Sites Rejecting Apache 2?

An anonymous reader writes "Vnunet reports on the low adoption of Apache 2 has caused its producers to advocate freezing development of the open-source Web server until makers of add-in software catch up. Almost six months after the launch of Apache 2, less than one percent of sites use it, due to a lack of suitable third-party modules." I'm not sure where they are getting the freezing Apache development part, more talk about forking for 2.1 right now on the httpd mailing list. The article does have it right though that until there is a reason to upgrade and the modules are in place that adoption is not going to happen. While the cores of both Perl and PHP are thread-safe, the third-party modules are not. This renders one the larger reasons to use Apache 2.0, the threaded http support, useless for applications using either of these application layers. It comes down to the question of whether the third-party module writers are better off supporting what is used or what is new.

Third party modules?

[cureless]

What is the percentage of sites that actually use third party modules?

I think the fact that it's not being adopted is more because there is no need for the new version from most sites. What they have works and is stable, so there is no reason to upgrade.

cl

Re:Third party modules?

[Bob+of+Dole]

Every site I've writen in PHP has made large use of third party modules
Like MySQL, GD, ImageMagick, etc.

In PHP at least, they are a very important part of site writing.

Re:Third party modules?

[krow]

PHP, mod_perl, any of the Java servlet modules. These are are third-party (basically the server doesn't ship with them even if they are other ASF projects). Anyone running anything other then a flat HTML site needs at least one of these or something similar.

Re:Third party modules?

[Cef]

The build system in Apache 2, while being vastly improved over the Apache 1 build system, is rather complicated, and has lead to a number of packagers simply not bothering, or having a hell of a time packaging it.

There is no RedHat or Debian packages of Apache 2.0 (offical as in from RedHat or Debian, and part of their stable distribution). There are a few Debian people who are packaging Apache 2.0 (namely Thom May, who is the current package bunny...err...maintainer *grin*), but last I heard they were having a horrible time getting it working, and it's still only in unstable (sid), and hasn't made it to testing (sarge).

If it gets into RedHat and Debian's stable distributions, chances are it'll make a higher percentage mark on site usage. Till then, I don't think things are going to change much.

Re:Third party modules?

RedHat yes, Debian no.

Debian is one of the least-used Linux distro's for server installations. FreeBSD ranks above Debian of the freenix's for servers, and it already has Apache2 as part of "ports".

The poor adoption rate is mostly down to a lack of reason - 1.3.x is "good enough", a lack of third-party code that works well with it - php, a commonly used module didn't work well til recently, and maybe still has "issues", and a case of "change is scary"...

None of these reasons are driven by "need a package".

Actually, it's frightening how many sites STILL haven't upgraded to 1.3.26 from 1.3.24, which has a known vulnerability....

Re:Third party modules?

[leviramsey]

Apache 2 is in Mandrake contribs (not really supported nor officially maintained), so if you buy the 9.0 ProSuite, it will be available. I am hearing talk from Mandrake that Apache 2 will be the default web server in Mandrake 9.1.

Re:Third party modules?

[Micah]

Red Hat's (null) 8.0 beta 3 has 2.0.40. You can probably take the SRPM for it and rebuild it on RH 7.x. I haven't tried it but it should work.

I agree it will get a LOT more use once the Linux and BSD distros start shipping it by default, and once PHP and mod_perl are solidified for it. The Red Hat beta includes both, so they should be about ready.

Re:Third party modules?

I'm going to stick with version 1.3 for the time being. It just works better for me.

Re:Third party modules?

[alan_d_post]

Gosh, and I thought NetBSD was supposed to be harder to use. It's been in pkgsrc for a good long time.

Re:Third party modules?

Ever heard of the ol' saying.. "if it aint broke, dont fix it?"

Re:Third party modules?

Apache2 is replacing Apache in The new Redhat betas.

Re:Third party modules?

[rodgerd]

A client of mine uses a product which ships a binary-only plug-in. They haven't qualified a plug-in for Apache 2.0.x, so that's that. Vignette's software is pretty popular. Add in products like Websphere, Oracle iAS, and all the other proprietary tools that flocked to Apache and you've got a solid chunk of the market.

Personally, I haven't upgrade either of my personal servers, because I fail to see any real benefit from doing so. Both are on seperate 128Kbit links with adequate horsepower to serve pages behind them, so why mess with a new mod_perl?

Re:Third party modules?

[rp]

what the article refers to is Apache modules. mod_php in your case.

Re:Third party modules?

[letxa2000]

I agree with parent. I run a number of websites and my Apache webserver does what it needs to do, period. If I built a brand new server box from scratch I'd probably go for a new version of Apache but I don't plan on upgrading my existing Apache to the new version.

More than sites rejecting Apache 2, I think it's a strong testament to the reliability of previous versions of Apache.

That's the paradise of not using Microsoft: No forced upgrades. :)

Re:Third party modules?

[JDizzy]

The bsd distro's do ship it by default, in the portage (aka /usr/ports). However, if you mean 'installed by default', then we are talking a whole nother story. Apache2 is not suitable to be installed in any base Operating Environment. That is to say, your just serving up static web pages, and that might be fine for a budding 17 year old that thinks static pages, with a ripped-off html, and some stolen java-script... is kewl, then maybe. But that just isn't going to cut it in the world of men, and professional web designers, not to mention thsoe who do release engineering for FreeBSD. ;)

Re:Third party modules?

[Old+Wolf]

Yes, and mod_php is compiled from MySQL, GD, ImageMagick, etc., so all of these must be thread-safe to make mod_php thread-safe.

I'm still waiting on PHP

As soon as they release a stable version for Apache 2 (aka 4.3.0), then I'll look seriously at switching. It's great that Apache 2 has stablized now, though, as it lets everyone else work around a stable project.

We'll all get to Apache 2, it just takes time to migrate.

Re:I'm still waiting on PHP

[haeger]

Same here.
I'd love to migrate to Apache2.0, but until PHP works properly I can't do that.
As it is now our companys main webserver runs apache1.3.26 and will continue to do, even with the problems we're experiencing with it.

There appears to be some memoryleak somewhere which makes apache consume more and more memory until we restart it. It doesn't happen that often, but we do have a script that kills off apache about once a month.

While looking into what was wrong I got the impression that this was a known error, but I couldn't isolate the problem.
My setup is as follows: Apache/1.3.26, PHP/4.2.1, mod_perl/1.27, mod_ssl/2.8.10 and OpenSSL/0.9.6a on a Solaris7 box.

Let's just hope Apache2 solves my problem with this memoryleak too.

.haeger

Re:I'm still waiting on PHP

set your MaxRequestsPerChild 10000

Re:I'm still waiting on PHP

[bluegreenone]

Don't know if it's a memory leak but my Apache server will work fine for days/weeks, but will begin to get really slow. A restart of httpd fixes it. I'm running Mandrake 8.2.

Re:I'm still waiting on PHP

[akharon]

Especially considering it's a documented problem with solaris...

Re:I'm still waiting on PHP

[baptiste]

There appears to be some memoryleak somewhere which makes apache consume more and more memory until we restart it. It doesn't happen that often, but we do have a script that kills off apache about once a month.

Why not just use MaxRequestsPerChild?

#
# MaxRequestsPerChild: the number of requests each child process is
# allowed to process before the child dies. The child will exit so
# as to avoid problems after prolonged use when Apache (and maybe the
# libraries it uses) leak memory or other resources. On most systems, this
# isn't really needed, but a few (such as Solaris) do have notable leaks
# in the libraries. For these platforms, set to something like 10000
# or so; a setting of 0 means unlimited.
#

This way you can knock off each Apache child one by one after a given period of use without having to restart Apache completely.

Re:I'm still waiting on PHP

[haeger]

This is what we do actually. I should have been more clear about it. Thanks for pointing it out though.

And as someone noticed bewow, this is a known problem with solaris.
It was a while since I tinkered with it. It is solaris after all, it's solid as a rock. ;-)

.haeger

Do you Hattrick?

Re:I'm still waiting on PHP

[Beliskner]

As soon as they release a stable version for Apache 2 (aka 4.3.0), then I'll look seriously at switching. It's great that Apache 2 has stablized now, though, as it lets everyone else work around a stable project. We'll all get to Apache 2, it just takes time to migrate.

Bwa ha ha ha!!! You /. people are so hypocritical, when Microsoft iis users fail to install patches to upgrade immediately and get mod_Code Red automatically installed via Internet you say "l4amers", and yet when it's your turn to upgrade Apache, or even just to patch the older vulnerable version, it's suddenly OK to wait, if it ain't broke don't fix it. Yeah well maybe I've got MS iis running with mod_Code Red but if it ain't broke don't fix it, yeah?

Re:I'm still waiting on PHP

[jcostom]

You /. people are so hypocritical, when Microsoft iis users fail to install patches to upgrade immediately and get mod_Code Red automatically installed via Internet you say "l4amers", and yet when it's your turn to upgrade Apache, or even just to patch the older vulnerable version, it's suddenly OK to wait, if it ain't broke don't fix it.

Alas, the point goes streaking over your head like a 747. Do you understand the difference between applying *SECURITY PATCHES* versus completely ripping out your httpd and replacing it with a new major version?

Re:I'm still waiting on PHP

[StillAnonymous]

What are you talking about? The latest version of Apache 1 doesn't have any CodeRed-type bugs in it, so it's not like there's a heavy incentive to upgrade to 2.x right now.

Why must people always attempt to find hypocrisy where there is none? Do they think it makes them look insightful?

Re:I'm still waiting on PHP

[Beliskner]

It can be worse to install a security patch - remember M$ SP6 being corrupt, requiring SP6a? Remember Media Player XP forcing DRM down our throats? I'd say these changes are bigger in the big picture than a simple httd change which can always be rolled back. Proof of everyone worldwide signing a DRM patch click-through clause is much bigger than this.

Re:I'm still waiting on PHP

[MikeFM]

Me also, I tried switching a while back but it just wouldn't work properly so I temporarily switched back to the old Apache. I'm very excited about some of the new possibilities and will be using them in the future. If they really want to speed adoption of Apache 2 I'd suggest they get involved, if they aren't already involved, with helping get those popular add-on's 100% compatible with Apache 2. Apache is a great piece of software and a great project so I hope they don't decide they're unwanted. Just give things time to adapt.

Re:I'm still waiting on PHP

[WNight]

Tough luck then, running an OS where it's a pain to get critical bug-fixes without also downloading a bunch of cruft.

That said, even I, a non-MS type, know that it's possible to setup a Win2k (or XP I assume) server box to download and pass patches to all your other machines, they way you can control what they auto-update to.

The only drawback of this is that MS still doesn't release fine-grain patches, they tend to fix ten bugs, introduce two new ones, and introduce a few "features" with each update, so you don't really have all the control an admin wants. Better than nothing though, and having an extra step in the way means that your client machines get all the patches you approve without the danger of letting them auto-update (and maybe download a virus, or update that "accidently" breaks your third-party software.

Really though, the only good protection I saw for code-red, for companies that had MS servers (some ISPs selling co-lo space, for instance) was to transparently route all incoming web traffic through an unaffected type of machine and drop all malformed requests, as well as adding certain IPs to a block list. But that requires a skilled admin who keeps up with the details of the current exploits and can write some custom firewall configs.

Re:I'm still waiting on PHP

but we do have a script that kills off apache about once a month.

Yah, I see how this could mean you use MaxRequestsPerChild to limit the lifetimes of your Apache processes...

Re:I'm still waiting on PHP

[haeger]

So I did the change about 1,5 years ago, left it running and moved on to other things, then this subect came up and I thought I had done the same to apache as I had done to some other misbehaving programs the people just "have to use".

Don't be so nitpicky.

.haeger

Re:9/11 = 0.818181818

[brsmith4]

Being an american, I am truly sick of hearing about 9/11. CNN 9/11, Foxnews 9/11, BBC 9/11, HBO 9/11 .... aahh!!!! I get the fscking point.

Why fix what ain't broken??

[SuperDuG]

Personally I don't see a need to switch to 2.0 yet. My site runs just fine on 1.x series. I know there are improvements and benifits to switching, but the work required to switch doesn't seem neccessary to me right now. I think the more new servers that pop up will start with the 2.x series of apache, but I'm quite sure there are sites similiar to mine that are doing just fine with the 1.x series servers.

My main question is, what would it matter if sites weren't using apache 2.0, isn't it enough that open source software is being used??

Re:Why fix what ain't broken??

[ShaunC]

This about sums it up from my experience as well. I've installed Apache 2.0 on precisely one server: a development box dualbooting Windows and FreeBSD. 2.0 runs just fine, and aside from a few early PHP issues, I haven't had any problem with it. But my opinion - which, I think, is fairly common - is "why bother?"

I've installed Apache 1.3x on numerous machines over the past few years. All of the webhosting companies I've worked with still run 1.3.23 or 1.3.26. I know the process of installing Apache 1.3.x with PHP and MySQL ("LAMP" or "FAMP" servers) like the back of my hand. I've written shell scripts to do it for me. As long as the tried-and-true Apache keeps running, and is still being actively bugfixed, I see no reason to switch production servers to Apache 2.0.

"Why fix what ain't broken" is a damn good way to sum it up, IMO. This is coming from a guy who's perfectly happy running MacOS 8.6.1 on his G4, and WinME on his Windows boxes. There's no sense upgrading if everything's working fine now. Along the same train of thought, why take the time to learn the new configuration/installation options for Apache 2.0x, not to mention updating scripts or doing the actual installs, when 1.3.26 works just as well as it ever has? The benefits of 2.0x simply haven't won me over yet.

Someday, but not yet.

Shaun

Re:Why fix what ain't broken??

[HalifaxPenguin]

Apache 1.x has a big problem when it comes to dynamic/updating data in shared hosting environments: security, or lack thereof.

All php, mod_perl, (and pretty much anything except suexec cgi) based pages are run as the same uid/gid as the apache server. Everything your scripts have read/write access to, so does everyone else on the same machine.

So, for instance, if your database passwords are in a php script, or a file that a your php script reads, the webserver must have read access to that data in order for it to work. Since everyone else's scripts also run with the webserver uid/gid, they also have read access to your database username/password info, and can therefore connect to your database, and do all the damage they want.

To address this problem, Apache 2 has the perchild MPM which allows a virtual host to have it's own process fork, uid/gid, and thread pool. Unfortunately, the perchild MPM is not presently stable.

With that being unstable, and php and mod_perl also being "experimental", Apache 2 doesn't really offer an advantage over 1.3 yet. ...But don't be so certain that Apache 1.x "ain't broken".

Re:Why fix what ain't broken??

[Stormie]

"Why fix what ain't broken" is a damn good way to sum it up, IMO. This is coming from a guy who's perfectly happy running MacOS 8.6.1 on his G4, and WinME on his Windows boxes.

Many would say that you broke your Windows boxes when you "upgraded" to WinME from the far superior Win98.

Re:Why fix what ain't broken??

[Micah]

To address this problem, Apache 2 has the perchild MPM [apache.org] which allows a virtual host to have it's own process fork, uid/gid, and thread pool. Unfortunately, the perchild MPM is not presently stable.

Can someone explain how this works? If I'm understanding it correctly... 1) There's still a "main" server, which still runs as nobody (or maybe root now?) and which listens to the port(s) and accepts incomming connections 2) Each virtual host has its own multithreaded process 3) The main server determines the virtualhost of the request and pipes the data to and from the appropriate VH process.

is that about right or am I missing something? It seems like that might have some serious performance and/or memory use implications.

This very much sounds like a killer feature, especially if it works with mod_perl and PHP.

Re:Why fix what ain't broken??

[befletch]

Summarizing about half the posts in this discussion, SuperDuG says:

Personally I don't see a need to switch to 2.0 yet. My site runs just fine on 1.x series.

Another large group (myself included) seems to be waiting until PHP et al are widely considered stable on the new platform, which in the case of PHP will occur sometime after the Zend site has a big fat endorsement on its front page.

The only reason I am looking at Apache 2.0 before that endorsement goes up is the Subversion project. This is a free software replacement for CVS which is getting relatively close to release and which will provide nice little features that CVS doesn't have like versioned moves and renames for files and directories. That one feature alone will make me very happy. The Subversion server requires Apache 2.0 for remote access, therefore 2.0 becomes more immediately interesting to me.

Wouldn't it be a little ironic if version control was what finally drove migration from the 1.3 series to 2.0?

Re:Why fix what ain't broken??

All of the webhosting companies I've worked with still run 1.3.23 or 1.3.26

that's a patched 1.3.23, yes?

Re:Why fix what ain't broken??

[cscx]

To address this problem, Apache 2 has the perchild MPM [apache.org] which allows a virtual host to have it's own process fork, uid/gid, and thread pool. Unfortunately, the perchild MPM is not presently stable.

Is this similar to IIS's ability to let each cgi-bin run as its own, user-specified user? Like if I create the user Fred, and only allow him NTFS permissions on his own cgi-bin, and nothing else, that cgi instance will only be able to read Fred's cgi-bin files.

Does this work with an ACL addon to Linux?

Re:Why fix what ain't broken??

Only on slashdot...

A technology site where a post effectively advocating ludditism is considered "insightful" ...

Re:Why fix what ain't broken??

[bad-badtz-maru]

So, in the mass hosting environment using the perchild MPM, you end up with 1000 processes if you have 1000 virtual hosts on one box. That doesn't sound too useful...

maru

Re:Why fix what ain't broken??

[gorilla]

Apache 1.2 or above supports CGI per user with SUexec. It's quite simple, just before calling the CGI program, the process calls a program to set the uid to the user who owns the CGI.

The problem described above is for non-CGI dynamic content. The whole point of mod_php and mod_perl and other similar technologies is to tightly integrate the webserver with the program. This means that the SUexec approach can't work - a process can't change it's uid to a user and change it back again in a secure fashion. What is possible is to isolate each virtual host from each other.

Re:Why fix what ain't broken??

[windex]

I beleive it is intelligent enough to do it on a realtime basis, so you just get several setuid()/setgid() calls.

Re:Why fix what ain't broken??

[ceswiedler]

I think the main process simply passes the socket descriptor for the new connection to the virtual host process. Passing descriptors isn't terribly efficient, but it only happens on connection, and certainly more efficient than piping data the way you describe. I'm pretty sure the Apache 2.0 design is efficient and scalable.

Re:Why fix what ain't broken??

[sunset]

...To address this problem, Apache 2 has the perchild MPM which allows a virtual host to have it's own process fork, uid/gid, and thread pool. Unfortunately, the perchild MPM is not presently stable...

I asked Rasmus Lerdorf (creator of PHP) about this when he gave a presentation to our LUG back in July. He indicated that the perchild MPM was nowhere close to stability, and at that time didn't think anyone was even working on it.

A real shame - it's the one thing that really had me interested in Apache 2.0.

Re:Why fix what ain't broken??

[ceswiedler]

Are each of the processes for a virtual host spawned on startup, and remain around even if no requests have come in? I imagine there's an option to only spawn the processes as needed, and terminate them if they are inactive for a certain period.

At any rate, 1000 processes isn't that much for a modern server. Furthermore, that's the *most* you'll ever have, even if you have 10,000 simultaneous requests. However, threads in Linux are just processes anyway, so you'll see 10,000 entries in ps. But you'll know there's a difference...

Re:Why fix what ain't broken??

[cscx]

Hmm... by cgi-bin I meant that in IIS you can assign each virtual directory as an "application" which runs as a designated user at the requested process protection level (low - in process; medium - pooled; high - separate process). This includes non-CGI dynamic content, such as ASP pages (and PHP, etc too I assume if you install the plug-in) not just straight CGI. I guess since IIS is so tightly integrated with NT, linking to the SIDs is not a problem; it would be nice to see Apache 2 support that, on both Unix and Win32.

Re:Why fix what ain't broken??

To address this problem, Apache 2 has the perchild MPM [apache.org] which allows a virtual host to have it's own process fork, uid/gid, and thread pool. Unfortunately, the perchild MPM is not presently stable.

Even when it is, it will only support Linux. A lot of people run apache on other OSes as well but apache team is not interested.

Re:Why fix what ain't broken??

[mydigitalself]

surely you could run x threads of httpd as each of the users? my httpd runs as user apache, so i don't see why you couldn't fire them up as user joe, fred, gareth etc...

i suppose the downside of this is that you would have to maintain configs for each of the users and you couldn't just killall -9 httpd; but the solution is workable.

i hope this isn't taken in the wrong way - but has apache 2.0 been overengineered? have the guys been wasting their time? i think these are important questions as, i assume, a tendancy of open source software is developers writing code bsaed on what they deem to be "wanted" rather than focusing on the end-user.

personally i didn't get the whole hoopla about it - i mean, its an http daemon, it accepts port 80 requests and passes them over for processing. did it really require all the work that was put into it? could that work have been better spent building an IIS-like management console which, imho, would be far more useful for administration...

Re:Why fix what ain't broken??

It wasn't even fixed into a working state until recently. And it still doesn't work to well on a myriad of platforms (if at all).

Re:Why fix what ain't broken??

[lamp77]

I don't know about that...

my mod_perl stuff always sat at about 5mg per child, 1000 children would be 5gig, thats a whole lotta ram cowboy.

Re:Why fix what ain't broken??

[Mr+Bill]

If you set things up correctly, then most of that memory is actually shared between the processes. If you read the mod_perl guide (http://perl.apache.org/docs/1.0/guide/performance .html#Sharing_Memory) it explains all of this stuff for you...

Cees

Re:Why fix what ain't broken??

[lowar]

So, for instance, if your database passwords are in a php script, or a file that a your php script reads, the webserver must have read access to that data in order for it to work. Since everyone else's scripts also run with the webserver uid/gid, they also have read access to your database username/password info, and can therefore connect to your database, and do all the damage they want.


Ever heard of safe_mode or open_basedir in php?

Try to get your facts straight, before you post such rubbish.

CU Micha

Re:Why fix what ain't broken??

[HalifaxPenguin]

Ever heard of safe_mode or open_basedir in php?

Yes, I have heard of both safe_mode and open_basedir. They have a few problems. The first being that they basically only advise PHP to double check uids, path names, and disabling a number php functions. They don't stop one from snooping around with mod_perl, SSI, or whatever else is available on the server. (Many servers default to all files being readable by everyone anyway, so you don't even have to piggyback on the webserver to look around). Secondly, most shared hosting providers I've encountered don't enable these directives in the first place.

safe_mode and open_basedir are band-aid solutions that don't address the root of the problem. The perchild MPM does... err, will. :)

Re:Why fix what ain't broken??

[Phroggy]

surely you could run x threads of httpd as each of the users? my httpd runs as user apache, so i don't see why you couldn't fire them up as user joe, fred, gareth etc...

At work we host 4,500 domains on one box. No, what you describe is not workable.

could that work have been better spent building an IIS-like management console which, imho, would be far more useful for administration...

Many of the people who have used both IIS and Apache have said this is one of the biggest things they hate about IIS. The management console thingie is a complete pain in the ass to work with. A plain-text config file is much easier to read through, maintain, back up, restore, and get help on.

I can sit down at a web server I've never seen before, and type:
grep -v "^#" httpd.conf|grep -v "^$"|less
and in a minute or so, I understand how it's set up. I don't expect anyone else who's not a serious Apache admin to be able to do the same, but that's why there are comments and excellent documentation readily available.

