The Ubiquiti controller is fine if you're managing one site, but beyond that it's pretty poorly designed IMO.
By far the biggest problem is that they don't give enough consideration to recover-ability of offsite devices. If something causes a device to disconnect from the controller their solution is to SSH in and re-adopt it. That doesn't work once you're dealing with hundreds of devices across dozens of sites.
A good example of where that becomes problematic is to look at the controller hostname override setting they have. You could change it to 'unifi.invalid' and it would happily push that change out to a thousand devices and leave them in a state where you'd need to be hands on with every device to recover. If you can do it on purpose, they can do it accidentally with a buggy update, so, IMHO, there's always a risk that an update could break things pretty badly.
That's not a hypothetical either. They (purposely) pushed an update that did something like that when they started supporting HTTPS for the inform URL several years ago.
The second issue I have with it is more of a design issue. Sites should be somewhat sharded and I should be able to update the controller version on a per-site basis. I think that does a lot to reduce the risk of an update breaking things.
I also dislike the default settings and prompts for auto-updates. I like the scheduled updates and think they're great, but the push to "update everything daily at 3:00 AM" is too much. I have a controller with 100+ sites and need to schedule updates to ensure any breakage is fixable via manual intervention up to the point of physically visiting a site. Edit: To clarify this, I'm sure I've been prompted to enable 3:00 AM auto-updates on the newer controller versions and accidentally clicking "yes" would be a huge headache for me.
The "rolling update" was also pretty trashy when I tried it. That was years ago, but I think it simply updated APs sequentially and happily continued if the previous one didn't come back up. How hard is it really to implement a rolling update that stops and waits for intervention if even one device doesn't come back online?
And the UI. I can't even use it without setting my browser to 80% zoom and it gets worse every time they push out an update. Everything is stuck into tiny little scrollable boxes. I have multiple 27" monitors and get stuck scrolling around in a 1" x 2" box that can't display more than 2 or 3 lines of config. Why?
And then TP-Link copied them with Omahda. It's almost funny. I wonder if they even realize they're copying off the dumbest kid in the class. Lol.
Those are all very valid points you raise. I’ve also faced the recoverability problem when something goes awry. I’ve also noticed their ISP line has difficulty being reachable via API when they lose internet connectivity, even if you are local to the network.
That said, is there anything better? Mikrotik, while more configurable, is so much worse and feels straight out of the 90s design-wise.
Beyond those options I’m not aware of anything remotely better.
The design is old fashioned but it really doesn't matter. Imagine if they decided to revamp their UI as a mobile friendly monstrosity with large and padded components everywhere. It would likely be terrible. The compact look they have right now makes it possible to display a lot of information in a small area.
By far the biggest problem is that they don't give enough consideration to recover-ability of offsite devices. If something causes a device to disconnect from the controller their solution is to SSH in and re-adopt it. That doesn't work once you're dealing with hundreds of devices across dozens of sites.
A good example of where that becomes problematic is to look at the controller hostname override setting they have. You could change it to 'unifi.invalid' and it would happily push that change out to a thousand devices and leave them in a state where you'd need to be hands on with every device to recover. If you can do it on purpose, they can do it accidentally with a buggy update, so, IMHO, there's always a risk that an update could break things pretty badly.
That's not a hypothetical either. They (purposely) pushed an update that did something like that when they started supporting HTTPS for the inform URL several years ago.
The second issue I have with it is more of a design issue. Sites should be somewhat sharded and I should be able to update the controller version on a per-site basis. I think that does a lot to reduce the risk of an update breaking things.
I also dislike the default settings and prompts for auto-updates. I like the scheduled updates and think they're great, but the push to "update everything daily at 3:00 AM" is too much. I have a controller with 100+ sites and need to schedule updates to ensure any breakage is fixable via manual intervention up to the point of physically visiting a site. Edit: To clarify this, I'm sure I've been prompted to enable 3:00 AM auto-updates on the newer controller versions and accidentally clicking "yes" would be a huge headache for me.
The "rolling update" was also pretty trashy when I tried it. That was years ago, but I think it simply updated APs sequentially and happily continued if the previous one didn't come back up. How hard is it really to implement a rolling update that stops and waits for intervention if even one device doesn't come back online?
And the UI. I can't even use it without setting my browser to 80% zoom and it gets worse every time they push out an update. Everything is stuck into tiny little scrollable boxes. I have multiple 27" monitors and get stuck scrolling around in a 1" x 2" box that can't display more than 2 or 3 lines of config. Why?
And then TP-Link copied them with Omahda. It's almost funny. I wonder if they even realize they're copying off the dumbest kid in the class. Lol.