could automatically retrieve the updates. Then at your administrator's discretion you can set up a secure conduit between your update server and the database server. Also, this feature needs to be implemented as a change management system where the updates are automatically available. Under no circumstances should you be forced to install the updates. At least not yet. We need to establish that the quality of these updates is sufficient to warrant further automation. For now, let's make sure that by default everyone has the updates and that your administrators get "bugged" by the software to install them. That would let Microsoft help you to be aware of the potential issues that may arise from not updating your servers in a timely fashion, without having an undue influence on your production environment.
Over time, I could see licensing evolving in such a way that you could not keep a system up and running that wasn't properly secured or updated. Perhaps the automation would be in place so that you would have no choice (I know this is the idea that people strongly resist, and understandably so). This kind of scenario might be appropriate in a subscription based licensing model, and that's where we're heading based on the current trends in the industry. For now, let's try to get the software distribution functions automated and let's give people a useful change management system to help them keep their environment secure. I think this concept, if implemented correctly, would greatly enhance the perception of Microsoft's committment to security and reliability in their software.