Or your ally in the fight against technology management. Earlier this week I
was given the task of doing some naming for new servers, which is pretty much SOP.
Problem is, we don’t have a naming standard. As such, I may choose a name that
annoys someone, or they choose a name that annoys me. This becomes very political.
We don’t want to name things in such a way that they annoy people. It’s a bad
idea. And, much to my dismay, I said something this morning that was pretty
much just insulting to one of my team members.
I could have given loads of excuses, but it wouldn’t have mattered. I was being
petty. Man, that’s a bad idea in an office. It divides teams, and man,
that’s *really* bad in an office. The reason it came about was because a few
people were talking about moving into “fun” server names, as apposed to functional
server names. Examples of this would be Cygnus or Badger, as apposed to GR-SQLCluster1.
The reasons behind it being:
-
It’s more secure if the attacker doesn’t know what the server does, based
on it’s name
-
Server roles change over time, so GR-SQLCluster1 might become relegated to an apps
server
-
Sections of functional names become redundant
-
Organize names by type; i.e. birds, galaxies, different words for snow, etc
At first glance, they make great sense. However, after a little time to digest
the reasons, a few things become clear.
-
If an attacker is able to get to the server, to the point that they can know the name,
you are already screwed
-
A good practice is to rebuild the server if it changes roles, and with that change
the name
-
People don’t want to connect to the Badger Server
-
You need a reference list to figure out what the Cygnus server does/where the Cygnus
server physically is
-
If you want to create DNS entries to provide functional names to it, that’s another
level of complexity to manage
-
What happens when you run out of server names?
Given this list, it now becomes an interesting debate. But I have one question
for you:
As a developer, would you name a variable ‘badger’ if it was holding a shopping cart?
Not a chance. You would only do that if it were badger related, and even then
you are better off with ‘meanLittleWoodlandCreature’ in case you change something.
In my response I called the security reason laughable. Again – petty and a really,
really, really bad idea when in a team discussion. Obviously I was
in a pissy mood for some reason, or maybe a greater than thou mood thinking
I knew more about the topic. I tend to do that.
I think what really made me do it was that we are developers, not administrators.
It’s not our job to name servers. So why were we? I didn’t want to piss
anyone off, I just wanted to name the server so we could move on to the next stage
of the deployment. This situation could have easily been averted.
If we had a naming convention for our servers, regardless of fun vs functional, I
could have followed the convention and washed my hands of the problem. So I
guess the question is, why don’t we have one? Lot’s of companies don’t have
them. And I think it’s because of stagnant server growth.
If you are only setting up a couple servers every so often, you aren’t bogged down
with these types of questions. You have time to discuss. The problem we
are having, I think, is because we have increased our server growth dramatically in
the last little while, which hasn’t given us enough time to discuss names as a group.
I was rushing to get the server into production because the administrators were busy
working on other tasks that were filed under the category “Do Now Or ELSE!”
So I think we need a naming convention. A functional naming convention.
It will prevent a world of hurt down the road. Now to get buy in, and ask for
forgiveness. I still have lots to learn.