Then I can cp httpd.conf httpd.conf-working, tweak it, and if it doesn't work, just cp httpd.conf-working httpd.conf and it's all better.

Finally, if I'm really hgaving problems, I can mail httpd.conf to a friend, and ask for help.

Re:Why fix what ain't broken??

[Phroggy]

I should clarify: we're not doing per-user permissions on those 4500 domains. But for a smaller company, with maybe only a few hundred sites, it'd be nice to be able to handle that. suEXEC works OK for CGI scripts, but PHP isn't pretty.

Re:Why fix what ain't broken??

[bad-badtz-maru]

Although the guide does say that, it doesn't end up being true, though. When the processes are first forked by the parent, it's true, but after they serve just a couple of varied requests against decent-sized scripts a noteable amount of the memory rapidly becomes unshared. I am not sure why. I think the first time any actual perl code is executed, variables on so many different pages change that a huge amount of pages end up being copied. Obviously it's going to depend on the app, but most people aren't using modperl to drive small scripts.

maru

Re:Why fix what ain't broken??

[Electrum]

I think the main process simply passes the socket descriptor for the new connection to the virtual host process. Passing descriptors isn't terribly efficient, but it only happens on connection, and certainly more efficient than piping data the way you describe. I'm pretty sure the Apache 2.0 design is efficient and scalable.

Apache 1.3 doesn't pass descriptors between processes. The main process runs as root, binds to the appropriate addresses and listens for connections, then forks off child processes, which all listen or accept on those descriptors (possibly using a mutex to avoid the thundering herd problem).

There isn't any real efficiency problem with passing descriptors (unless some OS's do things weirdly). The issue is that there isn't a portable way to do it.

Re:Why fix what ain't broken??

[Electrum]

I beleive it is intelligent enough to do it on a realtime basis, so you just get several setuid()/setgid() calls.

Umm, no. Think about it for a minute. If a process can change it's euid/egid to anything, then that means uid/gid is root, meaning the process is effectively root. Doing this would mean you give every CGI root access.

This is what makes this type of feature so difficult: there is no way for a master process to change the uid/gid of child processes. Once a child (that is root) changes to a uid/gid, it is stuck for life.

If I would like to use threaded server...

[WetCat]

I'll use aolserver (aolserver.sf.net).
It's a stable and tested technology.
For my project I stuck with apache 1.3.x

Synchronous Access to Old Modules?

Why doesn't Apache v2 just support synchronized access (single threaded...) to old modules, and allow the new, updated modules to be multi-threaded? While this would probably defeat the purpose of using v2, it would at least provide a good interim step for adoption until more modules support v2.

Just at thought....

Re:Synchronous Access to Old Modules?

to quote from the article:

----
One developer on an email discussion forum said frequent changes to the Apache 2 APIs over the last six months had made it almost impossible for module developers to keep pace. "Most third-party module authors are not willing to maintain and change their code for every Apache 2 release; sometimes the APIs were changed two or three times within one development cycle," he said.
----

So in conclusion, the development cycle tried to operate similar to a corporation, without the pay. Don't forget, people are putting their time into this and not getting compensated. It's a concept of free association. They are not obligated to fix/code everything, so the development suffers.

Re:Synchronous Access to Old Modules?

[moonbender]

Well so what. They're not changing the APIs now, are they? That's right, because now it's the final version, and not experimental code with labels "functionality might change!" all over it. I'd much rather they develop a high-quality, future proof API now than redo everything one year later. (And I'm not saying it's high-quality or anything, I'm not in the position to judge that.)

Re:Synchronous Access to Old Modules?

*Chough*.
Yes they are changing the API now.

What the well dressed man is wearing

Well, I've finally decided on my fall wardrobe. This year I'm definitely going with a set of outfits from Sean John. I love the stylish, sophisticated looks with that bit of street edge to it that says I'm more than just another guy in expensive clothes.

From suits to casuals, jackets to pants, polo shirts and even hats, the Sean John collection is definitely the fashion of choice for the hip urban young professional. No Armani or Ralph Lauren for me this fall [well, maybe a little... :)]. Nope, this fall it's all Sean John for me!

Re:What the well dressed man is wearing

this is the most Bizzare post I've seen on /. EVER.

Apache --> P Diddy. Wtf?

Re:What the well dressed man is wearing

Well, I've finally decided on my fall wardrobe.

Me too... Same old worn and torn Sears-brand clothes I've been wearing for the last 10 years. It's a style that says "unsophisticated geek" in its own subtle way.

here's what would make me switch ..

[shri]

Here's what would convince me to change.

-- References. Have any high profile apache sites migrated? While my sites are small ... its always nice to know that the big boys have taken the plunge.

-- PHP Support. As of 4.2.0, Apache2 support was experimental. The change log does not show anything which says its supported.

-- Mod_gzip support. This is a big one. Mod_Gzip makes my sites download a extremely fast when users over dialup lines log in. This is true specially for low bandwidth countries in Asia. Mod_gzip support has left me fairly confused .. given that I bothered reading up on some of the early discussions.

Even with all of this.. I'm not likely to change unless there is a perceptible difference in the load / performance stats on my system during the switch.

Re:here's what would make me switch ..

[Icy]

Isn't mod_deflate similar in function to mod_gzip? I have not tried it yet, but it seems to play the same role.
PHP support seems to be somewhat stable on apache2 using the prefork mpm. The threaded mpm's don't work on FreeBSD, so I didn't really have a choice.
The preformance seems to be pretty good after I removed the unneeded modules. --Matt

Re:here's what would make me switch ..

[Jack+Tanner]

The death of Apache 2 has been greatly exaggerated. A cursory look at the mod_gzip mailing list shows that there's an independent port of mod_gzip to Apache 2. Look around, other modules are getting ported by the same folks.

Re:here's what would make me switch ..

[shri]

Will definately have to check it out.

Re:here's what would make me switch ..

[Velox_SwiftFox]

Yes, it is. My own need to install Apache 2.0, as it happens, was to allow on-the-fly compression to work correctly with SSL. It works fine, fast, and well for the server it is on, with no kludgy proxying stuff.

Re:here's what would make me switch ..

mod_deflate does the same as mod_gzip. Also apache2 has mod_ssl built in - no need to wait for the mod_ssl people to catch up and create their crazy patch to the newest 1.3 version.
PHP 4.2 works with Apache 2 although you need to change some source-code to get it compiling.
sadly most useful mpm modules are marked experimental in 2.0.40.
I made the switch, but primarily because my page runs off Zope where apache is just the proxy - and apache/php is used for phpmyadmin, phppgadmin and xams (a mail user administration tool) where all of it isn't accessible from outside. And yeah subversion via SSL runs too on my apache.

Re:here's what would make me switch ..

[peterpi]

Have any high profile apache sites migrated?

I can confirm that the almighty Tash Wednesday has shifted to Apache 2.

Re:here's what would make me switch ..

[tekspot]

Have any high profile apache sites migrated?

Uhhh, yeah!!! Apache.org !!!

Re:here's what would make me switch ..

[1984]

Yep. Several chunks of CNet are running on Apache 2.0. www.news.com has been on 2.0 for about six months, and I believe they've now switched www.download.com, too.

I'd like to upgrade but i have those darn issues..

[haplo21112]

Until we have a stable, PHP, Mod_perl, Mod_gzip(or whaterver they call it these days), and mod_layout I can't go down the apache road as my site needs all these things.....
I see the writer's point, I does appear that the apache group is pretty much only patching apache 13.x at this point to solve issues, verses imporoving and or adding things so thts probablt a good start to get people start moving. However till te other things catch up(which honestly how long was 2.0.x in beta, they should have been able to work against the dev tree, and come out with compatable products, although I am not an apache developer so I don;t truely know whats involved)

Don't need the headache...

[FyRE666]

As others have pointed out, the 1.3x server is fine already. Why put yourself through the pain of building 2.0, rebuilding PHP et al and worrying about it all working until it's been proven?

By the way, I'd like to know who the hell came up with this god-awful colour scheme?!!

Re:Don't need the headache...

One reason to deal with the headache is because by adopting it, you essentially are forced to "support" it at some level -- you find bugs and small issues with the core Apache, as well as with third-party modules that you rely on.

For most people, its not nearly as "bleeding edge" as its being played out here. Take a risk, or at least put a copy on a dev server if you don't have 1.3.x module dependencies that just don't work on 2.x.

Why did Apache 2.0 need to break compatibility?

[cpeterso]

I know Apache does not have any "customers" to support, but why were they so eager to break compatibility for Apache 1.3 modules in Apache 2.0? I know backwards compatibility code isn't sexy, but couldn't they keep the old module API and thunk it to the new API? Then Apache 2.0 could ship with rock-solid mod_php and mod_perl. Let modules developers migrate slowly on their own schedule.

Here's an interesting perspective from Ole Eichorn, the CTO of Aperio Technologies:

One of the more significant recent discontinuities occurred with the release of Apache 2.0. Although it has been under-reported, Apache 2.0 is significantly discontinuous (non-backward-compatible) with Apache 1.3. Many webmasters have decided not to upgrade for now, rather than have to recode their custom modules. And many of the custom modules out there are 3rd party, so the resources to make the changes are not readily available.

It is not clear to me why the discontinuity was required. There was no technical reason not to maintain backward compatibility. I think your essay gets it right, the people who made these decisions were not involved in the original development, and were not sufficiently aware of the impact their decisions would have on their developer community. Multi-threading processes, which inspired most of the discontinuity, primarily benefits Windows sites - a small proportion of Apache installations - and most Windows sites use IIS and aren't going to change.

I bet in a few years we'll be able to track Apache's decline as the leading web server back to this point.

Re:Why did Apache 2.0 need to break compatibility?

[elphkotm]

Because it's multi-threaded. There are a bunch of strings attached when you thread stuff. For example, thread children all operate in the same memory space (as opposed to the pre-forking Apache 1.x, where each child process had it's own memory space)... that alone has a HUGE impact on how modules must be coded. In order to maintain backwards compatibility, a hybrid pre-fork / thread server setup would have to be constructed.

On a side note, I'd have to disagree with the CTO of Aperio Technologies, Solaris also gets a serious performance improvement with Apache 2, albeit not as good as Windows, but still decent.

Re:Why did Apache 2.0 need to break compatibility?

[zoftie]

Its clear that dude is not a programmer and does not understand difference between thread and process. Things have to be considerably cleaner with threads,
as you can run over toes of anything. Apache 1.3 was built for dirty coding. Apache 2.0 has to expect a level of code quality. You have to be very careful.

In other news:
It is not clear why water company pipes cannot carry electicity. Electric companies are stunned at disconuity of water utility corporation.

BESIDES: when people write modular code. indent. comment it. things are dead easy to rework. IF people are sloppy. That would be a lesson for them. Or pain to inheritors of the code and a good precedent to make requirements for clean code in the future.

Re:Why did Apache 2.0 need to break compatibility?

[bitflip]

You answered your own question: its because they don't have any customers to support.

This is a double edged sword. Say what you will about MS, they've done a very good job maintaining compatibility with previous versions of Windows - because their customers insisted.

OTOH, a lot of the problems with both security and stability came from this backward compatibility.

Its quite possible that by breaking compatibility that Apache 2.0 will avoid those same pitfalls.

Re:Why did Apache 2.0 need to break compatibility?

[Ami+Ganguli]

Every empire crumbles eventually. Apache 1.x will decline and dissappear some day, just because, once you're at the top, there's no place to go but down.

With Apache 2.0 there's a good chance that the next dominent web server will be from the same family.

Unlike commercial companies, however, there's nothing compelling Apache 1.3.x users from moving before they're ready. I'm sure there will still be bug fixes on the 1.3.x tree for as long as there are a significant number of users.

Re:Why did Apache 2.0 need to break compatibility?

[cpeterso]

Because it's multi-threaded. There are a bunch of strings attached when you thread stuff. For example, thread children all operate in the same memory space (as opposed to the pre-forking Apache 1.x, where each child process had it's own memory space)... that alone has a HUGE impact on how modules must be coded. In order to maintain backwards compatibility, a hybrid pre-fork / thread server setup would have to be constructed.


yes, but a proposed backwards compatibility API (which could thunk to the new API) could take care of the thread synchronization and communication BEHIND the API, without the old Apache 1.3 modules knowing the differences. As long as the old API maintains the same interface promises, then old modules should continue to run (but probably with performance problems).

I'm surprised there hasn't been more work to create something like a "mod_apache13" to ease module transition, instead of forcing module developers to break everything all at once. Someone created a mod_aolserver to allow .ADP scripted pages for AOLserver to be interpreted on Apache 1.3. I don't see why someone can't do the same for Apache 1.3 on 2.0.

Re:Why did Apache 2.0 need to break compatibility?

[Rasmus]

You are quite offbase here. The API change is a minor thing. It's the process model and the fact that everything you link into Apache now has to be threadsafe. Even if the API was perfectly backward compatible you wouldn't suddenly have rock-solid support for any old Apache 1.3 modules because the process model is completely different now.

Re:Why did Apache 2.0 need to break compatibility?

[grazzy]

yeah, compiling php & sql support for httpd is so much harder than it should be. ofcourse, libpng/jpg/gif being brokern doesnt really help when compiling php so it makes it look worse. but still, its a pain. i wouldnt TOUCH my installations of apache unless there would be something *very* appealing in apache2.

which there isnt

Re:Why did Apache 2.0 need to break compatibility?

[SerpentMage]

Sorry, but the API change is quite dramatic. Not to say that it is bad. I like the API change, it makes things more consistent and cleaner.

Re:Why did Apache 2.0 need to break compatibility?

Multi-threading processes, which inspired most of the discontinuity, primarily benefits Windows sites - a small proportion of Apache installations - and most Windows sites use IIS and aren't going to change.

This is sheer nonsense. The Windows port of Apache has always been multithreaded, as win32 does not support the inter-process communication necessary for a multi-process Apache.

Apache2 supports pluggable Multi-Process Modules (MPMs), which use multiple threads, multiple processes, or both! In addition, there are MPMs for Windows and Netware.

Is it honestly reasonable to expect full backwards compatibility through such massive architectural changes to the server?

Re:Why did Apache 2.0 need to break compatibility?

[rodgerd]

I'm surprised there hasn't been more work to create something like a "mod_apache13"

I'm sure it's a trivial piece of work that would take less time to write than to whine about on slashdot.

Re:Why did Apache 2.0 need to break compatibility?

[expro]

You and the article you reference both spell the name wrong. It is "Eichhorn", with two h's. Spelled properly, it means "squirrel" in German. If you look on the company's web page, it is spellec correctly.

Re:Why did Apache 2.0 need to break compatibility?

[bogado]

This solution would only solve problems in the API side. But an module has his on code, and who knows if this code is thread safe? If the code compiles directly into apache 2, and bacome unstable, due to thread unsafeness of the module code, who do you think the user will blame?

"this worked just fine with 1.3, this 2.0 apache is a piece of S***".

This solution would swipe the problems under the carpet, it would not make them go away. Instead would hide them, so they would not be as obvious. I don't like it.

Re:Why did Apache 2.0 need to break compatibility?

[MojoRilla]

Threading a server can significantly increase performance. That is why many if not all commercial web servers are threaded (including IPlanet/NES and IIS).

Threaded programming is more difficult than non-threaded programming (just like mod-perl programming is more difficult that plain perl programming). Usually, it is because globals are used. Web servers are typically easier to thread (because each transaction doesn't usually interfere with others).

A single threaded server takes one request at a time, processes it, and then takes another request. The way Apache got around this was to have multiple processes, each which could take requests.

The problem is one of scale. While it is possible to have 1000 people simultaniously hit your web site at the same instance, it is unlikely that you will have 1000 processes running to take their requests. So some users have to wait. But is is possible to have a small number of processes with 1000 threads available to take requests.

Threads reduce memory useage. For example, each process has to load the code for the executable into memory, which multithreaded processes share. Also, if there is server file caching, mutiple threads can share the cache, but multiple processes can't.

Also threads can make more efficient use of resources. Lets say your application connects to a database on the back end (which is probably multithreaded, by the way). Lets also suppose that some transactions take longer than others. The first problem in a non-threaded application that each process has to have its own database connections. They cannot be shared between processes. Also, each process has to first wait for the tcp connection, then wait for the database to respond, then wait for the data to be sent out. While they are waiting, they cannot process other requests. The problem is that all the processes could block on the database doing long connections, while other requests that might not even require database connections wait. In a threaded model (with enough threads), many transactions can be started, while only the ones that actually have to do database connections block on the database.

Finally, threaded programs are more efficient in a multi-processor enviornment. These days, more and more servers have more than one processor. Because each thread can run on a separate processor, you can more efficiently use the hardware.

Threading is the way of the future. That is why Java caught on on the server side. Because it supports threading in the language (something that C or C++ don't do). The Apache writters were looking towards the future, not at the past.

Re:Why did Apache 2.0 need to break compatibility?

[pi_rules]

I know Apache does not have any "customers" to support, but why were they so eager to break compatibility for Apache 1.3 modules in Apache 2.0? I know backwards compatibility code isn't sexy, but couldn't they keep the old module API and thunk it to the new API? Then Apache 2.0 could ship with rock-solid mod_php and mod_perl. Let modules developers migrate slowly on their own schedule.

Add-on modules to Apache aren't coming into the 2.0 world quickly because 2.0 will spin off threads within processes now. Any API changes are rather trivial when sitting next to the amount of work that may need to be done to make all of your code thread-safe. In order to make the importation of 3rd party modules entirely safe the Apache team would have had to create a way to mark some modules as non-thread safe and be sure to only load one instance of each per process intstead of per thread. Doing that would have killed the performance enhancments brought on by threading and effectively negating any reason to actually move to 2.0 in the first place.

Re:Why did Apache 2.0 need to break compatibility?

[Znork]

For any webserver that regularly has 1000 people hit the site, having 1000+ processes is not uncommon or strange in any way.

Threads do not reduce memory usage. Any OS with a not-completely-braindead vm implementation shares any common memory between forked processes. It does not get copied until it's actually written to, which usually doesnt happen to code.

Processes blocking on IO is also a non-issue; you fork more processes to handle new requests. The overhead is minimal. Especially compared to the application logic guaranteeing thread safety on the database connection.

Threaded programs make no difference compared to forked programs in a multiprocessor environment. Threading only improves performance in SMP if you for some reason absolutely cannot fork (for example, a kernel).

Threading has been vastly overrated. It makes sense to use it in java since the language supports it, even as it may be more or less pointless, but in C it should be avoided unless you cannot get around it.

Re:Why did Apache 2.0 need to break compatibility?

[iabervon]

And Apache will lose market share to whom exactly? If the reason that nobody wants to switch away from Apache 1.3 is that the most important feature of a webserver these days is Apache 1.3 compatibility, nobody's going to switch to anything else.

MicroSoft would be in trouble if nobody switched to new versions of their software from the old version, because they wouldn't make any money. But Apache doesn't care, because they aren't trying to sell new copies. If a corporation were in Apache's position, they would risk running out of money and having their existing software go unsupported. But Apache doesn't need to be supported by new sales, so having people stick with the old version is just fine.

Re:Why did Apache 2.0 need to break compatibility?

[krow]

I think that most people would have just used the process based support and not bothered with threads till they need it. Adoption rate would have been a lot faster.

In case it gets Slashdotted.

Web sites reject Apache 2

By Roger Howorth [06-09-2002]

Regular changes to the Apache 2 API has developers questioning its usability

Extremely low uptake of Apache 2 has caused its producers to advocate freez-ing development of the open-source Web server until makers of add-in software catch up.

Almost six months after the launch of Apache 2, less than one percent of sites use it, due to a lack of suitable third-party modules.

Security Web site SecuritySpace said only 0.3 percent of Web sites use version 2, while 60 percent use Apache 1.x. Apache needs add-in modules for optional functions such as PHP scripting to generate dynamic content. Most modules are developed by third parties. Apache was originally created for Linux and Unix systems. Version 2 was developed to improve its performance under Windows.

One developer on an email discussion forum said frequent changes to the Apache 2 APIs over the last six months had made it almost impossible for module developers to keep pace. "Most third-party module authors are not willing to maintain and change their code for every Apache 2 release; sometimes the APIs were changed two or three times within one development cycle," he said. "Really, the only people who are excited about this are the gay homosexuals over at Slashdot."

Apache's troubles highlight one of the potential problems of complex open-source applications. Given that open- source projects typically produce many incremental updates, firms considering deployment of such tools should look for assurances that any APIs will remain relatively stable; a difficult proposition, considering that open-source companies have yet to demonstrate how they can make money by giving their products away for free.

Another Web software veteran, Netscape, may struggle to attract users. IT Week Labs tests published this week find Netscape 7.0 and Mozilla both inferior to Internet Explorer for anything other than websurfing for gay porn.

Re:9/11 = 0.818181818

But, isn't 9/11 November 9th?

Progress is good and all but...

[DarkHelmet]

I won't switch over to Apache 2 until there's an amiga port of it!

Re:Progress is good and all but...

[dammy]

Question is for which Amiga OS? Classic? H&P's wb 3.5/3.9? HYPErions OS4? Berniethlon? AROS? DEad? MorphOS? OH yeah, C='s Unix for the A3000Us?

Dammy

Re:Progress is good and all but...

[Ziviyr]

Question is for which Amiga OS? Classic? H&P's wb 3.5/3.9? HYPErions OS4? Berniethlon? AROS? DEad? MorphOS? OH yeah, C='s Unix for the A3000Us?

Ummm, UNIX isn't AmigaOS.

MorphOS is a PPC kernel isn't it?

I haven't heard of DEad or Berniethlon before.

Classic (typically OSes 2-3.1 but not excluding 1.x) and 3.5-3.9 are not dissimilar (though the later ones have undealt with problems) and are usually what is meant by AmigaOS.

OS 4 depends on how Amiga like it is (if its a freak good luck).

I even think the Amiga is pretty dead though, I just wish there was a good OS/hardware thingy to replace it.....

Re:Progress is good and all but...

[dammy]

>> Question is for which Amiga OS? Classic? H&P's
>> wb 3.5/3.9? HYPErions OS4? Berniethlon? AROS?
>> DEad? MorphOS? OH yeah, C='s Unix for the
>> A3000Us?

> Ummm, UNIX isn't AmigaOS.

Yet it was an official Amiga OS for the unix A3000 (tape back up and all).

> MorphOS is a PPC kernel isn't it?

It also emulates the 68K code as well for supposedly seemless operation. IIRC.

> I haven't heard of DEad or Berniethlon before.

DEad (think it was orginally called Digital Enviroment, or something like that) is Amino (current owners of Amiga Inc) Tao-group's JAVA repackaged for PDA/Cellphone/STBs, now called AmigaAnywhere. There has been some pretty heavy spin posted on /. over the years on this subject. I guess it's getting long in the tooth as one post on MooBunny http://flyingmice.com/squid/moobunny/amiga/message s/74837.shtml shows things not going all that well for DEad. Berniethlon is just a nickname of Amithlon Version2 (Without Haage&Partner and Mr.Frank) release.

