Tag Archives: apache

No, Apache did not send you spam

Today, the ASF received yet another complaint from a distraught individual who had, in their opinion, received spam from the Apache Software Foundation. This time, via our Facebook page. As always, this is because someone sent email, and in that email is a link to a website – in this case, www125.forcetwo.men , which is displaying a default (ie, incorrectly configured) Apache web server, running on CentOS.

This distraught individual threatened legal action against the ASF, and against CentOS, under FBI, Swedish, and International law, for sending them spam.

No, Apache didn’t send you spam. Not only that, but Apache software wasn’t used to send you spam. Unfortunately, the spammer happened to be running a misconfigured copy of software we produced. That’s the extent of the connection. Also, they aren’t even compentent enough to correctly configure their web server.

It would be like holding  a shovel company liable because someone dug a hole in your yard.

Or, better yet, holding a shovel company liable because someone crashed into your car, and also happened to have a shovel in their trunk at the time.

We get these complaints daily, to various email addresses at the Foundation, and via various websites and twitter accounts. While I understand that people are irritated at receiving spam, there’s absolutely nothing we can do about it.

And, what’s more, it’s pretty central to the philosophy of open source that we don’t put restrictions on what people use our software for – even if they *had* used our software to send that email. Which they didn’t.

So stop it.

 

Apache Board

This time last year, I was nominated for the Apache Board of Directors, and I wasn’t very keen on it. I was on the down-swing of getting burned out with ASF stuff, which comes every few years of any volunteer effort, no matter how much you believe in the mission of the organization. It does one good to step back from it every few years.

I made a rather half-hearted position statement that basically said: “all of the people on the ballot are great, and any board chosen randomly from this slate will be great.” I wasn’t elected to the board.

However, midway through the term, there were some resignations, and I found myself on the board again.

This time around, I am much more passionate about it and have actually made an attempt to state what I think the board needs. In short, it’s more delegation.

We have arrived at the size where we must delegate, trust those to whom we delegate, and resist the urge to tinker in the minutiae. This is very, very hard, and is especially hard for our current slate of directors, because we are all so deeply passionate about the mission of the Foundation.

Non-profit and volunteer-based organizations have the tendency to rely on heroes – people who take on 90% of the work, rather than delegating. The thing with heroes is that they are awesome as long as they are around. But eventually, they burn out, or retire, or move on to other things, and then suddenly you have a crisis. We need to find a way to identify areas where one person is doing a disproportionate amount of the work, and find a way to delegate that work to several other people, and then be willing to let them do the work, even when we think they’re not doing it exactly the way we’d do it ourselves.

The election of the new board will happen at the ASF members meeting on March 28th. And whether or not I’m elected, I have my work cut out for me in the coming year at Apache. There’s just so much to do.

Living in community: Curbing your passion

I’ve had a very frustrating set of interactions over the last 3 days, on an open source community mailing list. Doesn’t matter which one, because I think that these things are universal.

I said “here are some ways we can make things better.” Or, at least, that’s what I thought I was saying.

Several people heard “everything is broken, and it’s your fault.”

At the end of several very heated email conversations, it became clear to me that we all agreed on (almost) everything, and were getting hung up on that initial statement. It wasn’t even that the things that I was proposing were opposed, it was that the way that I presented them was perceived as criticism of what people had done for the last few years.

Email is notoriously bad at conveying nuance. This is amplified in a multi-cultural, multi-lingual community.  Here’s some practical things that I took away from this conversation – most of which I should have already known

Suggest improvements. Don’t focus on shortcomings

Pointing out breakage is easy. Proposing solutions is where the real work is. Now, sometimes, you need someone to say “this is broken and I don’t know how to fix it.” Those situations are very tricky. Tread lightly.

Focus on what needs improving, not on who made it that way

This sounds easy, but is really hard. There’s always someone who spent hundreds, or thousands, of hours, making the thing the way that it is, and so when you point out that the thing isn’t perfect, that person might take it personally. I honestly don’t know how to avoid that, and this week has shown that very clearly. But I can look back and identify some of the things I did poorly, and apologize for them.

Curb your passion

This one is unintuitive. We need to be passionate about our community. But sometimes when you’ve been pondering something for a few months and arrive with all of that passion, people are more likely to mistake that passion for anger, criticism, and so on.

Yes, some people need to get thicker skins. Don’t read everything I’m saying as that we need to pamper everyone’s bruised feelings. But when people aren’t looking in your eyes, it’s easy to take passion as an attack. We’ve all done it.

I’ll close with one of my favorite quotes from Confucius, who said, “There is honor in the email not sent.”

Yes, he said that. I was there.

Read your email twice before you send it, and delete half of them unsent. This will lead to a better universe, and fewer three-day shouting-fest email threads.

