“Sometimes I wonder about the complexifying instinct,” says Brent Simmons over at inessential.com.
Yeah, sometimes I wonder about that myself.
Two of my coworkers just dreamt up this complex user management scheme, complete with scripts and whatnot. Things automatically add people to other things, another script removes people, and my prediction is that sometime down the road one of the scripts will go nuts and delete everybody.
“What’s wrong with the current system?” I asked.
“What current system? We don’t have one.”
“Sure we do. We have a tool to run ad-hoc commands on all the boxes. When someone leaves you tell us and we do a userdel on that username. When someone new shows up you tell us and we do a useradd for them.”
“Well, yeah, but a sysadmin has to spend time doing all that. And you have to find the machines where that user has an account, which takes time.”
“A sysadmin needs to spend the same amount of time writing and maintaining your system, too. I also spend zero time figuring out where the user has an account. I run the command everywhere and if they don’t exist the userdel fails. How will your system know what users belong where?”
“We’ll have a configuration file that says who goes where.”
“Who maintains that?”
“You guys will.”
“How will that save us any time from the way things work now, once we spend six weeks writing the tools?”
People dream up these big, ideal systems where nobody ever has to do any work. Things just happen, they work right, and sysadmins, freed from the burdens of their jobs, sip wine and watch movies all day. In reality, these systems work for an instant before something changes and they break. They need to be maintained, which means you have to assign a staff person to it, preventing them from doing other things. When it comes right down to it, the time and effort that goes into these complex, single-purpose tools would see a much higher return on investment if it went into simple, more generically useful tools.
I have never seen a complex tool that has made my life as a system administrator easier. Now that I think about it, I cannot even think of a single, complex tool that has actually saved me any time. The two most useful tools to me have been the easiest and most simple to implement and maintain: an rsync server on a central management server so I can easily pull files to servers, and a script to run ad-hoc commands on groups of servers via ssh.
Fewer tools isn’t doesn’t mean living in the dark ages. Considering how complex things are in IT, fewer, more simple, easy-to-maintain-and-understand tools demonstrates enlightenment.