A quick glance around an IT infrastructure of any size will reveal a rich mosaic of hardware and software management tools in use. They might be as simple as a Telnet UI into an older Ethernet switch or as sophisticated as a whiz-bang GUI to a virtualization framework. We use a wide variety of different tools to manage everything within our purview.
Unfortunately, many of these front ends, due to fateful choices by their makers, are starting to cause big problems, and those problems may be with us well into the future. The fundamental mistake these vendors made was building critical management clients on platforms, namely Flash and Java, that may have seemed stable at the time but have ultimately fallen by the wayside. The upshot is that unless you start stocking up on clones of older operating systems and software, some of your critical infrastructure components will become unmanageable.
First, it was Flash. As browsers (and consumers) have tired of the Flash treadmill of security flaws and upgrades, Flash has been increasingly deprecated. Some browsers now simply refuse to load Flash content without going through several annoying steps. Apple’s Safari, for instance, basically prompts you to disable Flash and forget about it, adding that “most modern websites will work without Flash,” which isn’t true at all. Of course, it’s definitely not true for the various IT infrastructure tools that are built completely in Flash, such as VMware’s Web UI. Many other tools may not be completely Flash-based, but incorporate Flash elements heavily in their Web-based user interfaces. Without complete rewrites, those interfaces will stop working on modern operating systems and browsers sooner than you might think.
And last week, the death knell officially sounded for the Java browser plug-in. Recognizing that all browser plug-ins are on their way out, Oracle has finally cut bait. Eventually, this means we’ll no longer be exposed to various browser-based Java vulnerabilities. Of course, it also means we’ll need to keep older versions of browsers and plug-ins around to access the myriad Java-based management applets and tools that are all over the IT world.
The fact of the matter is that losing Flash and Java plug-ins isn’t a bad thing -- in fact, it’s very good news. They’re old, unnecessary, and insecure platforms that truly don’t belong in the Internet of 2016. There are better ways to do it now, and while we should try to accommodate a transition to different frameworks, we have to rip off the Band-Aid at some point. It might as well be sooner than later.
Frankly, one could argue that these platforms should never have been used for critical management applications in the first place. I have some not-so-old infrastructure hardware in my lab, with a Web UI that’s already complaining about browser incompatibilities. Fortunately, most of these systems have a CLI as well. Over the next few years, we will either see vendors forced to rewrite management UIs from the ground up or abandon support of significant numbers of perfectly usable products because the management interfaces are no longer reachable. That sexy Flash UI might not seem too sexy anymore.
Even worse are the in-house systems developed on these platforms. Companies that have custom-built software running manufacturing and production lines or that are managing extremely expensive bespoke hardware will be faced with a difficult choice. They will either require their customers to run and maintain 2008-era Windows XP systems with the last compatible Flash or Java toolset, or they will have to undertake a major software rewrite project that could potentially deal a significant blow to the bottom line.
Meanwhile, command-line interfaces from decades ago work as well now as they ever did. Perhaps there’s a lesson to be learned.
As for the GUI pickle, there’s nothing to do but prepare for it. Make master VM templates of management systems now that you can use for as long as possible. Begin contacting your major vendors and discuss their road map to get out from under their Flash or Java plug-in interfaces. Bite your tongue and budget to replace hardware and software well before its time. Start looking at your own code and begin planning for a way out yourself. This won't be optional. You can either tow a growing ball and chain of legacy dependencies behind you until you can’t move further, or you can start whittling away at the links in that chain now.
Sadly, not doing anything will be the decision of an unsettling number of companies. This is why DOS systems still live on in data centers and why 30-year-old Amigas still run HVAC for entire school systems. It’s pretty horrifying.
This problem isn’t going away. It won't improve. It's better to get out in front of it while there’s still time. Try to choose a platform that will not hit a similar dead end in a decade or less. Good luck.