> Classic (typically OSes 2-3.1 but not excluding
> 1.x) and 3.5-3.9 are not dissimilar (though the
> later ones have undealt with problems) and are
> usually what is meant by AmigaOS.

3.5 - 3.9's code (minus the grab bag of other code they may or may not have paid for from 3rd party developers) belongs to Haage&Partner and not to Amino (current owners of Amiga Inc). HYPErion is having to use AOS/WB 3.1 because they can't get access to source code of 3.5 - 3.9 for their HYPEOS4, which they own the source code.

> OS 4 depends on how Amiga like it is (if its a
> freak good luck).

Again, that's HYPErion's product that eveidently can continue on develope for regardless of Amino or it's Amiga Inc legal status. One of the two really smart things HYPErion has done, get DOPUS-Magellon and a legal agreement that they can continue when Amiga Inc goes belly up.

> I even think the Amiga is pretty dead though, I
> just wish there was a good OS/hardware thingy to
> replace it.....

Once they (HYPErion and MOS crew) locked themselves into PPC, I know it was the end of the line. AROS (http://www.aros.org) and Berniethlon are the only two Amiga related OSs that I hope will survive.

Dammy

Re:Progress is good and all but...

[Ziviyr]

Uhhh, GNU/Linux running on a nice speedy AMD Athlon system sounds just fine to me. What's your Amiga, 25MHz? Fucktard.

Good for you. I haven't managed a setup I feel at home with yet.

My Amiga is 50MHz.
It would run well at 25MHz, I don't see that as a bad thing.
(it actually has a 7 MHz CPU in it if I get bored with the MC68030)

Why change what works?

[AJWM]

Apache 1.3 works just fine for lots of basic website needs. Why upgrade just for the sake of upgrading? That's proprietary software's game.

Yeah, one of these days I'll upgrade my webservers, (probably when I decide to do a full install of the latest version of a distro that includes it) but there's no particular rush at the moment.

Re:Why change what works?

[ramzak2k]

Why switch ?

1.Your site has started to receive more traffic maybe and you want a more scalable server.

2.You are running your site on operating systems other than Unix and want to see better performance maybe?

3.Make use of the new Module Enhancements ?

Check out this page for a complete list

Re:Why change what works?

[AJWM]

Those are undoubtedly good reasons to switch -- but they are based on the premise that what one has doesn't work (well) or no longer works well.

While that may be true for some folks, my sites are relatively low volume, run on Unix (well, Linux), and don't yet need the Module Enhancements (although I ought to take a closer look at what's available), that doesn't really apply in my case.
(OTOH, I'm about to download Tomcat 4.1 for my JSPs.)

It's the PHP Stupid.

[prockcore]

I'd say the number one reason why people are moving over to Apache2 is due to PHP's slowness in supporting it.

Yeah, yeah, I hear everyone saying "PHP 4.2 works fine with Apache2" Well, we're not touching it as long as it labels apxs2 support as "experimental"

Re:It's the PHP Stupid.

No, apache2 and PHP 4.2.x don't work well :

at present, apache 2.0.40 is not compatible with PHP 4.2.2 or 4.2.3, it fails to compile. Very simple error, but the PHP team says 'will work in 4.3, we don't care' roughly ...

I'm stuck on 4.0.39 and PHP 4.2.1 at the moment ...

Re:It's the PHP Stupid.

[Rasmus]

Let's clear up a few things. Yes, PHP support has been somewhat slow in coming, but the main reason is that there is very little motivation for us to rush to support it. This is because most of us really don't see the advantage of 2.0 yet. The threaded mpms don't work at all on FreeBSD due to bugs in the FreeBSD kernel threading code. These are fixed in FreeBSD's CVS, but are not in any released version as far as I know. Also, as was mentioned, PHP itself is threadsafe, for the parts that count anyway, but what about the 100-150 different libraries that PHP can link against? We know some of these are not threadsafe. We also think we know that a number of them are threadsafe. The rest, who knows. Do you want to be the first to discover that a certain library is not threadsafe? Thread safety issues don't tend to show up until you start banging at the server with production-level load. And the errors can be quite subtle and random in nature. These are not PHP libraries we are talking about. These are things like libgd, freetype, libc, libm, libcrypt, libnsf.

Of course, if you run the non-threaded pre-fork mpm, it should be ok. But really, what is the point then? That's why PHP support has been slow going. We develop stuff because we need it ourselves for something. Right now spending a lot of energy on supporting Apache 2 seems somewhat futile. What we need here is a concentrated effort on the part of many different projects to pool their knowledge and generally improve the thread safetyness of all common libraries. I have written a summary and started this work here:

Thread Safety Issues

I would very much appreciate comments and additions to this. I don't think Apache 2.0 is dead in the water, it just needs better overall infrastructure in terms of non-buggy kernels and a push to make all libraries threadsafe before it can really become a viable solution for sites needing dynamic content.

Or, alternatively, we might start pushing the FastCGI architecture more to separate the Apache process-model from the PHP one.

Re:It's the PHP Stupid.

[cdegroot]

As I mentioned elsewhere, I don't even build the PHP module anymore. As a shared platform hoster, having all my customer sites running under a single UID is just plain too much risk. I don't think FastCGI allows, what'll we call it, 'session setuid affinity', but something like that would be cool.

Until then, PHP is an executable just like Perl and Python, and if that costs too much performance I'll shove another cheap pizzabox in the rack (that's why everyone is using a load-balancer these days :-)).

Re:It's the PHP Stupid.

PHP support has been somewhat slow in coming, but the main reason is that there is very little motivation for us to rush to support it

So, people have very little reason to switch to apache 2.0, while it lacks official PHP support, and PHP has little reason to provide official support for 2.0 because no-one uses it?

Seems like thread support is really only important for platforms that don't support multiple instances well...Win32. From a performance/security point of view, do the various *n?xes get much out of the switch to threads? Sounds like security will be an issue for a while. On the *nix (read free) side, it seems like there's little motivation to upgrade. Windows has IIS.

Re:It's the PHP Stupid.

[Monkey]

I had a similar problem. I ended up grabbing a few of the problem files from the PHP CVS and was able to get a successful compile for PHP 4.2.2 on Apache 2.0.40. I didn't use this on a production server, of course.

What, in a nutshell...

... are the benefits of Apache 2 supposed to be? I've never been clear on that, and it sounds like a lot of other people may be in the same boat. Can someone distill all the hype into a few concise bullet points?

Support everything new

[evilviper]

It comes down to the question of whether the third-party module writers are better off supporting what is used or what is new.

As a software author, you really need to worry about your own users outpacing you. For instance, if someone likes a feature in Apache 2, and every module they use, except yours, works with Apache 2, people quickly discover that they don't need your module all that much anyhow.

Wasn't that everyone's experience when switching from Windows? You can't get program XYZ for Unix, so you discover that you never really needed it that much anyhow...

As a programmer, it always pays to be everywhere you possibly can. But, when it's open source, programmers don't care what's best for the user, so don't expect it to happen.

Re:Support everything new

[g4dget]

people quickly discover that they don't need your module all that much anyhow.

And how is that bad? Commercial software houses have an incentive to confuse users into buying zillions of useless packages, needed or not. But for open source software, both the maintainer's and the user's interests are aligned: if it isn't needed, nobody should waste their time on it.

Re:Support everything new

[evilviper]

I'm saying that people will sacrifice the features of your software.

That isn't too good for the end user/Admin.

The open source developer has no incentive to care either way.

common factor

[zoftie]

when distros will start shipping 2.0 as standard,
everyone will "just use" it. Of course there would
be some rejection rate, of stubborn people. 1.3
development would stop and everyone would slowly roll over to 2.0.

pro 2.0:
- threaded stuff is blindingly fast. most systems threads are faster then processes
- other new technologies, like layered content filtering are great for developers of hight traffic sites.

pro 1.3:
very very many people using apache use linux. Linux threads are almost same performance as processes. Due to kernel limitation, you can stack only so many threads per process.Plus threaded model does not account for stability. One NULL pointer dereference and you're gone. Apache2.0 of course uses bundles of threads. so you still have multiprocess model kicking around.

Expect 2.0 gain popularity on systems like Sun, BSD and Win32 where processes handling is relatively expesive. Threads are dirt cheap.

As everything, things take time. Just like well brewed beer.
cheers.

Re:common factor

[bushboy]

Your assuming here that people will upgrade web servers just because a newer distro has been released with Apache 2 - that's just plain crazy in many cases.

This may be the case for those running one or two websites, or just meddling around, but for hosting companies, the adoption will be a slower process, for obvious reasons.

What would more likely be the case is that when web hosting companies upgrade hardware, they will be more likely to upgrade to Apache 2

Re:common factor

As the developer of another multi-threaded webserver, I can tell you that threads aren't so great under BSD, at least Open and Net (I have never looked at FreeBSD).

But threads in those systems are basically user-land and tend to not take advantage of things as much as real kernel-level threads can.

So I'm not so sure that Apache 2.0 will gain all that much popularity except on systems like Solaris, AIX, and WinNT where the kernel implements real threads with a real saving in context-swith and I/O overlap time.

Re:common factor

[md17]

when distros will start shipping 2.0 as standard, everyone will "just use" it.

<wear suit="flame resistant">
I don't think that "everyone" is the best word to use here. Most real unix sys-admins I know won't touch rpm's for things like Apache, OpenSSL, Postfix, etc. They build them from scratch in order to have more control over their servers. Typically unix sys-admin's like control. Thus they use unix not that other borg like OS. So, I agree that more people will use Apache 2.0 when distro's include it. But that is not the major reason people are not using it.
</wear>

BTW: One great reason to use Apache 2 is that mod_proxy is much faster and works better. From some reports I have read it is now a better way to go than mod_jk.

Go download yourself a copy of
Apache 2
JBoss 3.0.2 with Jetty
XDoclet

Use mod_proxy to connect Apache and JBoss/Jetty. Use XDoclet to write your code for you. And now you are an Enterprise Application developer. Have fun! Try not to spill anything.

Re:common factor

[dmelomed]

You don't know what you're talking about. There's more than one thread library, and not all of them are pthread implementations. pthreads are generic threads not designed for Internet servers, and not suitable for them. See

http://state-threads.sourceforge.net

http://www.gnu.org/software/pth/

state threads scales better than Apache's pthread MPM module, several times better. And it's completely user-land. Profile, don't speculate!

Re:common factor

[Salamander]

Stop being an ass, Dan. The person to whom your responding mentioned having written a webserver, and even provided a link. I'll wager that s/he has done more profiling than you have, and you're the one engaging in idle speculation.

Re:common factor

[dmelomed]

The person to whom I am responding doesn't mention any other thread libraries available. Just because he/she hasn't profiled other libraries doesn't mean *BSD is bad at threading.

Re:common factor

That still doesn't make your admonishment to "profile, not speculate" anything but hypocrisy. When are *you* going to stop speculating and start profiling?

Re:common factor

[scottj]

I have another issue with switching: unsupported commercial addons. I currently use Covalent SSL on my 1.3.12 servers. I've had to continually patch this old version of apache to keep it secure. And now, Covalent won't sell their "SSL" product for 2.0. They want to sell me a server with all kinds of features built in. All I want is their old, simple, cleaned-up mod_ssl package with support. Is there some other easy way to get SSL support in 2.0?

Re:common factor

[dmelomed]

I wasn't the one speculating FreeBSD threads suck.

Re:common factor

And since my code has the threading abstracted out feel free to make your own portability layer for that stuff. The only threading API that works across most platforms is, sadly enough, pthreads.

Believe me, I don't like pthreads. But the pthreads-API is implemented much more efficiently in Linux than in OpenBSD. That's what my post stated.

Does Apache use these alternate threading APIs?

I'm not a fan of the Linux kernel (I have worked on both) -- its getting much more organized inside. But the fact of the matter is that Linux has clone() which leads to increased performance.

Re:common factor

And if you read carefully I said Open and Net, I don't know much about FreeBSD. OpenBSD's threads do suck. It looks like the default MIT pthreads implementation -- which does suck for portability reasons.

I would very much like to see native kernel threads with a pthreads API so that I don't have to re-write my portability layer.

But not everybody who uses BSD uses FreeBSD. FreeBSD doesn't work on half the architectures I have. Alpha and x86? What about SPARC, MIPS, and ARM. I have all three at home (actually, about 14 architectures -- including ROMP, but who's counting?)

Re:common factor

But there are many userland pthreads, and non-pthreads libraries available for *BSD. And we simply can't say whether those other libraries suck either. Gnu Pth is a good one, for instance.

Re:common factor

[dmelomed]

User land libraries like state threads do not suffer from POSIX compliance, do not require intra-process, inter-thread synchronization (if design is correct, though some people on Slashdot make themselves believe otherwise), and are specifically designed for writing servers. And since it's the same library on all platforms it supports without a standards body, portability isn't much of an issue either, if at all.

Apache Accelerating Project used ST library when they were actively involved with the project, and according to the benchmarks project authors have done, at least on Linux the State Thread MPM module performed better (even though some people on Slashdot will hate me for saying this, accuse me of non sequitur, ad hominem, or some other such crap after switching to AC mode, etc.).

Re:Rather ironic

"most people don't want to use Linux or any of this other buggy, broken, security-hole-filled college sophomore school project software for critical apps"

Tell that to IBM, HP, SGI, SAP and Oracle. Their investments apparently go beyond your Appalachian brain capacity.

Use the new, everybody wins

[xee]

Make what is new become what is used and the software makers will have no choice but to support it. Simple.

Decline or fork?

[xixax]

cpeterso wrote:

Here's an interesting perspective from Ole Eichorn, the CTO of Aperio Technologies:

I bet in a few years we'll be able to track Apache's decline as the leading web server back to this point.

That or where it started to fork.If people are unwilling to go 2.x, they'll put the effort into adding new stuff into 1.x. Are we seeing Open Source at work?

Xix.

Re:Decline or fork?

a fork of 1.3 isn't going to survive. Alot of people are reluctantly using half-assed Java servers because you can't easily get the functionality you need for full fledged application servers out of php or perl. Someday I'm going to write an Apache 2.0 module to handle application/session/request state and persistence and caching, and request pipelining, but that won't be for a long time, so now its either use java, or rely on a page caching mechanism like zend to take care of stuff like this at the top of every page:

<?php

require("app.php");
require("session.php");
re quire("page.php");
require("user.php");
require( "dbconn.php");

$state = getState($HTTP_REQUEST_VARS);

$app = new App($state->app_name);
$session = new Session($state->session_id);
$page = new Page($state->page_name);
$user = new User($state->user_name);

?>

And then rely on the database caching (supposedly pretty good with mysql 4) to save me from new queries for every constructor.

Didn't work on my server

I used 2.0.35 for a while with OpenBSD, but I had to write a script to kill -9 the main process and all the child processes to stop or restart the server. apachectl stop, restart, or graceful just didn't work. It got worse, as using kill -9 to stop the server would eventually cause the server to hang.

1.3.26 works fine.

perchild MPM

php support with perchild MPM so virtual domains can have their own web user. Get that working and I'll switch in a second (or however long it takes to compile and configure).

Until then, 1.3.26 has the edge over 2.0. In fact, although 2.0 is an official release, no longer beta status, it still 'feels' like a beta given that the 'must have' (for some of us anyway) things it promises that 1.3.26 will never have are 'experimental, won't work on most platforms', and things that 1.3.26 already has, 2.0 doesn't. Basically, I'm looking forward to it really being out of beta.

Microsoft new rule prohibits benchmarketing

Microsoft new rule prohibits benchmarketing

Permission needed from Grand Mufti of Licensing

By Mike Magee: Tuesday 10 September 2002, 01:45

MOST OF US just click on those pesky Microsoft licence agreements just to get on with installing them as fast as we can.

But others, probably far more wise, decide to read through the content and ponder its import.

One such person who has done precisely this said there's a new little clause added to all Windows updates which he personally finds hard to stomach.

"* You may not disclose the results of any benchmark test of the .NET Framework component of the OS Components to any third party without Microsoft's prior written approval."

He points out that this significantly affects his ability to trade, as he's a software consultant.

[snip]

http://www.theinquirer.net/?article=5334

How is this going to hurt Apache benchmarkers?!

Re:Microsoft new rule prohibits benchmarketing

"How is this going to hurt Apache benchmarkers?!"

Simple, Microsoft will not have to worry about Apache 2.x performance.

Here's the obvious...

[erroneus]

... Why haven't they created a compatability layer or function or something like that to import the older API modules? Seems kinda fundamental to me.

Re:Here's the obvious...

[Rasmus]

There is, it is called the prefork MPM. It uses the same process model as Apache 1.3. Yes, there are a few API changes, but these really aren't a big deal and I really don't agree with the article that these API changes are the reason for the slow adoption.

Pre-Fork is Dead

[elphkotm]

One can only hope that eventually Apache 2.0 will be accepted and lead the way for real multi-threading of open source software. Pre-fork, although optimized in Linux (a poorly thought-out idea, IMHO), is a terrible and inefficient way to thread. Just kill it.

Needs Distribution Support

[raix]

That percentage isn't going to increase until it is included with RedHat, and the other popular *nix distributions. Once people start using it because its installed by default, it'll spread to production use.

Also keep in mind that production servers are a pain to maintain. Once you have your application deployed, there is no reason to upgrade web servers (except for bug fixes)... especially when that means re-testing everything to make sure it still works.

No, it's not.

Try Java. PHP isn't used by anyone but ignorant fucks who can't code their way out of a paper bag and are too fucking stupid to learn a real language.

Re:No, it's not.

[X_Caffeine]

Java is used by jerks who are trying to apply a heavyweight OOP application paradigm where a lightweight, scripting solution would work better. Using a jackhammer instead of a good hammer and chisel on a marble sculpture, for example.

I worked in a "java shop" for a while. Their solutions to the simplest problems always revolved around memory intensive, server-side user states, and of course the only browser anything would work on reliably was MSIE. When MSIE quit shipping with Java, they folded overnight. (har har)

Re:No, it's not.

[Khalidz0r]

Well, PHP is a good useful language. It has borrowed many ideas from most programming langauges around.

Being highly usable doesn't mean to blame the language for it. Why do we always blame things that are highly used? The normal way is: successful -> usable. We interpret usable though as stupid or insuccessful, that's wrong.

Afterall, I don't think PHP is behind the lack of usage of Apache2, but rather the fact that people have really stable production systems with the previous versions. There is no point usually to update your server while you don't really need it, and the fact that you'd update it will just get you into waste of time and trouble. That's the way how I look at it.

PHP is really good if you use it properly, and .. please .. don't blame it if others do use it. This feeling of `ah I can do something others can't do, thus I'm superiour!` is not right, not good, not useful, it just draws us back. Developers try building languages that are simple but useful. Have a look at python, it's simplisty and understanding made everybody expect it to make something in scripting languages future. It is not that only nerd experts can use it ..

Thanks for reading ..

Re:No, it's not.

[prockcore]

And just because I use php, you assume I don't know java? I do know java, we don't use it because of it's *insane* memory requirements. Sorry, but just having Tomcat idling costs hundreds of megs of ram.

I thought java was all about write once, run anywhere.. what's the point of java if you're using it server side? We're not exactly changing webservers every other day. Why not just use C++ or C# instead?

Java is a language without a purpose these days. No one wants to use it client side, and server side just doesn't make sense when compared to the initial purpose of the language (being able to run the same binary anywhere makes no sense when it's only going to be running on your webserver).

Re:No, it's not.

[mrobinso]

Well here's a little ignorant fSck test.
You take your java platform, and I'll take my little LAMP pizza box. We're going to create a new virtual host on both and do the "Hello World" exercise on it, mine in php, yours in java.

I'm done.

I'll hold my breath, and you let me know when you're finished.

But mod_perl and libphp4 already work on 2.0

[ishmalius]

I had a small problem when the API changed slightly from 2.0.39 to 2.0.40 , but with minor tweaking, both modules built and seem to work nicely. I have had no problems with them at all.

What's the fuss about? ;-)

Re:But mod_perl and libphp4 already work on 2.0

[dananderson]

The "fuss" is they are still labeled as "experimental."

Re:But mod_perl and libphp4 already work on 2.0

[Kompressor]

The "fuss" is they are still labeled as "experimental."

There are two very different angles to look at this problem from. Those who hack on linux in their spare time, and those who run mission-critical systems for their living.

Here in my basement, I run Debian Sid. I play with 2.5 series kernels. CVS doesn't phase me. And all is well, for if something gets screwed up, the only loss is my time, and there is more to be gained from the experience than there was lost to it. However, when the sun rises, and I make my way to work, the story is much different.

In the server room at work, I am responsible for the servers that host our client's websites, email, and DNS records. If something hits a bug, that something malfunctions. Maybe it hiccups, maybe it takes the entire box to it's knees. Given my druthers, I'd take the former, after all, if it just hiccups, it doesn't interfere with everything else. Now, I may think that I have a very firm grasp on what is happening on those boxes. I even pretend to think that I have a firm grasp on what is happening on my system here at home. My boss even trusts and respects my judgement. If I decided, for example, to replace our very stable and definately efficient-enough Apache 1.3.26, PHP, mod_gzip, etc. with the Apache 2.x and the corresponding modules, he wouldn't blink an eye. Why? Because he trusts me to make good decisions. I can't think of any better reason to stick with what is known to be stable, verses something that is "cooler," newer, or jus' phatter.

After all, as much as we like to think it, they don't pay us systems administrators to sit there and hack. They pay us to deliver systems that work.

Re:But mod_perl and libphp4 already work on 2.0

[Beliskner]

Yeah but does your boss trust you enough to give you a raise? Sun Tsu (Beliskner's amendment) - Everybody wants something, if an employee craves trust then give him trust slowly, that way he won't ask for a raise (same as Intel artificially keeps chip development slow so they can milk money from the market).

Redhat 8.0/Apache 2.0

The RH beta includes Apache 2.0 by default. Expect market share to rise when the new RH ships.

Re:Redhat 8.0/Apache 2.0

[term0r]

I do not know if this will change much really. Most people I know when doing a server install just install the bare minimum. For example, with Redhat and Debian I just install the basic development, C/C++ stuff, and sometimes named. Once this is installed I always compile what I need from source, which is normally the latest Apache 1.3, MySQL and PHP. I think you will find a lot of people do this, rather than relying on the default installs of Apache, etc, which sometimes are not put in peoples prefered locations (I like having everything in /usr/local, rather than in /var like MySQL used to go in older versions of Redhat). There is also a hugely creater degree of customizing that can be done when compiling from source.

I see no real reason to go to Apache 2.0, mainly because I know it works as it is, and I am familiar with the current version. Once we have a real need for something in 2.0 we will change, or when there is a critical bug in 1.3 that no one wants to fix (hopefully this does not happen)

Re:Redhat 8.0/Apache 2.0

As a RedHat user, I would have to disagree. I currently compile my own apache using mod_gzip, mod_backhand, mod_auth_smb, mod_perl and mod_php. Until ALL of these modules are supported, I am not switching.

It is rather unfortunate that many third party modules will not work with 2.0, but that's just the way it is. Until many modules are ported to Apache 2.0, just expect people using future versions of redhat to just ignore 2.0 and use older versions.

