Slashdot Mirror
Apache 2.2.0 Released
ikewillis writes "According to an announcement on apache.org, Apache 2.2.0 has been released. From the announcement: 'This version of Apache is a major release and the start of a new stable branch. New features include Smart Filtering, Improved Caching, AJP Proxy, Proxy Load Balancing, Graceful Shutdown support, Large File Support, the Event MPM, and refactored Authentication/Authorization.' View the ChangeLog or check out the new feature list."
Now I'm .9 versions behind.
I'm waiting for Microsoft to rename IIS "Cowboy 1.0" :)
I read the feature list and changelog earlier today but without taking the time to set up a test server and experiment with it I really have no idea how it compares to 1.3. For the most part we have stuck with 1.3.x for it's stability, performance on our older hardware (from 256MB dual 75MHz SPARCstation 20 to 1 GB 440 MHz Netras), and rock solid compatibility with mod_perl and Perl 5.6.
I'll be willing to try upgrading in the near future in hopes of experimenting with and making use of the some of the newer featues, but I would like to hear some first-hand information from those who have recently made the leap to 2.2, if at all possible.
You can also do this: apachectl -k restart
A round of thanks to all the hard work done by the HTTPD team.
you guys ROCK
and special thanks to paul who pushed this through!
I don't get the feeling that this is a very significant update!
any project in it's mature stages wont change much, at least not noticeable by most users.
if bash creates a new release, you aint gonna notice the difference.
if linux creates a new release, you aint gonna notice either (unless it's a major release, but in comparison, this apache release is not)
Marge, get me your address book, 4 beers, and my conversation hat.
Since version 1.x you've been able to make config changes without a restart. Just edit your config files and then run "apachectl -k graceful" or send a USR1 kill signal to the parent Apache process. Apache reloads the config without restarting.
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
That's interesting how they jumped from the 2.1.x beta versions to 2.2.0. They didn't do this when they went from the 2.0.x beta to the 2.0.x stable (hence the large .55 attached to 2.0.x right now). It's kinda like what Perl does with having devel and stable versions have odd and even numbers, respectively.
;)), I have this feeling that we might see the same 1.3->2.0 inertia.
Anyway, I guess the big question is, how many people will actually adopt 2.2.0. I still remember when 2.0 came out to mostly a yawn as most people kept using 1.3.x. Even today, most of the servers that I come across or administer are still using 1.3.x because unless you were running Windows, 2.x didn't really offer spectacular improvements over 1.3.x, and looking at the changes for 2.(1|2).x (anyone who's going to transfer a >2GB file over HTTP is crazy
When are they adding the continuation-stored-in-the-server feature? Having to do a CPS transform essentially by hand to all CGI scripts is ridiculous. Oh yeah...Perl/PHP/etc. don't support that. Why not?
I've been struggling with setting up a mirrors server for our computing club here. I'd like to mirror all of Debian, for example, but I'm finding that storing (and, worse, updating) 80 gigs only to serve a tiny fraction of the files to our users is a dismal trade-off. I had been experimenting with ProxyPass, but since it didn't cache the results locally, it wasn't really providing a speed benefit.
mod_disk_cache plus mod_proxy's ProxyPass seems like just the ticket - I could give it a few servers to proxy for, give it a few hundred gigs of cache, and it would then automatically intelligently cache for those servers. This would be a great, easy plug-in solution.
Has anyone used mod_proxy and mod_cache in this fashion? It'd be great to hear about others' experiences or configuration examples.
|/usr/games/fortune
What are the newer features that you're planning on using?
Indeed, it sounds like you have what may be the perfect situation. Even if your servers are somewhat older, and not the most powerful, they are still very solid Sun systems. They will basically last forever. You suggest that mod_perl is working very well for you at the moment, too.
Perhaps an upgrade would be the worst thing you could do. Sticking with older, proven systems is many times a very wise idea.
Cyric Zndovzny at your service.
