Graham,

On 12/1/20 06:05, Graham Leggett wrote:
Hi all,
I object to the deprecation of the tomcat-native/APR connector.

Most specifically, I am -1 on the following:

https://marc.info/?l=tomcat-dev&m=160681846808019&w=2

Looking at past discussion on this, the justification has been:

"It is inherently less stable. If we get the NIO code wrong, you might
see a NullPointerException. If we get the APR code wrong you might see a
JVM crash.”

Both a NullPointerException and a crash result in the same outcome -
a non working server.
I agree with Mark's response to this, and I will add that native crashes can have a nasty habit of turning into security vulnerabilities.
If you have 0.001% of requests failing in NIO, you have a "working 
server". If you hit a single one of those with the APR connector, you 
are suddenly 100% down.
Tomcat-native has releases in the
https://archive.apache.org/dist/tomcat/tomcat-connectors/native/
going back > 15 years to 2005, a claim of a lack of stability needs
to be quantifiable.
It's hard to get metrics on how many native crashes are being suffered, as Tomcat doesn't send telemetry back to the ASF. There are a bunch of open, unexplained native crash reports in Bugzilla filed against tcnative around the parts used by the APR connector. We have tried to make the code as safe as possible, but some things are still falling through the cracks.
It's easy from first-principles to decide that less native code is a net 
win for Tomcat and its users.
I also object to the removal of OpenSSL code, for the same reason.
We aren't removing that.

We are in the middle of a global pandemic. Our users do not have the
resources to suddenly divert to reengineering what is to them a
perfectly working system, to replace what exists with something else
that just works differently.
Tomcat 10 hasn't even been released as a stable product, yet. The oldest 
currently-supported version of Tomcat is Tomcat 7 which has been 
supported since its first stable release on 2011-01-14. That's nearly 10 
years of support. We are past the 10-year mark already if you include 
the pre-stable period of time starting 2010-06-29.
Exactly how long do you need to plan and execute a migration away from 
the APR connector?
I think we're all happy to accept feedback of the form "please don't 
remove this feature", but "timing" really isn't a good argument against 
this change.
-chris

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to