Maybe if there is some sort of tutorial or grass roots effort to help module maintainers port their code with as little pain as possible, we can at least jumpstart the process.

this is probably redundant...

[intermodal]

but this is like when people try to get the latest version of Office to do the same damn thing they did with Office 95 the same way they did it with Office 95, which is collecting dust on their shelf. while they run Office XP on their 2.7 gigahertz box running Windows XP doing the same thing at the same speed they did on a 486DX4 100mhz running Win95 and Office 95...which to be honest is one of the things i like about most opensource projects, the fact that they normally strive for compatibility and improvement... ok, enough run-on sentences from me.

Apache 2 IS solid

OK, OK, I'm waiting for our 3rd party ad serving software vendor to stabilize their module for our HTML servers too. But, for static (read: gifs and jpgs) we use V2 in threaded mode. Its VERY stable, VERY fast. We do 70-100MB sustained with 4 dual P3 graphics/static servers backing our HTML boxes, each taking 3000 connections a pop. Just give it a little time for adoption, this is great code! Great work, Ryan and crew!

krow

Who the fuck is krow? I guess since nobody knows who the fuck he is, he has to spout his big mouth off.

Upgrade Horror Story

I know why I am very, very wary about upgrading Apache: it seems every time I upgrade, the directories used for logging, conf files, etc. change, meaning I have to spend a good chunk of time chasing down the right parts of the documentation to figure out what is going on. And since I use virtual hosting, it's double the fun. Not to mention that once it decided to overwrite my htdocs and cgi-bin directories entirely... giving me a new, but empty web site. As in, bye bye files. Of course I had a backup, but what a pain!!! Have they fixed that problem yet?

Threads killed Apache 2

[tlambert]

The number one problem with Apache 2 is its reliance on threads, and its assumptions about threading models.

This will certainly not win me friends in the "everything should use threads because it's easier to do linear programming than to build a session reentrant state machine" camp, but...

Threads are useful for SMP scalability, but they aren't very useful for much else (I/O interleaving is adequately handled by most network stacks, the I/O interfaces themselves, and the fact that almost all the bytes being mode are being moved from the server to the client: the protocol is very asymmetric, even if you aren't pushing multimedia files). In most cases, threads are a liability.

Under Windows, they introduce data marshalling issues that have to be accounted for in user code -- not just in the modules which implement interpreters for that user code.

Under UNIX, threads are generally a loss, unless there is specific scheduler support for thread group affinity, when threads are running on the same processor. and CPU negaffinity, when there are multiple processors, to ensure that there is maximal usage of computer resources.

If you do the first, then you have the possibility of starvation deadlock for other applications: basically, it's not possible to do it correctly in the scheduler, you have to do it by means of quantum allocation, outside the scheduler. This means a threading approach such as scheduler activations, async call gates, or a similar technique. If you do the second, then you pay a serious penalty in bus bandwidth any time locality spans multiple CPUs -- in other words, it's useless to use SMP, if you have, for example, a shopping cart session that needs to follow a client cookie around.

Overall, this means that you were much better off using session state objects to maintain session state, rather than using threads stacks to do the same job. This is actually pretty obvious for HTTP, in any case, where requests are handled independently as a single request/response pair, and connection persistance isn't generally overloaded to imply session information (you can't do that because of NAT on the clinet side, multiple client connections by a browser on the client side, and server load balancing on the server side, etc.).

Overall, this factors out into threads bringing additional pain for module writers, without any significant performance or other benefit, unless you go SMP, and have a really decent threads and scheduler implementation -- which means you are running a recent IRIX or Solaris, which is a really limited fraction of the total web server market.

Frankly, they would have been a lot better off putting the effort into the management of connection state and MTCP or a similar failover mechanism, and worried about NUMA-based scaling, rather than shared memory multiprocessor with particular threads implementation scaling. The cost for what you get out of the switch is just too high.

-- Terry

Re:Threads killed Apache 2

You are wrong. Threads are good because they are faster. If your shop is big, faster is better. Faster equals more money for everyone.

Re:Threads killed Apache 2

No, he's right.

Threads can be good, but they're not appropriate for everything.

In the case of a www server on unix, there's a lot of good reasons not to use them, which he described.

Threading isn't *ALWAYS* faster, either.

Re:Threads killed Apache 2

[captaineo]

It's nice to know there are others out there who know state machines are the One True Way =). Ideally you have exactly as many threads as CPUs, and use non-blocking state machines for everything. (and unless the CPUs need to share a great deal of information, use processes rather than threads to side-step cache contention and locking; communicate with pipes or shared memory)

Unfortunately this ideal is sometimes hard to achieve because non-blocking APIs are not always available. (e.g. there is no way to poll/select a pipe on Windows, and true asynchronous file I/O is still in the testing stages on Linux)

Keeping this on topic - there are plenty of HTTP servers out there with more sane concurrency models - thttpd is one of many... (I can't really fault Apache for making the choices they did; their goals are more standards conformance and portability than raw speed).

Re:Threads killed Apache 2

While the state machine approach has obvious advantages for serving static content (far less memory overhead -- no thread stacks, just a current state) it is not necessarily ideal for dynamic content.

In the dynamic content case there may be quite a bit of CPU power required to process the request. In those cases the multi-state state-event-machine model begins to be a loss.

Furthermore there is also the fact that not everybody wants to break up their code into a state machine. Threads are an abstraction to assist the programmer, not the computer (well, mostly not the computer).

I don't want to have 5,000 state with 50 sub-states for generating that dynamic page as I have to wait for database requests to finish. My days of writing PBX code are over...

I want to be able to do whatever I have to do and not have it interfere too badly with other requests pending. The threading abstraction buys you that.

It also buys you a much easier time of distributing work to a multi-processor machine. Furthermore, in some operating systems the TCP stack its self does not run as a state machine but rather as a thread.
Thus doing blocking I/O on sockets helps those systems out since the overhead of obtaining a free thread has already been done. Just call into the TCP stack to do the work -- which runs on the requestor thread.

Performance tuning down to the instruction is a black art. While useful in many fields, I'm not sure that web serving is one of them. Heck, most people that write the code to back a web page probably don't understand these issues anyhow.

Re:Threads killed Apache 2

[JKR]

Under Windows, they introduce data marshalling issues that have to be accounted for in user code -- not just in the modules which implement interpreters for that user code

What do you mean by "marshalling" in this context? Maybe I've misread something but I understood marshalling to be about converting data from one internal format to a wire-transmission format and back - the classic example being converting host-endian to/from network-endian byte format. Do you just mean locking?

Jon

Re:Threads killed Apache 2

[pihl]

One thing that makes apache process/thread model problematic is HTTP Keep-Alive support (HTTP/1.1).

Your keep-alive connection eats whole thread/process it's lifetime. So, if you accept keep-alive (for long time) you can have hundreds of idle-processes/thread waiting next request to come from idle connection. To make things even worse most browsers open multiple current connections to same server to fetch all those numerous pictures (in typical html-page).

To compensate this you must configure you apache instance for very many child-processes (MaxClients). Then HARD_SERVER_LIMIT (in unix 256) limits you (you must edit/compile server to get it bigger).

Usually all this means that you cannot use Keep-Alive in busy site with apache.

Accelerated apache project (http://aap.sourceforge.net/) could help here using sofware threads), but state-threads-library's non-bsd/apache compatible license have made it impossible to make these patches offical (have I understand it right?).
In aap http-connection doesn't own whole process but just software thread.

In my opinion. There should be way to make MPM (processing model) that would reserve process/thread just for every http-request and not for whole http-connection. Currently it's difficult (or impossible ?) to that kind of MPM in apache-2.0.

pihl

Re:Threads killed Apache 2

Nice buzzwords. Any relation to the debate between threads vs. processes? I don't think so.

Threads will always be faster than processes because thread creation/destruction has extremely low overhead compared to a process (overhead is millions of instructions here). So stop whining and switch to Apache 2 already...

I don't understand why Unix gearheads prefer processes to threads (bash, make awk etc)? It's so slow.

Besides, threads force you to write cleaner programs (e.g. can't use too many global variables).

Re:Threads killed Apache 2

"Furthermore there is also the fact that not everybody wants to break up their code into a state machine."

That's the "it's easier to do linear programming" camp. I told you, I would not win friends there.

"a much easier time of distributing work to a multi-processor machine"

I granted that, too, but realize that we are talking about a specific type of multiprocessor machine -- the shared memory multiprocessor. That's limited in the number of CPUs that it can scale to, and the current industry trend is toward NUMA based systems, where this type of scaling breaks down.

"I want to be able to do whatever I have to do and not have it interfere too badly with other requests pending."

This is the "I don't want to have to deal with non-blocking operations" argument. This could have been handled in Apache proper, by adding a call conversion mechanism (present a blocking interface that, underneath, converts the blocking call into a non-blocking primitive plus a context switch).

"in some operating systems the TCP stack its self does not run as a state machine but rather as a thread"

I would argue that these operating systems are inherently broken under heavy load, since they are subject to receiver livelock. Jeff Mogul (in a DEC WRL paper), Mohit Aron (in a Rice University paper), and others have examined this problem in great detail, and come to the conclusion that the correct approach is LRP (Lazy Receiver Processing). There are even versions of this code for current versions of Linux (QLinux) and FreeBSD (Rutgers University port of the Rice University code), so lack of source code for a reference implementation is no excuse.

-- Terry

Re:Threads killed Apache 2

[Hard_Code]

What is your opinion of threading in light of the advent of hyperthreading? It maybe now that machines have one *physical* processor, but several cpu-based *logical* processors. I expect that in this case (regardless of how fast Linux switches processes) threading will be at least a modest win. The way to develop for the future is not to simply continue the same old design forever. Despite Joel's zealotry that nothing should be rewritten from scratch, there are good reasons. Living under a growing mountain of crap legacy code is unappealing.

Re:Threads killed Apache 2

[tlambert]

[ ... sorry for the repost; slashdot doesn't use hidden fields, and so when you preview, the username it displays is not used for the posting, if you have cookies disabled ... ]

"Furthermore there is also the fact that not everybody wants to break up their code into a state machine."

That's the "it's easier to do linear programming" camp. I told you, I would not win friends there.

"a much easier time of distributing work to a multi-processor machine"

I granted that, too, but realize that we are talking about a specific type of multiprocessor machine -- the shared memory multiprocessor. That's limited in the number of CPUs that it can scale to, and the current industry trend is toward NUMA based systems, where this type of scaling breaks down.

"I want to be able to do whatever I have to do and not have it interfere too badly with other requests pending."

This is the "I don't want to have to deal with non-blocking operations" argument. This could have been handled in Apache proper, by adding a call conversion mechanism (present a blocking interface that, underneath, converts the blocking call into a non-blocking primitive plus a context switch).

"in some operating systems the TCP stack its self does not run as a state machine but rather as a thread"

I would argue that these operating systems are inherently broken under heavy load, since they are subject to receiver livelock. Jeff Mogul (in a DEC WRL paper), Mohit Aron (in a Rice University paper), and others have examined this problem in great detail, and come to the conclusion that the correct approach is LRP (Lazy Receiver Processing). There are even versions of this code for current versions of Linux (QLinux) and FreeBSD (Rutgers University port of the Rice University code), so lack of source code for a reference implementation is no excuse.

-- Terry

Re:Threads killed Apache 2

[Salamander]

This could have been handled in Apache proper, by adding a call conversion mechanism (present a blocking interface that, underneath, converts the blocking call into a non-blocking primitive plus a context switch).

At significant cost in performance, of course, and if performance is the goal then nobody wins.

Re:Threads killed Apache 2

[Salamander]

It's nice to know there are others out there who know state machines are the One True Way

Oh, but they're not. Yes, I know you were joking, but it's also a serious matter and a mistake many people make. I love state machines, I'm notorious among my past and present coworkers for using them, but they're not the only way to break out of the naive multithreaded model. In fact, naive state-machine implementations are often even worse than naive multithreaded implementations since they're all too often utterly incapable of using more than one CPU.

The best-known alternative to the two representatives of this false programming-paradigm dichotomy is probably Matt Welsh's SEDA. I've also written extensively on the subject: here's an archive of past articles and my server-design guide that sums it all up. The basic idea, which goes back much further than either my work or Matt's, is to break processing into stages. Interactions between stages are asynchronous event- or message-based, while what occurs within a stage can be either state-oriented or thread-oriented according to programmer preference, availability of non-blocking I/O interfaces, etc. The programmer thus has a great deal of control over how a task-appropriate balance between the relative advantages and drawbacks of the two "standard" models is achieved.

Ideally you have exactly as many threads as CPUs

An excellent point. In fact, this is the area where Matt's thinking and mine diverge, and thus deserves special attention. SEDA tends a little toward the bounded-thread-pool model of having more threads than processors (though not infinite) and I believe that's a mistake. My own model more sharply limits the number of threads that are used. Though there might transiently be more active threads than processors under certain conditions, this is not a persistent condition; it's simply more costly to eliminate those rare transient cases than to allow them. Another difference is that SEDA attempts to reduce context switches and stage transitions by "batching" (passing multiple requests through a stage in a single pass) whereas I tend more towards "run until completion" (passing a single request through multiple stages). While the two approaches are probably equivalent in most ways, I believe the latter has a cache-warmth advantage; there's usually more data shared between the processing of a single request through multiple stages than between multiple requests in one stage.

I guess we're getting a little off-topic, though. Maybe we should find an alternate venue to discuss this if people are interested.

Re:Threads killed Apache 2

[cjstephen]

Having a select/poll based main loop doesn't stop the dynamic content APIs from being handled simply. It could be done by a pool of FastCGI processes, CGIs, or perhaps a high performance threaded ISAPI runner a la IIS & Zeus.

There aren't that many tasks that must be in the same process as the main connection handling loop - and the state engine. The open spec for ISAPI filters/extensions allows for a lot to of module-like things to be done via a simple, well defined API.

I think the main obstacle to Apache users moving to 2.0 will be that there is too much in-process code and it has been built with the implicit assumption that the process is single threaded and short lived. Testing beyond what was actually in the dominant, stable versions of Apache will not have been a priority. Reviewing and fixing that code for 2.0 is going to be a very nasty job.

Re:Threads killed Apache 2

[cjstephen]

However it is also possible to achieve near ideal
scalability over multiple CPUs with a state engine based model:

Zeus CPU Scalability

Re:Threads killed Apache 2

[Salamander]

That is correct. I apologize if I gave the impression that state-machine approaches can not scale; what I meant was that as often implemented they do not and thus should not be considered inherently superior to threaded approaches. A lot of work is necessary to make a scalable application either way.

There's also an important point that should not be missed; while a pure state-machine model can be used to create a scalable implementation of complex functionality (such as a web server), that doesn't mean such a model is the best choice. Most real applications at some point seem to grow at least one periodic "cleanup" tasks - usually several. Such tasks are conceptually, "naturally" parallel with respect to main-line request processing. Trying to implement their looping and concurrency behaviors within a pure state-machine model is beyond inconvenient or painful; I've seen it trigger the complete collapse of more than one project as the program's complexity surpassed the programmers' ability to manage it effectively. There are also adapters that must be written where non-blocking interfaces are not available, often at significant performance cost, and many other issues. In short, some code deserves to be written in a linear fashion. Maybe it's not much, but it's enough to make a mockery of the purists' idealism. I'm sure the folks at Zeus have cursed the state-machine model many times, and almost equally sure that they've violated it in ways they don't talk about in their white papers. IMO a system that's designed to support the most appropriate model for each sub-component is more useful than one that tries (and almost inevitably fails) to follow a single model throughout.

Re:Threads killed Apache 2

[ceswiedler]

State machines are provably better than using threads, but they're also much harder to implement. Basically, a state machine is implementing your own threading model. Since you know when is a good time to release your timeslice, you will produce a better application.

In Windows you can do a very nice completely asynchronous state-machine IP server, using IO completion ports. I believe this is how IIS is implemented. For extremely heavy loads (many thousands of connections) this is the only way to go. Microsoft added a few syscalls to Win2k just to support this sort of thing: a sendfile() command which is obviously targeted at webservers, and the ability to reuse sockets to avoid the overhead of creating and destroying them.

Re:Threads killed Apache 2

[dmelomed]

Why is it that people automatically assume there's only one thread library, the pthread library which ships with the system and ties-in to the kernel. There's more than one way to do threading. There's more than one pthread implementation available, and more non-pthread libraries which are specifically designed for writing server applications, easier to use, debug, and scale better than pthreads. pthreads are not suitable for writing Internet servers. They're generic threads.

See http://annexia.org/freeware/pthrlib/
or
http://state-threads.sourceforge.net

for instance. State threads scales better than pthreads for Internet servers, doesn't need reentrant libraries, doesn't need mutexes and locks, and therefore is a better solution. And yes, it does scale on SMP.

Re:Threads killed Apache 2

[dmelomed]

Sure, if we all derange ourselves into automatically believing threads are always faster than processes. Measure, don't just imagine.

Re:Threads killed Apache 2

[Salamander]

I don't believe you. Neither the FAQ nor the intro does more than pay lip-service to the issue. The programmer's notes explicitly suggest using pipes or similar IPC between processes, which indicates a lack of support for closer (more efficient) coupling. There's also an egregiously incorrect statement that "disk I/O (unlike network I/O) always takes a finite and predictable amount of time" and then suggests using helper processes to handle disk I/O; to me, this indicates that the authors don't even understand the performance issues surrounding disk I/O, context switches, etc.

In short, I see nothing in the docs that even holds out any hope of the "scales on SMP" claim being true. Do you have any actual evidence that the claim is true, or that state threads in general provide any real benefit compared to the plethora of other network-application frameworks (e.g. Sandstorm, Twisted) that already exist?

Re:Threads killed Apache 2

[dmelomed]

You obviously didn't read this paper:

http://state-threads.sourceforge.net/docs/st.htm l

which explains unless you have worker processes for the disk I/O, in their threads library implementation, the process and all its threads will be blocked by it (the I/O). It scales on SMP because it's a hybrid library. Two CPUs? The library will start two processes, and a number of threads. Four CPUs? Start four processes, etc.

It's a multi-process multi-thread library. The apache MPM module they wrote (Apache Accelerating Projec) scales better than Apache's own pthread-based modules. Several times better. Read their pages.

Re:Threads killed Apache 2

[ethereal]

Because the solution to the problem of "processes are too slow" is not "use threads instead", it's "make processes faster, and implement threads as essentially processes". Threads are not significantly faster under, say, Linux, because so much effort has gone into making processes as fast as possible.

Re:Threads killed Apache 2

[WNight]

You are trolling, right?

Gearheads prefer processes to threads because they get enforced security. You can't go walking over another process' data, but you can with a thread.

Avoiding global variables does avoid the number of locks you need in your code but it doesn't actually make anything safer. All the memory you allocate by your threads is in the same memory space, walking off the end of one thread's array will likely clobber something in another thread.

Processes are inherently safer from a security point of view too. Each process runs with just enough privelleges to perform its task and a hole in a lower-privellege process doesn't risk clobbering an important process. (Like the way sshd was recently split into multiple processes.)

Re:Threads killed Apache 2

[Salamander]

which explains unless you have worker processes for the disk I/O, in their threads library implementation, the process and all its threads will be blocked by it (the I/O).

Yes, if you use only a single process scalability will suck. Unfortunately, performance will also suck if you use helper processes to do your disk I/O and context-switch yourself to death. You're attempting to refute a claim about X by making a claim about Y, and that sort of doesn't work.

Two CPUs? The library will start two processes, and a number of threads. Four CPUs? Start four processes, etc.

...and then you'll be responsible for synchronization and concurrency between them. The docs are quite explicit about that. The library even provides its own set of primitives. In other words: welcome back to the multithreaded paradigm, only now all the same old mutex/condition/TLS calls have different names. Excuse me if I don't seem impressed.

The apache MPM module they wrote (Apache Accelerating Projec) scales better than Apache's own pthread-based modules. Several times better. Read their pages.

Read them yourself. There are many claims, but the only relevant semi-quantitative one I could find is this, from http://aap.sourceforge.net/stm.html:

Informal performance measurements reveal that the STM is faster than any other standard MPM on all the systems it currently supports. In particular on a dual Pentium III Linux 2.4 system the STM is 25% faster than the dexter MPM, which uses a similar MPMT architecture with pthreads.

25% isn't all that much, and could be an implementation artifact or measurement error/bias (given the informal and unspecified nature of the measurements). It certainly doesn't make a very strong case that state threads perform particularly well, and it makes no case at all in support of your SMP-scalability claim. AAP as a whole claims a performance improvement of up to 900% over Apache 1.3, but

1. Apache 2.0 is not Apache 1.3
2. the vast majority of the improvement is from the QSC, not the STM

There are a lot of people out there making a lot of claims about performance of this or that. Don't believe everything you read in a paper written by someone trying to make a name for themselves - including me. Reason for yourself about what effects each design decision will have on parallelism, context switches, cache warmth, etc. etc. etc. Even better, find or generate quantitative measurements showing the performance charactertistics on real workloads of interest to you (not just toys constructed to show the package's best side and hide its warts). Try to write actual code for a framework and see if the pain is justified even if their performance/scalability claims are true. Don't rely on the open-source equivalent of advertising copy to make your arguments for you.

Re:Threads killed Apache 2

[dmelomed]

I don't believe everything, but the bottom line is: pthreads are harder to use for building Internet servers. At least with ST, synchronization issues appear only when you need to share data between those processes. It's not the common case for most servers. Most sessions are completely independent of each other, such as in FTP servers for instance.

With pthreads OTOH, you always need to be concerned with synchronization - major PITA. Writing with pthreads and debugging isn't fun at all. Look at all the pthread-related bugs out there with OpenLDAP for instance.

How do you know performance will suck in the worker case? Did you run benchmarks? Do you have measurements to support this claim? In any case using this library should be inherently better for performance than starting a thread per connection, and context switching yourself to death. Or fork/exec a process per connection, and do the same. But as always, profile, don't speculate.

Re:Threads killed Apache 2

[brianpane]

This will certainly not win me friends in the "everything should use threads because it's easier to do linear programming than to build a session reentrant state machine" camp, but...

It's hard to overstate the importance of the ease-of-programming issue. The current Apache 2 MPMs (concurrency plug-ins) use threads rather than state machines because a pure state machine model would make life very, very difficult for third party module developers. The main reason for the current multithreaded model is that it offers a reasonable compromise between performance and ease of development.

If Apache were a closed system, it probably would be a big event loop already. But Apache is really a platform as much as it is a product, and state machines don't allow for easy module development.

Note that, because the concurrency model is a plug-in in Apache 2.0, it's possible to drop in a state-machine replacement for the current threaded design. But it wouldn't be usable with third party modules that make assumptions about being able to do blocking I/O

Among the httpd-2.0 developers, there's been some discussion of moving to a hybrid thread/async design: run most of the module callback hooks in a thread pool so that modules can use blocking code, but complete the network writes in a separate thread that runs a big event loop, so that we don't need to keep a huge number of worker threads around just to wait for network writes to complete. (See, for example, http://marc.theaimsgroup.com/?t=103083818700002&r= 1&w=2)

Re:Threads killed Apache 2

[Salamander]

How do you know performance will suck in the worker case?

