Tag Archives: apache

90-9-1

In a talk I attended earlier this year, Shaun McCance mentioned, as though it was established science (which it is) the 90-9-1 principle of community participation. I’ve thought of it frequently since then, to set expectations and to keep myself sane.

The idea is that in any community effort, 90% of the people are going to sit around saying that it’s a great idea, but not actually doing anything about it. 9% of the people are going to work casually on it in their spare time, as convenient, and between them will do a huge amount of the work. Then 1% of the people – usually one or two dedicated people – will pour themselves into it wholeheartedly, putting every spare moment into making it a success.

Note that it’s not the exact numbers that matter here, it’s the undeniable fact that you can’t expect everybody to work as hard as you do on everything. It’s all too easy, when doing anything on a volunteer basis, to look around and get frustrated, discouraged, even angry, at the 90%. Understanding that this is the normal, expected, even healthy way that communities operate, can help you refocus on what you can (and can’t) do in any given effort.

Sometimes (most of the time) it’s ok to be in that 90%, and you don’t need to feel that you’re not pulling your weight. However, if you’re in the 9% or the 1%, it’s not reasonable to get angry with the 90%. They have other things to do, and are likely the 1% on something that you’re not helping much with.

By the way, here’s a couple of resources about this notion:

This article claims that the concept is dead. Note that this article appears to be someone just making up new numbers to illustrate the same concept. What’s important here, folks, isn’t the exact numbers, but the general concept. Way to miss the point. (This article also appears on dozens of sites in various different forms.)

Wikipedia claims that it’s a feature of Internet culture.

Here’s an actual statistician doing scientific analysis, rather than me making up numbers.

ApacheCon Budapest 2014

15811606055_5637e3d709_zLast week, the Apache Software Foundation, with the help of the Linux Foundation event team, hosted ApacheCon Europe in lovely Budapest, Hungary at the gorgeous Corinthia hotel.

If my count is right, this was the 24th event to bear the name ‘ApacheCon’, and the 8th time we’ve done it in Europe. Also, we were celebrating the 15th anniversary of the Apache Software Foundation, which incorporated in June of 1999.

Every ApacheCon has its own set of memories, from Douglas Adams pacing the stage in London, to the ApacheCon Jam Sessions in Dublin, to the Segway tours in San Diego, to the funeral march in New Orleans. And Budapest was no different – a wonderful event with lots of great memories.

On Sunday night, I had dinner with the TAC’ers. The Apache Travel Assistance Committee is a program by which we get people to ApacheCon who could otherwise not afford to be there. This is critical to the mission of the ASF, because it builds the community in an inclusive way, rather than limiting it to people with the funds to travel. TAC recipients have to give back a little – they provide session chair services, introducing speaker and counting attendees. A large percentage of our former TAC recipients have become deeply involved in the ASF, more than paying off the investment we make in them.

Although I didn’t try the Tripe And Trotters on the buffet line, I did enjoy great conversation with old friends and new ones around the table.

15813169492_0cd44f034e_z

Monday morning, I opened the conference with the State Of The Feather keynote – our annual report on what the ASF has done with sponsor dollars and volunteer time over the last year, and some thoughts about where we’re going in the next 15 years. The latter is, of course, very difficult in an organization like the ASF, where projects, not the Foundation leadership, make all of the technical decisions. However, David Nalley, the VP of Infrastructure, had some pretty specific ideas of what we have to do in terms of Infrastructure investment to ensure that we’re still able to support those projects, which are being added at about 1.5 a month, for the next 15 years and beyond.

15820067232_75991115c0_zAfter the State of the Feather, I had the enormous privilege to stay on the stage with Hugh Howey to discuss the parallels between self publishing and open source software development. I’ve got another blog post in the works specifically about that, so stay tuned, and I’ll add a link here when it’s ready. Any day that starts with me hanging out on stage with a favorite author in front of 300 of my closest friend is a good day.

Once the sessions started, everyone went their separate ways, and I gave several talks about the Apache httpd project. httpd has been my main focus at Apache for 15 years, and although it’s faded into the background behind more exciting projects like Spark, Hadoop, CloudStack, Solr, and so on, it’s still the workhorse that powers more than half of the websites you’ll ever see, so there’s always a decent audience that turns out to these talks, which is very gratifying.

