Hi, I'm JT and these are my thoughts on community, content management, Plain Black, and WebGUI.
Hi, I'm JT and these are my thoughts on community, content management, Plain Black, and WebGUI.
The WebGUI Runtime Environment (WRE) is a controversial idea in some organizations. I'd like to make it a bit less controversial, so let's talk about the arguments against the WRE.
The first argument is, "I already have Apache and MySQL, why would I want to use yours?"
The answer to that is simple. Your Apache and MySQL haven't been compiled and configured specifically for running WebGUI. It will take you many hours to install and configure WebGUI with those vs 10-20 minutes with the WRE. Also, if you use the WRE to run WebGUI, it will run 300% faster than your native packages.
The second argument is, "I sleep better at night knowing that (insert package/patch management system X here) automatically patches things for me. You couldn't possibly keep up to date with all those patches."
That is a very good point. However, it's flawed. No operating system on the planet has native packages for all the things you need to run WebGUI. It's not just Apache, MySQL, and Perl. It's also Image Magick and a bunch of it's libraries, and 80+ perl modules. You're going to be maintaining dozens of individual prerequisite sets rather than just one WRE.
And it's not just that you need those things, you also need the right versions of those things. If your patch manager updates one of the modules without taking into account whether WebGUI or one of the other modules is ready for the patch, then you've just broken your web site.
The third argument is, "But I have apps other than WebGUI running on that server."
That's fine, we do too, and we still run the WRE. You can put your other web servers on another port and then proxy them in using the WRE's mod_proxy instance. Or you can run the WRE on one IP and your other stuff on another IP. You have choices. Same goes for MySQL. You can move all your stuff to use the WRE MySQL, or you can run two copies of MySQL on different ports.
But beyond all the arguments that people make about why not to run the WRE, there are several other benefits that you can only get with the WRE.
|
User:
patora
Date: 3/5/2008 2:20 pm |
Rating: 7
Rate [
Status: Archived |
|
User:
knowmad
Date: 3/5/2008 8:06 pm |
Rating: -5
Rate [
Status: Archived |
I'm another convert. At first, I installed WebGUI using the native packages on my server. Getting all the pieces together was challenging. After figuring out how to install the WRE (the docs have consistently improved with each release), I've never looked back!
The benefits of using the WRE far outweigh any argument against it. Plus you can use your native tools as the proxy and database if you really want while still getting the benefit of having all the helper tools and preinstalled requirements.
Thanks,
William
----
Knowmad Technologies
http://www.knowmad.com
|
User:
ehab
Date: 3/6/2008 2:36 am |
Rating: 12
Rate [
Status: Archived |
Ok but why can't we have WRE as an apt-get or yum repository
I mean you can package it in such a way that it becomes trivial to install and update. Just an Idea.
Ehab Heikal
www.elmotaheda.com , www.mashy.com
Quote: An eye for an Eye only helps make the whole world blind
Gandhi
|
User:
arjan
Date: 3/6/2008 4:57 am |
Rating: 6
Rate [
Status: Archived |
That's not impossible. You could make a set of complementary packages and reconfigure apache. It's just a lot of work. And I don't think that if you made such a package for, say, Debian, that automatic package translators could translate such a package. But perhaps. Do try!
Kind regards,
Arjan Widlak
United Knowledge
Internet for the public sector
|
User:
baylink
Date: 3/7/2008 3:15 pm |
Rating: 3
Rate [
Status: Archived |
I believe we all know by know that -- after doing a complete WebGUI setup in 9 minutes last fall (after taking 4 weeks on 5.5.4 in 2003 :-) -- I am a convert.
That said:
The second argument is, "I sleep better at night knowing that (insert package/patch management system X here) automatically patches things for me. You couldn't possibly keep up to date with all those patches."
is indeed a very important point. And:
That is a very good point. However, it's flawed. No operating system on the planet has native packages for all the things you need to run WebGUI. It's not just Apache, MySQL, and Perl. It's also Image Magick and a bunch of it's libraries, and 80+ perl modules. You're going to be maintaining dozens of individual prerequisite sets rather than just one WRE.
isn't an answer to that, it's just more exposition on the same assertion: notwithstanding the complex interaction between all the components of WebGUI -- and this is the dirty little secret of componentized program design, where you depend on other people's code -- if a security hole that's exploitable is discovered in some component of the WRE... it's there.
The fact that that component is part of the WRE, if anything, means that PlainBlack is now somewhat on the spot to fix it, and update the WRE to take it out of the line of fire; a responsibility that previously was that of the people running the website.
The alternatives, to a WebGUI site operator, seem to be
This doesn't mean that WRE is good or bad; these would be your choices if you built your environment by hand, too. But they're still your choices.
Does PB have an employee who is tasked to tracking security fixes for all of the components of the WRE?
Cause the nice part about having it is that you've centralized all that work... one or two PB employee can do it, instead of 50,000 WG site owners...
Next step: automate the update deployments...
|
User:
JT
Date: 3/7/2008 3:21 pm |
Rating: -1
Rate [
Status: Archived |