Apache 2.x? No thanks!
Apache 1.3? Still has issues!
I think I'm going to stick with something I can really trust!
Maybe I'll try CERN httpd 2.14, I'm not sure if 3.0 has enough of a track record.
I am really glad they added Foxy Load Balancing. Now asianpornstarlets.com will send me data at a nice, steady pace instead of in spurts and dribbles.
Storing state in the server and retrieving it via cookies, etc., is not CPS, it's just saving and retrieving state. And who still uses CGI anyway?
And who says continuations are a valid way to write web apps? I prefer to use request/response because that's the model of the underlying architecture. I also want my URLs to represent named entry points, not continuations within some arbitrary program.
And how the heck would Apache know how to save a continuation in any arbitrary programming language? Or is Apache supposed to turn into a set of libraries, one for Smalltalk, one for Ruby, one for Lisp.. ?
Explain what you mean, son....
For those of you saying you don't need to transfer >2GB it reminds me of comments like, "640k is enough for anybody", "64-bit isn't needed on the desktop", "no advantage to dual core" etc etc.
This will finally mean I can wget DVD ISO images! Work with large files over WebDAV and it will also mean my logs can grow over 2GB which is cool.
HTTP works where FTP has problems when dealing with complex networks (firewalls/NAT etc etc).
Sweet! Now I can store the 9.1GB DVD ISO's for people to download off my 33.6k Modem connected webserver!!
;-)
But seriously, the timing of this feature being added couldn't be better, 5 years ago there would've been no point, but with the current rate of speed increases in home Internet, it will become somewhat more useful!
----- Concentrate on promoting more than demoting.
But I want /debian/ to be a Debian cache, and /ubuntu/ to be an Ubuntu cache, and it'd be nice to have e.g. a Cygwin cache in /cygwin/ . Many "mirrors" sharing one disk cache space allocation on one easily-administered server.
Can Squid handle that kind of flexibility? That's what drew me to Apache's ProxyPass.
|/usr/games/fortune
I would personally settle for a configuration file format which isn't confusing, poorly organized, and often times not parsed correctly (ie, apache doesn't do what the docs imply). See Why I Hate the Apache Webserver, which was a presentation at ApacheCon Europe.
Apparently everything the author pointed out was promptly forgotten or ignored.
Last time I posted about this, someone accused me of advocating "dumbing down" or stripping functionality out of Apache to make it easier for idiots to configure. That's NOT the point at all, and "easy to configure" does not mean "dumbed down" or "stripped down". Postfix, for example, is just as powerful as sendmail but miles easier to configure.
Please help metamoderate.
FWIW there's a debian-specific solution in the form of apt-proxy, a program that runs on your server, then the clients point their /etc/apt/sources.list at you, etc. etc. I haven't used it, but I know it exists, so your mileage may/will vary. (At my last job I was responsible for setting up a large web cluster; one machine acted as sort of the "mothership" providing all sorts of network services to the web hosts and so on... I was just looking into apt-proxy when I ended up getting a better job elsewhere. ;))
http://apt-proxy.sourceforge.net/
I've used the IIS GUI once because I was curious. *shudder* GUIs are useful only when well-designed.
1/ There are Apache GUIs. Google them up. Some are free, some are not.
2/ Opening the config file in a GUI text editor and navigating around with a mouse should be fairly easy, especially with the copious amount of documenation in the config.
3/ It's very difficult to express the rich level of complexity of Apache configurations in a GUI. Just imagine how on Earth a GUI can be made to handle nested VirtualHosts, Directorys, and Files. Throw in some regexp, and suddenly, you are faced with a situation where it becomes a heck of a lot easier to just edit the config file. To say that a GUI is always easier than text is incorrect; it depends on the situation, and Apache configs are one of those situations where this is the case (kinda like how when dealing with non-photographic web graphics, you need to use PNG or GIF and avoid JPG like the plague and how when dealing with photographic web graphics, you have to use JPG... each rules over their own niche of strength).