One of my talks was more focused on the business of doing documentation and “customer support” in the open source world. My “RTFM? Write a better FM!” talk discusses the RTFM attitude that exists in so many open source software communities, and how destructive it to the long term health of the projects. I’ve got another blog post in the works specifically about that, too, and I’ll add a link here when it’s ready.

Tuesday and Wednesday were a whirlwind of sessions, meetings – both formal and informal, and meals with friends, colleagues, and newly-met conference attendees. As a board member, I’d sometimes get pulled into project community discussions to offer the board’s perspective on things. As conference chair, there we numerous discussions about the upcoming event – Austin, Texas, April 13-17 – and the next Europe event – stay tuned, announcement coming soon!

Session highlights during the week include:

  • Shane Curcuru’s talks on trademarks, copyrights, and protecting the Apache brand.
  • Jesus Barahona’s talk about the statistical analysis work he’s done for Cloudstack, and other projects, and how it can be used to support and encourage community growth.
  • Pierre Smits’ case study talk about OFBiz and beer, which I missed because I was speaking at the time, but which I heard was amazing.
  • Joe Brockmeier’s talk about Docker, which was apparently the best-attended talk of the entire event.

Although we didn’t record the talks this year (if you’re interested in sponsoring that for next time, get in touch – rbowen@apache.org), you can see the slides for most of these talks on the conference website.

15816582111_4b19b886c5_zOn Monday night we had a birthday cake for the ASF, and I got all emotional about it. The ASF has been hugely influential in so many aspects of my life, from my amazing friends to my amazing job, and it’s such an honor to serve the Foundation in the capacity of conference chair. I look forward to the next 15 years and seeing where we go.

And then, so fast, it was Wednesday evening. David Nalley gave his keynote about the value of the Apache Software Foundation. While I was expecting a number – something like 3 trillion dollars or something – instead, he talked about the many ways that the ASF adds value to companies, to individuals, and to the world as a whole. A truly inspiring talk, and it made me incredibly proud to be associated with the ASF. Bror Salmelin then talked about the Open Innovation 2.0 project at the European Commission to close out the formal portion of our event.

The lightning talks were a big hit this time around, with a great mix of serious and lighthearted talks, all in five minutes or less, MC’ed by the inimitable Joe Brockmeier.

15647039319_0624e084ce_z

On the whole, I was very pleased with this conference. If there’s anything that disappointed me about the conference, it’s only the number of old friends who couldn’t make it. I hope that everyone who couldn’t make it to Budapest is able to come to Austin to celebrate the 25th ApacheCon, and the 20th anniversary of the first release of the Apache HTTP Server!

 

[Note: Some of these photos are mine, and are on Flickr. Some of them are from the Linux Foundation, and are also on Flickr.]

We’ve Always Done It That Way

From a Lightning Talk at ApacheCon Budapest

As you know, the Apache Software Foundation has a number of mottos that we like to use. Like, “Community Over Code”, and “No Jerks Allowed.” Another popular motto recently has been “We’ve Always Done It That Way.”

As you no doubt know, the ASF is an organization deeply rooted in tradition, which means that we never, ever change the way that we do anything. Those of you who have been around the ASF for a long time can verify this.

Here’s a few of the things that have been the same at the ASF for all time.

We have always required that every project have their code in CVS for revision control.

Um … I mean SVN. As far back as we’ve been around. We’ve always done it that way.

Well, except for … you know … unless your code is in Git.

But we definitely don’t let you use Github for collaboration.

… actually …

You Infrastructure guys ruin everything.

Since the beginning of time, ApacheCon has been organized and produced by a committee of members. We gather before the event, with all of the talk proposals printed out. We sort them into piles and argue over which ones will be scheduled. Third-party producers really don’t understand us, and so it’s important that we control every aspect of how ApacheCon is put together.

We’ve always done it that way. And so we’d never try anything else.

We have never had any paid staff, and would never consider having any.

All ASF projects are written in C, and always have been.

Also, all projects at the ASF are server projects of some kind. Desktop-type software projects are completely outside of what we do – what we’ve always done.

Wikis are the spawn of Satan, as we determined on long, heated, vitriolic mailing list threads, and we’ll never allow any project to have a wiki. At least, not one running on ASF hardware. Ever.