Because I have written servers for a variety of applications over the last decade-plus, and in every case doing disk I/O through worker threads was a major lose. Yes, I have done benchmarks. There's even one set that's on my already-cited website; I believe it's under the "tech_design" category in the archives, but the reasons why that approach sucks are so blindingly obvious that I can't be bothered verifying the category.

using this library should be inherently better for performance than starting a thread per connection

Yet again, you are trying to refute a claim about X by making a claim about Y. There are many things that suck; mentioning new ones doesn't make the old ones better.

I'm going to try to stay on topic here, and not bash state threads unnecessarily. The question before us is this: do state threads take full advantage of SMP, without degenerating into something indistinguishable from the traditional multi-process model? Do you have any evidence yet to support that claim?

Re:Threads killed Apache 2

[dmelomed]

Because I have written servers for a variety of applications over the last decade-plus, and in every case doing disk I/O through worker threads was a major lose. Yes, I have done benchmarks. There's even one set that's on my already-cited website; I believe it's under the "tech_design" category in the archives, but the reasons why that approach sucks are so blindingly obvious that I can't be bothered verifying the category.

It's worker processes, not threads. I don't see a direct relation between your experience and performance of an ST application. Until you show me the actual measurements you made which prove a few worker processes will significantly bog down an ST server, I won't belive you either :). If you want to discuss these issues for the fun of it, join ST mailing list. It's very low-volume.

I'm going to try to stay on topic here, and not bash state threads unnecessarily. The question before us is this: do state threads take full advantage of SMP, without degenerating into something indistinguishable from the traditional multi-process model? Do you have any evidence yet to support that claim?

And what's wrong with simplicity? If running a process per CPU provides SMP scalability why do we need anything else? I don't have numbers to prove it, no. I do know that the second process will be handled by the second CPU on a two CPU machine, however. I do wish the ST folks would show us some actual documented SMP benchmarks though.

Re:Threads killed Apache 2

[Salamander]

It's worker processes, not threads.

I misspoke, but no matter. Worker processes are even worse than worker threads, again for blindingly obvious reasons. What purpose did you hope to serve by picking that nit?

I don't see a direct relation between your experience and performance of an ST application.

Then you must be blind. How could I write dozens of servers and gain some understanding of the factors affecting their performance? How could an understanding of those factors not be applicable to evaluating ST's design choices? What you're attempting is not only ad hominem but lame ad hominem.

what's wrong with simplicity? If running a process per CPU provides SMP scalability why do we need anything else?

Running a process or thread per CPU is no trick at all. You can do it with a traditional multi-process design, you can do it with a state-machine design, you can do it with a staged design. The first real trick is to have the infrastructure rather than the programmer ensure that you are in fact running one process per CPU...which the ST docs explicitly state it doesn't do for you. The second trick is to remove from the programmer some of the synchronization and concurrency burden associated with handling parallelism the old-fashioned way...which ST also does not do.

There's nothing wrong with simplicity at all, but ST apparently doesn't do anything to simplify life for programmers who want to run on SMP hardware and get something out of it. It's just another threading package, hardly different from any other in any significant way. There are much more advanced frameworks available, which have been proven to scale well on SMPs and which do help simplify programmers' lives. I've already named some of them, and I suggest you learn about them before you continue making ridiculous assertions about how great ST is.

Re:Threads killed Apache 2

[captaineo]

Thanks for the comments! Some responses...

Re: exactly as many threads as CPUs - this is only possible if you have access to non-blocking APIs for everything (disk I/O, sockets, DNS lookups, libraries, etc). If you can only use standard read/write disk I/O, then you may need a pool of disk I/O threads to achieve enough parallelism.

Re: state machines being harder to write than threads - I actually disagree! I think many people have spent so much time learning all the concurrency control techniques (mutexes, semaphores, etc) that they forget what life was like before threads. e.g. consider that adding a mutex to a multithreaded program essentially doubles the program's state space (multiply "mutex locked" and "mutex unlocked" by all the existing states). But unlike a state machine, there is no way to control exactly when you enter or leave the state, and it's not always easy to even know what state you are in at any time (since thread scheduling is totally at the mercy of the OS kernel).

I can understand why people often implement "background tasks" like garbage collection and long-running computations as asynchronous threads. But in my own code I often do these things incrementally, explicitly interleaved with other actions. I don't find it terribly difficult, and I gain the advantage of explicit scheduling. (again threads are at the mercy of the kernel - you have NO control over when any background tasks actually run). And with threads you have to add in all that locking too... Finally, to my knowledge there is no portable way to terminate a background thread asynchronously without leaking memory or leaving some locks in an unknown state. The only safe way to shut threads down is to set a flag, and have the thread check it every so often. But if you're doing this then you are already half-way to an incremental state machine!

I'll finish with an example from a recent project - I wrote a real-time video player system that streams data from disk to an I/O card at a fixed rate. In order to get enough performance, I needed the disk I/O to take place asynchronously with respect to controlling the I/O card. Most people would use threads for this, but instead I used two forked processes - one constantly read data from disk and put it in a shared-memory buffer, the other read from the buffer and wrote to the card. The processes communicated through a pipe, so if the buffer got full or empty, the appropriate process would simply block in read() or write(). The design is simple, there is no need for locking (other than what UNIX pipes do automatically), and it only took me an hour or so to get it working =).

Re:Threads killed Apache 2

[dmelomed]

Worker processes are even worse than worker threads, again for blindingly obvious reasons.

You won't convince me until you prove this is true for any kind of library, any kind of server, on any kind of hardware, such as you claim :). Somehow I cannot see such blindingly obvious reasons.

Running a process or thread per CPU is no trick at all. You can do it with a traditional multi-process design, you can do it with a state-machine design, you can do it with a staged design. The first real trick is to have the infrastructure rather than the programmer ensure that you are in fact running one process per CPU...which the ST docs explicitly state it doesn't do for you.

Who said it's a trick?

The second trick is to remove from the programmer some of the synchronization and concurrency burden associated with handling parallelism the old-fashioned way...which ST also does not do.

This is simply wrong, as I stated before, ST takes away all burden associated with programming servers using pthreads. Quoting documentation:

Due to the event-driven nature of the library scheduler, the thread context switch (process state change) can only happen in a well-known set of library functions. This set includes functions in which a thread may "block": I/O functions (st_read(), st_write(), etc.), sleep functions (st_sleep(), etc.), and thread synchronization functions (st_thread_join(), st_cond_wait(), etc.). As a result, process-specific global data need not to be protected by locks since a thread cannot be rescheduled while in a critical section (and only one thread at a time can access the same memory location). By the same token, non thread-safe functions (in a traditional sense) can be safely used with the State Threads. The library's mutex facilities are practically useless for a correctly written application (no blocking functions in critical section) and are provided mostly for completeness. This absence of locking greatly simplifies an application design and provides a foundation for scalability.

For the rare case where you actually need to share data between processes:

Ideally all user sessions are completely independent, so there is no need for inter-process communication. It is always better to have several separate smaller process-specific resources (e.g., data caches) than to have one large resource shared (and modified) by all processes. Sometimes, however, there is a need to share a common resource among different processes. In that case, standard UNIX IPC facilities can be used. In addition to that, there is a way to synchronize different processes so that only the thread accessing the shared resource will be suspended (but not the entire process) if that resource is unavailable. In the following code fragment a pipe is used as a counting semaphore for inter-process synchronization:

Re:Threads killed Apache 2

[Salamander]

Somehow I cannot see such blindingly obvious reasons.

I'm not an educator. There is a certain level of inability to see the obvious that I am neither qualified nor inclined to address.

ST takes away all burden associated with programming servers using pthreads. Quoting documentation:

The quoted excerpt is only applicable to a single-process single-thread environment - i.e. one that does not allow the programmer to benefit from SMP. It is thus irrelevant.

In that case, standard UNIX IPC facilities can be used. In addition to that, there is a way to synchronize different processes so that only the thread accessing the shared resource will be suspended (but not the entire process) if that resource is unavailable. In the following code fragment a pipe is used as a counting semaphore for inter-process synchronization:

So forcing programmers to use explicit IPC and semaphores is your idea of freeing them from the burden of classical multi-process models? Ummm, no. That is the burden of classical multi-process models. That's what the framework should be helping the programmer to avoid. The reason for the error becomes clear if we go back a sentence or two, though:

It is always better to have several separate smaller process-specific resources (e.g., data caches) than to have one large resource shared (and modified) by all processes.

Wrong, wrong, wrong. Sometimes it's better to have separate per-process resources, but by no means always - not even most of the time, in my experience. Anyone who would either make the quoted statement or accept it at face value is simply not qualified to be doing parallel program development, let alone telling others how it should be done.

Re:Threads killed Apache 2

[dmelomed]

I'm not an educator. There is a certain level of inability to see the obvious that I am neither qualified nor inclined to address.


You haven't proven the "blindingly obvious reasons". And I until you do - they're no more than your personal religious beliefs that there's something fundamentally wrong with using worker processes. No need to make insults about my inability to understand figments of your imagination.

The quoted excerpt is only applicable to a single-process single-thread environment - i.e. one that does not allow the programmer to benefit from SMP. It is thus irrelevant.

False. One or more processes, and as many threads per process as your Unix OS resources will allow. With ST, intra-process synchronization is done for you. Read the darn document!

You can scale your ST application for SMP by running as many processes as you have CPUs. It's right there in the docs. I agree that how this scales compared to pthreads needs to be tested, and on different hardware (SMP, NUMA, etc.). Though authors _claim_ it scales better than pthreads.

So forcing programmers to use explicit IPC and semaphores is your idea of freeing them from the burden of classical multi-process models? Ummm, no. That is the burden of classical multi-process models. That's what the framework should be helping the programmer to avoid. The reason for the error becomes clear if we go back a sentence or two, though:


Wrong again. Nodoby forces you to do anything. Unless you're again, dreaming. As per the documentation, inter-process synchronization is only required if you need to share objects between the processes, which is a rare case. I would never do something like this if I built an FTP or a messaging server. And even if it needs to be done due to a server design, it is still very easy to do. Much easier than locking things between pthreads and debugging them. What's your big deal? They also explain just how easy it is to do. ST is not a pure threads library, as I said before - it's a hybrid. It in fact, emulates a thread/connection paradigm with a state machine using poll or select. The synchronization is done for you through event handling.
And what exactly burden of "classical multi-process models" are you suddenly babbling about now? Are you going to give us some other "blindingly obvious reasons" not to use this model? It certainly has its place too, you know. I may as well view any and all threads as a bad paradigm using your methodology -- just because I make myself believe so!

I am starting to think you have religious preconceptions to believe there's something fundamentally wrong with a library like ST, or multi-process models. I believe there's a best tool for the job. To each his own, I guess.

I'd like to end this thread here, as I am tired to respond to your baseless and ignorant claims about ST. Don't like it, bitch about it all you want - but at least make sense.

Re:Threads killed Apache 2

[Salamander]

I was beginning to wonder whether you're a fool or a liar, but I've concluded that you're both. Your misrepresentations of ST's capabilities and your misunderstanding of basic parallel-programming concepts have exceeded my patience for correcting you, and so I bid you good day. Find someone else to teach you what you should already know.

Re:Threads killed Apache 2

[dmelomed]

Talk about Ad Hominem indeed.

Re:Threads killed Apache 2

I'm not saying operating systems that have a threaded TCP stack aren't broken, just that they are out there... I'm a vxWorks programmer (not by choice), broken operating systems are par for the course.

But as far as the "not breaking your code up into a state machine" camp, I think it's an important camp.

The reality is that linear-programming is simply easier to do. As for NUMA hardware it depends on your threaded design.

If the threads are 100% (or maybe 90%) independant of another then you can optimize for that case. I guess thats more my point. If the abstraction is abstract enough then it may not be a bad loss.

Of course I haven't looked at the Apache code so I don't know how much the threads intertwine.

Re:Threads killed Apache 2

For it to be ad hominem, you'd have to be a man. ;-)

You've proven, with your cascade of fallacies (your own ad hominem, appeal to authority, non sequitur twice, appeal to ignorance, ...) and outright prevarication (repetition of the twice-refuted claim that the AAP results show ST to be "several times faster" than regular threading) that you hold the rules of debate in contempt, and have thus forfeited the right to invoke those same rules in your defense. Your attempt to do so only reveals the depths of your hypocrisy, much like your demands for others to argue from hard quantitative data while you argue from airiest speculation.

Grow up. Even for Slashdot, your immaturity is exceptional.

Re:Threads killed Apache 2

[dmelomed]

Okay, then why are you replying as AC?

Apache Module Popularity Survey

[hillct]

The most powerful features of Apache based sites aren't features of Apache but of 3rd party modules. PHP, mod_perl, mod_dav, mod_throttle and even Microsoft Frontpage modules contribute significantly to the appeal of apache. There is an excellant Report on Apache Module Popularity by SecuritySpace.com. In considering this report, you should notice the month over month growth in the usage of modulees which have not yet been ported to Apache 2. The developers of these modules will most likely respond to customer demands for support of apache 2, which is dependant of the Apache Software Foundation's ability to convince customers of the benefits of upgrading to Apache 2. In this respect the marketing of Open Source Software mimics the marketing of treditional commercial software. Let's hope they don't adome the strategy of some commercial software vendors by simply refusing to provide security fixes or updates to Apache 1.3.x when needed.This would certainly outrage Apache users, but in the case of Open Source would have the secondary effect of promoting forking of the codebase. On the bright side customers do have a recourse in the case of Open Source, where, they're left twisting in the wind in the case of commercial products.

--CTH

Re:Apache Module Popularity Survey

[Eil]

This would certainly outrage Apache users, but in the case of Open Source would have the secondary effect of promoting forking of the codebase.

I'll do you one better. The beauty of open source means that even a fork isn't really needed, just an official "unofficial" database of patches and/or patched packages. I could see this happening so long as the patches were for security and bugfixes only. (Not features.)

But I doubt it'll ever have to come about. If the Apache people are as smart as they usually appear, they'll wait until all but a few percent of total Apache users are switched to 2.x before they drop support for 1.x or hand it off to another group that's interested in supporting it.

Re:Apache Module Popularity Survey

[rwinston]

Has anyone seen the popularity of mod_perl?!! Incredible! Hopefully when mod_perl 2.0 goes stable, it will increase even more...

Re:Apache Module Popularity Survey

[khuber]

Has anyone seen the popularity of mod_perl?!! Incredible! Hopefully when mod_perl 2.0 goes stable, it will increase even more...

That's too bad.

Re:Apache Module Popularity Survey

[rwinston]

Each to their own... :-)

Well, well signs that open source is really grown

About time that we start to see the same growing pains faced by every other major mature, accepted commercial solution!

This is not a dilema, it is a really good sign for Apache!

ALL YOUR BASE ARE BELONG TO ME

Not distributed with Linux

[Jeppe+Salvesen]

Apache 2 is to the best of my knowledge not distributed with any Linux distrobutions. The Linux distros won't ship A2 until the third party modules have played catch-up.

Until then, we'll just wait and watch adoption be gradual.

Gradual adoption is great, though. That means that the late adopters can be more sure that the platform is stable and efficient.

Re:Not distributed with Linux

[JM]

Mandrake Linux 9.0 will ship with both...

1.3 in the main distro, and 2.0 in the contribs.

Don't fix what is not broken

[guacamole]

We run a simple web site hosting shop. Our main web server is running Apache 1.3.26, mod_ssl, and mod_perl. We host several thousand low-traffic sites. If not for the recent security problems in apache and mod_ssl, we still would probably be running 1.3.6 which worked just fine for our needs. We do realize that eventually we will have to upgrade but that's not our priority. It'll probably happen in about a year.

1.3 just works

[cdegroot]

My 2 eurocents: I run a webhosting company. 1.3 works, and I've waited for 2.0 to stabilize a bit - just like with Linux kernels, I like to skip the first 10 or 15 dot-releases if possible ;-).

Now, we've setup a test platform, and when our customers are happy we'll move it into production in a month or so, but secondary to our 1.3 setup. In about a year, we'll shut down the old setup and 'force-migrate' anyone that's still using it.

Targeting the SME market, we need to provide that sort of stability because my customers typically are not I-want-to-run-the-latest-and-greatest geeks and, having paid a lot of cash for their website, they're happy it runs and they don't care on what version it runs.

I think that most of my colleagues are in the same position, so 1.3 will probably be the major version for at least a year to come.

(Modules aren't the issue for me - in fact, I've not built the PHP module for 2.x because with all the script kiddies hacking around, I have decided to forward .php requests to a cgi-bin PHP interpreter sitting behind sbox).

Here's why

[einhverfr]

You incriment the left-most number in the release number. So 1.3 is not expected to be compatible with 2.0, and Linux kernel 2.4 is not expected to maintain backward compatibility with 1.0 ;) This makes things much easier to maintain and see at a glance.

Now as to why they did it, Apache 1.3 is great. I love it, but it is not as cross-platform as it pretends to be (it does not perform well on Windows) and it really is not built for speed. If you need these things, you need multithreading, a better abstraction model so you are not assumign POSIX compatibility (and hence emulating it on Windows) etc. This means you break the compatibility. Pure and simple, but in the end, you get a better product.

Think of Apache 2.0 as Apache-- Next Gen. Not yet supported but when it does, it will be more competitive than 1.3.x because it has a better architecture.

Re:Here's why

[Bob+Uhl]

I love it, but it is not as cross-platform as it pretends to be (it does not perform well on Windows) and it really is not built for speed. If you need these things, you need multithreading, a better abstraction model so you are not assumign POSIX compatibility (and hence emulating it on Windows) etc. This means you break the compatibility. Pure and simple, but in the end, you get a better product.

I'm not so certain that one gets a better product. On well-written OSes, multithreading is really not necessary--forking is essentially as cheap as creating a thread. A better abstraction model will cost in performance. And, really, why bother supporting Windows well? Unix is where it's at, where it's been at and where it'll be at.

The only reason to support Windows is as a migration path to a real platform.

Re:Here's why

sometimes you need shared memory. forking + shared memory = linux threads. But try implementing this yourself and you'll see what a nightmare minefield it is, even for something very simple and fixed.

Re:Here's why

[einhverfr]

I'm not so certain that one gets a better product. On well-written OSes, multithreading is really not necessary--forking is essentially as cheap as creating a thread.

But sometimes you can leverage faster access between threads than you can between process spaces. Remember that IPC communication has to go throught the kernel (file descriptors, etc.) on nearly all platforms. Sure there is shared memory segments, but that raises other issues.

With threads, you can communicate without actually passing information throgh kernel interfaces. This is where your speed gains are, not in the actual fork().

Also I don't like Windows that much, but I recognize that many people like to program for Windows with all its... familiarity (COM, DCOM, etc). Apache on windows provides better security and stability (at the price of performance) compaired to IIS, as well as the familiar development model of Windows. That is why one should support it-- we can pick up a larger piece of the community than we can see otherwise.

PHP safe mode is what we use

[NKJensen]

And we have trouble: A php script creating a (temporary) file will not be able to use it, because it will be owned by the Apache server, not the owner of the PHP script.

This is not fixed in Apache 2, AFAIK.

Re:PHP safe mode is what we use

[Rasmus]

You are better off using the open_basedir restriction instead of safe_mode for this. Set the open_basedir for each virtual host to that virtual hosts DocumentRoot and then PHP scripts will only be able to open files under that dir.

Of course, both open_basedir and safe_mode are crappy solutions to a problem that needs to be solved higher up. Like with the Apache2 perchild MPM, but that is a long way from being production quality on a couple of different levels.

Who needs the hassle?

[g4dget]

The forking model used in Apache 1.x works great on UNIX platforms and is, for practical purposes, all that is needed. Apache 2 with its threading support is likely to be less reliable and harder to extend for a performance gain that is meaningless to almost every site in existence.

I wouldn't be surprised if many UNIX users don't ever go for this and Apache 1.x just branches off into a separate project. Apache 2 can turn into some kind of specialized Apache derivative for platforms that just can't handle forking; we shouldn't keep burdening UNIX software with accomodating those other kludgy operating systems.

Re:Who needs the hassle?

[guacamole]

The forking model used in Apache 1.x works great on UNIX platforms and is, for practical purposes, all that is needed.

Not true. Do you like forking a 15MB process for every concurrent connection? With apache 1.3 the number of concurrent users you can serve suddenly becomes a fuction of machine's memory. Multithreaded model is certainly more scalable. I can imagine that this is going to help a lot for large sites. Small sites can continue using 1.3.x just fine for now however.

Re:Who needs the hassle?

[Znork]

You're not forking a 15MB process for every concurrent connection. You're creating a PID for every concurrent connection; process memory with regards to fork under most UNIX systems is _copy_on_write_, which means it isnt getting copied until such a time as it is actually written to. There's no real gain in memory.

Re:Who needs the hassle?

That depends very much on which unix you're using. Just because Linux threading is broken doesn't mean the rest of the world has to put up with writing code to support that particular kludgy operating system.

Re:Who needs the hassle?

[g4dget]

Sorry, but you must have misunderstood. I made no assertion about the quality of Linux threading. Threading is simply the wrong concurrency model for this application: there is no need to run multiple web server requests in the same address space; in fact, doing so is harmful.

Just because you have a hammer (kernel threading) on your particular pet operating system (BSD? Solaris? NT?) doesn't mean that you need to go around hitting everything with it.

Re:Who needs the hassle?

[g4dget]

15Mbytes? So what? Even if none of that data were shared virtual memory, that's peanuts on modern machines. You can easily run 100 of those (=1.5Gbyte) simultaneously on a single machine--you'll bring the processor and network to its knees before you run out of memory.

Note that JVMs are much bigger, but unlike Apache, a JVM can actually do threading safely in a single address space.

Re:Who needs the hassle?

Note that JVMs are much bigger, but unlike Apache, a JVM can actually do threading safely in a single address space.

You are completely wrong and misinformed.
The JVM is no more threadsafe than Apache 2.0,
just the same as Java is no more threadsafe than C.
Apache 2.0 is threadsafe. The Apache modules are not.
The Apache modules are being rewritten so that they will also be threadsafe.

Re:Who needs the hassle?

[brianpane]

Threading does provide a real improvement in swap usage, though. On systems like Solaris that reserve swap space equal to the parent process's size upon fork, the 100 processes at 15MB will require 1.5GB of memory+swap. Copy-on-write will indeed keep you from having to use that much physical memory, but the swap space requirement is still a problem with 1.3 (and 2.0 the prefork MPM).

Re:Who needs the hassle?

[g4dget]

Sorry that you missed my shorthand remark. My point is that misbehaved Java threads generally don't crash each other. Misbehaved C threads easily do. That's why it is OK to build a multithreaded Java web server evev if you don't need the threading, while it is silly to build a multithreaded C web server unless the threading is really essential to your application.

Re:Who needs the hassle?

[Znork]

This is true, of course, altho I regard that as a misfeature of Solaris, and even worse HP-UX. In my experience OS's that actually reserve space fail terminally when they get into an OOM situation _anyway_, usually requireing a reboot to recover full functionality. And guaranteeing the availability of allocated memory will make that happen much much faster.