4/ If a GUI is made, it is highly likely that it won't be as powerful as just using a text editor; it's not as expressive (see above). But there's really not much to do with the basic configuration, either. For the most part, the default configuration works just fine, and if someone needs to edit the settings, it's mostly for the complicated stuff that would be a bloody mess to do in a GUI.
5/ Compactness and portability.
There are a couple of GUI frontends for configuration available, but I don't believe this release includes one "out of the box." If you're running Apache on Windows there are a number of commercial products available for GUI configuration. There's a whole bunch of free ones for Linux/Unix, webmin being one of my favorites since it has modules for just about everything under the sun (unix users & groups, samba shares, mysql, etc.) Although I've never had much trouble editing the text conf files by hand. We have a lot of sites and virtual hosts--it was much quicker and easier to set it all up in Apache via typing and cutting and pasting the relevant bits than when we used to run IIS.
When apache first introduced mpm I was looking forward to the ability to have each virtual domain run under a seperate user. Right now it will spawn a seperate process for each user specified. So if you are hosting 1000 domains on one machine and specify unique users for each domain, you have 1000 idle listener processes when you start up the server.
I'm thinking the way it should be is only spawn processes for the specified user when an incomming request needs to be served, keep the process around to serve new requests if there are more to serve, and kill it off if there is no requests in X period of time. This would surely make hosting things like cgi much more secure.
The goal of computer science is to build something that will last at least until we've finished building it.
i just want to know when i'll be able to restart each vhost independently, like in IIS. or atleast have it rehash the config with out shutting the server down ( or is that already possible )?
In the mean time (ie, since the 2.0 release) we've changed the versioning model to the "odds are dev, evens are stable" model. So as soon as 2.2 released, development moved to the 2.3 branch, which will release as 2.4. So, yes, like Perl and Linux and many other things.
As for transferring >2GB files, this comes up many times every day on #apache, and fairly frequently on the mailing lists, so people do actually want to do this.
Folks that are still using 1.3 are missing out on enormous strides forward. The "it still works fine, why should I upgrade" crowd are completely welcome to remain where they are, and we're not going to compel to move, but they are going to miss out on all sorts of cool things, in the name of "it's good enough already." Their loss, not ours.
Apache guy, Open Source enthusiast, runner
Folks that are still using 1.3 are missing out on enormous strides forward. The "it still works fine, why should I upgrade" crowd are completely welcome to remain where they are, and we're not going to compel to move, but they are going to miss out on all sorts of cool things, in the name of "it's good enough already." Their loss, not ours.
I haven't upgraded because most new security problems reported in Apache are for the 2.0.x branch, not the 1.3.x branch.
You say I'm missing out on enormous strides forward, but aren't I also missing out on numerous security problems? I'm not being argumentative, I really am interested in hearing the Apache developer's side of things. (E.g., perhaps the issues have been overstated, perhaps they exist in 1.3 also but aren't being discovered, etc.)
The earth-shattering feature of Apache 2.2 is RFC 2817 SSL Upgrade. Basically, any HTTP connection can upgrade itself to HTTPS without reestablishing.
This means you can do SSL on virtual hosts without a dedicated IP address. This will greatly increase the penetration of SSL (plus free certs like CaCert) and encryption in general. The $5/mo webhosters will be able to offer SSL to clients. Ubiquitous encryption considered good.
This is, of course, a Catch-22 - there are no browsers with the capability yet (let's get Mozilla going...) but this is the necessary first step. Come back in a couple years and see how things are going.
Oh, and I'm happy about the Cookie proxying patches which I reported against 2.0 but were applied to 2.1. This is the only Apache feature I've ever had a hand in designing so I'm happy to see it available. Basically, anything you do with cookies (paths, domains) should be properly proxied now. I've been waiting for this for a long time. Yay!
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)