Except … these things have all changed.

Principle 13 in the Toyota Way says that one should make decisions slowly, by consensus, thoroughly considering all options, and then implement those decisions rapidly. We believe a similar thing at the ASF. So to people who have only been around for a short time, it looks like we never change anything. But the truth is that we change things slowly, because what we’re doing works, and we need to be sure that change is warranted, and is a good idea.

There is one thing, though, that I’m sure won’t ever change. Here at the ASF, we believe in collaborative, community-centric development.

We’ve always done it that way.

ApacheCon North America returns to Austin

We just got done with ApacheCon Europe in Budapest last week – http://apachecon.eu/ – and it’s time to start thinking about ApacheCon North America.

We’ll be holding ApacheCon North America, April 13-17th, 2015, in Austin, Texas. The call for papers is already open, at http://apachecon.com/, and we are hoping that this event will represent the breadth of the Apache Software Foundation projects.

Organize your community

The most important thing at this stage in the process is getting the Apache community involved in this event. ApacheCon exists to unite our community, get various projects to interact with one another, and bring new members into our community. The best way to accomplish these goals is to ensure that your project has representation at ApacheCon. Here are four specific areas where we need the help of Apache project communities:

Track layout

We’ve found that the very best way to have a project well represented in the content tracks is for someone deeply familiar with the project to craft an ideal track schedule, and then solicit speakers for those sessions. This has two immediate benefits.

First, it goes a long way to ensuring that the topic is covered with the breadth that it deserves, rather than having a few random talks that cover random esoteric parts of the technology, and ignore segments of the audience that you most want to attract.

Second, it is very encouraging to first-time speakers. It’s very difficult, and very intimidating, to try to come up with a topic to speak about the first few times. Seeing a list of proposed topics is the perfect way to say to a new speaker that what they know about is worth them proposing to a conference. “Hey, I could speak about that, and nobody would think it’s a stupid idea.”

Speakers

Some talks require certain speakers. You know this a lot better than we do, because it’s your project. We need your help to go to those specific speakers and encourage them to submit the specific talk(s) that you know they’ll shine at.

Reviewing and Scheduling

Once the talks have been submitted, we’re going to need your help reviewing them and building the schedule. To help with the review process, you’ll need to create an account in the CFP system (if you haven’t already done so) at https://identity.linuxfoundation.org/user and then email me – rbowen@apache.org – with your username, so that I can get you added to the review system. From there, you’ll see a list of talks to consider, and you can rate them according to how well you think they’ll fit the conference.

Of course, if you specifically solicited those talks, then you’ll quickly mark them as “Strongly Accept” with a comment of “I solicited this specific talk”, and move on. (The CFP review interface is at http://events.linuxfoundation.org/cfp/cfp-list if you already have an account.) You can review talks from other topics/tracks, too, if you feel that you have some domain knowledge.

Once the review process is complete, we’ll select the talks that rate the highest, and at that point we’ll be back in touch with you to help us order them correctly. Here, again, if you’ve already approached us with a layout of your ideal content track, there’s really nothing else to do. But if there are other talks that made it in through the review process, we’ll need help.

Hackathons

A key benefit of ApacheCon is getting your developers together in one place to work on things. We’ve got a a general hackathon area where you can gather to work on bugs, features, documentation, or discuss thorny community issues. (Don’t forget to summarize your conversations back to the mailing list for the people who can’t make it!)

If you want to have a sponsored hackathon specifically for your project, we can find room to make that happen. Just get in touch with me, and we’ll work out the details.

Talking before the event about what you’ll be working on has a number of benefits.

First, it gives people time to think about how they can contribute, and plan accordingly.

Second, it encourages people to come in from the edges of the project to participate more fully in the life of the community, because they can select something that they’re particularly interested in, and work on it in company with the rest of the project members.

Using the ApacheCon wiki – http://wiki.apache.org/apachecon/ – as a place to work on your hackathon topics gives conference attendees an easy way to find topics that they might be interested in, and connecting with the community. If you don’t have write permissions to the wiki, send me your wiki username, and I’ll get you added to the access list.

