next up previous contents index
Next: 7.1.4 All instances of Up: 7.1 Rules of thumb Previous: 7.1.2 You have copies   Contents   Index

7.1.3 Updates are always done atomically.

Murphy, is alive and well. His law pervades our industry. Do you really want to risk the welfare of your live site on the hope that your net connection won't go out, that your ethernet cable won't get yanked, or that your favorite deity won't choose today to screw with you in some other way while you're trying to update the site? I don't either. Along the same lines you don't want a user hitting your site while you're in the middle of an update and thus getting some Frankenstinian combination of new and old code.

Upload the new version of the site to a temp directory on the production box. If you can run a test suite against this temp version without negatively affecting the live version do so. If the upload worked and your tests passed you have two options:

  1. Rename the temp dir to something final and repoint the server at it. This will probably result in the least downtime. Just make sure none of your users will end up in a halfway state or that part of their session will be tied to the old install, or anything like that.
  2. Down your site and put up a maintenance notice. Hopefully you're only doing this during a scheduled downtime that you've let your users know about in advance, but we all know that's not always the case. Move the old app to a backup location, move in the new version and take down the notice.
If you have to perform any updates to the database, or anything else that would potentially leave the site in an funky trasitional state, you don't really have a choice about putting up a maintenance notice during that time.

The only real exception being when the update is just a matter of replacing one or two files that you know for a fact won't have any ripple effects, like a CSS file and can be moved in without having to down the site, but you should still be sure to upload to a temp directory first and then move it into the live site (after backing up the old one) because imagine how bad it would be if the main CSS file for your site got truncated by a bad connection mid-upload.

next up previous contents index
Next: 7.1.4 All instances of Up: 7.1 Rules of thumb Previous: 7.1.2 You have copies   Contents   Index
K. Rhodes 2007-05-18