Avoiding overcommitting seems like a good idea until the day you realize that half the programmers of the world havent checked the return value of malloc() since it was invented, and the rest cant figure out a way to degrade gracefully when OOM anyway (usually because there just isnt one).

Oh, well, at least disk space is cheap nowadays.

Re:Who needs the hassle?

> You are completely wrong and misinformed.
The JVM is no more threadsafe than Apache 2.0,
just the same as Java is no more threadsafe than C.

Not true. The JVM is much better at being threadsafe; it handles thrown exceptions from within a thread, rather than relying on the application to handle them or abend.

Fuck yeah, nigga!

No more Brioni for me, either! I'm going to spend thousands on Sean John clothes and be the envy of my Wall Street peers!

Now be honest

Did any of you actually understand a word of what he just said?

Re:Now be honest

[BurritoWarrior]

Yes. He said that the Marklar on the Marklar was better than using Marklar on Marklar because Marklar has lower overhead than Marklar.

Re:Now be honest

> Did any of you actually understand a word of what he just said?

So much for "news for nerds, ...", when the 'nerds' are unable to understand a technical discussion.

Re:Now be honest

I'm 57 years old and when I was a young whipper-snapper like you guys my gandmother took me aside and said "Sonny, there are only two kinds of programs in the world: I/O bound ones and CPU bound ones and in neither case does threading improve performance".

Re:Now be honest

Yeah, except that I don't understand why he calls Solaris threads implementation decent and neglects to mention Tru64 completely. If I had to select a Unix to use based on thread support quality, my first choice would be Tru64. But never mind, you penguins probably run Linux on Alphas and don't even know why.

The spelling and grammar troll v 1.4

It has come to my attention that "slashdot", subsidiary of VA Software, is a refuge for people with a terrible sense for grammar and spelling. As a remediation, please accept the following recommendations about the use of some frequent linguistic expressions :

• "Alot" vs. "A lot" : There is no such word as alot. In fact, when confronted with the word alot, ispell tells us the following : "how about : allot,aloe,aloft, alto, blot, clot, lot, plot, slot"
• Just the fact moronic Americans pronounce Bernstein, neither, Einstein and other 'ei'-words as "Burnstean", "neather", "Ainstean", etc... doesn't mean they have to write those words "Bernstien", "niether" or "Einstien". Special mention to "thier", "becuase" and "amatuer".
• "Than" vs. "Then" : Just the fact that in some inferior dialects of the English language, "than" and "then" are pronounced about the same way doesn't mean that the comparative "than" has any reason to be written as the conjunctive/logical "then".
• Your vs. You're : The former means "not my, not his, not our", in other words it is a possessive. The latter is a shortcut for "You are". Similar point for There vs Their vs They're.
• Hobbyist and lobbyist are not superlatives. Hence they musn't be written as hobbiest and lobbiest.
• Thi fuct thit ya ridnucks prunince any avelible vowal as "uh" doesn't forbid you to open a book from time to time to actually build up some vocabulary. It's "ludicrous" and "compatible", not "ludacris" and "compatable".
• Its vs It's. The former is the genitive form of "It" and will therefore make the following word an attribute of the word replaced by the pronoun. Example : illiteracy and its consequences. The latter is an shortcut for "It is". Example : Illiteracy. It's so annoying.
• lose vs. loose : the first is the verb associated with a loss. The second is the contrary of "firm"
• to vs too : Your spelling is too pathetic for your post to matter to me. Your grammar too.
• I could (not) care less. Most people say "I could care less" when they don't give a flying fuck. If they really could care less, then their lack of interest isn't that big. What they mean is that they could not care less.

...many more to come. Reply to this comment to suggest some.

A definition of irony :

A bunch of computer nerds without a sense for spelling and grammar mocking japanese game translators for their lack of skills in english spelling and grammar.

Contribution by Erpo :

I'm not any kind of grammar nazi, but decent spelling and grammar are important to me. The occasional affect/effect problem doesn't bother me (it just lowers my opinion of the author), but when a piece is riddled with errors (there/they're/their, its/it's, then/than, etc..) it's hard for me to read. Partially, I think this is because I sight read and I don't subvocalize. In other words, when I see, "It's over their," in print the first thing I think is, "It's over their what? Is it hovering over their kitchen counter? Is it over their heads? What is this person trying to say?" Of course, I don't just sit there pondering those questions (it only takes a split second to see there was a grammar error in the sentence), but I can't read as quickly when every few lines my eyes flick back to an earlier word.

Maybe I'm just hypersensitive. I don't know. If you don't know what I'm talking about though, check out this piece by Prince. It doesn't have very many grammar problems, but the "creative" spelling is really distracting.

If slashdot is happy with it, I'm happy with it.

[Mordac+the+Preventer]

It's be nice to hear some reasons why slashdot hasn't migrated to 2.0 yet...

So it's Linux fault?

[Otis_INF]

very very many people using apache use linux. Linux threads are almost same performance as processes. Due to kernel limitation, you can stack only so many threads per process.Plus threaded model does not account for stability. One NULL pointer dereference and you're gone.

So, because limitations in Linux' kernel design, Apache 2.0 is held back? Interesting. What I wondered when reading your remark quoted above, was: apache can't be the only program which will benefit from multi-threading? I mean: a server with a database system on it will benefit greatly using threads for query processing. Processes are nice, and I know Unix' schedulers mainly first schedule processes and then threads, but if Apache or another program puts the spotlight on a flaw in Linux, why isn't it fixed?

Multi-threading is more efficient than multi-process, so why are Linux kernel designers still on the route to multi-process and not multi-thread? To me, this sounds like a flaw which Linus and friends don't want to solve for some reason.

Re:So it's Linux fault?

[SerpentMage]

Multi-threading is NOT more efficient that multi-process. That is a blanket statement and my reply is as well. Linus did something smart in that he considered a process and thread one and the same. However, the upside is that whena Linux "thread" dies it does not kill off the "process". MS does this too when it uses Apartments, etc. In fact COM+ is an exact mirror of the Linux process, thread strategy.

Re:So it's Linux fault?

[amorsen]

So, because limitations in Linux' kernel design, Apache 2.0 is held back?

Actually it is the other way around. Linux has the smallest process creation and process switching overhead of any Unix with virtual memory. It is simply not possible for threads to be all that much faster than that. Apache 2 is optimizing something that simply was not all that expensive on Linux in the first place.

Re:So it's Linux fault?

[Performer+Guy]

You Sir are an idiot. It is because Linux process management is already so efficient that it does not benefit greatly from the Apache 2.0 improvements. What would you have them do? Slow Linux process creation down to the point where threads are as essential as they are on other operating systems?

Re:So it's Linux fault?

No, it IS Linux's fault.

It's the Linux kernel with limitations.

As for Apache optimizing, Apache is cross-platform. They're optimizing for the word, not just Linux.

Re:So it's Linux fault?

[dmelomed]

For which operating systems and which thread libraries? Pthreads are unsuitable for Internet servers since they're generic, preemtable, concurrent threads. There are plenty of other threading libraries specifically designed for Internet servers, and do not even touch the kernel space.

State threads MPM is several times faster than default Apache 2.0 on Linux. Quite possibly even faster on larger OSes.

Re:So it's Linux fault?

[dmelomed]

The world doesn't run on Linux, idiot.

Re:So it's Linux fault?

[ENOENT]

Not yet.

Re:So it's Linux fault?

State threads MPM is several times faster than default Apache 2.0 on Linux.

Liar. The "several times faster" you're quoting was against 1.3, and was almost entirely due to parts of AAP other than the ST MPM. Advocacy is one thing, lying about your favorite package is another.

Re:So it's Linux fault?

[Performer+Guy]

Is this really a response to my post? What's your point. A total non sequitur from a moron? At least try and relate your post in some way to the preceeding text. I don't see anyone saying the world runs on Linux. I do see a moron posting ignorant garbage about the operating system and another idiot backing him up with name calling.

Re:So it's Linux fault?

[dmelomed]

"and was almost entirely due to parts of AAP other than the ST MPM."

Where is it stated? Show me, before you go acusing me of lying.

P.S. Is this "Salamander" If so, then why are you hiding behind AC?

Re:So it's Linux fault?

[Salamander]

Where is it stated?

The cite was already provided, but here it is again. The relevant claims from the AAP pages themselves are as follows:

• on a dual Pentium III Linux 2.4 system the STM is 25% faster than the dexter MPM, which uses a similar MPMT architecture with pthreads [http://aap.sourceforge.net/stm.html]
• the patches increase the performance of Apache/1.3.x up to 900% (10x) on Irix, up to 70% (1.7x) on Linux 2.2, and up to several hundred percent on Linux 2.4 [http://aap.sourceforge.net/faq.html]

AAP consists of two components: the STM and the Quick Shortcut Cache (http://aap.sourceforge.net/mod_qsc.html). According to AAP's own documents, STM accounts for a 25% performance gain. 25% divided by 700% is less than 4% of the total performance gain attributable to STM; the remaining 96% attributable to QSC definitely qualifies as "the vast majority" to me.

Your lie is not in claiming that STM is faster than the pthreads-based MPM. It might be, though 25% in "informal" and unspecified tests conducted by an advocate of one system don't exactly prove that beyond doubt. Your lie, rather, is in claiming that ST is "several times faster" based (apparently) on the 700% mostly-QSC number, even after the true significance of that number has been pointed out.

Let's try this one more time. You're the one claiming ST has good SMP scalability. I have expressed reasons for doubt, but the burden of proof nonetheless remains on you no matter how you try to evade or distract. It's "put up or shut up" time. Do you, or do you not, have any actual evidence to back up your claim? Any answer that doesn't include the numbers (and references to how they were derived) is just wasting my time.

Re:So it's Linux fault?

[dmelomed]

Where is the 700% figure from?

The author does not state whether QSC was used in testing. But this is definitely worth finding out.

failing to adopt != rejecting

[dmiller]

It is an interesting bit of spin to label the hesitancy of sites to upgrade to Apache 2.0 "rejection".

Apache 2.0 has only recently been released and has not even made it into a large number of server OS distributions (certainly not in the way Apache 1.x has).

After its inclusion in a few OS distributions and after support for mod_p{erl,php} becomes stable, then we will be in a position to judge whether or not it is being rejected, but certainly not now.

Re:I'd like to upgrade but i have those darn issue

[krow]

There is now a mod_layout port to Apache 2.0, the thing is I have yet to get any feedback from people using it. So, I continue to put effort into the 1.3 version not the 2.0 version.

Untill mod_perl is ported I won't be actually using it myself.

MS did get that right though...

[Otis_INF]

Not to put salt in open wounds, but in IIS, which uses threads, they use a concept build in Windows: apartments. You have single threaded apartments (STA) and multi-threaded apartments (MTA). The webserver itself uses threads for handling requests and when a certain library is called/opened by the code, that library takes care of in which apartmentstyle the code is ran: in an STA or in an MTA. VB6 com objects f.e. can't run in an MTA, so they are run in an STA. This is controlled by windows (as a configparam of the com object). So here you see a combination of both worlds: multi-threaded and safe where it has to be, without the hassle of forcing the developer to write threadsafe code when the code itself isn't multi-threaded, but the environment is.

Of course, there are some issues: when you let the code executed by the request of user A create an object in an STA and move that into a container which can hold both STA's and MTA's, and let code executed by the request of user B access that user A's STA object, you get thread unsafety and possible crap.

However: the OS's functionality offers the option to do it threadsafe and still have multi-threading in full effect. Perhaps a thing to look at for the thread/process guys in the Linux kernel team.

(It has been a long time, but afaik, a simple fork() is not forking off a complete new process, but a childprocess which runs as a thread inside the mother process, or am I mistaken? (if not: why then the threadsafetly crap NOW, because a fork() will result in the same issues)

Re:MS did get that right though...

[BetaJim]

(It has been a long time, but afaik, a simple fork() is not forking off a complete new process, but a childprocess which runs as a thread inside the mother process, or am I mistaken? (if not: why then the threadsafetly crap NOW, because a fork() will result in the same issues)

A fork() call does create a completely new process. The parent and child process only share a common code segment. While the child has a copy of the parents data, it is just that, a copy in a seperate address space.

Re:MS did get that right though...

[maraist]

(It has been a long time, but afaik, a simple fork() is not forking off a complete new process, but a childprocess which runs as a thread inside the mother process, or am I mistaken? (if not: why then the threadsafetly crap NOW, because a fork() will result in the same issues)

Forking is the process of producing an effective duplicate of a process at the point of the fork-system call. File-handles, and other system resources are maintained across both processes. In fact, the ONLY difference between them is the Process ID and the Parent Process ID. (Actually, I think system times might also have changed). The return value of the fork-call is either 0 (for child) or the child-process ID (for the parent).

Originally, fork would perform a complete memory copy. But in UNIX, the only way to execute a new program was to fork, then run exec*(..). So they invented vfork which wouldn't actually copy the memory. It's man page said specifically that you MUST run exec as soon as possible after vfork since you were still operating wih SOME shared resources (but it wasn't anywhere close to being considered a separate thread).

Now, virtually every UNIX platform has deprecated the vfork call. fork now sets a flag on all the VM page's meta-data called copy-on-write. In the real hardware VM pages, it generally just sets all owned pages to read-only. This causes a hardware exception whenever a write occurs. The OS then checks the OS-meta data for the associated page. If the copy-on-write flag is set then instead of throwin a core-dump, it produces an exact duplicate of the 4k (or what-ever) chunk of memory, then it resets writability of at least one of the pages (if there were only one forked process, then it sets writability to both the old and new VM pages, otherwise, it decrements the copy-on-write count for that page.

The net result is that when you fork in a modern UNIX system, it's pretty fast (aside from all the increments on the copy-on-write; e.g. if a process has 1Gig of memory, forking is a little expensive). In Apache 1.3, having a master process forking worker processes means that if a newly forked worker just dishes out a static page, then only a dozen or so VM pages will ever need to be written to, and thus 99% of all the memory will be shared with the parent.. Shared for caching, and shared for less system-over-head. Unfortunately if you're using mod_perl / mod_php, then you'll most likely hit lots of random portions of memory thereby triggering lots of hardware exceptions and VM-copies. Thus the longer a 1.3 process runs, the more memory it takes up (especially considering their memory heap-management). That's one reason why we have the kill-child-worker-after-X-requests option in Apache.

I'm not sure how mod_jk works. I don't know if it performs a sub-thread off each apache process, or if it works like tomcat4 with it's co-processing (like fast-CGI). I can't imagine that it would work well as a thread-per-Apache-Worker, because it modifies virtually every byte of it's memory space periodically.

In Linux, the only difference between threads and processes is that during the initial VM-reflagging, the copy-on-write isn't set; in fact that stage is completely skipped. Thus we save a tiny bit of performance on the initial call, and we are completely free to modify data without a tiny interruption.

Incidently, hardware exceptions are REALLY bad when done regularly because modern CPU's (Intel especially) have deep speculative pipelines and slow memory latencies. Thus an exception half-way up the pipe has to throw almost everything away. Then if/when the instruction is restarted (after cleaning up after the copy-on-write), it has to start back at the first stage (and all memory must be reloaded). While this is only a small fraction of general execution under forking.. Heavy amounts of forking can bring a system to it's knees (wasting some 90% of all CPU on the forking VM-copying process). I've seen this first hand with Apache and CGI or with a custom version of FastCGI where simply running Apache Benchmark (ab) made the system unuseble for 10 minutes (doing nothing but forking, and queing forks).

So in response to your question, the child is not "part" of the mother except that some resources are temporarily shared until they're modified. Because of the read-only nature, they are completely thread-safe (except for externally shared resources like IPC's and file-handles). Incidently, Apache makes great use of shared file-handles. The master process opens the port 80 socket, and it's workers get references to it (via the fork). Everybody except the master process then "accepts" on the http port(s). The OS then round-robin hands off new connection requests to the workers in turn. This was just a freebe of the UNIX model. In fact, the only "magic" that Apache has to use is an IPC shared memory segment (or shared file handle) in order to have the master process reap exceess child-workers.

Interesting...

More interesing ASF news:

Re: El-Kabong -- HTML Parser

Backwards Compatiblilty

[ironfroggy]

This is why its always (usually) a good thing. At the least, the option for it.

Would it be possible to create a patch/module for Apache 2 that allows old modules ot be used?

Re:Backwards Compatiblilty

Yes, you could make a backwards compatible library for Apache 1.3 non-threadsafe modules but then you remove the incentive to write better performing and threadsafe Apache 2.0 modules. The real problem in advancing software is "good enough" syndrome. All the popular 10 year old libraries were never written with threadsafety in mind and they are impossible to retrofit into threaded code without either 1) serializing them with mutexes thus defeating threadsafety or 2) completely rewriting them.

Upgrademania and Incompatibility

[RAMMS+EIN]

As far as I can judge, there are two reasons why people wouldn't adopt Apache 2.0 . First of all, Apache 1.3 works Just Fine (WOW) for most sites, and it can therefore be considered wise not to upgrade to a later version which is based on a less-tested code base than what one is currently running.

The other thing is suggested by the author of the original post, and has to do with the fact that Apache 2.0 breaks compatibility with old modules. Downward compatibility is one of the Commandments in software development, and it's quite possible that this is a major reason for admins to be reluctant to switch to Apache 2.0.

Interestingly, both expecting people to upgrade to a product that almost certainly contains yet-to-be-discovered bugs, and breaking compatibility with previous releases are frequently observed in the practices of the Great Stan of Redmond. It may therefore not be surprising that those admins running Apache (rather than It Isn't Secure) would not go with it.

Re:Upgrademania and Incompatibility

> observed in the practices of the Great Stan of Redmond

I've heard of Bill and Steve; who the hell's Stan?..

(Oh, I know - he's the one who wrote the spell checker!!)

Re:Upgrademania and Incompatibility

[cant_get_a_good_nick]

practices of the Great Stan of Redmond.

Does he hang with the great Kyle, Kenny and Eric Cartman of Redmond? BEEFCAKE!!

PHP works fine thank you,

[AftanGustur]

PHP Support. As of 4.2.0, Apache2 support was experimental. The change log does not show anything which says its supported.

Well, my server has been running nicely for quite some time now.

I haven't encountered a single problem, Well, except that the default config is more secure and I had to manually change it to run legacy apps.

HTTP/1.1 200 OK
Date: Tue, 10 Sep 2002 08:18:09 GMT
Server: Apache/2.0.39 (Unix) PHP/4.2.2 DAV/2
Last-Modified: Sun, 24 Feb 2002 15:50:43 GMT
ETag: "2d405e-d7-4ac5ac0"
Accept-Ranges: bytes
Content-Length: 215
Content-Type: text/html; charset=ISO-8859-1

Re:PHP works fine thank you,

[Makali]

Huh, speak for yourself. I'm one of the unfortunates using the PHP Apache module on a windows Apache2 (2.0.39 and 2.0.40) install. Up until PHP 4.2.3 the module worked just fine, but after the upgrade? *bamf* Server module refused to load, Apache fails on startup. /That's/ why it's unsupported. To be sure, it works for a lot of people - it probably wouldn't be in the distribution if it didn't work for most, but that's no reason to mark it as "supported", and it's every reason for big business to know that it quite possibly won't work for them, for no readily available reason.

Re:PHP works fine thank you,

[Guspaz]

PHP does work fine if you'd bother to download the latest CVS version of 4.3.0. I had the same problem running Apache 2.0.40 on Win.NET RC1 with PHP. It would only load as a CGI executable. With 4.3.0, it's loading perfectly fine as a server module.

Re:PHP works fine thank you,

[Makali]

Oh /come on/ now, who seriously expects anyone to use a CVS snapshot in a production environment?

When 4.3.0 comes out and the PHP devs decide that the Apache2 module is stable, then they'll mark it stable. Until then, there's no good reason to remove the "this is not supported" disclaimer on 4.2.3 just because a later CVS version works better, and it's silly to tell people to compile and test their own binaries when they have every other task a sysadmin has to do. And even if they did, can you imagine trying to rationalise that decision with the bosses?

Admin: "Hey, I decided to move to Apache 2 and a development snapshot of PHP on our production servers because .. er.. there's some potential speed gains in the future"
Boss: "So if the PHP development snapshot is safe to use, why hasn't it been released as a full version increment?"
Admin: "Er.. because it's not stable yet.. oh."

The whole point of this article is that the Apache devs can see that Apache2 isn't getting picked up precisely because most third-party mods aren't stable/supported on it yet. It's a good thing that they're freezing development to allow third-party vendors to catch up, and it's a good thing that until PHP4's Apache2 support is as stable as the rest of PHP, it should be marked unsupported.

If I'd bother indeed! Get real. :) You're using a pre-release version of Windows, a pre-release version of PHP, and an early-release of Apache and you're telling me to revise my stance on production values? Tsk! :)

Re:PHP works fine thank you,

[Guspaz]

Actually, I should have said the latest pre-compiled CVS binaries of 4.3.0. I'm not the type to compile code myself.

As to my system's stability, it has been running stably for "6 day(s), 20 hour(s), 48 minute(s), 13 second(s)", and those ~7 days ago it was turned off to perform a HARDWARE UPGRADE, before THAT it was running perfectly stable for ANOTHER ~7 days. (The machine has only been in OPERATION for ~14 days)

Seems plenty stable to me. Though I must admit, this is NOT a production site. If I _WAS_ running a production site, I'd likely opt for a nice copy of Mandrake with Apache 1.3.x. But hey, you're using Apache 2.0.x yourself... Your production values seem suspiciously like my "Let's have fun and build an experimental box" values ;-)

Re:PHP works fine thank you,

[BitHive]

What about the PATH_INFO problem? Have they fixed that yet?

It's slow than 1.3

[tahi0n]

On static and dynamic content it's slow about 10-15% ! Apache2 consume more CPU time than 1.3 on static content about 10-20%. Prefork, worker show almost the same performace on single CPU machines. So, when apache2 show at least the same perfomance I'l setup it on my server.

Threading?

[Znork]

So. Why did they add threading at all? What were the advantages, apart from making the code more complicated and prone to breakage, breaking module interfaces and making modules more difficult to write and making it less portable?

Threading in general is a really really bad idea unless you absolutely need it. Stick with a process model, with IPC if needed, unless you're one of those poor sods who absolutely has to have threading.

In fact, the only engineering idea that could be worse for Apache would be to include C++ code... can you say 'unresolved symbol in xxxxx'? You'd never find two binary-only modules that could be loaded into the same server. I do so love trying to figure out exactly which version of which compiler I have to compile Apache with to link it to the proprietary modules we, unfortunately, have.

Re:Threading?

Please prove this.
Many designs using threads are bad, especially the common one with spawing a new thread per connection, granted, that doesnt mean a threaded apace is wors than a forking apache.
If you are trying to say IPC(between processes) are faster than threads communicating in memory I have several suggestions for books to read.

Re:Threading?

[Znork]

No, IPC isnt faster, nor is forking faster in any way. The problem with threading comes from the fact that everything you do (and everything you depend on) has to be threadsafe. You have to add mutexes for anything that could be concurrently accessed from different threads, and the slightest mistake (which is easy to make) can lead to data corruption and/or crashes, and a threaded application is more difficult to debug. Programmers are human, and threading is more difficult to design and implement right.