Your company uses Apache software every day. Perhaps you even contribute to a project as part of your day job. ApacheCon is the best place in the world for your company to show off their involvement in Apache, and to find new talent to work on their products. Sponsorship of ApacheCon gives you a platform from which to talk about what your company does, and gets your company name recognized – and closely associated with Apache – by the people that make the decisions in some of the most important places in IT.

If you’d like to sponsor ApacheCon, get in touch with me, and I’ll get you a sponsor prospectus, and help you select the sponsorship opportunity that’s right for you – whether that’s the conference lanyard, an evening reception, the conference bags or tshirts, or a booth in the exhibit hall. There’s something for every budget and level of exposure you’re looking for.

Get the word out

You have the ear of your project community – both the developers and the end users. We need your help telling them about this event. Right now, we need you to tell them to save the date. Later on, we’ll need you to be telling them about specific talks that will be of interest to them, both directly relating to your project and about other related projects that they should know about.

Join the Community Development mailing list – http://www.apache.org/foundation/mailinglists.html#foundation-community – where we’ll be posting suggested tweets, suggested things to share on Facebook and Google Plus, and other suggestions for helping us get the message to the communities where you have a more trusted voice than we do.

This is critical – it does no good putting together a great event, if nobody comes. You know who needs to hear the message, and you know where they hang out. A well-placed message by the trusted members of the community is far more effective than a dozen mass emails from a stranger.

Come join us!

So, if you’d like to help us make ApacheCon a success, get onto the Community Development list – http://www.apache.org/foundation/mailinglists.html#foundation-community – and on the #apachecon IRC channel on Freenode, and speak up. Tell us what you can do, and we’ll find a place for you to fit in.

Apache httpd at ApacheCon Budapest

tl;dr – There will be a full day of Apache httpd content at ApacheCon Europe, in Budapest, November 17th – apacheconeu2014.sched.org/type/httpd

Links:

* ApacheCon website – http://apachecon.eu
* ApacheCon Schedule – http://apacheconeu2014.sched.org/
* Register – http://events.linuxfoundation.org//events/apachecon-europe/attend/register
* Apache httpd – http://httpd.apache.org/

I’ll be giving two talks about the Apache http server at ApacheCon.eu in a little over 2 months.

On Monday morning (November 17th) I’ll be speaking about Configurable Configuration in httpd. New in Apache httpd 2.4 is the ability to put conditional statements in your configuration file which are evaluated at request time rather than at server startup time. This means that you can have the configuration adapt to the specifics of the request – like, where in the world it came from, what time of day it is, what browser they’re using, and so on. With the new If/ElseIf/Else syntax, you can embed this logic directly in your configuration.

2.4 also includes mod_macro, and a new expression evaluation engine, which further enhance httpd’s ability to have a truly flexible configuration language.

Later in the day, I’ll be speaking about mod_rewrite, the module that lets you manipulate requests using regular expressions and other logic, also at request time. Most people who have some kind of website are forced to use mod_rewrite now and then, and there’s a lot of terrible advice online about ways to use it. In this session, you’ll learn learn the basics of regular expression syntax, and how to correctly craft rewrite expressions.

There’s other httpd content throughout the day, and the people who created this technology will be on hand to answer your questions, and teach you all of the details of using the server. We’ll also have a hackathon running the entire length of the conference, where people will be working on various aspects of the server. In particular, I’ll be working on the documentation. If you’re interested in participating in the httpd docs, this is a great time to learn how to do that, and dive into submitting your first patch.

See you there!

Blocking comment spam with mod_security

I’ve mentioned before that I use mod_security to (partially) prevent comment spam on this site. The trouble with spam is that it evolves, so it’s a constant arms race.

I’ve noticed in the last few months that the spam on this site typically has a URL as the comment name. There’s also a URL field in the comment form, with a note on it that you shouldn’t fill it out. Then, in httpd.conf, I have the following.

SecDataDir /tmp
SecTmpDir /tmp
SecRequestBodyAccess On
SecDefaultAction log,deny,status:406,capture,phase:2,t:lowercase

# Reject comments where the name contains a URL
SecRule ARGS:comment_name “https?://”

# Also, reject comments where the url field contains a URL
SecRule ARGS:comment_url “https?://”

Note that that config is specific to the Habari blogging platform. You’d need to tweak the names of the fields (comment_name and comment_url) for whatever blogging platform you’re using.

