[Toolserver-l] operating systems and web servers

River Tarnell river.tarnell at wikimedia.de
Tue Jun 7 02:04:19 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

So, this is not an announcement of any intent to change anything, I just 
want to get an idea of how people feel about two things we could, 
perhaps, change in the future:

1. ZWS to Apache on the web server
2. Solaris to FreeBSD on login servers

#2 depends on #1, so it seems sensible to discuss both together.

I don't have any strong opinion about either of these myself, but I 
would like to hear what users think.

ZWS to Apache:

I know it annoyed people when we moved from Apache to ZWS initially, 
because rewrite rules had to be redone, some .htaccess stuff stopped 
working, etc.  At the time we were using mod_suphp for per-user (suexec) 
PHP scripts, and it was extremely inefficient; the system spent most of 
its time doing nothing.  ZWS allowed us to fix the problem cheaply (no 
new hardware required), and I think for most users it worked just the 
same.

Since then, two things have changed: firstly, Apache with mod_fcgid now 
has decent FastCGI support, and with only a little work could be made to 
support suexec PHP as well.  Secondly, ZWS is now in maintenance, and 
won't see any further development (so it might be better to switch now, 
rather than wait until one month before ZWS support ends entirely and be 
forced to switch).

With that in mind, it makes sense to consider moving back to Apache.  
The main downside is that rewrite rules would have to be converted back 
to Apache format (mod_rewrite).  OTOH, .htaccess features missing from 
ZWS would be available again (I don't know if anyone actually needs 
this, but I believe at least a few users have complained about missing 
features.)

Solaris to FreeBSD:

Of the two changes, I think this one would actually be the less 
disruptive.  For users, nearly everything would stay the same: we 
already provide the GNU userland ('ls', etc) by default (and would 
continue to do so) and the third-party software in /opt/ts would be 
identical, as would cronie, SGE, Perl/Python/..., etc.  

Software-wise, since nothing would really change, I don't see any 
particular advantages for users.  Disadvantages: 'ps -eaf' would stop 
working ;-) and anyone with locally-compiled software (C/C++, or XS Perl 
modules, etc.) would need to recompile them.

For us (admins), the main advantage is reduced maintenance overhead: 
FreeBSD releases a new minor version about once a year, and supports 
each for 2 years; each release branch only gets very infrequent updates 
for security or errata.  In comparison, there is a new Solaris update 
every 6 months, and during yesterday's maintenance we installed 358 (!) 
separate patches.  Oracle doesn't provide a security-updates-only 
release, and it's difficult to mix-and-match patches (e.g. to only get 
security patches).  

This doesn't directly affect users, but fewer OS changes should lead to 
less lengthy / disruptive maintenance and less frequent reboots.  OTOH, 
I don't know if this has a noticeable impact on users at the moment, and 
the previous maintenance was the first for ~170 days.

	- river.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (SunOS)

iEYEARECAAYFAk3thyIACgkQIXd7fCuc5vJjsgCfYfbW28r+eW3Lr6L1T+BrzGV/
v4YAn3lkZ7+YfG8ajKBQRx7DBQRKhfnS
=lcFN
-----END PGP SIGNATURE-----

More information about the Toolserver-l mailing list