Forum OpenACS Q&A: Re: When will OpenACS de-support AOLserver 3.x?

Collapse
Posted by Jeff Davis on
It was tip 51 which states 5.1 is the last one to support aolserver 3.0 and starting with 5.2 only aolserver 4.0+ will be supported.
Collapse
Posted by Steve Manning on
What about nsopenssl support for AOLS 4.0?

I've been using V3 Beta 17 on my development machine for some time now and it appears rock solid, but it is still officially beta so a move to AOLS 4 would mean that folks who want https would need to use the beta or stick to AOLS 3 and pre 5.2.

    - Steve

Collapse
Posted by Bart Teeuwisse on
I've been using nsopenssl 3.x in production for almost 6 months now and has been rock solid all that time. I don't think one should hold of migrating to AOLserver 4.x on behalve of nsopenssl.

/Bart

Collapse
Posted by Richard Hamilton on
OK, now having read tip51 I realise that I cannot claim not to have had ample notice of this development!

However, I am clearly not the only one using nsunix, and the two compelling reasons commonly cited for continuing to use ad33.13 with Jerry's patches are:

1) Independent server threads which means:
    i) Can restart each independently of the others
    ii) If one crashes for some reason (which does happen) it doesn't bring all of your sites crashing down with it.

2) Ability to log traffic by domain - essential if billing for bandwidth based on the server request logs.

I for one would be really grateful if someone who has implemented virtual hosting with Aolserver v4.0 can clarify whether or not these needs can be satisfied with v4.0. That would remove the obstacles to upgrading.

Andrew very kindly posted a comment on bugtracker:

'Richard, I don't think what you're saying about virtual servers is accurate. AFAIK, AOLserver 4.0 can do everything with virtual servers that 3.x, plus more. The "more" is the 1 process virtual server model, of course, but nothing forces you to do it that way. Again AFAIK, no virtual server functionality was lost with 4.0, only additional functionality gained. (I have not actually done it myself, but that's my understanding.) If you haven't already, try nsvhr/nssock first, not nsvhr/nsunix. nsunix has always been trickier and not very well supported.'

Has anyone actually done this yet? If not, looks like I'll be doing it and posting the results!!

Also, does anyone know when nsopenssl is going to become a released version?

In the meantime, while there are obstacles, and while applications such as the Project Manager are still developing at a rapid rate, it would be a shame to create major issues for people because of very minor syntactic incompatibilities. I do understand however that we would be better off exploiting Aolserver's built in internationalisation support asap.

Regards
Richard

Collapse
Posted by C. R. Oldham on
Bart,

Which Linux distribution and version of OpenSSL are you using?

Collapse
Posted by Bart Teeuwisse on
C.R.,

I'm using Redhat Linux 7.3 & 8.0 and openssl 0.9.6b or later. I haven't tested Redhat Enterprise 3 enough to vouch for that distrubtion. Do you have reason to belief some distributions and/or openssl versions do not work w/ AOLserver 4.x and nsopenssl 3.x?

/Bart

Collapse
Posted by C. R. Oldham on
On Debian 3.0, kernel 2.4.22 with a backported OpenSSL 0.9.7 we were seeing runaway nsd threads that when stopped with 'gdb attach' seemed to be hanging up in a libssl function.  I thought Scott and I had stomped that one, and I was just checking before we go production with 4.0.5.
Collapse
Posted by Steve Manning on
CR,

Is that 'stomp' in nsopenssl beta 17? I've been running nsopenssl 3beta17 on openssl 0.9.7 on a late series 2.4 kernel and like Bart, I have had no problems tho it is a development server so its not exactly loaded at the moment.

    - Steve

Collapse
Posted by C. R. Oldham on
We are currently running the CVS version, which Scott told me had some fixes over beta 17.  I caught him on AIM the other day to ask if beta 17 might be the production release, and he said he was chasing a couple of other bugs with some other people, and his regular job had been getting in the way.  His goal was to try to finish up and release sometime in the next two weeks.
Collapse
Posted by Andrew Piskorski on
Ah, Tip 51 was from February, so long ago that I'd forgotten! Thanks Jeff, you guys did the right thing, with more than enough advanced notice.
Collapse
Posted by Steve Manning on
CR

Thats sounds good - we can view beta17 as a release candidate and look forward to the production release so,eti,e soon. All we have to do now is document the config for OACS. As your aware its a bit more sophisticated than v2. :-)

I'm happy to post a snippet of my config if people want to crib it. Its a simple beast just using one sslcontext but it seems to work.

    - Steve