I haven’t had any spam since putting this in place, but I’ve had several legitimate comments that, ordinarily, would probably have gotten lost in the noise of moderating hundreds of spam messages.

I don’t believe for a moment that this is a permanent solution, but it at least stems the flood for a moment so I can catch my breath.

I also have a bunch of legacy rules, like:

SecRule ARGS “(zoloft|acyclovir|zithromax)” “msg:’Pharm spam'”

(which, ironically, prevented me publishing this article until I disabled it!) but those require constant maintenance as the spam trends shift from week to week.

ApacheCon NA 2014 Keynotes

This year at ApacheCon, I had the unenviable task of selecting the keynotes. This is always difficult, because you want to pick people who are inspirational, exciting speakers, but people who haven’t already been heard by everyone at the event. You also need to give some of your sponsors the stage for a bit, and hope that they don’t take the opportunity to bore the audience with a sales pitch.

I got lucky.

(By the way, videos of all of these talks will be on the Apache YouTube channel very soon – https://www.youtube.com/user/TheApacheFoundation)

We had a great lineup, covering a wide range of topics.

Day One:

0022_ApacheCon

We started with Hillary Mason, talking about Big Data. Unlike a lot of droney Big Data talks, she defined Big Data in terms of using huge quantities of data to solve actual human problems, and gave a historical view of Big Data going back to the first US Census. Good stuff.

0084_ApacheCon

Next, Samisa Abeysinghe talked about Apache Stratos, and the services and products that WSO2 is building on top of them. Although he had the opportunity to do nothing more than promote his (admittedly awesome) company, Samisa talked more about the Stratos project and the great things that it’s doing in the Platform As A Service space. We love WSO2.

0127_ApacheCon

And to round out the first day of keynotes, James Watters from Pivotal talked about the CloudFoundry foundation that he’s set up, and why he chose to do that rather than going with an existing foundation. Among other things. I had talked some with James prior to the conference about his talk, and he came through with a really great talk.

Day Two:

0602.ApacheCon

Day Two started with something a little different. Upayavira talked about the tool that geeks seldom mention – their minds – and how to take care of it. He talked about mindfullness – the art of being where you are when you are, and noticing what is going on around you. He then led us through several minutes of quiet contemplation and focusing of our minds. While some people thought this was a little weird, most people I talked with appreciated this calm centering way to start the morning.

0635.ApacheCon

Mark Hinkle, from Citrix, talked about community and code, and made a specific call to the foundation to revise its sponsorship rules to permit companies like Citrix to give us more money in a per-project targeted fashion.

0772.ApacheCon

And Jim Zemlin rounded out the day two keynotes by talking about what he does at the Linux Foundation, and how different foundations fill different niches in the Open Source software ecosystem. This is a talk I personally asked him to do, so I was very pleased with how it turned out. Different foundations do things differently, and I wanted him to talk some about why, and why some projects may fit better in one or another.

At the end of day three, we had two closing keynotes. We’ve done closing keynotes before with mixed results – a lot of people leave before. But we figured that with more content on the days after that, people would stay around. So it was disappointing to see how empty the rooms were. But the talks were great.

1052_ApacheCon

Allison Randal, a self-proclaimed Unix Graybeard (no, really!) talked about the cloud, and how it’s just the latest incarnation of a steady series of small innovations over the last 50 years or so, and what we can look for in the coming decade. She spoke glowingly about Apache and its leadership role in that space.

1105_ApacheCon

Then Jason Hibbets finished up by talking about his work in Open Source Cities, and how Open Source methodologies can work in real-world collaboration to make your home town so much better. I’d heard this presentation before, but it was still great to hear the things that he’s been doing in his town, and how they can be done in other places using the same model.

So, check the Apache YouTube channel in a week or so – https://www.youtube.com/user/TheApacheFoundation – and make some time to watch these presentations. I was especially pleased with Hillary and Upayavira’s talks, and recommend you watch those if you are short on time and want to pick just a few.

ApacheCon North America 2014

Last week I had the honor of chairing ApacheCon North America 2014 in Denver Colorado. I could hardly be any prouder of what we were able to do on such an incredibly short timeline. Most of the credit goes to Angela Brown and her amazing team at the Linux Foundation who handled the logistics of the event.

