Graham,
On 12/1/20 06:05, Graham Leggett wrote:
Hi all,
I object to the deprecation of the tomcat-native/APR connector.
Most specifically, I am -1 on the following:
https://marc.info/?l=tomcat-dev&m=160681846808019&w=2
Looking at past discussion on this, the justification has been:
"It is inherently less stable. If we get the NIO code wrong, you might
see a NullPointerException. If we get the APR code wrong you might see a
JVM crash.”
Both a NullPointerException and a crash result in the same outcome -
a non working server.
I agree with Mark's response to this, and I will add that native crashes
can have a nasty habit of turning into security vulnerabilities.
If you have 0.001% of requests failing in NIO, you have a "working
server". If you hit a single one of those with the APR connector, you
are suddenly 100% down.
Tomcat-native has releases in the
https://archive.apache.org/dist/tomcat/tomcat-connectors/native/
going back > 15 years to 2005, a claim of a lack of stability needs
to be quantifiable.
It's hard to get metrics on how many native crashes are being suffered,
as Tomcat doesn't send telemetry back to the ASF. There are a bunch of
open, unexplained native crash reports in Bugzilla filed against
tcnative around the parts used by the APR connector. We have tried to
make the code as safe as possible, but some things are still falling
through the cracks.
It's easy from first-principles to decide that less native code is a net
win for Tomcat and its users.
I also object to the removal of OpenSSL code, for the same reason.
We aren't removing that.
We are in the middle of a global pandemic. Our users do not have the
resources to suddenly divert to reengineering what is to them a
perfectly working system, to replace what exists with something else
that just works differently.
Tomcat 10 hasn't even been released as a stable product, yet. The oldest
currently-supported version of Tomcat is Tomcat 7 which has been
supported since its first stable release on 2011-01-14. That's nearly 10
years of support. We are past the 10-year mark already if you include
the pre-stable period of time starting 2010-06-29.
Exactly how long do you need to plan and execute a migration away from
the APR connector?
I think we're all happy to accept feedback of the form "please don't
remove this feature", but "timing" really isn't a good argument against
this change.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
