Nearly 20% of running Microsoft SQL Servers have passed end of support

Old software runs until it hits a brick wall or starts to behave like /dev/null or /dev/zero. The problem is often not one piece that falls apart. A newer DB may not function with the old software. The old software relies on option/feature/bug XYZ that is no longer present on a "modern" supporting system (DB or OS). The old software cannot be rebuild on "new" systems without a significant porting effort (remember 8bit -> 16bit -> 32bit -> 64bit). And lots more.

The non-upgrade-cycle is a both (short sighted) cost-cutting exercise and a quest for stability. The one-time investment is made into a long term non-investment. This usually continues until a catastrophic failure is eminent or happens. However, the recurring costs of (unwanted) updates and upgrades are excessive too. It is a milking cow for many software houses. A proper middle ground has not yet been found.

And with smaller systems - how many of them are MS SQL instances they don't even really know about?

I have one client with a really old MS SQL install.. of MS SQL Express, running their door entry system. They didn't even know they had anything with MS SQL till they started to use my company for support, and we know the door system. The installer of the door entry hardware just installed their software on the finance director's PC, MS SQL and all.

I wonder how many of these out of support sql server are also running out out of support operating systems.

I know I have a couple of sql 2000 instances (still running on windows 2000), they run a pair of industrial machines where the manufacturer vanished years ago and nobody else has produced a better machine, the machines just keep going and seem to never need anything more than new sets of bearings (I suspect the original manufacturer just didn't get the expected repeat custom because the machines just never die) multiple attempts to drag the software onto something more modern have all failed.

our solution was to virtualise the machines (they both now run on a single intel nuc clone) and severely limit what can communicate with them (3 computers out of around 100 and the 2 industrial machines), and just in case the worst happens the nuc has an image taken nightly (retained for 1 month) and the image taken on the 1st of each month is retained for a year.

We reckon that the industrial machines will run for another 8-10 years before they fail or are surpassed so I fully expect to be maintaining windows / sql 2000 well into the 2030's as long as virtualisation still supports it (if it doesn't then we'll end up having to virtualise an older virtualisation platform to keep things running)

Microsoft has deliberately made it difficult

MS SQL Server is quite tightly coupled with the server OS. This is something that you normally try and avoid because it means you often can't update one without updating the other, which takes more time and carries a greater risk. And then there's the cost: I don't see anything about licences getting cheaper with each new release and each SQL Server wants to run on its own Windows Server, both of which want GB just to boot.

However, if you can set things up that none of the systems is diretly connected to the network, then why shouldn't you run it for as long as possible? Migrating to new versions without changing the code is unlikely to bring any performance improvements.

It's not always possible, but I always ask our IT guys if the "application" also runs on Postgres.

So what's on the LAN doesn't stay on the LAN. It phones home. Otherwise how do Lansweeper know?

"We're doing this, we're doing the other, now we're thinking about"

And nobody who is doing all that "thinking" is actually running a company that has customers that need things to work.

One day, companies will understand that they are in charge and that a supplier who changes tune every few years or tries lock-in is not reliable.

Software lasts decades. The only reason there is a push to change is because of made-up marketing or worse, incompetent programming.

And don't talk to me about malware threats. You can patch your fucking code without forcing all your customers to some artificial upgrade that magically makes everything better, especially your bottom line.

Despite the continual money grab, it's the one thing you can say that's positive about the software as a service model, the continual cashflow gets over the resistance to continual patching, and in turn allows you to stay current on security patches.

Trying to get SME businesses (and we're talking the very S end here), to update software just because "It's now out of security support" and "You risk bigger fines if you have a data breach" is nigh on impossible and almost none of the SQL new features really matter to the existing use cases. There's no "spend some money, it'll run faster" or "spend money and it'll do this thing you wanted that it couldn't do before"

takes from the software crypt

we run Oracle 11g in production.. anyone older?

Overlooked Scenarios

1. Niche software (Poison Control Center case recording/realtime monitoring software, Industrial Frobbitz Control Software) written by a garret-resident Wizard, who is too busy fixing bugs and adding new features to migrate to a newer DB (Said Wizard just finished migrating from Btrieve to MS SQL of some version, a few years [decades?] ago, for Heaven's sake!).

1a. Wizard dies in their garret, there was no designated Successor Wizard, and anyway, the source is kept encrypted on DECtapes. Nobody living knows the password. And, it's not "xyzzy".

1b. Wizard closes business, sells all worldly goods, and moves to a California treehouse amongst the redwoods to contemplate the Meaning of Life.

1c.Wizard sells business to a Giant, Acquistional Software Monolith ("GASM"), which then forms a new business unit to sell, enhance, and support the software. This business unit is located in the basement boiler room, and staffed with a couple of Eager Trainees ("ETs") who wonder what these spools of brown stuff sitting on their desks are and what they ought to do with them.