 

Features, not lies

A colleague is attending the nginx conference in Austin this week, and shared with me several anecdotes in which a speaker preached misinformation – or if I want to be generous, grievously outdated information – about Apache httpd, to support the notion that nginx is better.

This led to the following:

 

Each time I have encountered nginx people at conferences, and attended their talks, they have compared nginx to grossly misconfigured, 10 year old installations of Apache httpd 2.2 to support their claim that nginx is leaner, faster, and easier to administer.

Here’s the thing. nginx is a solid project. I have zero beef with the software itself. I have used it myself, when the need arose. What I object to is the habit of the fans of nginx to lie (or exaggerate, or just spout uninformed opinions) to make themselves look better. If you must compare, compare our latest to your latest, and have experts correctly configure each. That way, each will show where it shines, and where it doesn’t.

It is possible to configure ANY software badly. This is why it’s almost always a bad idea for an expert on SoftwareA, who knows little or nothing about SoftwareB, to compare them head to head – they’ll invariably be comparing a well-configured A to a less than optimally configured B. And in the case of nginx vs Apache httpd, these guys almost always use 2.2 or 1.3 as an example of … well, all of the things that 2.4 fixed. 5 years ago.

Any intro to marketing class will tell you that you need to talk about your own strengths more than you talk about the other guy’s weaknesses. This is a message that nginx and presidential candidates seem to have missed. And, in the case of software, it’s even more important, because whereas Donald Trump will always be a monster, every time you point out a legitimate shortcoming in Apache httpd, we fix it.

Convert an Apache httpd password file to dbm

If you have a textfile password file, and you want to convert it to a dbm database for use with mod_authn_dbm, this can be done as follows:

htdbm -cbp passwords.dbm bogus bogus
awk ‘BEGIN { FS=”:” }; {system (“htdbm -bp passwords.dbm ” $1 ” ”  $2)}’ passwords
htdbm -x bogus

This assumes that the file `passwords` is your existing password file, and that you wish to create a dbm database `passwords.dbm`

The -b flag says that the passwords will be provided on the command line. The -p flag says not to encrypt the password – because it’s already encrypted.

This feature used to be available in the `dbmmanage` utility, as an `import` argument, but that utility is no longer included in the httpd packages for the Fedora/CentOS and Debian/Ubuntu Linux distro families, so we have to make do with htdbm.

I’m stashing this here for posterity, since I just spent a half hour getting the awk syntax right.

The first line creates a starter dbm with a single bogus entry, and the third line cleans up that bogus entry.

Festina Lente

FestinaLenteCorrect

On Wednesday morning I learned that my long-time friend Nóirín Plunkett has just suddenly passed away.

Update: It’s been mentioned that Nóirín stated, on their Twitter profile, a preference for the personal pronouns they/their. It’s been mentioned that I should update the below post to reflect that preference. Grief is a weird thing. We remember people as we remember them, not as other people want us to remember them. I knew Nóirín in an earlier chapter of their life, and I don’t intend any disrespect by how I recount those memories. Nóirín influenced different people in different ways. To me, Nóirín was a grammar geek, a friend, an unstoppable force, and a deep enigma. I miss the Nóirín that I knew, and I’m aware that Nóirín grew into a different person in their later years. Grief is both a very public thing and a very personal thing. I mean no disrespect of either Nóirín nor of their other friends and family. I just remember Nóirín differently than you do, and that’s probably ok.

I first “met” Nóirín on the Apache httpd documentation list, where they helped in the process of making the documentation into a literate manual, with consistent grammar, reasonable organization, and a more professional face. I then met them, in person, for the first time, at the ApacheCon planning meetings in Dublin, where they arrived with Colm and whipped things into order, imposing a great deal of organization on what had been a pretty chaotic process in previous years. I also had the great privilege of spending time in their home with her family while we were there, and these are some of the happiest memories I have of our friendship.

Nóirín contributed a great deal to the Apache Software Foundation over the years in a number of places. They continued her work on the httpd docs for a while, but began to move into community-facing things, such as ApacheCon, where they served as Conference Committee chair for a few years. They were  instrumental in making the ASF more clueful about diversity issues. They also served a year on the board of directors.

In recent years, Nóirín has been more involved with the larger effort to improve the plight of women in technology, and their direct involvement in Apache has faded, and we’ve missed them. We will now miss them even more.

Nóirín’s motto was Festina Lente – Hasten Slowly, and this embodies their approach to life. They considered things carefully, and rushed to get things done, because life is too short to get everything accomplished that we put our minds to. In the end, theirs was far, far too short.

It’s also a jarring reminder that you may never have another chance to resolve that disagreement, so you’d better do it now, before it’s too late.