The advantage of processes (using IPC for communications if you need it) is that the code becomes simpler and you have a very well defined interface for the shared data.

Threading inherently violates Keep It Simple.

A threaded apache may very well be 'better' in some ways, but it will be more difficult to maintain and while it might not crash more often, more time will have to be spent ensuring that it remains of the same quality as a process based apache.

Re:Threading?

[alan_d_post]

I do so love trying to figure out exactly which version of which compiler I have to compile Apache with to link it to the proprietary modules we, unfortunately, have.

Curiousity: which modules are those?

Re:Threading?

[JsTwO]

can you IPC a file descriptor to me? threads are a lot more efficent on resource (not only memory).

BTW, if apache do used c++, it had been much better than now. a module are naturally a object, resource management will be much simpler. binary modules? you can use c if you think binary only module are better and it will run under c++.

Re:Threading?

[Znork]

Why would I need to IPC a file descriptor? The FD's get passed to the child on fork. And if you have an application working on common data, you have one process reading the data and creating the shared segment, and you get a clean interface to the shared data.

I'm sure you can figure out some situation where you have to pass FD's around, but I'm not saying that you should never use threads. I'm saying you shouldnt use them unless you absolutely have to, and I wonder why apache absolutely had to.

And, _I_ dont think binary modules are better. Some of our vendors, however, appear to think so, which means _I_ get stuck with having to compile apache with the specific compiler used for the binary c++ module just because c++ _STILL_ doesnt have a stable ABI.

Re:Threading?

[Znork]

www.vignette.com

Re:Threading?

[alan_d_post]

You have my deepest sympathies.

Just curious, why is the organization at which you have a job using Vignette? Any good reason, or stupid dictate from on high?

This would be better in the longer run .....

[cyberjessy]

Some of you should understand that at some point you have to make substantial changes or let the system simply degenerate.

Apache2 includes a lot of changes, but some of them are really helpful..
The portable runtime (APR) for instance, which helps immensely with writing portable code. As much it is an integral part of the web server, it is part of some cross platform code i am writing.

Improved Windows support
Lets not forget that there are many many admins simply frustrated with IIS, but have to stay on Windows as a matter of policy.

Better/More readable Code
You will find out once you read the sources.

All this comes at absolutely no cost ...
Current users can keep using the same with absolutely no problem until the 3rd party modules are ready. And lets all not forget that most of the new source code is radically new, and maybe the developers saw no point in making it silly. Once the newer modules are ready, people will be using the best Apache there could be!

Anyway, who would use thunking when by doing so you lose all the advantages that you get out of the upgrade???

Re:This would be better in the longer run .....

Apache 2.0 is *much* faster for many operations than Apache 1.3 on Windows.

Apart from this, the Apache 2.0 architecture, new perchild stuff, etc, etc, *sounds* great, but unless you *need* it, it does not buy you anything.

On the flip side skimming through the Apache development mailing list archives will show you that a good number of serious issues (memory leaks, seg faults, etc) are still being found in Apache 2.0.40. Any site that does not desparately need an Apache 2.0 feature (e.g. speed on Windows) is wise to wait for until 2.0.50 or some such for these sorts of issues to be shaken out!

No need to upgrade here...

[JimPooley]

We have two linux web servers (one a backup of the other) running Apache 1.3.26. We've not upgraded to Apache 2.0 as basically what we have works and is pretty much bulletproof. As we don't currently have a spare server we could use for testing purposes, we're leaving it alone. Sometime, perhaps, but not right now.
We do have one Windows machine also running Apache 1.3.26 - basically we needed a Windows web server for some web-based data drivers, and I really didn't want to use IIS for obvious reasons. (Basically, I think Microsoft would be doing themselves a favour by scrapping IIS and taking out a licence on Apache.)
Does anyone know how well Apache 2 is in the Windows variant, as I heard it had significant improvements over 1.3.x so that might be worth upgrading.

How to push Apache2.

Looking at most of the posts here so far, third party modules seems to be what's holding
most people that dont already got a working site back.
Now, if we want Apache2, and I say we should want it because of its advantages, I say:
Go haunt the module writers about Apache2 support.
Well, atleast give them a notice on their mailing list that you really, really want Apache2 support now!

Fast on a 68k Mac

[xpurple]

I currently run Apache 2 on my Quadra 800 (33mhz 68040) running NetBSD. It's far faster than 1.3 was, and doesn't seem to have any issues with memory leaks.

Test it here, or view netcraft's stats here.

Heck, I've even got apache 2 to work properly on an LC III with 12 megs of ram, and no FPU! Even at only 16mhz it still worked flawlessly.

Re:Fast on a 68k Mac

[roly]

Uhmm thats Apache/2.0.35 (Unix) that your using. You should update to 2.0.40 to fix security holes.

utter crap...

[cliveholloway]

...if you have cgiwrap running, the script runs as the user.

.02

cLive ;-)

Re:utter crap...

...if you have cgiwrap running, the script runs as the user.

WRONG. He was talking about PHP and mod_perl. cgiwrap only *gasp* works on CGIs. PHP and mod_perl are NOT CGIs. You can use PHP as a CGI but it is not as fast.

Re:utter crap...

[rasjani]

Which means that php would have to be running as a external executable, which means performance drops.

Re:utter crap...

[awb131]

If you're running cgi instead of some kind of persistent process, who cares about security -- your site runs like molasses anyway...

Anyway, ince Apache 2.0 doesn't have a lot of benefits over 1.3 for most "little guys," and because everything's multithreaded it's significantly harder to debug, I suspect it won't stabilize until somebody with a lot of resources wants it to be stabilized (like IBM or HP.)

Re:utter crap...

> Which means that php would have to be running as a external executable, which means performance drops.

"Drops" doesn't matter, the important question is, "drops by how much?" For sufficiently small values of 'drop', the security increase would be well worth the tradeoff.

Re:utter crap...

[Electrum]

> Which means that php would have to be running as a external executable, which means performance drops.

"Drops" doesn't matter, the important question is, "drops by how much?" For sufficiently small values of 'drop', the security increase would be well worth the tradeoff.

Drops like a rock. While I can't give exact numbers, I can say it is quite noticable.

We use Zeus for our hosting servers (Apache won't cut it for high traffic) and have it run all CGI scripts (PHP, Perl, etc.) as CGI's that run as the uid/gid of the customer. On dual CPU 1ghz+ machines with 1gb+ RAM, there is a noticable difference when running a lot of scripts. The same small number of scripts (with 500+ requests/sec most are static) cause the same load under Apache.

While it would be great to be able to run PHP under FastCGI, as the performance increase would be great (even better than mod_php4 under Apache), we have to keep it secure for our customers.

Anyone want to modify FastCGI PHP to have process pools for different users? It wouldn't be fun at all.

Re:utter crap...

[Electrum]

If you're running cgi instead of some kind of persistent process, who cares about security -- your site runs like molasses anyway...

Yep, absolutely. But what do you do in a shared hosting environment?

Apache 2

[Dewin+Cymraeg]

I don't understand why it matters. Apache 1.x is being used by people who are happy with it. Good. They're happy, ASF must be happy they're happy. Apache 2.x is being used by people who are happy to upgrade to it. They're happy, ASF must be happy they're happy. So, where's the problem? Does it matter to ASF that people aren't flocking to use Apache 2? People will migrate as and when they see a need to. This is a good thing, not a bad one. This is why free software is free. No-one is forcing anyone to do anything, but there is more choice. So, who isn't happy? Third party modules will be patched/re-written when there is sufficient need, not just for the sake of it. This is a good thing.

Re:Apache 2

[Kindaian]

And beside, why should Apache be diferent that any other software?

Users only upgrade when they feel the need for it, not when there is a new version (unless the user is a M$ fashion user, which has to use the latest cloth wrappings that a certain Redmond company manufactures)...

Cheers...

Delphi 7 does not integrate with 2.0.40

[archeopterix]

Delphi (since version 6) has this nice feature of magically generating Apache shared modules. Unfortunately Apache 2.0.40 complains about modules generated by Delphi 7 ('module foo.bar is not compatible with this Apache version'). Well... i contacted Borland(aka Inprise). The response i got was that something changed between version 2.0.3x (latest version before Delphi 7.0 was frozen) and 2.0.40 that broke the integration. So if you want to write Apache modules in Delphi, you have to wait for a patch (expected in november) or stick to 1.3 (as I did) or manually implement the API .
I guess that the webadmins are wise in not rushing to adopt the newest and coolest Apache version.

Totally dumb question about hyperthreading

[philipsblows]

I know, I'll get modded into the basement for asking, but I wonder if Apache 2.x will do any better on intel's new hyperthreading processors.

There's an article here that mentions intel's future offerings and how they will all feature hyperthreading, and while the 25% performance increases must be mostly a marketing scam, I wonder how this new bullet item on the P4 feature list will work out.

Okay, I'm buying some of the hype for the time being, so sue me.

I Upgraded Because...

[Nishi-no-wan]

I upgraded last June when I found my server under attack by a version of the Goobles' "proof of concept" Apache attack on *BSD. Apache 1.xx was marked broken in ports, so I went with Apache 2.

It took a while to get mod_webapp working on FreeBSD (with enough research done that I wasn't opening any new ports to the outside world). But once I was comfortable with the new setup, I was back.

I must admit, it does seem slower sometimes, but that might be because I upgraded to Tomcat 4 at the same time. Since I don't get nearly so much traffic that it makes a difference (it's a hobby site), Apache 2 works fine for me.

tried it - got burnt

[smash]

I tried upgrading to 2.0.39 during the Gobbles worm shenannigans.

Unfortunately, I rely on PHP4.x quite heavily for my sites, and it breaks in subtle and interesting ways on with Apache 2.0. Session management is (was) completely broken for example, and I spent about a week messing about diagnosing the problem, thinking maybe it was a bug in phpBB, or my network...

1.3.x does everything I require of a webserver - why change for the sake of it?

Unfortunately its a bitch of a catch 22 scenario - no one wants to upgrade because its broken, and because no one is testing it in the real world, its probably going to be a while before its trustworthy like 1.3 is.

Maybe as more IIS users switch to it on Windows things will improve - I hear 2.0.x is much improved over 1.3.x on Windows...

just my 2c...

smash

Re:tried it - got burnt

[fhilliard]

It also breaks ColdFusion 5.0 for Linux which won't load. Macromedia doesn't plan to rewrite its module for 5 to run on Apache 2 and instead suggests upgrading to ColdFusion MX at a cost of $549. Incidentally, I notice from their pricing grid CF MX for Linux is not listed as supporting PostgreSQL.

Why threads are important

[Nosher]

I think that a number of the posts here are missing an important point about the introduction of threading in Apache 2 (note: I claim no expert knowledge in the field of threads). Whilst it may be true that Linux' process model is so efficient that threads offer only marginal performance improvements (at the potential cost of less stability, etc) the same is not true of Windows. IIS has always appeared to run much faster on Windows than Apache ever has - a major factor that might be well be the only reason that IIS is still used (after all, IIS's complete lack of security should, if all things were even, mean that no sane sysadmin would even consider running IIS as a webserver). If version 2 allows Apache to run under Windows at the same, or better, performance as IIS (which I believe it does), then this should lead to an increased take up of Apache on this platform. At the same time, given that this doesn't really impact significantly on its performance on Linux (and arguably improves its scalability in large implementations), then what's the big deal? I think for this reason alone Apache 2 should be supported and encouraged to get the "critical mass" take-up it needs to flourish.

Re:Why threads are important

[Znork]

Like you say, threads dont really significantly impact performance (nor do I think it improves scalability beyond a process model), but threads do impact stability and reliability due to the increased difficulty of writing thread safe code.

Apache is mainly used on UN*X. Modules, both free and proprietary are usually available for UN*X. Those proprietary modules that exist on both Windows and UN*X usually exist for IIS on Windows and probably not for apache on Windows. If you're going to switch from IIS to apache it makes little sense not to switch to Linux or Solaris at the same time.

So for most users the gain in performance is insignificant, the potential loss of stability may be immensly irritating and the target groups on NT are either likely to not switch to apache for other reasons than performance and if they want to switch could easily switch completely to the group which gains little from the threading.

Windows data marshalling issues

[tlambert]

"What you you mean[...]?"

Windows threading implicitly uses thread local storage, for all objects allocated in the context of a thread. In order to instance those objects in another thread, you have to marshall the data via CoCreateFreeThreadedMarshaller().

This isn't obvious in a lot of cases, because programmers have a tendedncy to do initialization work before they break work off to a worker thread, and the Windows VM system *happens* to leave a mapping for local instance data in the created threads for any instance data which was created prior to the thread being created.

Basically, this means that If I create some connection state objects in a pool, spawn a bunch of worker threads to wait for client requests, and then assign a state object to a client request, I'm fine... I never see the need for marshalling.

BUT... if I need to create session state objects after the threads are created, if that new object causes a new allocation, rather than using the remainder of an existing allocation, then the data space mapping ends up being private to the thread. A second request on the session object will result in a reference to a mapping that doesn't necessarily exist in all threads, on the one in which it was created, unless the object is explicitly marshalled (data copied) between the threads.

Now this is probably not a problem for the Apache programmers, who may have been aware of this, but, more likely, lucked out because of order of creation of state objecats and threads (apache works very hard to front-load state creation, and cache the results). But it IS a problem for applications modules that have to make calls into unprotected services.

Probably the most glaring one of these which is going to impact Apache on Windows modules is that the LDAP library itself is not thread-reentrant, because the connection state for the module will not be created before the threads instances are created (this is a common problem with the use of the standard LDAP libraries for programmers on Windows platforms). Because of that, you have to explicitly wrap the LDAP library with a free-threading safe interface which converts concurrent requests into serial requests -- effectively rental or apartment model threading the library, from the application's point of view (apartment model with one occupant, the worker thread allowed to talk to the library).

The standard LDAP libraries are just one example of a service commonly used in web servers used as services platform integration frameworks.

There are actually a lot of others, because the Windows threading models are not very well understood by most people: they tell you that you need to marshall data, but they don't tell you the reasoning behind it by telling you how the threading actually works; even their own programmers sometimes get it wrong, and they DO have access to the documentation. That makes it very hard to deal with secondary dependent effects automatically -- and I guarantee you that Apache 2.0 does NOT deal with these effects for third party libraries that modules will need to be able to use.

-- Terry

Correct.

[fire-eyes]

I use 1.3 at both work and home.

Why?

Yep, it's the modules. I can grab apachetoolbox and get everything i need set up quickly.

As far as I know, there is no apachetoolbox for apache 2.*.

Also I saw the first post about there not being PHP for 2.*. That's a BIG minus.

Things will catch up, when there is a need.

SSL on Win32 !?

[tweakt]

For god's sake, please supply an officially supported build of Apache 2 for Win32 with SSL support.

Unless i'm horrbily mistaken there exists no build w/SSL and compiling it myself resulted in a very unstable mess that crashed 1 out of 10 times after requesting an https url.

Re:SSL on Win32 !?

[roly]

There are binaries of Apache 2.0 + SSL at modssl.org contrib.

Not FreeBSD's fault

[tlambert]

FreeBSD's current threading is implemented in user space, although work is under way to move it into the kernel, that works is being done *ONLY* for SMP scaling and quantum utilization efficiencies.

As it stands, it is fully compliant with the POSIX threads standard.

If it is not working for Apache, it is because Apache is not a POSIX compliant threads client implementation.

From looking at the code, we can see this is the case, with the Apache code having an assumption of kernel threads, which you are not permitted by the POSIX standard to assume.

Although I have not yet verified it, an examination of the code *seems* to indicate that it has "the Netscape problem", which is an assumption about scheduling coming back to a given thread in a group of threads after involuntary preemption by the kernel when the process quantum has expired.

In older versions of Netscape, this displayed as a bug in the Java GIF rendering code, which was not thread reentrant, in that if you used a Java application as a web UI, and moved the mouse before all the pictures were loaded, the browser would crash. After I explained this, Netscape corrected their assumption, and the problem went away.

Ignorance of the requirements for writing threaded applications which will work on all POSIX compliant threads implementations is no excuse, nor is it a valid reason for blaming the host OS, unless you make it known what your requirements are, above and beyond the standard contract offered by POSIX, and that you are stricter than an application written to the POSIX interface, without such additional assumptions.

You will find that you have these same problems on MacOS 9 (NOT FreeBSD-derived), MaxOS X (uses Mach threads), Mach, Plan 9, VxWorks, OpenVMS, etc..

You will find you do NOT have these problems on systems with implied contracts above and beyond those provided by the POSIX standard: Solaris, UnixWare, Windows, and Linux. You may have *other* problems in Windows, related to implied contracts over virtual address space issues (see other posting).

-- Terry

Re:Not FreeBSD's fault

[Jeff+Trawick]

>From looking at the code, we can see this is the >case, with the Apache code having an assumption >of kernel threads, which you are not permitted >by the POSIX standard to assume.
>Although I have not yet verified it, an >examination of the code *seems* to indicate that >it has "the Netscape problem", which is an >assumption about scheduling coming back to a >given thread in a group of threads after >involuntary preemption by the kernel when the >process quantum has expired.

I'm not aware of such an assumption, but maybe
I'm blind for having looked at the code so much.

Please send details of this aspect of your
review to dev@httpd.apache.org or trawick@apache.org (I'll forward to the mailing
list). A fair amount of effort has been spent trying to get Apache 2.0 to work with thread support on various levels of FreeBSD; any
knowledge you have of problems in Apache 2.0 which
keep it from supporting threads on FreeBSD will
be most welcome. There is a lot of interest in
having it work.

Re:Not FreeBSD's fault

[Rasmus]

There are actually FreeBSD kernel bugs coming into play here. For example, calling sendfile() in a thread was a problem. If you check FreeBSD CVS you will see that issue reported by someone from Apache and it has been fixed in the kernel.

Adoption takes time

[Buggered+Choirboy]

Most people will not upgrade to it but will change when they update to a newer distro that includes apache2. Also, the functionality of the new apache does not make for a required upgrade.

The answer's right on /.

[wytcld]

Who wants to go to 2 and discover you've got your pants down? With the only point of 2.0 being to have an Apache that runs faster on Windows, the only upgrade that makes sense is for Windows admins to go to *nix. Why would *nix admins go to a less-tested, less-secure, less-understood server? Hope the major module writers never port to this bastard child.

failing to sleep with you != rejecting

That's what she said about you...

Re:failing to sleep with you != rejecting

Funny you should make that analogy, as it happens to be correct.

Just because she hasn't slept with you yet doesn't mean she's rejected you - she's just deferred upgrading the relationship until all the other modules are ready.

So, yes, failing to sleep with you != rejecting.

Web Security

A few links worth interest.
www.cgisecurity.com
www.whitehatsec.com

Re:I'd like to upgrade but i have those darn issue

[haplo21112]

Yes, I think that was really the first top quality mod for 2.0 I have seen...works fine on my test machine btw

"Hyperthreading?"

[tlambert]

That's a good question.

I won't argue the legacy code portion of the question; all engineers prefer writing new code to maintaining old code. 8-).

The answer, at least according to me, is that SMP itself is barely a good idea for most OSs, because of scheduler-based CPU affinity implementation. Very few OSs have this right; Sequent (now IBM) and SGI got it right. Everyone else thinks that SMP scalability for Intel breaks down at 4 processors being the point of diminishing returns, but what they are really saying is that they aren't able to address the bus contention scaling issue in software without help.

Hyperthreading puts another tier of preference in there: you don't cache-bust if you move a thread between ALU's in the same CPU, but by the same token, you can't run non-ALU functions simultaneously without stalls.

Basically, this means that you need OS affinity changes, where commercial OSs, and even the free ones, like Linux and FreeBSD already have issues with affinity implementation (Linux implements affinity in the scheduler, leading to the ability of threaded processes to starvation deadlock other processes, but waves a dead chicken to try and work around it, and FreeBSD's implementation is a really rough set of patches that have yet to be integrated).

On top of the OS affinity changes, you have to have compiler help, as well, or the benefit of a Hyperthreaded processor sits at about 20-25% additional, relative to another physical CPU. With compiler help, this "jumps" to an average of 70-75%, relative to another physical CPU.

So basically, it's a relatively cheap way of incrementally increasing performance, if your OS supports the idea. If all CPUs came this way from the factory, then there's a modest win to be had, assuming a direct tie between user space threads and scheduling units. If they don't, then you will pay some penalty on non-Hyperthreaded CPUs, which probably isn't worth the trade-off, if you want to deploy on commodity hardware.

In the Linux case, the person to ask would be Ingo Molnar, who has done much of the work on the scheduler based affinity, and also on the Tux in-kernel HTTP server, and get it and the TCP stack and the minimal driver and data set to live in the confines of a single CPU cache. I don't agree with the approach he has taken in the scheduler, and have discussed it before, but there;s no arguing that it doesn't work, even if I personally think it makes things more complicated than they ought to be.

I think you will find that he will say that the benefit from Hyperthreading in a single CPU machine in that case is no better than perhaps 15-20%, relative to a non-Hyperthreaded processor, which reinforces the idea that the value of Hyperthreading is mostly in the compiler.

Actually, I've heard the Intel documentation on how to write Hyperthreaded code generating compilers described as "Don't do what GCC does", which seems pretty apt to me, all things considered. 8-).

-- Terry

Re:"Hyperthreading?"

[WNight]

Why does implementing a thread/cpu affinity in the scheduler lead to the ability to starve other processes?

I'd just think that, all else being equal, threads of process X all run on CPU 1, etc. But if you don't have any scheduled to run, you run something else...

Also, do you think HyperThreading is here to stay, or is it just a half-way point to CPUs having caches for CPU-state, allowing quick context switches between processes? I seems that this is the best way to go, eventually allowing hyper-threading's pipeline sharing feature but between unrelated pieces of code.

I don't mind the thread model much, I'm not a purist (I use Perl, to be "pure CompSci" would be somewhat of a contradiction :) but it does distress me to see that many university educated programmers don't know how to work without threads (within one process). I think their over-reliance on threads hurts them by making their programs much more complex than they need to be. Modern programmers, to whom everything looks like an object in search of a thread.

Quality...

[viktor]

I'm just in the process of migrating from 1.3.x to 2.0.x, and let me assure you this is not done over night (I tried just that, and here I am still running 1.3.x).

The build process has been slowed down and, IMO, gone entirely broken. Previously I ran the configure script, which took a minute or so, compiled and installed. It worked.

Now a run a monstruous ./configure, which calls itself recursively and takes about ten minutes to complete, at which time any and all warnings have scrolled well past the top of the window. It does not report easy mistakes such as trying to make "so" a shared module until it is almost finished. And the libraries are not linked against the modules properly, so attempting to use a static libssl or libm is not possible.

An upgrade from 1.3.x to 1.3.x+1 took about half an hour. An upgrade from 1.3.x to 2.0.x has taken me the better part of two days, including reinstalling openssl shared so that mod_ssl works at all, for no immediate gain.

I can understand that people do not make the switch.

no thread support till now??

No thread support until now? No wonder IIS beats the pants off Apache in speed jeez... when will lazy Unix programmers finally learn to use critical sections?

if it ain't broke...