1d. Software is acquired by GASM, as in 1c, above. GASM then shutters new business unit, "to align with our core values and increase operational efficiencies." Suggested upgrade path is a purchase of, and data migration to, a different product owned and supported by GASM.

That product is an add-in for SAP S/4 HANA.

No slack? From nearly 20 years of dev?

So they've got to fix security problems, and add new features, and worry about backwards compatibility (all the DB vendors, not just MS). And maybe change/disable something that was a problem.

If you look at the Sql Server compatibility matrix they do a decent job, just not indefinitely. 100 mode gets you back to sql 2008 (assuming they were using 100 mode)...With your really old apps you *might* get away with the oldest available compat mode in a supported version, *but*...

What do you think the chances are of anyone being able to test that legacy app and verify it's still working fully and correctly against any DB change at all? I'll open with a starting bid of 'nil' and work from there. Or after an OS upgrade? I'm not convinced most patch update testing i've seen proves anything useful beyond a smoke test that it's on.

Just Maybe

Just maybe the support windows should be longer and not dictated by a marketing upgrade cadence. I should not have to mention to this crowd that enterprises have many enterprise grade apps that need to be tested and remediated when a core component like sql is upgraded. Not to mention MS problem with expiring features that vendors are using in the newer versions of OS, and sql. There is no, none, zero reason sql cannot have a longer life except to drive profit to MS.

Heh. That undercounts trhe real older versions (<2000) dramatically. All those servers in factory/production line networks off the grid still running some version of 2000 server or 2003... and of course running SQL DBs set up by our grandfathers. Finance is NEVER going to fork over the cost of recertification and upgrade unless the 25-year-old hardware with a Compaq logo still on it burns up, and even then, they will try to tell us to revive it instead of jumping regulatory or customer hoops. Fsck beancounters.

Application Support?

Developers don't want to be tied to an expired database software version. Not only do they miss out on bugs fixed in later versions, but they also miss out on new features and capabilities that make their lives easier."

Stokes also noted that DBAs are similarly reluctant to be limited in this way

I can guarantee this isn't coming from Ops either. Chances are someone wants to upgrade but there's a critical business application bought 10 or 15 years ago that supports THAT version of SQL. Maybe there's a newer application version supporting a later or supported DB but there isn't an upgrade path or it's been customised/configured up the wazoo, maybe the vendor has been bought out and the new owners wants to sell a different application or to replatform you or maybe they've just gone bust, leaving no support.

"...inconsistent approach to backward compatibility"

SQL server is probably the one piece of MS software I have very few criticisms of, and I think they have done an excellent job in backwards compatibility. Even when they made massive changes to the engine in 7 and 2000, they still provided an easy upgrade path

compare this to windows where they regularly delete important features with no regard for users' needs

Nothing for the Upgrade

The PFY from tech school working on the hot new SQL server and application/cloud will get promoted out of the project and into manglement within 6 months because of the whizz-bang "skills" in new and shiny.

The grizzled greybeard tasked with updating the obsolete MS SQL DB Server and the accompanying apps because only they have the skills and training will take multiple years because of all the "concerned parties", long after the PFY above becomes their boss.

Feel free to say that does not happen. Please say that does not happen...

Please?

Some of this is to do with auditing and other stuff is biz people who won't let go. Finance institutions have to keep data and logs for 8-10 years, if you make a promise to be able to access the info and the auditors find out then they will insist on you showing them in real time! We have a couple of old Win2000/SQL2000 DBs we have on ice, in cold VMs ready to fire up to prove we have them. We still have a Solaris 10 box with an app that's 27 years old, the company's out of business but it holds financial records that are around 7 years old so we have to keep it going for another 3 years as we made a promise in our auditing paperwork, correction the management made the promise to the auditors and we have to keep it on life support!

We have a backup system that's got just 6 months to go before the last virtual tape in an ancient 10TB storage array finally expires, but we have a backup server, a backup client systems, a phsycial tape library and one spare DLT drive. 6 months and the lot goes in the bin at long last after keeping it on ice for the last 3 years.

This is how you end up with old SQL Server installs, regulations, auditing, management promises and just plaing daft biz users.

Whole of industry problem

The whole model of developing and supporting software is broken.

The fact is that as soon as someone can write an application which uses some other piece of software, that other piece of software (the platform) will be used indefinitely. Look at the number of mainframe systems written for the IBM/360 which are still in use, some of which no longer have any source code. The cost of changing the system to run on a new platform is prohibitive for most businesses, even though they may be using a platform which has known security holes.

We need a model of software development and support which acknowledges this, not denies it.

This is a whole of industry problem, not just a Microsoft one.