| Sam Gleske on 25 Jan 2012 15:26:56 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] dev vs production environments |
Hey JP, It depends on what type of data you're handling and types of applications/services your company is deploying. For the remainder of my response I'll assume you and your devs are not trying to run a blog about cheese sandwiches. At Drexel we follow PCI security standards and having separate test and production environments is outlined as part of the standards. http://whatispcicompliance.org/pci_audit.html There are legal advantages to forming a separate production vs. test environments. Should a machine be compromised and a lawsuit is a result from that compromise then the outcome of that suit can be very different depending if your devs and testers are using real customer data or fake test data. I found an article which explains better than I could about that. http://career-resources.dice.com/job-technology/dangers_testing_real_data.shtml Your devs, testers, and corporate managers need to understand this basic concept: hardware is cheap and data is expensive. Actually mainly the people who make decisions about money and purchasing need to understand that concept the most. Luckily, my boss and the bosses above him understand that. At Drexel we have more than 200 production servers which are running in VMs. For every production server there is a test equivalent. Even if the machine is as simple as a proxypassing gateway which insulates the service while still providing it, it still has a prod/test mirror. Whether it be Linux, Windows, Solaris, .... whatever. So I would try to convince the devs and management to stop flying by the seat of their pants and try to understand that by spending money up front on "best practices" could save them millions of dollars in the long run. Let's try to come up with a list of good points to pitch. * Lost customers from application downtime because the environments between test and production were different and not properly accounted. * Lost customers from poor application reliability since the application could work different in test than prod if they're not closely similar. * Possibly costing the company millions of dollars for losing a law suit on something which is easily followed. Another idea which you could suggest for test environments is the following: * Having separate FQDNs for test and prod such as *.test.company.com and *.prod.company.com * In the case of VMs, create only the test environment first. Then when that environment and app are stable (pointing to test databases and what not) create a copy of the test environment (changing the MAC, computer name, etc.) and make that copy the production environment. This means you would point that new environment at prod databases instead of test databases. That's about all I can think of for now, SAM ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug