enterprise license

[alexskysilk]

Despite the known issues, it seems they’ve migrated the problematic module to the non-subscription version and are conducting thorough testing.

If none of that were the case, the answer to the questioner should be “It’s safe.”

Isn’t the OP looking for information about cases like this? That’s simply why the conclusion is “It’s not safe.”

I think we're actually on the same page- its the meaning we take from it that is different.

"safety" in this context is the continued uninterrupted delivery of service. the SAFEST thing to do in production is LEAVE A WORKING ENVIRONMENT ALONE. This is impractical for many reasons in a PVE environment- CVEs, corrected edge cases, etc, are continuously identified and mitigated, so the operating philosophy "for real" revolves around how to modify the stack in a way least likely (or better yet, guaranteed) not to interfere with service delivery.

Deploying a more "mature" repo is a first backstop but dont think for a second that faults the kind you were specifically pointing to dont make it into the "Enterprise repo" too. if no one tried to do the precise use case you did (I would never have, it doesnt solve a problem that I have) OR simply reverted instead of reporting it as a bug it would have survived the nosub repo. As the responsible party to providing service, its incumbent on the admin team to STAGE an upgrade before deploying it to production regardless of how "stable" the repo they are using. As long as you do that consistently, you can use even the testing repo safely- not that its a good idea to but you get my point. SAFETY is in having proper deployment procedures FAR MORE then repo dependency.

Even with the specific example cited, the dev team was aware and provided workarounds. you just have to be prepared to follow through with the solution before impacting your production.

 

[uzumo]

I think we're actually on the same page- its the meaning we take from it that is different.

That's right.

SAFETY is in having proper deployment procedures FAR MORE then repo dependency.

I don't apply updates directly to production environments myself, but since I'm in charge of non-PVE maintenance, most people who contact me about issues in my area just go ahead and apply the updates as is. And surprisingly, there are no test machines available (like on Windows, for example).

However, the company does not want to purchase the enterprise license, and another technician wants to perform Proxmox updates using the no-subscription repository instead.
I recommended buying the official license, but there is always someone who wants to go against that recommendation.

Do people who are reluctant to even buy an affordable subscription actually own a machine for testing in the first place?

If anything, I think it’s precisely in such environments that they should use a subscription service to access a more stable repository.

Most people will probably just update via the UI whenever a vulnerability is found or on a regular basis. If a problem arises, they’ll simply post on the forum or contact support. Most people—myself included—probably wouldn’t even be able to identify the root cause of the problem.

 

[jabuzzard]

I'm curious. is there a statute you can point me to? I'm not UK based but do support clients internationally; this would be of specific interest.

If my brother, who is a judge (and before that a professor at the University of Law, and before that a practising solicitor), tells me that's legal nonsense and it's a license, I am not going to start asking for specifics. Besides, I doubt it's actually a written statute. Things like this are built on hundreds of years of legal precedent rather than specific written documents. The UK famously doesn't have a written constitution. Remember, the legal system in England dates back to Henry II in the 12th Century, and it's still going uninterrupted. Similarly, in Scotland, it dates from the reign of David I, again in the 12th century. It is all hundreds of years older than most countries. People forget just how old things can be in Europe.

 

[gasherbrum]

the amount of circlejerking about what is law and what is not in a non-eu country is astronomical, the EU/rpxomox im sure will tell you to get bent if you try and make a legal case outside of their jurisdiction about licensing

 

[jabuzzard]

the amount of circlejerking about what is law and what is not in a non-eu country is astronomical, the EU/rpxomox im sure will tell you to get bent if you try and make a legal case outside of their jurisdiction about licensing

I actually think you will find it is almost certainly legally a license in almost all legal jurisdictions. Proxmox are trying to draw a distinction for non lawyers between the source code licensing and the license that governs access to the enterprise repository. Legally in the UK at least these are both licenses, and people in this forum need to get over it and stop pouncing on people for using legally correct language. Noting if it is not a license then Proxmox cannot enforce anything in the UK to do with their subscription as there would be no legal basis for doing so. It does not matter that Proxmox are in the EU and the UK no longer is, there would be no legal mechanism outwith a license to restrict me for example from publishing a list of the package versions in the Enterprise repo on a webpage for others to use.

I would note I see companies advertising in the UK saying things like get XXX (where XXX is a subscription to something) with no contract on the notion you can just cancel after a month rather than being tied in for a year etc. As my brother has pointed out that is legally impossible, you pay for XXX even if you can cancel after a month there is a contract.

 

[leesteken]

I always assumed that you could get support from any other company but the enterprise repository access does indeed look a lot like a license (regardless of location).
Maybe one could keep the packages from the ISO releases (which is a public list of all package versions) and have a third-party support provider tell you what packages to update from no-subscription for security fixes (until the next ISO release) . But that support provider would probably violate the contract with Proxmox that they need for the list of package versions from the enterprise repository.
Anyway, I do feel like Proxmox software should be paid for even if, or especially because, they made it open source, when it is used by companies that make money by using it. I did not realize before how this is connected to (the convenience / peace of mind of / legal cover my ass with) access to the enterprise repository (as I don't use it that often).