Goodbye, friend.

noirin_small

If you knew Nóirín, or benefited from her work, please consider donating to St John Abulance in their name.

Twine

This week we did ApacheCon in Austin. I shipped the original Apache feather to the venue for 20th birthday of the Apache web server project, and it hung above the stage for the keynotes.

image

It’s an item that we’re very proud of, and of some historical significance.

The conference producers treated it like it was the Declaration of Independence or something. They handled it carefully and reverently.

At the end of the event the guy in charge of A/V came to me with some twine.

image

He said he had removed it from the hanging hooks on the feather in order to use black nylon that matched the stage dressing, and which would hang more securely. But he saved these scraps of twine because he knew how significant the item was to us.

Now, it’s not that the twine mattered – it was something I added years after the original was made. It’s that he cared enough, and respected our heritage enough to save it and track me down, that impressed me so very much. It really put a wonderful final touch on an almost-perfect event.

And this is why, among many other reasons, we love our conference production company, The Linux Foundation.

ApacheCon NA 2015, day 1

It’s only 8:30 local time, but I’m pretty wiped out. Day one has been amazing.

The morning started with the keynotes, which included the State of the Feather, with Ross Gardler, two sponsor keynotes by Mike Maxey (Pivotal), and Chip Childers (Cloud Foundry), and then the main opening keynote by Brian Behlendorf. Brian has long been someone that I’ve really looked up to, not just because he catalyzed the Apache web server project, but because of the deep thought that he’s given to issues around Open Source, community, and our role as responsible members of the human race. (Videos coming soon of all these keynotes.)

Right after the keynote, I moderated what I’ve been referring to as the “grey beard panel”, where several members of the original Apache Group (Jim Jagielski, Dirk-Willem  van Gulik, Randy Terbush, Brian Behlendorf, Roy Fielding, and Ken Coar) reminisced about how things were in the early days, what mistakes were made, what things they might have done differently (SSL was a big item on this list), and other related items.

I’ve long joked that I do ApacheCon so that I can travel to exciting places and hang out on stage with my heroes. This was definitely one of those moments.

In the afternoon I gave my “Write a Better FM” talk, which is a continually evolving thing. Rikki said some very encouraging things about it. In all, I think it went really well.

Then we had the reception at Old School, which was very nice, if a little loud. And now I’m back in the hotel room trying to decide whether to catch up on email, or go seek out some more social -ness. Probably go with the former and go to bed early.

 

90-9-1

In a talk I attended earlier this year, Shaun McCance mentioned, as though it was established science (which it is) the 90-9-1 principle of community participation. I’ve thought of it frequently since then, to set expectations and to keep myself sane.

The idea is that in any community effort, 90% of the people are going to sit around saying that it’s a great idea, but not actually doing anything about it. 9% of the people are going to work casually on it in their spare time, as convenient, and between them will do a huge amount of the work. Then 1% of the people – usually one or two dedicated people – will pour themselves into it wholeheartedly, putting every spare moment into making it a success.

Note that it’s not the exact numbers that matter here, it’s the undeniable fact that you can’t expect everybody to work as hard as you do on everything. It’s all too easy, when doing anything on a volunteer basis, to look around and get frustrated, discouraged, even angry, at the 90%. Understanding that this is the normal, expected, even healthy way that communities operate, can help you refocus on what you can (and can’t) do in any given effort.

Sometimes (most of the time) it’s ok to be in that 90%, and you don’t need to feel that you’re not pulling your weight. However, if you’re in the 9% or the 1%, it’s not reasonable to get angry with the 90%. They have other things to do, and are likely the 1% on something that you’re not helping much with.

By the way, here’s a couple of resources about this notion:

This article claims that the concept is dead. Note that this article appears to be someone just making up new numbers to illustrate the same concept. What’s important here, folks, isn’t the exact numbers, but the general concept. Way to miss the point. (This article also appears on dozens of sites in various different forms.)

Wikipedia claims that it’s a feature of Internet culture.

Here’s an actual statistician doing scientific analysis, rather than me making up numbers.

ApacheCon Budapest 2014

15811606055_5637e3d709_zLast week, the Apache Software Foundation, with the help of the Linux Foundation event team, hosted ApacheCon Europe in lovely Budapest, Hungary at the gorgeous Corinthia hotel.

If my count is right, this was the 24th event to bear the name ‘ApacheCon’, and the 8th time we’ve done it in Europe. Also, we were celebrating the 15th anniversary of the Apache Software Foundation, which incorporated in June of 1999.

Every ApacheCon has its own set of memories, from Douglas Adams pacing the stage in London, to the ApacheCon Jam Sessions in Dublin, to the Segway tours in San Diego, to the funeral march in New Orleans. And Budapest was no different – a wonderful event with lots of great memories.