[pizza_milkshake]

afaict the major improvements to apache 2.x are better performance and simpler development. this is great, but, imho, not the kind of thing one gets in line for.

has anyone here personally had any trouble with apache 1.3.x's performance? perhaps large-scale sites may have, but apache runs just fine for everything i've ever worked on.

as for keeping developers sane, great. eventually everyone will move to 2.x, but it'll probably be years before it's as popular as 1.3.x is now.

the problem is that apache 1.3.x is "good enough" for most people. to be honest, i haven't even looked at 2.x

Rejecting how?

[balloonhead]

Firstly, I don't see how it can be called 'rejected' - they are not adopting it, which is a very different thing - the title implies criticism.

I tried Apache 2 but MySQL/PHP (on windows though - issues with my DSL modem meant I had to switch) when I first learned PHP/HTML/MySQL (about a month ago now...) and it was thoroughly broken. Pages were well screwed. As a beginner it took me ages to realise that the fault was not with my code, but that's another story.

Now, that was a month ago - even with it being improved, it's still not fixed. It will be in time, but why would people change from a stable server to a buggy one? Do you get too many visitors to your site or something?

People will switch when they feel there will be a benefit - at the moment any users are early adopters.

I for one am back with Linux, and Apache 1.3.26, which serves up my pages nicely. It's just a shame that it still won't connect to the internet...

Call it the Netware factor ...

[JonKatzIsAnIdiot]

How many sites out there are still running Netware 3.12? TONS. Why? Because just works. You install it, configure it, and after that you can forget about it because it doesn't need to be coddled to get through the day. Apache 1.3 is the same. It does it's job so well, there's no compelling reason to upgrade.

Java had exact same problem with threads

Java exposed dozens of serious threading problems in Solaris when it came onto the scene in 1995. It took Sun *years* to finally get this right, and they issued dozens of kernel and thread library patches for Solaris 2.5, 2.6, 2.7 and 2.8. In the same way, Apache 2.0 will also be the catalyst to finally get correctly functioning thread support in 3rd party libraries and open-source kernels.

perchild

The perchild still doesn't work and when it will, its only being designed for Linux. This was one of the only reasons we were wanting to upgrade since we are a webprovider with PHP, and as you may know PHP runs globally as the apache user instead of as each suexec user.

auth_ldap

[darkstar101]

There is still no LDAP authentication for Apache 2.0. First it was going to be "in the box", so all the 3rd party developers stoped developing. Now it is not "in the box" and the 3rd party developer are still not developing. And there is no real explanation from the Apache developers why it is not there. I had to troll through the developer's mailing list to even find out that it had been removed. It is this kind of crap that is preventing Apache 2.0 from being used. Until there is a reliable auth_ldap for Apache 2.0, I won't be ABLE to use it.

PHP on non-threaded Apache 2?

[jonabbey]

Is it easily possible to run PHP on Apache2 if one sticks to the non-threaded process model?

One thing that is very nice about Apache 2 is that it is so much easier to get Apache+SSL built and working. Building Apache 1.3 plus SSL plus PHP is still a bit of a chore, though I'm sure the PHP developers wouldn't consider it so.

Lots of critical bugs still

[siberian]

Stable? Says who? I the reverse proxy is broken.

Search bugzilla for 'proxy rewrite chunk'

Ousterhout on Threads

[drxyzzy]

Why Threads Are A Bad Idea (for most purposes)

Only Apache 2.0 is usable in the enterprise

[samwhite_y]

In the discussion on multi-threaded vs. single threaded and performance, there has been no discussion on caching issues. One of the big places caching is very effective is for user authentication. If you have to go to an enterprise user storage repository for every client request, you quickly find that your system's throughput is limited to the throughput of the user store. In most company environments the user store is already under serious stress from multiple other applications and web sites, so without some type of caching solution built into the web server, the performance for security is abysmal.

In an environment that spawns 100s of processes to handle requests, each process can end up creating a duplicate cache of the same user information. Since I do not know of way in Apache to have the same users visit the same process, it is difficult not to create 100s of copies of the same user cache. If the cache is dumped every couple of minutes for each user, it is very easy to create a scenario where a cache in a particular process is too old to be usable by the time a user visits the same process again. The general effect of this is that Apache 1.3 cannot be used for solutions that emphasize caching. This problem also manifests for scripting solutions where scripting pages are preloaded, parsed, and cached (does anybody know how mod perl handles this?).

Using memory shared across processes or writing data to temporary files could potentially solve such issues, but that can have its own headaches and costs. For example, there can be significant overhead in serializing information from/to an IO system (memory files or temp files on a file system) if there is more than a trivial amount of information being cached.

Part of the promise of Apache 2.0 is that it will create an environment for creating complicated and scalable applications for the enterprise. As far as I can tell, without a threading model solution, Apache would be considered not much more than a toy for real industrial applications. It is possible to create Apache 1.3 applications that serve many users and have much content, but the users usually have to be locally stored (in particular passwords are directly available) and the content has to be "prepackaged" for optimized delivery. This may work for focused web sites, but in the new universe of "web services" and pushing mainstream business apps onto the web, Apache 1.3 falls far short.

Re:Only Apache 2.0 is usable in the enterprise

It's pretty easy to share data with mod_perl. I use Berkely DB for it. It's very fast, and it doesn't use up your RAM (data is kept on disk with an adjustable shared memory cache). Trading this small amount of speed for the memory savings improves scalability.

Re:If slashdot is happy with it, I'm happy with it

Yup. I also noticed today that The Apache Con site is running 1.3:

ApacheCon.Com is running Apache/1.3.27-dev (Unix) PHP/4.3.0-dev DAV/1.0.3-dev on Linux.

If the people promoting Apache 2.0 aren't even running it, it isn't really suprising that the rest of us aren't.

Apache 2 modules troublesome

I have noticed that there is a mismatch between the Current apxs API and what the php people are using(maybe). I had trouble getting PHP DSO to compile with Apache 2.0 and the error occurred when using apxs.

I bet this is common since as a developer, apache 2.0 stuff would be on my back burner.

Re:Read the docs, do the tests. Apache 2 is better

[Monkey]

It's too bad you screwed your account up so bad that you post at -1, because you make some valid points.

Remember when Win2K was coming out, a lot of people said they would never upgrade to it because it was a piece of shit? I wonder how many of those guys are still running NT 4 today?

Anything substantially new must prove its merits through time before it is generally accepted.

writing modules still hard

[drbart]

i was really looking forward to the new module api. i could be wrong or looking in the wrong place, but the 60-plus-element struct apache 2.0 hands you is more than a little daunting.

writing your own http handler seems easier, although granted it would be nice to have all the config goo handled by apache.

i want a simple api, sort of a C equivalent to javax.servlet, and an example that really shows how simple it is.

apache is limited scripting framework

[axxackall]

First of all, I've been using Apache in my web aplications since 1995. And I love the server.

Second, I've been writing various scripts about 10 years and I do it again when it comes to solve some small sysadmin task, especially on the backend of some CLI-compatible OS.

In a big web application I don't like being limited by default interpreter. And I need a good data/functional/object model. Certainly, neither PHP nor Perl nor Tcl can help. Although I still like scripts as a part of aspect separation. That's why I use either Java with XSLT or Python with Zope (Perl with AxKit is not ready to be used in a production mode yet, IMHO).

Now, I see that nothing wrong of using Tomcat (or another Java servlet engine) in standalone mode listening http directly, without any Apache. It's easier to install, customize, control and maintain. Zope standalone - same situation.

So, why would I even be bothered with Apache? Integration with decent PHP and CGI applications? Have you ever tried to integrate Apache CGI with Java servlets or Zope products, like session sharing? You don't want to do it again.

Does it mean that Apache doesn't have any future? Not at all. Even although today developers recognize that PHP and CGI is not a way to go, Apache still keeps a niche of static content handlers and micro-CGI servers. Besides, it might have very interesting future as a SOAP gateway.

Regarding Apache 2, I think that people are loosing an interest in Apache. And when they have to decide to migrate to Apache 2 or not (from Apache 1), they also ask "Isn't it a perfect time to consider another web server, like Tomcat or Zope?"

I'm sorry

It must be my ServerTokens setting. :)

Where are the syadmins?

I suspect that the slow adoption has more
to do with the mass dot-bomb layoffs. Many
companies are limping along now with inadequate
IT support.

Re:mod_gzip / mod_hs

mod_gzip is no longer being developed - its developers now offer mod_hs (not free, works with Apache 2) http://www.ehyperspace.com/solutions/hyperspace_mo dhs.html.

thanx for the excessive explanation! (no text)

[Otis_INF]

:)

No text.

Can't Get mod_auth_mysql working on 2.0

[Not+The+Real+Me]

Is there anyone who's gotten mod_auth_mysql working with Apache 2.0? I've tried and can't get the damn thing to work so that's why I'm sticking with with 1.3.

Re:Can't Get mod_auth_mysql working on 2.0

[roly]

Which mod_auth_mysql? the polestar one, the zeev susraki one or the kcilink one?

more important than modules

[aminorex]

with the possible exception of mod_php stability, i
think the single greatest thing that would encourage
the uptake of A2 is open documentation. Doc has
always been a terrible deficiency of Apache, but
in the 1.x series, the community gradually developed
an adequate expertise by force of the demands of
circumstance. But A2 configuration differs in
crucially important ways from A1, and the readily
visible documentation, beginning with the conceptual
model, and continuing on to the detailed syntax and
semantics of configuration directives, is far too
inaccessible to the busy admin at this point.

What would make me upgrade:

[mcrbids]

1) PHP 4.2.x is stable, with libpspell, imap, pg and mysql support.

2) Apache supports the "per child" user definition. The inability to run as any user other than "nobody" is a real limitation. But, if I could define the user/group of a file and have the script run as that user/group, security for web applications would simply skyrocket! (I'd except "root" from that list, tho)

Unix / VM...

[MegaFur]

any Unix with virtual memory

Okay, I'm not an `old timer' or anything, so I don't know too much. I gotta ask--is there such thing as a Unix that doesn't have virtual memeory!? I thought that, that was always a fundamental part of Unix design. Please help me out here, I'm very curious.

Re:Unix / VM...

[amorsen]

It depends what you count as Unix. I do not believe QNX has virtual memory, at least not in the sense of paging to disk, and I think QNX is POSIX compliant. In the beginning Unix swapped complete processes, not pages, and that is also not what would normally be called virtual memory.

Re:Unix / VM...

[Tony-A]

Virtual Memory makes sense when real memory is significantly less than addressable memory. With a few caveats, virtual memory gives you the speed of real memory and the size and expense of disk. Sixteen-bit minicomputers have(had?) an 16-bit address space of 64k. Some have had their lives extended by using a VM in reverse to utilize more real memory than virtual memory.
Multics is probably the only OS for which VM was intrinsic. Multics used virtual memory for permanent file storage! Otherwise, Operating Systems tend to act very much the same with or without VM. Obviously, the OS has to *do* something about it, but the only real difference is that the machine looks bigger than it is.

Apache Mirrors Do Not Use 2.0

[the_mystic_on_slack]

I just noticed this today as I was looking around the Apache site that most (if not all) of the Apache.org mirrors do not use 2.0? Anyone want to tell me why they don't use the latest version of the software they promote???

Mod up last post?

Can't someone mod up that -1 post? It makes a good point.

Apache 2.0? Not unless your OS is up-to-date

[bee]

I went to install apache 2.0 on my home server running FreeBSD 4.4, which isn't all that old. /usr/ports told me that my OS wasn't new enough to install apache 2, so I installed 1.3 instead.

Maybe that's why apache 2 isn't all that popular yet.

Sendfile

[tlambert]

I'm aware of the sendfile problem and the "fix".

Sendfile is not an operation which it's really valid to have the function return until it's complete, so that completition status will be accurate. The assumption here was that kernel threads were being used, so that one thread calling sendfile would not block execution of other threads until the sendfile was complete.

The assumption of kernel threads here, or that sendfile could call-converted into a non-blocking call plus a context switch to another threads, is what was bogus.

Though it boggles the mind that one would expect sendfile(2) to be POSIX threads safe at all, considering that it's not a system call POSIX standardizes...

-- Terry

Thread/CPU affinity, and starvation

[tlambert]

The basic problem is thread group affinity.

Basically, the promise of threads is that you will not be paying the equivalent of a full process context switch overhead, because your VM and other process-specific things will not have to change when context switching from one thread in a process and another thread in a process.

On a machine that has 1001 processes, and you are the 1 process, and you have five threads in your thread group (process), You basically have a 4 out of 1004 chance of one of your threads being picked as the next thing to get a quantum, when one of your threads makes a blocking call, so that it's no longer runnable.

What that means is that you have just reneged on the promise of lower context switch overhead, if you run thread #1, then run "cron", and then run thread #2.

So you have to play favorites, and say "I know "cron" has been waiting a long time, but I just blocked processing on thread #1, and thread #2 is runnable, so I'm going to preferrentially run thread #2, because it lets me avoid the VM switch, and the TLB shootdown, and the other overhead of a full process context switch, and therefore lets me keep my promise about threads being lower overhead than processes".

Any time you play favorites, you starve your non-favorites; just like a Robin or Sparrow with a Cuckoo's Egg in its nest.

So then you have to add all sorts of arcane accounting and other crap to avoid the starvation of other processes, and your scheduler becomes very, very complicated.

Compare this with Scheduler Activations, or an async call gate, where you give a quantum to a process -- and the quantum belongs to that process. In this case, your process runs until either there are no more threads to be run, or until its quantum is used up.

Things are actually more complicated than even this; for example, you want a threaded program to compete as multiple processes for quantum, or you are encouraging people to write programs that fork multiple children, instead of threads, in order to allocate themselves more quantum. On the other hand, you want to set some upper bound on the amount of unfair competition a single unpriviledged program can engage in, relative to other processes on the system.

If you attack thread group affinity as a scheduler problem, the amount of complexity you introduce is substantial, and there will always be corner cases.

There's actually been a huge amount of research on this; check the NEC CS search engine for "scheduling" and "load balancing" and "parallel".

-- Terry

Re:Thread/CPU affinity, and starvation

[WNight]

Ahh. I was thinking you would just give each process the same quanta. A multi-thread process would get to pass its time-slice between threads as it saw fit. If it used less than the assigned time, it would benefit from a low-cost context switch, if it used more than its quanta, it would effectively lose the benefits of threads, except for the shared memory space which is either a benefit or a problem, depending on your view.

What I didn't see what the complexity that goes into this.

I guess it's like VM/Swap, easier to discuss strategy than to implement effeciently.

I'll look up the references you gave me.

Re:Thread/CPU affinity, and starvation

[JsTwO]

Basically, the promise of threads is that you will not be paying the equivalent of a full process context switch overhead, because your VM and other process-specific things will not have to change when context switching from one thread in a process and another thread in a process.

not from what i see. IMHO, threads makes share things between two processing easier. how can u make a connection pool with many process? and you can do all cpu based work in a group of threads and let one thread do all other i/o based work. These things are impossible with multi process and damn hard with single process FSA.

POSIX

Standards unto themselves are useless unless they accomodate the world around them and make use for common practise. Personally I do not agree with your assessment of sendfile() not being POSIX-compliant - but even if you are correct any well written and robust user-level POSIX thread package should accomodate it.

..."at a significant cost in performance"

[tlambert]

With respect, the benchmarks people have posted have chown a 10-15% performance degradation in the switch from 1.x to 2.x of Apache.

I agree that your argument is valid for SMP systems... but it assumes that the application that's being used is also threaded, or rewritten to be threaded, and that the libraries it uses are also threaded. Whever they aren't, you are going to eat the performance at whatever serialization boundary you put there. It might as well be a standard one that allows legacy code to continue to function as it did before.

-- Terry

I understand the argument; however...

[tlambert]

I understand the argument; however, it's pretty clear that the practice here has diverged significantly from the theory.

The context in which we are making these postings is an observation about the non-adoption of Apache 2.0, whse design was intended to prevent non-adoption for the reasons you state.

Still, here we are.

I'm fully willing to admit that I'm speaking in hindsight, and trying to analyze why people have failed to adopt Apache 2.0. I understand that non-adoption was not the plan; but reiterating the plan won't make the non-adoption unhappen.

-- Terry

current modules will not ever work 100%

[JDizzy]

Pre-forking, threading, foo, bar, mish, mash... blah..

In the final analysis, all the major apache 1.3 modules will never work corrects, to the point where code for one works well in the other, and vice-versa. The sad truth is that, like the Apache 1.x, the modules will slowly creep to replace the CGI's, and that took a few years to happen, and mainly with mod_perl replacing perl CGI's.

yeah, that might suck donkies, but its the sad way of human nature. WE simply want to make it like we used to have it in 1.3, and whatever. This it will never be again. Totally new modules should be writen, and used by the upcoming generation of coders, those whom are not corrupted by what we older folks have become used to. I'm 26 btw.

For example, the syntax of php is very good, and so are many of its ways of structuring things. But php itself needs to be thrown away as it stands now. Perl cannot speak of good syntax, it is simply one of the ugliest, yet most usefull languages there ever was. Yet mod_perl has a good chance of remaining viable on Apache2. This is what confuses most folks, because they don't understand how something to them, the elegant code they write, could not work well in another environment. And when your apache module becomes a place that itself is a launch pad for other modules, then what? For example, in php... most folks like to have mysql as a module, or GD, or whatever. However, now you have to wonder that in Apache2, that mysql could be a direct module to Apache2 itself , and php, or perl, just share the common thread. Do you suppose that php, or perl could be writen in a way to share their connections to MySQL, no... probably not going to play nice like that.

People just have to get past the notion that their development environment is just plain bad. The people at the Apache foundation knew it, and probably expected this sort of crap, why they want to mess things up in the next relase to confound the module writer is beyond me.

Re:current modules will not ever work 100%

[Rasmus]

I am not sure why you say mod_perl is more viable with Apache2 than PHP. PHP is every bit as threadsafe as mod_perl, and both PHP and mod_perl can be linked against many of the same libraries which may or may not be threadsafe. Something like libgd doesn't suddenly become threadsafe because it is accessed through mod_perl. Same for a very common library such as gdbm. These are the things that are holding up production-quality PHP (and mod_perl) with Apache2 threaded mpms.

Re:current modules will not ever work 100%

[JDizzy]

Respectfully, I was in my mind thinking about parot, and the future of perl in the next few years. I'm not a perl monger, but I do entertain those folks, and study their lore. I failled to convey that, and I suck..... I know! In regards to linking to libs that may or may not be threadsafe, your absolutly correct. So then begs the question, where is the best place to link to 3rd party libs? In the apache module, or as an apache module? Does it really matter in a threaded environment? I guess in the realm of pre-processing, it might mater a significant amount?

I'm currently in the planning stages, architecture, and what not; for an apache module. I've been reading the api, and getting an idea of what does what.

I'm not going to parley, or bait you, or start a flame war with a person I respect, if your who I suspect you are? But I will say this: Apache2 is going to exist in the world after http1.1, with a more diverse user-agent environment on the horizon.... things need to change in many respects. Apache2 is so much more capable than our current perception of what an apache module is now. I suspect it will be at least a few years before we break our old mold.

Userland threading and blocking calls

[tlambert]

Userland threading and blocking calls do not mix, ever.

The way userland threading works is "call conversion", which trades a blocking system call for a non-blocking system call plus a context switch.

FWIW, I worked indirectly on the DEC MTS product on VAX/VMS back in 1992 (indirectly, in that I made patches to the Bliss code as a Novell employee on a cooperative project with DEC), and I used the undocumented "liblwp" in SunOS 4.1.2 in the late 1980's, and before that, I used the "sigsched" package in the mid 1980's. All this adds up to me having experience with implementing call conversion schedulers going on 20 years.

The problem with sendfile(2) is that it sends excessivle large blocks of data all in one go, and that those sends have to be atomic because they are not restartable.

The *obvious* workaround for the problem is to break the call up based on the size of the object being sent, so that the blocking operations don't block "too long".

Another workaround is to have "worker processes", which are used as contexts for the blocking call, to "accomodate" sendfile.

The only canonically *correct* fix is to provide asynchronous interfaces for all synchronous calls, and perform call conversion on them. For sendfile, this either means an aio_ context version, or changing the return value to be the number of bytes out of the range actually sents, and having it work as write(2) does, in terms of non-blocking file descriptors.

By the same token, I could argue that System V message queue receives "should work" -- another patent absurdity, given that such operations are, by definition, synchronous.

-- Terry

Expectations of a Red hat user -- rate limiting

The expectation of most users of Red hat GNU/Linux is that an "upgrade" will provide the same or more funcationality than the previous version. For a RH version 7.3 user, that means the funcationality of auth_ldap, mod_auth_any, mod_auth_mysql, mod_auth_pgsql, mod_bandwidth, mod_dav, mod_perl, mod_put, mod_python, mod_roaming, mod_ssl, mod_throttle & mod_php.

Apache v2.0 already provides mod_auth_ldap & mod_dav.

The "Null" beta release of Red hat includes for Apache v2.0 the following: mod_auth_mysql, mod_auth_pgsql, mod_perl, mod_python & mod_ssl.

The mod_roaming is only useful to a small number of Netscape v4.x roaming profile users and probably does not impact the general acceptance of Apache v2. Also, the mod_put funcationality is provided by mod_dav.

Porting of mod_auth_any to Apache v2 should not be a difficult task.

So, the remaining issues of Apache v2 from a Red hat user prospective would be the lack of PHP and the lack of rate limiting (mod_bandwidth and/or mod_throttle). It is understandable that the Apache developers are limited in what they can do about PHP for Apache v2. But for the developement team to make it to version 2.0.40 and still ignore providing a rate limiting module is fairly damning.

Bandwidth is still expensive and it should not be a surprise that the lost of this functionality may cause several to avoid the "upgrade."

Purpose of threads: "all you've got is a hammer"

[tlambert]

"not from what i see. IMHO, threads makes share things between two processing easier. how can u make a connection pool with many process? and you can do all cpu based work in a group of threads and let one thread do all other i/o based work. These things are impossible with multi process and damn hard with single process FSA."

The classical answer to this is "rfork" or "sfork". But there are others.

As one of the two engineers responsible for adding the ability to share the file table via opening the /proc for the process and setting a flag, so that fork(2) would behave differently in SVR4.2, I can guarantee you that there are other methods of achieving what you want, without threads. Incidently, this greatly pissed off the threads people at USL, because we didn't use their shiny happy application model: it was inappropriate for the problem we were solving.

Like descriptor table sharing, address space sharing, and SMP scalability, threads are a hammer that is applied to a lot of different problems, on the theory that if all you have is a hammer...

-- Terry

Successful OSS ~= Successful CSS

[tommck]

A successful Open Source product is just like a Closed Source one.
Businesses and people who run their sites aren't going to mess around with upgrading to new versions unless there is a driving reason for it.
If there were only 100 people using this product, they would be enthusiasts, and about 85 of them would probably be running the latest version (heck, probably betas), but there are other factors involved.
The more people who use the product, the less quickly that people will adopt the latest and "greatest" version. Heck... a lot of people are still using Office 97 (those that use M$ products...).
If there is not a business need, then it is a _bad_ idea to change your platform. So, as far as I'm concerned, this is not news-worthy.

T