WebScale Packaging and Main Promotions

Registered by Clint Byrum

There are some newer technologies floating around that we may want to consider adding to the supported seed. These include:
* Nginx - Has become de-facto scalable web server, and grown up as an OSS project now
* Node.js - Gaining popularity fast, and *SHOULD* be a build-dep of OpenStack Horizon
   - Also a direct dependency of the new Juju GUI
* MongoDB (also headed for main as part of juju)
Having these packages in the Ubuntu Main/Supported archive will help with Charm development around these technologies.

Package Nginx, Node.js, and MongoDB.

Blueprint information

Dave Walker
Ubuntu Server
James Page
Series goal:
Accepted for raring
Milestone target:
milestone icon ubuntu-13.04-beta-2
Started by
James Page
Completed by
James Page

Related branches



--- User Stories ---

Frank wants to deploy nginx instead of apache to support a specific requirement he has which cannot but fulfilled bu apache; he's able to use a fully supported solution when using Ubuntu.

Toby is a nodejs developer; Ubuntu has the latest and greatest packaged and easily installable.

Ante has been deploying varnish for some time; Ubuntu now fully supports varnish so he can stop cutting his own security updates.

--- Risks ---

Upstream appetite
Volatility/release frequency of upstream projects (nodejs specifically).

--- Test Plans ---


--- Release Note ---

[NGINX|nodejs|MongoDB|Varnish] is now in Ubuntu main and will recieved Security Updates from the Ubuntu Security Team.

--- Blog Post ---


--- UDS R+1303 Discussion ---
1303 Pad: http://pad.ubuntu.com/uds-1303-webscale-packaging-review

Etherpad from UDS session (which one? R):
Webscale Packaging Improvements and main promotions

* Nginx - Has become de-facto scalable web server, and grown up as an OSS project now
    - Bug tracker? Now addressed
    - Supporting tooling might need some work to get feature parity with Apache:
        - nginxensite/nginxenmod etc....
    - http://nginx.org/en/security_advisories.html
    - Better backend support sounds compelling

* Node.js - Gaining popularity fast, and *SHOULD* be a build-dep of OpenStack Horizon
   - Also a direct dependency of the new Juju GUI
   - Azure tooling
   - Openstack Horizon Build Dependency
   - RBD's should drive seeding... (What's an RBD?) good question
   -Package moves too fast to maintain or upload an appropriate version in Ubuntu Main/Supported archive.
   -probably better to have node.js in a PPA
   -Other deps are gotten from npm
   -reliance on specific node.js versions sounds like the messy world of java dependencies
   -A version of nodejs in backports would be better I think than PPA, or supply different versions for the user to decide.
      -If the PPA was "official" this may have some of the same effect as backports
  -ARM support would be a plus, and have that incluced in the PPA.

* MongoDB (also headed for main as part of juju)
    - Dependency for Go Juju
    - Required support for TLS - needs looking at....
        - The license of OpenSSL apparently prevents arbitrary shipping
        - There's _apparently_ an exception that allows Ubuntu to ship it
        - If that's the case, we should really ship that support. It's a good service we'd be doing to people.
        - http://people.gnome.org/~markmc/openssl-and-the-gpl.html
    - ceilometer support required this
    - Cons: large codebase
    - Pros: good upstream development process.
    - James Page poked mongodb enough last night to get 2.2.3 into raring, sans SSL support
    - 2.4 is headed for inclusion
    JamesPage requested a OpenSSL license exception from upstream to resolve this cleanly

  -Ben notes some improvments in reverse proxy over squid
  -Ben to volunteer to package Nginx
  -code: svn://svn.nginx.org/nginx
  -After talking to security, Nginx can't make mainline at this time.

* Varnish (if time)
    - Popular heavily used caching.
    - More configurable--language based.
    -in universe
    -Upstream position on Ubuntu packages: https://www.varnish-cache.org/installation/ubuntu
      -Does this infer that upstream only supports the latest, and if so how often does that change.
      -How does upstream handle their packaging version/updates, bug fixes, how often does it change, and what is supported
   -Consensus was to communicate with upstream on the Ubuntu MIR needs.

  -Not trivial to support (for initial packaging, regular maintenance and security)
  -Needs some further investigation around a MIR reqest
  - only a reduced subset of JBoss is currently in Debian/Ubuntu
   - http://wiki.debian.org/JBossPackaging
  - receives regular security updates (from RedHat, who surrently supports it. Ie, it has a significant security history)
  -This is a large set of work, may need to discuss as its own BP given demand, but open for any volunteers to tackle it :-)
  - Note that beyond packaging it, an alternative way to help devs is to provide good install support via juju charms

Investigate Backports, and Micro Release Exceptions for some of these fast moving web packages especially when talking about inclusion in the LTS.

-- Others?
  - seed prunin. Anything that can be dropped?


Work Items

Work items:
[darkmuggle-deactivatedaccount] Identify specific advantages of nginx over apache: DONE
[darkmuggle-deactivatedaccount] Review security track record of nginx: DONE
[darkmuggle-deactivatedaccount] Speak with nginx upstream re main inclusion appetite: DONE
Evaluate nodejs core in supported seed: DONE
Confirm npm not suitable for inclusion: DONE
Prepare MIR for nodejs: POSTPONED
Evalute mongodb for supported seed: DONE
Confirm mongodb upstream appetite: POSTPONED
Review SSL support enablement in MongoDB: DONE
Hook up with go juju team with dependency on mongodb: DONE
Prepare MIR for mongodb: POSTPONED
[ivoks] Determine if there is value in including varnish in main: POSTPONED
[ivoks] Prepare MIR for varnish: BLOCKED

Dependency tree

* Blueprints in grey have been implemented.