On Sunday night, I had dinner with the TAC’ers. The Apache Travel Assistance Committee is a program by which we get people to ApacheCon who could otherwise not afford to be there. This is critical to the mission of the ASF, because it builds the community in an inclusive way, rather than limiting it to people with the funds to travel. TAC recipients have to give back a little – they provide session chair services, introducing speaker and counting attendees. A large percentage of our former TAC recipients have become deeply involved in the ASF, more than paying off the investment we make in them.

Although I didn’t try the Tripe And Trotters on the buffet line, I did enjoy great conversation with old friends and new ones around the table.

15813169492_0cd44f034e_z

Monday morning, I opened the conference with the State Of The Feather keynote – our annual report on what the ASF has done with sponsor dollars and volunteer time over the last year, and some thoughts about where we’re going in the next 15 years. The latter is, of course, very difficult in an organization like the ASF, where projects, not the Foundation leadership, make all of the technical decisions. However, David Nalley, the VP of Infrastructure, had some pretty specific ideas of what we have to do in terms of Infrastructure investment to ensure that we’re still able to support those projects, which are being added at about 1.5 a month, for the next 15 years and beyond.

15820067232_75991115c0_zAfter the State of the Feather, I had the enormous privilege to stay on the stage with Hugh Howey to discuss the parallels between self publishing and open source software development. I’ve got another blog post in the works specifically about that, so stay tuned, and I’ll add a link here when it’s ready. Any day that starts with me hanging out on stage with a favorite author in front of 300 of my closest friend is a good day.

Once the sessions started, everyone went their separate ways, and I gave several talks about the Apache httpd project. httpd has been my main focus at Apache for 15 years, and although it’s faded into the background behind more exciting projects like Spark, Hadoop, CloudStack, Solr, and so on, it’s still the workhorse that powers more than half of the websites you’ll ever see, so there’s always a decent audience that turns out to these talks, which is very gratifying.

One of my talks was more focused on the business of doing documentation and “customer support” in the open source world. My “RTFM? Write a better FM!” talk discusses the RTFM attitude that exists in so many open source software communities, and how destructive it to the long term health of the projects. I’ve got another blog post in the works specifically about that, too, and I’ll add a link here when it’s ready.

Tuesday and Wednesday were a whirlwind of sessions, meetings – both formal and informal, and meals with friends, colleagues, and newly-met conference attendees. As a board member, I’d sometimes get pulled into project community discussions to offer the board’s perspective on things. As conference chair, there we numerous discussions about the upcoming event – Austin, Texas, April 13-17 – and the next Europe event – stay tuned, announcement coming soon!

Session highlights during the week include:

  • Shane Curcuru’s talks on trademarks, copyrights, and protecting the Apache brand.
  • Jesus Barahona’s talk about the statistical analysis work he’s done for Cloudstack, and other projects, and how it can be used to support and encourage community growth.
  • Pierre Smits’ case study talk about OFBiz and beer, which I missed because I was speaking at the time, but which I heard was amazing.
  • Joe Brockmeier’s talk about Docker, which was apparently the best-attended talk of the entire event.

Although we didn’t record the talks this year (if you’re interested in sponsoring that for next time, get in touch – rbowen@apache.org), you can see the slides for most of these talks on the conference website.

15816582111_4b19b886c5_zOn Monday night we had a birthday cake for the ASF, and I got all emotional about it. The ASF has been hugely influential in so many aspects of my life, from my amazing friends to my amazing job, and it’s such an honor to serve the Foundation in the capacity of conference chair. I look forward to the next 15 years and seeing where we go.

And then, so fast, it was Wednesday evening. David Nalley gave his keynote about the value of the Apache Software Foundation. While I was expecting a number – something like 3 trillion dollars or something – instead, he talked about the many ways that the ASF adds value to companies, to individuals, and to the world as a whole. A truly inspiring talk, and it made me incredibly proud to be associated with the ASF. Bror Salmelin then talked about the Open Innovation 2.0 project at the European Commission to close out the formal portion of our event.

The lightning talks were a big hit this time around, with a great mix of serious and lighthearted talks, all in five minutes or less, MC’ed by the inimitable Joe Brockmeier.

15647039319_0624e084ce_z

On the whole, I was very pleased with this conference. If there’s anything that disappointed me about the conference, it’s only the number of old friends who couldn’t make it. I hope that everyone who couldn’t make it to Budapest is able to come to Austin to celebrate the 25th ApacheCon, and the 20th anniversary of the first release of the Apache HTTP Server!

 

[Note: Some of these photos are mine, and are on Flickr. Some of them are from the Linux Foundation, and are also on Flickr.]