My report to the Apache Software Foundation board follows:

ApacheCon North America 2014 was held April 7-9 in Denver, Colorado, USA. Despite the very late start, we had higher attendance than last year, and almost everyone that I have spoken with has declared it an enormous success. Attendees, speakers and sponsors have all expressed approval of the job that Angela and the Linux Foundation did in the production of the event. Speaking personally, it was the most stress-free ApacheCon I have ever had.

Several projects had dedicated hackathon spaces, while the main hackathon room was unfortunately well off of the beaten path, and went unnoticed by many attendees. We plan to have the main hackathon space much more prominently located in a main traffic area, where it cannot be missed, in Budapest, as I feel that the hackathon should remain a central part of the event, for its community-building opportunities.

Speaking of Budapest, on the first day of the event, we announced ApacheCon Europe, which will be held November 17-21 2014 in Budapest. The website for that is up at http://apachecon.eu/ and the CFP is open, and will close June 25, 2014. We plan to announce the schedule on July 28, 2014, giving us nearly 4 months lead time before the conference. We have already received talk submissions, and a few conference registrations. I will try to provide statistics each month between now and the conference.

As with ApacheCon NA, there will be a CloudStack Collaboration Conference co-located with ApacheCon. We are also discussing the possibility of a co-located Apache OpenOffice user-focused event on the 20th and 21st, or possibly just one day.

We eagerly welcome proposals from other projects which wish to have similar co-located events, or other more developer- or PMC-focused events like the Traffic Server Summit, which was held in Denver.

Discussion has begun regarding a venue for ApacheCon North America 2015, with Austin and Las Vegas early favorites, but several other cities being considered.

I’ll be posting several more things abut it, because they deserve individual attention. Also, we’ll be posting video and audio from the event on the ApacheCon website in the very near future.

ApacheCon welcomes SourceForge back for another year

The following guest post appears on the SourceForge blog today. I’m personally very pleased to welcome SourceForge back to ApacheCon for another year.

————-

The Apache Software Foundation is pleased to announce ApacheCon US 2014, which we’re presenting in conjunction with the Linux Foundation. The conference will be held in Denver, Colorado, and features three days, ten tracks of content on more than 70 of the Apache Software Foundation’s Open Source projects, including Apache OpenOffice, Apache Hadoop, Apache Lucene, and many others.

We’re especially pleased to welcome SourceForge as a media partner for this event.

See http://na.apachecon.com/ for the full schedule, as well as the evening events, BOFs, Lightning Talks, and project summits.

Co-located with the event is the Cloudstack Collaboration Conference – http://events.linuxfoundation.org/events/cloudstack-collaboration-conference-north-america – the best place to learn about Apache CloudStack.

Apache OpenOffice – http://openoffice.apache.org/ – has an entire day of content, including both technical and community talks.

Hadoop, and its ecosystem of Big Data projects, has more than five full days of content (two tracks on two days, one track on the other).

Other projects, such as Cordova, Tomcat, and the Apache http server, have a fully day, or two, of content.

If you want to learn more about Apache Allura (Incubating), an Open Source software forge (and also the code that runs SourceForge) we’ll have two presentations about Allura, by two of the engineers who work on that code: Dave Brondsema and Wayne Witzel. Learn how to use Allura to develop your own projects, and join the community to make the platform even better.

This is the place to come if you rely on any of the projects of the Apache Software Foundation, and if you want to hang out with the men and women who develop them. We’ve been doing this event since 1998, and this promises to be the best one yet, with more content than we’ve ever presented before.

Come see me at ApacheCon NA 2014

In April I will be speaking at ApacheCon North America in Denver, Colorado. I’ve had two talks accepted:

Configurable Configuration is a talk about some of the new shiny configuration syntax available in Apache httpd 2.4 – stuff like the If/ElseIf/Else syntax in configuration files, the new expression evaluation engine, and mod_macro for scriptable configuration blocks, for starters.

Demystifying mod_rewrite will drag you kicking and screaming from being a mod_rewrite newbie to being a mod_rewrite expert. You don’t dare miss it.

We’re also presenting two whole days of Apache http server content – code-named “httpd.conf” – get it?

And there’s ten tracks of amazing content across more than 70 projects from the Apache Software Foundation.

Register at na.apachecon.com by March 14 to get the early rate.